From 43c3497b5b2fdfdfa8627dbee26ee33f5e7e60c2 Mon Sep 17 00:00:00 2001 From: Jakub Hrozek Date: Thu, 13 Jun 2019 20:57:06 +0200 Subject: [PATCH] Update the translations for the 2.2.0 release Reviewed-by: N/A --- po/bg.po | 496 ++--- po/ca.po | 503 ++--- po/cs.po | 894 ++++----- po/de.po | 502 ++--- po/es.po | 519 +++-- po/eu.po | 490 ++--- po/fr.po | 504 ++--- po/hu.po | 493 ++--- po/id.po | 489 ++--- po/it.po | 535 +++--- po/ja.po | 989 +++++----- po/nb.po | 489 ++--- po/nl.po | 502 ++--- po/pl.po | 532 +++--- po/pt.po | 496 ++--- po/pt_BR.po | 489 ++--- po/ru.po | 496 ++--- po/sssd.pot | 489 ++--- po/sv.po | 519 +++-- po/tg.po | 489 ++--- po/tr.po | 489 ++--- po/uk.po | 535 +++--- po/zh_CN.po | 492 ++--- po/zh_TW.po | 493 ++--- src/man/po/br.po | 2673 ++++++++++++++------------ src/man/po/ca.po | 2877 +++++++++++++++------------- src/man/po/cs.po | 2654 ++++++++++++++------------ src/man/po/de.po | 3015 +++++++++++++++-------------- src/man/po/es.po | 3871 +++++++++++++++++++++++--------------- src/man/po/eu.po | 2639 ++++++++++++++------------ src/man/po/fi.po | 2665 ++++++++++++++------------ src/man/po/fr.po | 3009 +++++++++++++++-------------- src/man/po/ja.po | 2897 +++++++++++++++------------- src/man/po/lv.po | 2673 ++++++++++++++------------ src/man/po/nl.po | 2692 ++++++++++++++------------ src/man/po/pt.po | 2725 +++++++++++++++------------ src/man/po/pt_BR.po | 2639 ++++++++++++++------------ src/man/po/ru.po | 2659 ++++++++++++++------------ src/man/po/sssd-docs.pot | 2581 ++++++++++++++----------- src/man/po/sv.po | 2919 +++++++++++++++------------- src/man/po/tg.po | 2653 ++++++++++++++------------ src/man/po/uk.po | 3595 +++++++++++++++++++---------------- src/man/po/zh_CN.po | 2661 ++++++++++++++------------ 43 files changed, 36814 insertions(+), 30207 deletions(-) diff --git a/po/bg.po b/po/bg.po index 93186f75fcb..90946138511 100644 --- a/po/bg.po +++ b/po/bg.po @@ -8,7 +8,7 @@ msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n" -"POT-Creation-Date: 2019-02-27 19:55+0100\n" +"POT-Creation-Date: 2019-06-13 20:35+0200\n" "PO-Revision-Date: 2014-12-14 11:44+0000\n" "Last-Translator: Copied by Zanata \n" "Language-Team: Bulgarian (http://www.transifex.com/projects/p/sssd/language/" @@ -263,9 +263,8 @@ msgid "Allowed services for using smartcards" msgstr "" #: src/config/SSSDConfig/__init__.py.in:107 -#, fuzzy msgid "Additional timeout to wait for a card if requested" -msgstr "Продължителност на време за изчакване на заявка за търсене" +msgstr "" #: src/config/SSSDConfig/__init__.py.in:108 msgid "" @@ -680,7 +679,7 @@ msgid "Active Directory client hostname" msgstr "" #: src/config/SSSDConfig/__init__.py.in:236 -#: src/config/SSSDConfig/__init__.py.in:420 +#: src/config/SSSDConfig/__init__.py.in:421 msgid "LDAP filter to determine access privileges" msgstr "LDAP филтър за определяне права на достъп" @@ -850,746 +849,759 @@ msgid "The Schema Type in use on the LDAP server, rfc2307" msgstr "Използваният тип схема на LDAP сървъра, rfc2307" #: src/config/SSSDConfig/__init__.py.in:285 +#, fuzzy +msgid "Mode used to change user password" +msgstr "Паролата Ви е остаряла. Сменете я сега." + +#: src/config/SSSDConfig/__init__.py.in:286 msgid "The default bind DN" msgstr "Подразбиращият се bind DN" -#: src/config/SSSDConfig/__init__.py.in:286 +#: src/config/SSSDConfig/__init__.py.in:287 msgid "The type of the authentication token of the default bind DN" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:287 +#: src/config/SSSDConfig/__init__.py.in:288 msgid "The authentication token of the default bind DN" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:288 +#: src/config/SSSDConfig/__init__.py.in:289 msgid "Length of time to attempt connection" msgstr "Продължителност на опитите за свързване" -#: src/config/SSSDConfig/__init__.py.in:289 +#: src/config/SSSDConfig/__init__.py.in:290 msgid "Length of time to attempt synchronous LDAP operations" msgstr "Продължителност на опитите за синхронни LDAP операции" -#: src/config/SSSDConfig/__init__.py.in:290 +#: src/config/SSSDConfig/__init__.py.in:291 msgid "Length of time between attempts to reconnect while offline" msgstr "Продължителност на времето между опитите за връзка докато е офлайн" -#: src/config/SSSDConfig/__init__.py.in:291 +#: src/config/SSSDConfig/__init__.py.in:292 msgid "Use only the upper case for realm names" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:292 +#: src/config/SSSDConfig/__init__.py.in:293 msgid "File that contains CA certificates" msgstr "Файл, съдържащ CA сертификати" -#: src/config/SSSDConfig/__init__.py.in:293 +#: src/config/SSSDConfig/__init__.py.in:294 msgid "Path to CA certificate directory" msgstr "Път до директорията на CA сертификат" -#: src/config/SSSDConfig/__init__.py.in:294 +#: src/config/SSSDConfig/__init__.py.in:295 msgid "File that contains the client certificate" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:295 +#: src/config/SSSDConfig/__init__.py.in:296 msgid "File that contains the client key" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:296 +#: src/config/SSSDConfig/__init__.py.in:297 msgid "List of possible ciphers suites" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:297 +#: src/config/SSSDConfig/__init__.py.in:298 msgid "Require TLS certificate verification" msgstr "Изисква TLS проверка на сертификат" -#: src/config/SSSDConfig/__init__.py.in:298 +#: src/config/SSSDConfig/__init__.py.in:299 msgid "Specify the sasl mechanism to use" msgstr "Задава за използване механизма sasl" -#: src/config/SSSDConfig/__init__.py.in:299 +#: src/config/SSSDConfig/__init__.py.in:300 msgid "Specify the sasl authorization id to use" msgstr "Задаване на sasl authorization id за употреба" -#: src/config/SSSDConfig/__init__.py.in:300 +#: src/config/SSSDConfig/__init__.py.in:301 msgid "Specify the sasl authorization realm to use" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:301 +#: src/config/SSSDConfig/__init__.py.in:302 msgid "Specify the minimal SSF for LDAP sasl authorization" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:302 +#: src/config/SSSDConfig/__init__.py.in:303 msgid "Kerberos service keytab" msgstr "keytab на Kerberos услуга" -#: src/config/SSSDConfig/__init__.py.in:303 +#: src/config/SSSDConfig/__init__.py.in:304 msgid "Use Kerberos auth for LDAP connection" msgstr "Ползвай Kerberos auth за LDAP връзка" -#: src/config/SSSDConfig/__init__.py.in:304 +#: src/config/SSSDConfig/__init__.py.in:305 msgid "Follow LDAP referrals" msgstr "Следвай LDAP референциите" -#: src/config/SSSDConfig/__init__.py.in:305 +#: src/config/SSSDConfig/__init__.py.in:306 msgid "Lifetime of TGT for LDAP connection" msgstr "Продължителност на живот на TGT за LDAP връзка" -#: src/config/SSSDConfig/__init__.py.in:306 +#: src/config/SSSDConfig/__init__.py.in:307 msgid "How to dereference aliases" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:307 +#: src/config/SSSDConfig/__init__.py.in:308 msgid "Service name for DNS service lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:308 +#: src/config/SSSDConfig/__init__.py.in:309 msgid "The number of records to retrieve in a single LDAP query" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:309 +#: src/config/SSSDConfig/__init__.py.in:310 msgid "The number of members that must be missing to trigger a full deref" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:310 +#: src/config/SSSDConfig/__init__.py.in:311 msgid "" "Whether the LDAP library should perform a reverse lookup to canonicalize the " "host name during a SASL bind" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:312 +#: src/config/SSSDConfig/__init__.py.in:313 msgid "entryUSN attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:313 +#: src/config/SSSDConfig/__init__.py.in:314 msgid "lastUSN attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:315 +#: src/config/SSSDConfig/__init__.py.in:316 msgid "How long to retain a connection to the LDAP server before disconnecting" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:317 +#: src/config/SSSDConfig/__init__.py.in:318 msgid "Disable the LDAP paging control" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:318 +#: src/config/SSSDConfig/__init__.py.in:319 msgid "Disable Active Directory range retrieval" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:321 +#: src/config/SSSDConfig/__init__.py.in:322 msgid "Length of time to wait for a search request" msgstr "Продължителност на време за изчакване на заявка за търсене" -#: src/config/SSSDConfig/__init__.py.in:322 +#: src/config/SSSDConfig/__init__.py.in:323 msgid "Length of time to wait for a enumeration request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:323 +#: src/config/SSSDConfig/__init__.py.in:324 msgid "Length of time between enumeration updates" msgstr "Продължителност на време между актуализации на изброяване" -#: src/config/SSSDConfig/__init__.py.in:324 +#: src/config/SSSDConfig/__init__.py.in:325 msgid "Length of time between cache cleanups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:325 +#: src/config/SSSDConfig/__init__.py.in:326 msgid "Require TLS for ID lookups" msgstr "Изисква TLS за ИД справките" -#: src/config/SSSDConfig/__init__.py.in:326 +#: src/config/SSSDConfig/__init__.py.in:327 msgid "Use ID-mapping of objectSID instead of pre-set IDs" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:327 +#: src/config/SSSDConfig/__init__.py.in:328 msgid "Base DN for user lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:328 +#: src/config/SSSDConfig/__init__.py.in:329 msgid "Scope of user lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:329 +#: src/config/SSSDConfig/__init__.py.in:330 msgid "Filter for user lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:330 +#: src/config/SSSDConfig/__init__.py.in:331 msgid "Objectclass for users" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:331 +#: src/config/SSSDConfig/__init__.py.in:332 msgid "Username attribute" msgstr "атрибут Потребителско име" -#: src/config/SSSDConfig/__init__.py.in:333 +#: src/config/SSSDConfig/__init__.py.in:334 msgid "UID attribute" msgstr "атрибут UID" -#: src/config/SSSDConfig/__init__.py.in:334 +#: src/config/SSSDConfig/__init__.py.in:335 msgid "Primary GID attribute" msgstr "атрибут Първичен GID" -#: src/config/SSSDConfig/__init__.py.in:335 +#: src/config/SSSDConfig/__init__.py.in:336 msgid "GECOS attribute" msgstr "атрибут GECOS" -#: src/config/SSSDConfig/__init__.py.in:336 +#: src/config/SSSDConfig/__init__.py.in:337 msgid "Home directory attribute" msgstr "атрибут Домашна директория" -#: src/config/SSSDConfig/__init__.py.in:337 +#: src/config/SSSDConfig/__init__.py.in:338 msgid "Shell attribute" msgstr "атрибут Команден интерпретатор" -#: src/config/SSSDConfig/__init__.py.in:338 +#: src/config/SSSDConfig/__init__.py.in:339 msgid "UUID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:339 -#: src/config/SSSDConfig/__init__.py.in:381 +#: src/config/SSSDConfig/__init__.py.in:340 +#: src/config/SSSDConfig/__init__.py.in:382 msgid "objectSID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:340 +#: src/config/SSSDConfig/__init__.py.in:341 msgid "Active Directory primary group attribute for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:341 +#: src/config/SSSDConfig/__init__.py.in:342 msgid "User principal attribute (for Kerberos)" msgstr "атрибут User principal (за Kerberos)" -#: src/config/SSSDConfig/__init__.py.in:342 +#: src/config/SSSDConfig/__init__.py.in:343 msgid "Full Name" msgstr "Пълно име" -#: src/config/SSSDConfig/__init__.py.in:343 +#: src/config/SSSDConfig/__init__.py.in:344 msgid "memberOf attribute" msgstr "атрибут членНа" -#: src/config/SSSDConfig/__init__.py.in:344 +#: src/config/SSSDConfig/__init__.py.in:345 msgid "Modification time attribute" msgstr "атрибут Момент на промяна" -#: src/config/SSSDConfig/__init__.py.in:346 +#: src/config/SSSDConfig/__init__.py.in:347 msgid "shadowLastChange attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:347 +#: src/config/SSSDConfig/__init__.py.in:348 msgid "shadowMin attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:348 +#: src/config/SSSDConfig/__init__.py.in:349 msgid "shadowMax attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:349 +#: src/config/SSSDConfig/__init__.py.in:350 msgid "shadowWarning attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:350 +#: src/config/SSSDConfig/__init__.py.in:351 msgid "shadowInactive attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:351 +#: src/config/SSSDConfig/__init__.py.in:352 msgid "shadowExpire attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:352 +#: src/config/SSSDConfig/__init__.py.in:353 msgid "shadowFlag attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:353 +#: src/config/SSSDConfig/__init__.py.in:354 msgid "Attribute listing authorized PAM services" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:354 +#: src/config/SSSDConfig/__init__.py.in:355 msgid "Attribute listing authorized server hosts" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:355 +#: src/config/SSSDConfig/__init__.py.in:356 msgid "Attribute listing authorized server rhosts" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:356 +#: src/config/SSSDConfig/__init__.py.in:357 msgid "krbLastPwdChange attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:357 +#: src/config/SSSDConfig/__init__.py.in:358 msgid "krbPasswordExpiration attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:358 +#: src/config/SSSDConfig/__init__.py.in:359 msgid "Attribute indicating that server side password policies are active" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:359 +#: src/config/SSSDConfig/__init__.py.in:360 msgid "accountExpires attribute of AD" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:360 +#: src/config/SSSDConfig/__init__.py.in:361 msgid "userAccountControl attribute of AD" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:361 +#: src/config/SSSDConfig/__init__.py.in:362 msgid "nsAccountLock attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:362 +#: src/config/SSSDConfig/__init__.py.in:363 msgid "loginDisabled attribute of NDS" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:363 +#: src/config/SSSDConfig/__init__.py.in:364 msgid "loginExpirationTime attribute of NDS" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:364 +#: src/config/SSSDConfig/__init__.py.in:365 msgid "loginAllowedTimeMap attribute of NDS" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:365 +#: src/config/SSSDConfig/__init__.py.in:366 msgid "SSH public key attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:366 +#: src/config/SSSDConfig/__init__.py.in:367 msgid "attribute listing allowed authentication types for a user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:367 +#: src/config/SSSDConfig/__init__.py.in:368 msgid "attribute containing the X509 certificate of the user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:368 +#: src/config/SSSDConfig/__init__.py.in:369 msgid "attribute containing the email address of the user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:370 +#: src/config/SSSDConfig/__init__.py.in:371 msgid "A list of extra attributes to download along with the user entry" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:372 +#: src/config/SSSDConfig/__init__.py.in:373 msgid "Base DN for group lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:375 +#: src/config/SSSDConfig/__init__.py.in:376 msgid "Objectclass for groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:376 +#: src/config/SSSDConfig/__init__.py.in:377 msgid "Group name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:377 +#: src/config/SSSDConfig/__init__.py.in:378 msgid "Group password" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:378 +#: src/config/SSSDConfig/__init__.py.in:379 msgid "GID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:379 +#: src/config/SSSDConfig/__init__.py.in:380 msgid "Group member attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:380 +#: src/config/SSSDConfig/__init__.py.in:381 msgid "Group UUID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:382 +#: src/config/SSSDConfig/__init__.py.in:383 msgid "Modification time attribute for groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:383 +#: src/config/SSSDConfig/__init__.py.in:384 msgid "Type of the group and other flags" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:384 +#: src/config/SSSDConfig/__init__.py.in:385 msgid "The LDAP group external member attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:386 +#: src/config/SSSDConfig/__init__.py.in:387 msgid "Maximum nesting level SSSD will follow" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:388 +#: src/config/SSSDConfig/__init__.py.in:389 msgid "Base DN for netgroup lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:389 +#: src/config/SSSDConfig/__init__.py.in:390 msgid "Objectclass for netgroups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:390 +#: src/config/SSSDConfig/__init__.py.in:391 msgid "Netgroup name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:391 +#: src/config/SSSDConfig/__init__.py.in:392 msgid "Netgroups members attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:392 +#: src/config/SSSDConfig/__init__.py.in:393 msgid "Netgroup triple attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:393 +#: src/config/SSSDConfig/__init__.py.in:394 msgid "Modification time attribute for netgroups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:395 +#: src/config/SSSDConfig/__init__.py.in:396 msgid "Base DN for service lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:396 +#: src/config/SSSDConfig/__init__.py.in:397 msgid "Objectclass for services" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:397 +#: src/config/SSSDConfig/__init__.py.in:398 msgid "Service name attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:398 +#: src/config/SSSDConfig/__init__.py.in:399 msgid "Service port attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:399 +#: src/config/SSSDConfig/__init__.py.in:400 msgid "Service protocol attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:402 +#: src/config/SSSDConfig/__init__.py.in:403 msgid "Lower bound for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:403 +#: src/config/SSSDConfig/__init__.py.in:404 msgid "Upper bound for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:404 +#: src/config/SSSDConfig/__init__.py.in:405 msgid "Number of IDs for each slice when ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:405 +#: src/config/SSSDConfig/__init__.py.in:406 msgid "Use autorid-compatible algorithm for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:406 +#: src/config/SSSDConfig/__init__.py.in:407 msgid "Name of the default domain for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:407 +#: src/config/SSSDConfig/__init__.py.in:408 msgid "SID of the default domain for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:408 +#: src/config/SSSDConfig/__init__.py.in:409 msgid "Number of secondary slices" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:410 +#: src/config/SSSDConfig/__init__.py.in:411 msgid "Whether to use Token-Groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:411 +#: src/config/SSSDConfig/__init__.py.in:412 msgid "Set lower boundary for allowed IDs from the LDAP server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:412 +#: src/config/SSSDConfig/__init__.py.in:413 msgid "Set upper boundary for allowed IDs from the LDAP server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:413 +#: src/config/SSSDConfig/__init__.py.in:414 msgid "DN for ppolicy queries" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:414 +#: src/config/SSSDConfig/__init__.py.in:415 msgid "How many maximum entries to fetch during a wildcard request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:417 +#: src/config/SSSDConfig/__init__.py.in:418 msgid "Policy to evaluate the password expiration" msgstr "Политика за определяне срок на валидност на парола" -#: src/config/SSSDConfig/__init__.py.in:421 +#: src/config/SSSDConfig/__init__.py.in:422 msgid "Which attributes shall be used to evaluate if an account is expired" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:422 +#: src/config/SSSDConfig/__init__.py.in:423 msgid "Which rules should be used to evaluate access control" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:425 +#: src/config/SSSDConfig/__init__.py.in:426 msgid "URI of an LDAP server where password changes are allowed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:426 +#: src/config/SSSDConfig/__init__.py.in:427 msgid "URI of a backup LDAP server where password changes are allowed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:427 +#: src/config/SSSDConfig/__init__.py.in:428 msgid "DNS service name for LDAP password change server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:428 +#: src/config/SSSDConfig/__init__.py.in:429 msgid "" "Whether to update the ldap_user_shadow_last_change attribute after a " "password change" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:431 +#: src/config/SSSDConfig/__init__.py.in:432 msgid "Base DN for sudo rules lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:432 +#: src/config/SSSDConfig/__init__.py.in:433 msgid "Automatic full refresh period" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:433 +#: src/config/SSSDConfig/__init__.py.in:434 msgid "Automatic smart refresh period" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:434 +#: src/config/SSSDConfig/__init__.py.in:435 msgid "Whether to filter rules by hostname, IP addresses and network" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:435 +#: src/config/SSSDConfig/__init__.py.in:436 msgid "" "Hostnames and/or fully qualified domain names of this machine to filter sudo " "rules" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:436 +#: src/config/SSSDConfig/__init__.py.in:437 msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:437 +#: src/config/SSSDConfig/__init__.py.in:438 msgid "Whether to include rules that contains netgroup in host attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:438 +#: src/config/SSSDConfig/__init__.py.in:439 msgid "" "Whether to include rules that contains regular expression in host attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:439 +#: src/config/SSSDConfig/__init__.py.in:440 msgid "Object class for sudo rules" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:440 +#: src/config/SSSDConfig/__init__.py.in:441 msgid "Sudo rule name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:441 +#: src/config/SSSDConfig/__init__.py.in:442 msgid "Sudo rule command attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:442 +#: src/config/SSSDConfig/__init__.py.in:443 msgid "Sudo rule host attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:443 +#: src/config/SSSDConfig/__init__.py.in:444 msgid "Sudo rule user attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:444 +#: src/config/SSSDConfig/__init__.py.in:445 msgid "Sudo rule option attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:445 +#: src/config/SSSDConfig/__init__.py.in:446 msgid "Sudo rule runas attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:446 +#: src/config/SSSDConfig/__init__.py.in:447 msgid "Sudo rule runasuser attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:447 +#: src/config/SSSDConfig/__init__.py.in:448 msgid "Sudo rule runasgroup attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:448 +#: src/config/SSSDConfig/__init__.py.in:449 msgid "Sudo rule notbefore attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:449 +#: src/config/SSSDConfig/__init__.py.in:450 msgid "Sudo rule notafter attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:450 +#: src/config/SSSDConfig/__init__.py.in:451 msgid "Sudo rule order attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:453 +#: src/config/SSSDConfig/__init__.py.in:454 msgid "Object class for automounter maps" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:454 +#: src/config/SSSDConfig/__init__.py.in:455 msgid "Automounter map name attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:455 +#: src/config/SSSDConfig/__init__.py.in:456 msgid "Object class for automounter map entries" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:456 +#: src/config/SSSDConfig/__init__.py.in:457 msgid "Automounter map entry key attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:457 +#: src/config/SSSDConfig/__init__.py.in:458 msgid "Automounter map entry value attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:458 +#: src/config/SSSDConfig/__init__.py.in:459 msgid "Base DN for automounter map lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:461 +#: src/config/SSSDConfig/__init__.py.in:462 msgid "Comma separated list of allowed users" msgstr "Списък разрешени потребители, разделени със запетая" -#: src/config/SSSDConfig/__init__.py.in:462 +#: src/config/SSSDConfig/__init__.py.in:463 msgid "Comma separated list of prohibited users" msgstr "Списък забранени потребители, разделени със запетая" -#: src/config/SSSDConfig/__init__.py.in:465 +#: src/config/SSSDConfig/__init__.py.in:466 msgid "Default shell, /bin/bash" msgstr "Подразбиращ се команден интерпретатор, /bin/bash" -#: src/config/SSSDConfig/__init__.py.in:466 +#: src/config/SSSDConfig/__init__.py.in:467 msgid "Base for home directories" msgstr "Място за домашните директории" -#: src/config/SSSDConfig/__init__.py.in:469 +#: src/config/SSSDConfig/__init__.py.in:470 msgid "The number of preforked proxy children." msgstr "" -#: src/config/SSSDConfig/__init__.py.in:472 +#: src/config/SSSDConfig/__init__.py.in:473 msgid "The name of the NSS library to use" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:473 +#: src/config/SSSDConfig/__init__.py.in:474 msgid "Whether to look up canonical group name from cache if possible" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:476 +#: src/config/SSSDConfig/__init__.py.in:477 msgid "PAM stack to use" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:479 +#: src/config/SSSDConfig/__init__.py.in:480 msgid "Path of passwd file sources." msgstr "" -#: src/config/SSSDConfig/__init__.py.in:480 +#: src/config/SSSDConfig/__init__.py.in:481 msgid "Path of group file sources." msgstr "" -#: src/monitor/monitor.c:2347 +#: src/monitor/monitor.c:2332 msgid "Become a daemon (default)" msgstr "Продължава като демон (по подразбиране)" -#: src/monitor/monitor.c:2349 +#: src/monitor/monitor.c:2334 msgid "Run interactive (not a daemon)" msgstr "Интерактивна работа (а не като демон)" -#: src/monitor/monitor.c:2352 +#: src/monitor/monitor.c:2337 msgid "Disable netlink interface" msgstr "" -#: src/monitor/monitor.c:2354 src/tools/sssctl/sssctl_logs.c:311 +#: src/monitor/monitor.c:2339 src/tools/sssctl/sssctl_logs.c:311 msgid "Specify a non-default config file" msgstr "Задаване на друг (не подразбиращия се) конфиг файл" -#: src/monitor/monitor.c:2356 +#: src/monitor/monitor.c:2341 msgid "Refresh the configuration database, then exit" msgstr "" -#: src/monitor/monitor.c:2359 +#: src/monitor/monitor.c:2344 msgid "Similar to --genconf, but only refreshes the given section" msgstr "" -#: src/monitor/monitor.c:2362 +#: src/monitor/monitor.c:2347 msgid "Print version number and exit" msgstr "" -#: src/monitor/monitor.c:2538 +#: src/monitor/monitor.c:2523 msgid "SSSD is already running\n" msgstr "" -#: src/providers/krb5/krb5_child.c:3219 src/providers/ldap/ldap_child.c:605 +#: src/providers/krb5/krb5_child.c:3232 src/providers/ldap/ldap_child.c:605 msgid "Debug level" msgstr "Ниво на debug" -#: src/providers/krb5/krb5_child.c:3221 src/providers/ldap/ldap_child.c:607 +#: src/providers/krb5/krb5_child.c:3234 src/providers/ldap/ldap_child.c:607 msgid "Add debug timestamps" msgstr "" -#: src/providers/krb5/krb5_child.c:3223 src/providers/ldap/ldap_child.c:609 +#: src/providers/krb5/krb5_child.c:3236 src/providers/ldap/ldap_child.c:609 msgid "Show timestamps with microseconds" msgstr "" -#: src/providers/krb5/krb5_child.c:3225 src/providers/ldap/ldap_child.c:611 +#: src/providers/krb5/krb5_child.c:3238 src/providers/ldap/ldap_child.c:611 msgid "An open file descriptor for the debug logs" msgstr "" -#: src/providers/krb5/krb5_child.c:3228 src/providers/ldap/ldap_child.c:613 +#: src/providers/krb5/krb5_child.c:3241 src/providers/ldap/ldap_child.c:613 msgid "Send the debug output to stderr directly." msgstr "" -#: src/providers/krb5/krb5_child.c:3231 +#: src/providers/krb5/krb5_child.c:3244 msgid "The user to create FAST ccache as" msgstr "" -#: src/providers/krb5/krb5_child.c:3233 +#: src/providers/krb5/krb5_child.c:3246 msgid "The group to create FAST ccache as" msgstr "" -#: src/providers/krb5/krb5_child.c:3235 +#: src/providers/krb5/krb5_child.c:3248 msgid "Kerberos realm to use" msgstr "" -#: src/providers/krb5/krb5_child.c:3237 +#: src/providers/krb5/krb5_child.c:3250 msgid "Requested lifetime of the ticket" msgstr "" -#: src/providers/krb5/krb5_child.c:3239 +#: src/providers/krb5/krb5_child.c:3252 msgid "Requested renewable lifetime of the ticket" msgstr "" -#: src/providers/krb5/krb5_child.c:3241 +#: src/providers/krb5/krb5_child.c:3254 msgid "FAST options ('never', 'try', 'demand')" msgstr "" -#: src/providers/krb5/krb5_child.c:3244 +#: src/providers/krb5/krb5_child.c:3257 msgid "Specifies the server principal to use for FAST" msgstr "" -#: src/providers/krb5/krb5_child.c:3246 +#: src/providers/krb5/krb5_child.c:3259 msgid "Requests canonicalization of the principal name" msgstr "" -#: src/providers/krb5/krb5_child.c:3248 +#: src/providers/krb5/krb5_child.c:3261 msgid "Use custom version of krb5_get_init_creds_password" msgstr "" -#: src/providers/data_provider_be.c:630 +#: src/providers/data_provider_be.c:673 msgid "Domain of the information provider (mandatory)" msgstr "" -#: src/sss_client/common.c:1067 +#: src/sss_client/common.c:1079 msgid "Privileged socket has wrong ownership or permissions." msgstr "" -#: src/sss_client/common.c:1070 +#: src/sss_client/common.c:1082 msgid "Public socket has wrong ownership or permissions." msgstr "" -#: src/sss_client/common.c:1073 +#: src/sss_client/common.c:1085 msgid "Unexpected format of the server credential message." msgstr "" -#: src/sss_client/common.c:1076 +#: src/sss_client/common.c:1088 msgid "SSSD is not run by root." msgstr "SSSD не е стартиран като root." -#: src/sss_client/common.c:1081 +#: src/sss_client/common.c:1091 +msgid "SSSD socket does not exist." +msgstr "" + +#: src/sss_client/common.c:1094 +msgid "Cannot get stat of SSSD socket." +msgstr "" + +#: src/sss_client/common.c:1099 msgid "An error occurred, but no description can be found." msgstr "Възникнала е грешка, но не може да се намери описание." -#: src/sss_client/common.c:1087 +#: src/sss_client/common.c:1105 msgid "Unexpected error while looking for an error description" msgstr "Неочаквана грешка при търсене на описание на грешка" @@ -1597,88 +1609,88 @@ msgstr "Неочаквана грешка при търсене на описа msgid "Permission denied. " msgstr "" -#: src/sss_client/pam_sss.c:68 src/sss_client/pam_sss.c:774 -#: src/sss_client/pam_sss.c:785 +#: src/sss_client/pam_sss.c:68 src/sss_client/pam_sss.c:777 +#: src/sss_client/pam_sss.c:788 msgid "Server message: " msgstr "Съобщение от сървъра:" -#: src/sss_client/pam_sss.c:292 +#: src/sss_client/pam_sss.c:295 msgid "Passwords do not match" msgstr "Паролите не съвпадат" -#: src/sss_client/pam_sss.c:480 +#: src/sss_client/pam_sss.c:483 msgid "Password reset by root is not supported." msgstr "Промяна на паролата от root не се поддържа." -#: src/sss_client/pam_sss.c:521 +#: src/sss_client/pam_sss.c:524 msgid "Authenticated with cached credentials" msgstr "Удостоверен с кеширани идентификационни данни" -#: src/sss_client/pam_sss.c:522 +#: src/sss_client/pam_sss.c:525 msgid ", your cached password will expire at: " msgstr ", кешираната парола ще изтече на: " -#: src/sss_client/pam_sss.c:552 +#: src/sss_client/pam_sss.c:555 #, c-format msgid "Your password has expired. You have %1$d grace login(s) remaining." msgstr "" -#: src/sss_client/pam_sss.c:598 +#: src/sss_client/pam_sss.c:601 #, c-format msgid "Your password will expire in %1$d %2$s." msgstr "" -#: src/sss_client/pam_sss.c:647 +#: src/sss_client/pam_sss.c:650 msgid "Authentication is denied until: " msgstr "Удостоверяването е забранено до: " -#: src/sss_client/pam_sss.c:668 +#: src/sss_client/pam_sss.c:671 msgid "System is offline, password change not possible" msgstr "Системата е офлайн, промяна на паролата не е възможна" -#: src/sss_client/pam_sss.c:683 +#: src/sss_client/pam_sss.c:686 msgid "" "After changing the OTP password, you need to log out and back in order to " "acquire a ticket" msgstr "" -#: src/sss_client/pam_sss.c:771 src/sss_client/pam_sss.c:784 +#: src/sss_client/pam_sss.c:774 src/sss_client/pam_sss.c:787 msgid "Password change failed. " msgstr "Промяната на паролата не успя." -#: src/sss_client/pam_sss.c:1921 +#: src/sss_client/pam_sss.c:1977 msgid "New Password: " msgstr "Нова парола:" -#: src/sss_client/pam_sss.c:1922 +#: src/sss_client/pam_sss.c:1978 msgid "Reenter new Password: " msgstr "Отново новата парола:" -#: src/sss_client/pam_sss.c:2038 src/sss_client/pam_sss.c:2041 +#: src/sss_client/pam_sss.c:2139 src/sss_client/pam_sss.c:2142 msgid "First Factor: " msgstr "" -#: src/sss_client/pam_sss.c:2039 src/sss_client/pam_sss.c:2201 +#: src/sss_client/pam_sss.c:2140 src/sss_client/pam_sss.c:2303 msgid "Second Factor (optional): " msgstr "" -#: src/sss_client/pam_sss.c:2042 src/sss_client/pam_sss.c:2204 +#: src/sss_client/pam_sss.c:2143 src/sss_client/pam_sss.c:2306 msgid "Second Factor: " msgstr "" -#: src/sss_client/pam_sss.c:2057 +#: src/sss_client/pam_sss.c:2158 msgid "Password: " msgstr "Парола:" -#: src/sss_client/pam_sss.c:2200 src/sss_client/pam_sss.c:2203 +#: src/sss_client/pam_sss.c:2302 src/sss_client/pam_sss.c:2305 msgid "First Factor (Current Password): " msgstr "" -#: src/sss_client/pam_sss.c:2207 +#: src/sss_client/pam_sss.c:2309 msgid "Current Password: " msgstr "Текуща парола:" -#: src/sss_client/pam_sss.c:2562 +#: src/sss_client/pam_sss.c:2664 msgid "Password expired. Change your password now." msgstr "Паролата Ви е остаряла. Сменете я сега." @@ -1687,7 +1699,7 @@ msgstr "Паролата Ви е остаряла. Сменете я сега." #: src/tools/sss_groupadd.c:41 src/tools/sss_groupdel.c:44 #: src/tools/sss_groupmod.c:42 src/tools/sss_groupshow.c:668 #: src/tools/sss_userdel.c:134 src/tools/sss_usermod.c:47 -#: src/tools/sss_cache.c:687 +#: src/tools/sss_cache.c:704 msgid "The debug level to run with" msgstr "Нивото на debug записи при работа" @@ -1700,7 +1712,7 @@ msgstr "" #: src/tools/sss_groupadd.c:59 src/tools/sss_groupdel.c:54 #: src/tools/sss_groupmod.c:66 src/tools/sss_groupshow.c:680 #: src/tools/sss_userdel.c:152 src/tools/sss_usermod.c:79 -#: src/tools/sss_cache.c:733 +#: src/tools/sss_cache.c:750 msgid "Error setting the locale\n" msgstr "Грешка при задаване локални настр.\n" @@ -1736,6 +1748,11 @@ msgstr "" msgid "The path to the proxy command must be absolute\n" msgstr "" +#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:342 +#, c-format +msgid "sss_ssh_knownhostsproxy: Could not resolve hostname %s\n" +msgstr "" + #: src/tools/sss_useradd.c:49 src/tools/sss_usermod.c:48 msgid "The UID of the user" msgstr "UID на потребителя" @@ -2136,102 +2153,102 @@ msgstr "" msgid "Transaction error. Could not modify user.\n" msgstr "" -#: src/tools/sss_cache.c:228 +#: src/tools/sss_cache.c:245 msgid "No cache object matched the specified search\n" msgstr "" -#: src/tools/sss_cache.c:519 +#: src/tools/sss_cache.c:536 #, c-format msgid "Couldn't invalidate %1$s\n" msgstr "" -#: src/tools/sss_cache.c:526 +#: src/tools/sss_cache.c:543 #, c-format msgid "Couldn't invalidate %1$s %2$s\n" msgstr "" -#: src/tools/sss_cache.c:689 +#: src/tools/sss_cache.c:706 msgid "Invalidate all cached entries" msgstr "" -#: src/tools/sss_cache.c:691 +#: src/tools/sss_cache.c:708 msgid "Invalidate particular user" msgstr "" -#: src/tools/sss_cache.c:693 +#: src/tools/sss_cache.c:710 msgid "Invalidate all users" msgstr "" -#: src/tools/sss_cache.c:695 +#: src/tools/sss_cache.c:712 msgid "Invalidate particular group" msgstr "" -#: src/tools/sss_cache.c:697 +#: src/tools/sss_cache.c:714 msgid "Invalidate all groups" msgstr "" -#: src/tools/sss_cache.c:699 +#: src/tools/sss_cache.c:716 msgid "Invalidate particular netgroup" msgstr "" -#: src/tools/sss_cache.c:701 +#: src/tools/sss_cache.c:718 msgid "Invalidate all netgroups" msgstr "" -#: src/tools/sss_cache.c:703 +#: src/tools/sss_cache.c:720 msgid "Invalidate particular service" msgstr "" -#: src/tools/sss_cache.c:705 +#: src/tools/sss_cache.c:722 msgid "Invalidate all services" msgstr "" -#: src/tools/sss_cache.c:708 +#: src/tools/sss_cache.c:725 msgid "Invalidate particular autofs map" msgstr "" -#: src/tools/sss_cache.c:710 +#: src/tools/sss_cache.c:727 msgid "Invalidate all autofs maps" msgstr "" -#: src/tools/sss_cache.c:714 +#: src/tools/sss_cache.c:731 msgid "Invalidate particular SSH host" msgstr "" -#: src/tools/sss_cache.c:716 +#: src/tools/sss_cache.c:733 msgid "Invalidate all SSH hosts" msgstr "" -#: src/tools/sss_cache.c:720 +#: src/tools/sss_cache.c:737 msgid "Invalidate particular sudo rule" msgstr "" -#: src/tools/sss_cache.c:722 +#: src/tools/sss_cache.c:739 msgid "Invalidate all cached sudo rules" msgstr "" -#: src/tools/sss_cache.c:725 +#: src/tools/sss_cache.c:742 msgid "Only invalidate entries from a particular domain" msgstr "" -#: src/tools/sss_cache.c:779 +#: src/tools/sss_cache.c:796 msgid "" "Unexpected argument(s) provided, options that invalidate a single object " "only accept a single provided argument.\n" msgstr "" -#: src/tools/sss_cache.c:789 +#: src/tools/sss_cache.c:806 msgid "Please select at least one object to invalidate\n" msgstr "" -#: src/tools/sss_cache.c:872 +#: src/tools/sss_cache.c:889 #, c-format msgid "" "Could not open domain %1$s. If the domain is a subdomain (trusted domain), " "use fully qualified name instead of --domain/-d parameter.\n" msgstr "" -#: src/tools/sss_cache.c:877 +#: src/tools/sss_cache.c:894 msgid "Could not open available domains\n" msgstr "" @@ -2780,21 +2797,18 @@ msgstr "" msgid " - no env -\n" msgstr "" -#: src/util/util.h:73 +#: src/util/util.h:74 msgid "The user ID to run the server as" msgstr "" -#: src/util/util.h:75 +#: src/util/util.h:76 msgid "The group ID to run the server as" msgstr "" -#: src/util/util.h:83 +#: src/util/util.h:84 msgid "Informs that the responder has been socket-activated" msgstr "" -#: src/util/util.h:85 +#: src/util/util.h:86 msgid "Informs that the responder has been dbus-activated" msgstr "" - -#~ msgid "Store password hashes" -#~ msgstr "Съхранявай хешове на пароли" diff --git a/po/ca.po b/po/ca.po index 7c7b00026ee..088b095b36a 100644 --- a/po/ca.po +++ b/po/ca.po @@ -14,7 +14,7 @@ msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n" -"POT-Creation-Date: 2019-02-27 19:55+0100\n" +"POT-Creation-Date: 2019-06-13 20:35+0200\n" "PO-Revision-Date: 2017-10-15 03:02+0000\n" "Last-Translator: Robert Antoni Buj Gelonch \n" "Language-Team: Catalan (http://www.transifex.com/projects/p/sssd/language/" @@ -301,9 +301,8 @@ msgid "Allowed services for using smartcards" msgstr "" #: src/config/SSSDConfig/__init__.py.in:107 -#, fuzzy msgid "Additional timeout to wait for a card if requested" -msgstr "Període de temps per esperar una petició de cerca" +msgstr "" #: src/config/SSSDConfig/__init__.py.in:108 msgid "" @@ -748,7 +747,7 @@ msgid "Active Directory client hostname" msgstr "Nom d'amfitrió del client d'Active Directory" #: src/config/SSSDConfig/__init__.py.in:236 -#: src/config/SSSDConfig/__init__.py.in:420 +#: src/config/SSSDConfig/__init__.py.in:421 msgid "LDAP filter to determine access privileges" msgstr "Filtre LDAP per determinar els privilegis d'accés" @@ -938,111 +937,116 @@ msgid "The Schema Type in use on the LDAP server, rfc2307" msgstr "El tipus d'esquema en ús al servidor LDAP, rfc2307" #: src/config/SSSDConfig/__init__.py.in:285 +#, fuzzy +msgid "Mode used to change user password" +msgstr "La contrasenya ha vençut. Canvieu ara la vostra contrasenya." + +#: src/config/SSSDConfig/__init__.py.in:286 msgid "The default bind DN" msgstr "El DN de creació del vincle per defecte" -#: src/config/SSSDConfig/__init__.py.in:286 +#: src/config/SSSDConfig/__init__.py.in:287 msgid "The type of the authentication token of the default bind DN" msgstr "" "El tipus del testimoni d'autenticació del DN de creació del vincle per " "defecte" -#: src/config/SSSDConfig/__init__.py.in:287 +#: src/config/SSSDConfig/__init__.py.in:288 msgid "The authentication token of the default bind DN" msgstr "El testimoni d'autenticació del DN de creació del vincle per defecte" -#: src/config/SSSDConfig/__init__.py.in:288 +#: src/config/SSSDConfig/__init__.py.in:289 msgid "Length of time to attempt connection" msgstr "Període de temps per intentar una connexió" -#: src/config/SSSDConfig/__init__.py.in:289 +#: src/config/SSSDConfig/__init__.py.in:290 msgid "Length of time to attempt synchronous LDAP operations" msgstr "Període de temps per intentar operacions LDAP asíncrones" -#: src/config/SSSDConfig/__init__.py.in:290 +#: src/config/SSSDConfig/__init__.py.in:291 msgid "Length of time between attempts to reconnect while offline" msgstr "" "Període de temps entre els intents per tornar a connectar mentre s'està " "desconnectat" -#: src/config/SSSDConfig/__init__.py.in:291 +#: src/config/SSSDConfig/__init__.py.in:292 msgid "Use only the upper case for realm names" msgstr "Utilitza només majúscules pels noms de reialme" -#: src/config/SSSDConfig/__init__.py.in:292 +#: src/config/SSSDConfig/__init__.py.in:293 msgid "File that contains CA certificates" msgstr "Fitxer que conté els certificats de l'AC" -#: src/config/SSSDConfig/__init__.py.in:293 +#: src/config/SSSDConfig/__init__.py.in:294 msgid "Path to CA certificate directory" msgstr "Camí al directori del certificat de l'AC" -#: src/config/SSSDConfig/__init__.py.in:294 +#: src/config/SSSDConfig/__init__.py.in:295 msgid "File that contains the client certificate" msgstr "Fitxer que conté el certificat de client" -#: src/config/SSSDConfig/__init__.py.in:295 +#: src/config/SSSDConfig/__init__.py.in:296 msgid "File that contains the client key" msgstr "Fitxer que conté la clau de client" -#: src/config/SSSDConfig/__init__.py.in:296 +#: src/config/SSSDConfig/__init__.py.in:297 msgid "List of possible ciphers suites" msgstr "Llista de paquets de xifrat possibles" -#: src/config/SSSDConfig/__init__.py.in:297 +#: src/config/SSSDConfig/__init__.py.in:298 msgid "Require TLS certificate verification" msgstr "Requereix verificació de certificat TLS" -#: src/config/SSSDConfig/__init__.py.in:298 +#: src/config/SSSDConfig/__init__.py.in:299 msgid "Specify the sasl mechanism to use" msgstr "Especifica el mecanisme SASL a utilitzar" -#: src/config/SSSDConfig/__init__.py.in:299 +#: src/config/SSSDConfig/__init__.py.in:300 msgid "Specify the sasl authorization id to use" msgstr "Especifica l'id. d'autorització SASL a utilitzar" -#: src/config/SSSDConfig/__init__.py.in:300 +#: src/config/SSSDConfig/__init__.py.in:301 msgid "Specify the sasl authorization realm to use" msgstr "Especifica el reialme d'autorització SASL a utilitzar" -#: src/config/SSSDConfig/__init__.py.in:301 +#: src/config/SSSDConfig/__init__.py.in:302 msgid "Specify the minimal SSF for LDAP sasl authorization" msgstr "Especifica el SSF mínim per a l'autorització SASL de LDAP" -#: src/config/SSSDConfig/__init__.py.in:302 +#: src/config/SSSDConfig/__init__.py.in:303 msgid "Kerberos service keytab" msgstr "Taula de claus del servei del Kerberos" -#: src/config/SSSDConfig/__init__.py.in:303 +#: src/config/SSSDConfig/__init__.py.in:304 msgid "Use Kerberos auth for LDAP connection" msgstr "Utilitza l'autenticació Kerberos per a la connexió LDAP" -#: src/config/SSSDConfig/__init__.py.in:304 +#: src/config/SSSDConfig/__init__.py.in:305 msgid "Follow LDAP referrals" msgstr "Segueix les referències LDAP" -#: src/config/SSSDConfig/__init__.py.in:305 +#: src/config/SSSDConfig/__init__.py.in:306 msgid "Lifetime of TGT for LDAP connection" msgstr "Temps de vida del TGT per la connexió LDAP" -#: src/config/SSSDConfig/__init__.py.in:306 +#: src/config/SSSDConfig/__init__.py.in:307 msgid "How to dereference aliases" msgstr "Com desreferenciar els àlies" -#: src/config/SSSDConfig/__init__.py.in:307 +#: src/config/SSSDConfig/__init__.py.in:308 msgid "Service name for DNS service lookups" msgstr "Nom del servei per a la recerca del servei del DNS" -#: src/config/SSSDConfig/__init__.py.in:308 +#: src/config/SSSDConfig/__init__.py.in:309 msgid "The number of records to retrieve in a single LDAP query" msgstr "El nombre de registres a recuperar en una sola consulta LDAP" -#: src/config/SSSDConfig/__init__.py.in:309 +#: src/config/SSSDConfig/__init__.py.in:310 msgid "The number of members that must be missing to trigger a full deref" msgstr "" "El nombre de membres que han de faltar per activar una de-referència completa" -#: src/config/SSSDConfig/__init__.py.in:310 +#: src/config/SSSDConfig/__init__.py.in:311 msgid "" "Whether the LDAP library should perform a reverse lookup to canonicalize the " "host name during a SASL bind" @@ -1050,384 +1054,384 @@ msgstr "" "Si la biblioteca LDAP hauria de realitzar una recerca inversa per canonitzar " "el nom d'amfitrió durant la creació del vincle SASL" -#: src/config/SSSDConfig/__init__.py.in:312 +#: src/config/SSSDConfig/__init__.py.in:313 msgid "entryUSN attribute" msgstr "L'atribut entryUSN" -#: src/config/SSSDConfig/__init__.py.in:313 +#: src/config/SSSDConfig/__init__.py.in:314 msgid "lastUSN attribute" msgstr "L'atribut lastUSN" -#: src/config/SSSDConfig/__init__.py.in:315 +#: src/config/SSSDConfig/__init__.py.in:316 msgid "How long to retain a connection to the LDAP server before disconnecting" msgstr "" "Quant de temps s'ha de retenir una connexió al servidor LDAP abans de " "desconnectar" -#: src/config/SSSDConfig/__init__.py.in:317 +#: src/config/SSSDConfig/__init__.py.in:318 msgid "Disable the LDAP paging control" msgstr "Inhabilita el control de paginació LDAP" -#: src/config/SSSDConfig/__init__.py.in:318 +#: src/config/SSSDConfig/__init__.py.in:319 msgid "Disable Active Directory range retrieval" msgstr "Inhabilita la recuperació de l'interval de l'Active Directory" -#: src/config/SSSDConfig/__init__.py.in:321 +#: src/config/SSSDConfig/__init__.py.in:322 msgid "Length of time to wait for a search request" msgstr "Període de temps per esperar una petició de cerca" -#: src/config/SSSDConfig/__init__.py.in:322 +#: src/config/SSSDConfig/__init__.py.in:323 msgid "Length of time to wait for a enumeration request" msgstr "Període de temps per esperar una petició d'enumeració" -#: src/config/SSSDConfig/__init__.py.in:323 +#: src/config/SSSDConfig/__init__.py.in:324 msgid "Length of time between enumeration updates" msgstr "Període de temps entre les actualitzacions de les enumeracions" -#: src/config/SSSDConfig/__init__.py.in:324 +#: src/config/SSSDConfig/__init__.py.in:325 msgid "Length of time between cache cleanups" msgstr "Període de temps entre les neteges de la memòria cau" -#: src/config/SSSDConfig/__init__.py.in:325 +#: src/config/SSSDConfig/__init__.py.in:326 msgid "Require TLS for ID lookups" msgstr "Requereix TLS per a la recerca d'id." -#: src/config/SSSDConfig/__init__.py.in:326 +#: src/config/SSSDConfig/__init__.py.in:327 msgid "Use ID-mapping of objectSID instead of pre-set IDs" msgstr "" "Utilitza l'assignació dels id. de l'objectSID en lloc dels id. pre-establerts" -#: src/config/SSSDConfig/__init__.py.in:327 +#: src/config/SSSDConfig/__init__.py.in:328 msgid "Base DN for user lookups" msgstr "DN base per a la recerca de l'usuari" -#: src/config/SSSDConfig/__init__.py.in:328 +#: src/config/SSSDConfig/__init__.py.in:329 msgid "Scope of user lookups" msgstr "Abast de la recerca de l'usuari" -#: src/config/SSSDConfig/__init__.py.in:329 +#: src/config/SSSDConfig/__init__.py.in:330 msgid "Filter for user lookups" msgstr "Filtre per a la recerca de l'usuari" -#: src/config/SSSDConfig/__init__.py.in:330 +#: src/config/SSSDConfig/__init__.py.in:331 msgid "Objectclass for users" msgstr "Objectclass per als usuaris" -#: src/config/SSSDConfig/__init__.py.in:331 +#: src/config/SSSDConfig/__init__.py.in:332 msgid "Username attribute" msgstr "L'atribut nom d'usuari" -#: src/config/SSSDConfig/__init__.py.in:333 +#: src/config/SSSDConfig/__init__.py.in:334 msgid "UID attribute" msgstr "L'atribut UID" -#: src/config/SSSDConfig/__init__.py.in:334 +#: src/config/SSSDConfig/__init__.py.in:335 msgid "Primary GID attribute" msgstr "L'atribut GID primari" -#: src/config/SSSDConfig/__init__.py.in:335 +#: src/config/SSSDConfig/__init__.py.in:336 msgid "GECOS attribute" msgstr "L'atribut GECOS" -#: src/config/SSSDConfig/__init__.py.in:336 +#: src/config/SSSDConfig/__init__.py.in:337 msgid "Home directory attribute" msgstr "L'atribut directori inicial" -#: src/config/SSSDConfig/__init__.py.in:337 +#: src/config/SSSDConfig/__init__.py.in:338 msgid "Shell attribute" msgstr "L'atribut shell" -#: src/config/SSSDConfig/__init__.py.in:338 +#: src/config/SSSDConfig/__init__.py.in:339 msgid "UUID attribute" msgstr "L'atribut UUID" -#: src/config/SSSDConfig/__init__.py.in:339 -#: src/config/SSSDConfig/__init__.py.in:381 +#: src/config/SSSDConfig/__init__.py.in:340 +#: src/config/SSSDConfig/__init__.py.in:382 msgid "objectSID attribute" msgstr "L'atribut objectSID" -#: src/config/SSSDConfig/__init__.py.in:340 +#: src/config/SSSDConfig/__init__.py.in:341 msgid "Active Directory primary group attribute for ID-mapping" msgstr "L'atribut grup primari de l'Active Directory per a l'assignació d'id." -#: src/config/SSSDConfig/__init__.py.in:341 +#: src/config/SSSDConfig/__init__.py.in:342 msgid "User principal attribute (for Kerberos)" msgstr "L'atribut usuari principal (per a Kerberos)" -#: src/config/SSSDConfig/__init__.py.in:342 +#: src/config/SSSDConfig/__init__.py.in:343 msgid "Full Name" msgstr "Nom complet" -#: src/config/SSSDConfig/__init__.py.in:343 +#: src/config/SSSDConfig/__init__.py.in:344 msgid "memberOf attribute" msgstr "L'atribut memberOf" -#: src/config/SSSDConfig/__init__.py.in:344 +#: src/config/SSSDConfig/__init__.py.in:345 msgid "Modification time attribute" msgstr "L'atribut data de modificació" -#: src/config/SSSDConfig/__init__.py.in:346 +#: src/config/SSSDConfig/__init__.py.in:347 msgid "shadowLastChange attribute" msgstr "L'atribut shadowLastChange" -#: src/config/SSSDConfig/__init__.py.in:347 +#: src/config/SSSDConfig/__init__.py.in:348 msgid "shadowMin attribute" msgstr "L'atribut shadowMin" -#: src/config/SSSDConfig/__init__.py.in:348 +#: src/config/SSSDConfig/__init__.py.in:349 msgid "shadowMax attribute" msgstr "L'atribut shadowMax" -#: src/config/SSSDConfig/__init__.py.in:349 +#: src/config/SSSDConfig/__init__.py.in:350 msgid "shadowWarning attribute" msgstr "L'atribut shadowWarning" -#: src/config/SSSDConfig/__init__.py.in:350 +#: src/config/SSSDConfig/__init__.py.in:351 msgid "shadowInactive attribute" msgstr "L'atribut shadowInactive" -#: src/config/SSSDConfig/__init__.py.in:351 +#: src/config/SSSDConfig/__init__.py.in:352 msgid "shadowExpire attribute" msgstr "L'atribut shadowExpire" -#: src/config/SSSDConfig/__init__.py.in:352 +#: src/config/SSSDConfig/__init__.py.in:353 msgid "shadowFlag attribute" msgstr "L'atribut shadowFlag" -#: src/config/SSSDConfig/__init__.py.in:353 +#: src/config/SSSDConfig/__init__.py.in:354 msgid "Attribute listing authorized PAM services" msgstr "L'atribut que llista els serveis PAM autoritzats" -#: src/config/SSSDConfig/__init__.py.in:354 +#: src/config/SSSDConfig/__init__.py.in:355 msgid "Attribute listing authorized server hosts" msgstr "L'atribut que llista els amfitrions dels servidors autoritzats" -#: src/config/SSSDConfig/__init__.py.in:355 +#: src/config/SSSDConfig/__init__.py.in:356 msgid "Attribute listing authorized server rhosts" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:356 +#: src/config/SSSDConfig/__init__.py.in:357 msgid "krbLastPwdChange attribute" msgstr "L'atribut krbLastPwdChange" -#: src/config/SSSDConfig/__init__.py.in:357 +#: src/config/SSSDConfig/__init__.py.in:358 msgid "krbPasswordExpiration attribute" msgstr "L'atribut krbPasswordExpiration" -#: src/config/SSSDConfig/__init__.py.in:358 +#: src/config/SSSDConfig/__init__.py.in:359 msgid "Attribute indicating that server side password policies are active" msgstr "" "L'atribut que indica l'activació de les polítiques de contrasenya de servidor" -#: src/config/SSSDConfig/__init__.py.in:359 +#: src/config/SSSDConfig/__init__.py.in:360 msgid "accountExpires attribute of AD" msgstr "L'atribut accountExpires de l'AD" -#: src/config/SSSDConfig/__init__.py.in:360 +#: src/config/SSSDConfig/__init__.py.in:361 msgid "userAccountControl attribute of AD" msgstr "L'atribut userAccountControl de l'AD" -#: src/config/SSSDConfig/__init__.py.in:361 +#: src/config/SSSDConfig/__init__.py.in:362 msgid "nsAccountLock attribute" msgstr "L'atribut nsAccountLock" -#: src/config/SSSDConfig/__init__.py.in:362 +#: src/config/SSSDConfig/__init__.py.in:363 msgid "loginDisabled attribute of NDS" msgstr "L'atribut loginDisabled del NDS" -#: src/config/SSSDConfig/__init__.py.in:363 +#: src/config/SSSDConfig/__init__.py.in:364 msgid "loginExpirationTime attribute of NDS" msgstr "L'atribut loginExpirationTime del NDS" -#: src/config/SSSDConfig/__init__.py.in:364 +#: src/config/SSSDConfig/__init__.py.in:365 msgid "loginAllowedTimeMap attribute of NDS" msgstr "L'atribut loginAllowedTimeMap del NDS" -#: src/config/SSSDConfig/__init__.py.in:365 +#: src/config/SSSDConfig/__init__.py.in:366 msgid "SSH public key attribute" msgstr "L'atribut clau pública SSH" -#: src/config/SSSDConfig/__init__.py.in:366 +#: src/config/SSSDConfig/__init__.py.in:367 msgid "attribute listing allowed authentication types for a user" msgstr "atribut que llista els tipus permesos d'autenticació per a un usuari" -#: src/config/SSSDConfig/__init__.py.in:367 +#: src/config/SSSDConfig/__init__.py.in:368 msgid "attribute containing the X509 certificate of the user" msgstr "atribut que conté el certificat X509 de l'usuari" -#: src/config/SSSDConfig/__init__.py.in:368 +#: src/config/SSSDConfig/__init__.py.in:369 msgid "attribute containing the email address of the user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:370 +#: src/config/SSSDConfig/__init__.py.in:371 msgid "A list of extra attributes to download along with the user entry" msgstr "" "Una llista dels atributs extres per baixar juntament amb l'entrada de " "l'usuari" -#: src/config/SSSDConfig/__init__.py.in:372 +#: src/config/SSSDConfig/__init__.py.in:373 msgid "Base DN for group lookups" msgstr "DN base per a la recerca del grup" -#: src/config/SSSDConfig/__init__.py.in:375 +#: src/config/SSSDConfig/__init__.py.in:376 msgid "Objectclass for groups" msgstr "L'objectclass per als grups" -#: src/config/SSSDConfig/__init__.py.in:376 +#: src/config/SSSDConfig/__init__.py.in:377 msgid "Group name" msgstr "Nom del grup" -#: src/config/SSSDConfig/__init__.py.in:377 +#: src/config/SSSDConfig/__init__.py.in:378 msgid "Group password" msgstr "Contrasenya del grup" -#: src/config/SSSDConfig/__init__.py.in:378 +#: src/config/SSSDConfig/__init__.py.in:379 msgid "GID attribute" msgstr "L'atribut GID" -#: src/config/SSSDConfig/__init__.py.in:379 +#: src/config/SSSDConfig/__init__.py.in:380 msgid "Group member attribute" msgstr "L'atribut membre del grup" -#: src/config/SSSDConfig/__init__.py.in:380 +#: src/config/SSSDConfig/__init__.py.in:381 msgid "Group UUID attribute" msgstr "L'atribut UUID del grup" -#: src/config/SSSDConfig/__init__.py.in:382 +#: src/config/SSSDConfig/__init__.py.in:383 msgid "Modification time attribute for groups" msgstr "L'atribut data de modificació per als grups" -#: src/config/SSSDConfig/__init__.py.in:383 +#: src/config/SSSDConfig/__init__.py.in:384 msgid "Type of the group and other flags" msgstr "Tipus del grup i altres senyals" -#: src/config/SSSDConfig/__init__.py.in:384 +#: src/config/SSSDConfig/__init__.py.in:385 msgid "The LDAP group external member attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:386 +#: src/config/SSSDConfig/__init__.py.in:387 msgid "Maximum nesting level SSSD will follow" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:388 +#: src/config/SSSDConfig/__init__.py.in:389 msgid "Base DN for netgroup lookups" msgstr "DN base per a la recerca del grup de xarxa" -#: src/config/SSSDConfig/__init__.py.in:389 +#: src/config/SSSDConfig/__init__.py.in:390 msgid "Objectclass for netgroups" msgstr "L'objectclass per als grups de xarxa" -#: src/config/SSSDConfig/__init__.py.in:390 +#: src/config/SSSDConfig/__init__.py.in:391 msgid "Netgroup name" msgstr "Nom de grup de xarxa" -#: src/config/SSSDConfig/__init__.py.in:391 +#: src/config/SSSDConfig/__init__.py.in:392 msgid "Netgroups members attribute" msgstr "L'atribut membres del grup de xarxa" -#: src/config/SSSDConfig/__init__.py.in:392 +#: src/config/SSSDConfig/__init__.py.in:393 msgid "Netgroup triple attribute" msgstr "L'atribut triple del grup de xarxa" -#: src/config/SSSDConfig/__init__.py.in:393 +#: src/config/SSSDConfig/__init__.py.in:394 msgid "Modification time attribute for netgroups" msgstr "L'atribut data de modificació per als grups de xarxa" -#: src/config/SSSDConfig/__init__.py.in:395 +#: src/config/SSSDConfig/__init__.py.in:396 msgid "Base DN for service lookups" msgstr "DN base per a la recerca del servei" -#: src/config/SSSDConfig/__init__.py.in:396 +#: src/config/SSSDConfig/__init__.py.in:397 msgid "Objectclass for services" msgstr "Objectclass per als serveis" -#: src/config/SSSDConfig/__init__.py.in:397 +#: src/config/SSSDConfig/__init__.py.in:398 msgid "Service name attribute" msgstr "L'atribut nom del servei" -#: src/config/SSSDConfig/__init__.py.in:398 +#: src/config/SSSDConfig/__init__.py.in:399 msgid "Service port attribute" msgstr "L'atribut port del servei" -#: src/config/SSSDConfig/__init__.py.in:399 +#: src/config/SSSDConfig/__init__.py.in:400 msgid "Service protocol attribute" msgstr "L'atribut protocol del servei" -#: src/config/SSSDConfig/__init__.py.in:402 +#: src/config/SSSDConfig/__init__.py.in:403 msgid "Lower bound for ID-mapping" msgstr "Límit inferior per a l'assignació d'id." -#: src/config/SSSDConfig/__init__.py.in:403 +#: src/config/SSSDConfig/__init__.py.in:404 msgid "Upper bound for ID-mapping" msgstr "Límit superior per a l'assignació d'id." -#: src/config/SSSDConfig/__init__.py.in:404 +#: src/config/SSSDConfig/__init__.py.in:405 msgid "Number of IDs for each slice when ID-mapping" msgstr "Nombres d'id. per cada porció en l'assignació d'id." -#: src/config/SSSDConfig/__init__.py.in:405 +#: src/config/SSSDConfig/__init__.py.in:406 msgid "Use autorid-compatible algorithm for ID-mapping" msgstr "Utilitza l'algoritme compatible d'autorid per a l'assignació d'id." -#: src/config/SSSDConfig/__init__.py.in:406 +#: src/config/SSSDConfig/__init__.py.in:407 msgid "Name of the default domain for ID-mapping" msgstr "Nom del domini per defecte per a l'assignació d'id." -#: src/config/SSSDConfig/__init__.py.in:407 +#: src/config/SSSDConfig/__init__.py.in:408 msgid "SID of the default domain for ID-mapping" msgstr "SID del domini per defecte per a l'assignació d'id." -#: src/config/SSSDConfig/__init__.py.in:408 +#: src/config/SSSDConfig/__init__.py.in:409 msgid "Number of secondary slices" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:410 +#: src/config/SSSDConfig/__init__.py.in:411 msgid "Whether to use Token-Groups" msgstr "Si s'utilitzen els grups amb testimonis" -#: src/config/SSSDConfig/__init__.py.in:411 +#: src/config/SSSDConfig/__init__.py.in:412 msgid "Set lower boundary for allowed IDs from the LDAP server" msgstr "Estableix el límit inferior per als id. permesos del servidor LDAP" -#: src/config/SSSDConfig/__init__.py.in:412 +#: src/config/SSSDConfig/__init__.py.in:413 msgid "Set upper boundary for allowed IDs from the LDAP server" msgstr "Estableix el límit superior per als id. permesos del servidor LDAP" -#: src/config/SSSDConfig/__init__.py.in:413 +#: src/config/SSSDConfig/__init__.py.in:414 msgid "DN for ppolicy queries" msgstr "DN per a les consultes ppolicy" -#: src/config/SSSDConfig/__init__.py.in:414 +#: src/config/SSSDConfig/__init__.py.in:415 msgid "How many maximum entries to fetch during a wildcard request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:417 +#: src/config/SSSDConfig/__init__.py.in:418 msgid "Policy to evaluate the password expiration" msgstr "Política per avaluar el venciment de la contrasenya" -#: src/config/SSSDConfig/__init__.py.in:421 +#: src/config/SSSDConfig/__init__.py.in:422 msgid "Which attributes shall be used to evaluate if an account is expired" msgstr "" "Quins atributs s'haurien d'utilitzar per avaluar si el compte ha vençut" -#: src/config/SSSDConfig/__init__.py.in:422 +#: src/config/SSSDConfig/__init__.py.in:423 msgid "Which rules should be used to evaluate access control" msgstr "Quines regles s'haurien d'utilitzar per avaluar el control d'accés" -#: src/config/SSSDConfig/__init__.py.in:425 +#: src/config/SSSDConfig/__init__.py.in:426 msgid "URI of an LDAP server where password changes are allowed" msgstr "URI d'un servidor LDAP on es permeten els canvis de contrasenya" -#: src/config/SSSDConfig/__init__.py.in:426 +#: src/config/SSSDConfig/__init__.py.in:427 msgid "URI of a backup LDAP server where password changes are allowed" msgstr "" "URI d'un servidor LDAP de reserva on es permeten els canvis de contrasenya" -#: src/config/SSSDConfig/__init__.py.in:427 +#: src/config/SSSDConfig/__init__.py.in:428 msgid "DNS service name for LDAP password change server" msgstr "Nom del servei DNS pel servidor LDAP de canvi de contrasenyes" -#: src/config/SSSDConfig/__init__.py.in:428 +#: src/config/SSSDConfig/__init__.py.in:429 msgid "" "Whether to update the ldap_user_shadow_last_change attribute after a " "password change" @@ -1435,23 +1439,23 @@ msgstr "" "Si s'actualitza l'atribut ldap_user_shadow_last_change després d'un canvi de " "contrasenya" -#: src/config/SSSDConfig/__init__.py.in:431 +#: src/config/SSSDConfig/__init__.py.in:432 msgid "Base DN for sudo rules lookups" msgstr "DN base per a la recerca de les regles sudo" -#: src/config/SSSDConfig/__init__.py.in:432 +#: src/config/SSSDConfig/__init__.py.in:433 msgid "Automatic full refresh period" msgstr "Període d'actualització automàtica completa" -#: src/config/SSSDConfig/__init__.py.in:433 +#: src/config/SSSDConfig/__init__.py.in:434 msgid "Automatic smart refresh period" msgstr "Període d'actualització automàtica intel·ligent" -#: src/config/SSSDConfig/__init__.py.in:434 +#: src/config/SSSDConfig/__init__.py.in:435 msgid "Whether to filter rules by hostname, IP addresses and network" msgstr "Si es filtren les regles per nom d'amfitrió, adreça IP i xarxa" -#: src/config/SSSDConfig/__init__.py.in:435 +#: src/config/SSSDConfig/__init__.py.in:436 msgid "" "Hostnames and/or fully qualified domain names of this machine to filter sudo " "rules" @@ -1459,255 +1463,263 @@ msgstr "" "Noms d'amfitrió i/o noms de domini plenament qualificat d'aquesta màquina " "per filtrar les regles de sudo" -#: src/config/SSSDConfig/__init__.py.in:436 +#: src/config/SSSDConfig/__init__.py.in:437 msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules" msgstr "" "Adreces IPv4 o IPv6 o xarxa d'aquesta màquina per filtrar regles de sudo" -#: src/config/SSSDConfig/__init__.py.in:437 +#: src/config/SSSDConfig/__init__.py.in:438 msgid "Whether to include rules that contains netgroup in host attribute" msgstr "" "Si s'inclouen les regles que contenen el grup de xarxa a l'atribut de " "l'amfitrió" -#: src/config/SSSDConfig/__init__.py.in:438 +#: src/config/SSSDConfig/__init__.py.in:439 msgid "" "Whether to include rules that contains regular expression in host attribute" msgstr "" "Si s'inclouen les regles que contenen expressions regulars a l'atribut de " "l'amfitrió" -#: src/config/SSSDConfig/__init__.py.in:439 +#: src/config/SSSDConfig/__init__.py.in:440 msgid "Object class for sudo rules" msgstr "Objectclass de les regles sudo" -#: src/config/SSSDConfig/__init__.py.in:440 +#: src/config/SSSDConfig/__init__.py.in:441 msgid "Sudo rule name" msgstr "Nom de la regla sudo" -#: src/config/SSSDConfig/__init__.py.in:441 +#: src/config/SSSDConfig/__init__.py.in:442 msgid "Sudo rule command attribute" msgstr "Attribut command de la regla sudo" -#: src/config/SSSDConfig/__init__.py.in:442 +#: src/config/SSSDConfig/__init__.py.in:443 msgid "Sudo rule host attribute" msgstr "L'atribut host de la regla sudo" -#: src/config/SSSDConfig/__init__.py.in:443 +#: src/config/SSSDConfig/__init__.py.in:444 msgid "Sudo rule user attribute" msgstr "L'atribut user de la regla sudo" -#: src/config/SSSDConfig/__init__.py.in:444 +#: src/config/SSSDConfig/__init__.py.in:445 msgid "Sudo rule option attribute" msgstr "L'atribut option de la regla sudo" -#: src/config/SSSDConfig/__init__.py.in:445 +#: src/config/SSSDConfig/__init__.py.in:446 msgid "Sudo rule runas attribute" msgstr "L'atribut runas de la regla sudo" -#: src/config/SSSDConfig/__init__.py.in:446 +#: src/config/SSSDConfig/__init__.py.in:447 msgid "Sudo rule runasuser attribute" msgstr "L'atribut runasuser de la regla sudo" -#: src/config/SSSDConfig/__init__.py.in:447 +#: src/config/SSSDConfig/__init__.py.in:448 msgid "Sudo rule runasgroup attribute" msgstr "L'atribut runasgroup de la regla sudo" -#: src/config/SSSDConfig/__init__.py.in:448 +#: src/config/SSSDConfig/__init__.py.in:449 msgid "Sudo rule notbefore attribute" msgstr "L'atribut notbefore de la regla sudo" -#: src/config/SSSDConfig/__init__.py.in:449 +#: src/config/SSSDConfig/__init__.py.in:450 msgid "Sudo rule notafter attribute" msgstr "L'atribut notafter de la regla sudo" -#: src/config/SSSDConfig/__init__.py.in:450 +#: src/config/SSSDConfig/__init__.py.in:451 msgid "Sudo rule order attribute" msgstr "L'atribut order de la regla sudo" -#: src/config/SSSDConfig/__init__.py.in:453 +#: src/config/SSSDConfig/__init__.py.in:454 msgid "Object class for automounter maps" msgstr "Objectclass per a les assignacions de l'eina de muntatge automàtic" -#: src/config/SSSDConfig/__init__.py.in:454 +#: src/config/SSSDConfig/__init__.py.in:455 msgid "Automounter map name attribute" msgstr "L'atribut nom de l'assignació de l'eina de muntatge automàtic" -#: src/config/SSSDConfig/__init__.py.in:455 +#: src/config/SSSDConfig/__init__.py.in:456 msgid "Object class for automounter map entries" msgstr "" "Objectclass per a les entrades de les assignacions de l'eina de muntatge " "automàtic" -#: src/config/SSSDConfig/__init__.py.in:456 +#: src/config/SSSDConfig/__init__.py.in:457 msgid "Automounter map entry key attribute" msgstr "" "L'atribut clau d'entrada de l'assignació de l'eina de muntatge automàtic" -#: src/config/SSSDConfig/__init__.py.in:457 +#: src/config/SSSDConfig/__init__.py.in:458 msgid "Automounter map entry value attribute" msgstr "" "L'atribut valor de l'entrada de l'assignació l'eina de muntatge automàtic" -#: src/config/SSSDConfig/__init__.py.in:458 +#: src/config/SSSDConfig/__init__.py.in:459 msgid "Base DN for automounter map lookups" msgstr "" "DN base per a la recerca de l'assignació de l'eina de muntatge automàtic" -#: src/config/SSSDConfig/__init__.py.in:461 +#: src/config/SSSDConfig/__init__.py.in:462 msgid "Comma separated list of allowed users" msgstr "Llista separada per comes dels usuaris autoritzats" -#: src/config/SSSDConfig/__init__.py.in:462 +#: src/config/SSSDConfig/__init__.py.in:463 msgid "Comma separated list of prohibited users" msgstr "Llista separada per comes dels usuaris no autoritzats" -#: src/config/SSSDConfig/__init__.py.in:465 +#: src/config/SSSDConfig/__init__.py.in:466 msgid "Default shell, /bin/bash" msgstr "El shell predeterminat, /bin/bash" -#: src/config/SSSDConfig/__init__.py.in:466 +#: src/config/SSSDConfig/__init__.py.in:467 msgid "Base for home directories" msgstr "Base per als directoris inicials" -#: src/config/SSSDConfig/__init__.py.in:469 +#: src/config/SSSDConfig/__init__.py.in:470 msgid "The number of preforked proxy children." msgstr "" -#: src/config/SSSDConfig/__init__.py.in:472 +#: src/config/SSSDConfig/__init__.py.in:473 msgid "The name of the NSS library to use" msgstr "El nom de la biblioteca NSS a utilitzar" -#: src/config/SSSDConfig/__init__.py.in:473 +#: src/config/SSSDConfig/__init__.py.in:474 msgid "Whether to look up canonical group name from cache if possible" msgstr "" "Si se cerca el nom del grup canònic des de la memòria cau, si és possible" -#: src/config/SSSDConfig/__init__.py.in:476 +#: src/config/SSSDConfig/__init__.py.in:477 msgid "PAM stack to use" msgstr "Pila PAM a utilitzar" -#: src/config/SSSDConfig/__init__.py.in:479 +#: src/config/SSSDConfig/__init__.py.in:480 msgid "Path of passwd file sources." msgstr "" -#: src/config/SSSDConfig/__init__.py.in:480 +#: src/config/SSSDConfig/__init__.py.in:481 msgid "Path of group file sources." msgstr "" -#: src/monitor/monitor.c:2347 +#: src/monitor/monitor.c:2332 msgid "Become a daemon (default)" msgstr "Esdevé un dimoni (per defecte)" -#: src/monitor/monitor.c:2349 +#: src/monitor/monitor.c:2334 msgid "Run interactive (not a daemon)" msgstr "Executa en mode interactiu (no com a dimoni)" -#: src/monitor/monitor.c:2352 +#: src/monitor/monitor.c:2337 msgid "Disable netlink interface" msgstr "" -#: src/monitor/monitor.c:2354 src/tools/sssctl/sssctl_logs.c:311 +#: src/monitor/monitor.c:2339 src/tools/sssctl/sssctl_logs.c:311 msgid "Specify a non-default config file" msgstr "Especifica un fitxer de configuració diferent del predeterminat" -#: src/monitor/monitor.c:2356 +#: src/monitor/monitor.c:2341 msgid "Refresh the configuration database, then exit" msgstr "" -#: src/monitor/monitor.c:2359 +#: src/monitor/monitor.c:2344 msgid "Similar to --genconf, but only refreshes the given section" msgstr "" -#: src/monitor/monitor.c:2362 +#: src/monitor/monitor.c:2347 msgid "Print version number and exit" msgstr "Imprimeix el número de versió i surt" -#: src/monitor/monitor.c:2538 +#: src/monitor/monitor.c:2523 msgid "SSSD is already running\n" msgstr "" -#: src/providers/krb5/krb5_child.c:3219 src/providers/ldap/ldap_child.c:605 +#: src/providers/krb5/krb5_child.c:3232 src/providers/ldap/ldap_child.c:605 msgid "Debug level" msgstr "Nivell de depuració" -#: src/providers/krb5/krb5_child.c:3221 src/providers/ldap/ldap_child.c:607 +#: src/providers/krb5/krb5_child.c:3234 src/providers/ldap/ldap_child.c:607 msgid "Add debug timestamps" msgstr "Afegeix les marques temporals de depuració" -#: src/providers/krb5/krb5_child.c:3223 src/providers/ldap/ldap_child.c:609 +#: src/providers/krb5/krb5_child.c:3236 src/providers/ldap/ldap_child.c:609 msgid "Show timestamps with microseconds" msgstr "Mostra les marques temporals amb microsegons" -#: src/providers/krb5/krb5_child.c:3225 src/providers/ldap/ldap_child.c:611 +#: src/providers/krb5/krb5_child.c:3238 src/providers/ldap/ldap_child.c:611 msgid "An open file descriptor for the debug logs" msgstr "Un descriptor de fitxer obert pels registres de depuració" -#: src/providers/krb5/krb5_child.c:3228 src/providers/ldap/ldap_child.c:613 +#: src/providers/krb5/krb5_child.c:3241 src/providers/ldap/ldap_child.c:613 msgid "Send the debug output to stderr directly." msgstr "Envia directament la sortida de depuració al stderr." -#: src/providers/krb5/krb5_child.c:3231 +#: src/providers/krb5/krb5_child.c:3244 msgid "The user to create FAST ccache as" msgstr "L'usuari amb què es crea la ccache FAST" -#: src/providers/krb5/krb5_child.c:3233 +#: src/providers/krb5/krb5_child.c:3246 msgid "The group to create FAST ccache as" msgstr "El grup amb què es crea la ccache FAST" -#: src/providers/krb5/krb5_child.c:3235 +#: src/providers/krb5/krb5_child.c:3248 msgid "Kerberos realm to use" msgstr "" -#: src/providers/krb5/krb5_child.c:3237 +#: src/providers/krb5/krb5_child.c:3250 msgid "Requested lifetime of the ticket" msgstr "" -#: src/providers/krb5/krb5_child.c:3239 +#: src/providers/krb5/krb5_child.c:3252 msgid "Requested renewable lifetime of the ticket" msgstr "" -#: src/providers/krb5/krb5_child.c:3241 +#: src/providers/krb5/krb5_child.c:3254 msgid "FAST options ('never', 'try', 'demand')" msgstr "" -#: src/providers/krb5/krb5_child.c:3244 +#: src/providers/krb5/krb5_child.c:3257 msgid "Specifies the server principal to use for FAST" msgstr "" -#: src/providers/krb5/krb5_child.c:3246 +#: src/providers/krb5/krb5_child.c:3259 msgid "Requests canonicalization of the principal name" msgstr "" -#: src/providers/krb5/krb5_child.c:3248 +#: src/providers/krb5/krb5_child.c:3261 msgid "Use custom version of krb5_get_init_creds_password" msgstr "" -#: src/providers/data_provider_be.c:630 +#: src/providers/data_provider_be.c:673 msgid "Domain of the information provider (mandatory)" msgstr "Domini del proveïdor d'informació (obligatori)" -#: src/sss_client/common.c:1067 +#: src/sss_client/common.c:1079 msgid "Privileged socket has wrong ownership or permissions." msgstr "El sòcol amb privilegis té malament els permisos o el propietari." -#: src/sss_client/common.c:1070 +#: src/sss_client/common.c:1082 msgid "Public socket has wrong ownership or permissions." msgstr "El sòcol públic té malament els permisos o el propietari." -#: src/sss_client/common.c:1073 +#: src/sss_client/common.c:1085 msgid "Unexpected format of the server credential message." msgstr "Format inesperat del missatge de les credencials del servidor." -#: src/sss_client/common.c:1076 +#: src/sss_client/common.c:1088 msgid "SSSD is not run by root." msgstr "L'SSSD no s'està executant com a root." -#: src/sss_client/common.c:1081 +#: src/sss_client/common.c:1091 +msgid "SSSD socket does not exist." +msgstr "" + +#: src/sss_client/common.c:1094 +msgid "Cannot get stat of SSSD socket." +msgstr "" + +#: src/sss_client/common.c:1099 msgid "An error occurred, but no description can be found." msgstr "S'ha produït un error però no s'ha pogut trobar cap descripció." -#: src/sss_client/common.c:1087 +#: src/sss_client/common.c:1105 msgid "Unexpected error while looking for an error description" msgstr "Error inesperat en cercar una descripció de l'error" @@ -1715,48 +1727,48 @@ msgstr "Error inesperat en cercar una descripció de l'error" msgid "Permission denied. " msgstr "Permís denegat." -#: src/sss_client/pam_sss.c:68 src/sss_client/pam_sss.c:774 -#: src/sss_client/pam_sss.c:785 +#: src/sss_client/pam_sss.c:68 src/sss_client/pam_sss.c:777 +#: src/sss_client/pam_sss.c:788 msgid "Server message: " msgstr "Missatge del servidor: " -#: src/sss_client/pam_sss.c:292 +#: src/sss_client/pam_sss.c:295 msgid "Passwords do not match" msgstr "Les contrasenyes no coincideixen" -#: src/sss_client/pam_sss.c:480 +#: src/sss_client/pam_sss.c:483 msgid "Password reset by root is not supported." msgstr "No s'admet el restabliment de la contrasenya pel root." -#: src/sss_client/pam_sss.c:521 +#: src/sss_client/pam_sss.c:524 msgid "Authenticated with cached credentials" msgstr "S'ha autenticat amb credencials de la memòria cau" -#: src/sss_client/pam_sss.c:522 +#: src/sss_client/pam_sss.c:525 msgid ", your cached password will expire at: " msgstr ", la vostra contrasenya en memòria cau vencerà el: " -#: src/sss_client/pam_sss.c:552 +#: src/sss_client/pam_sss.c:555 #, c-format msgid "Your password has expired. You have %1$d grace login(s) remaining." msgstr "" "La vostra contrasenya ha vençut. Teniu %1$d inicis de sessió restants de " "cortesia." -#: src/sss_client/pam_sss.c:598 +#: src/sss_client/pam_sss.c:601 #, c-format msgid "Your password will expire in %1$d %2$s." msgstr "La vostra contrasenya vencerà en %1$d %2$s." -#: src/sss_client/pam_sss.c:647 +#: src/sss_client/pam_sss.c:650 msgid "Authentication is denied until: " msgstr "S'ha denegat l'autenticació fins: " -#: src/sss_client/pam_sss.c:668 +#: src/sss_client/pam_sss.c:671 msgid "System is offline, password change not possible" msgstr "El sistema està desconnectat, el canvi de contrasenya no és possible" -#: src/sss_client/pam_sss.c:683 +#: src/sss_client/pam_sss.c:686 msgid "" "After changing the OTP password, you need to log out and back in order to " "acquire a ticket" @@ -1764,43 +1776,43 @@ msgstr "" "Després de canviar la contrasenya OTP, heu de tancar la sessió i tornar-la a " "iniciar per tal d'adquirir un tiquet" -#: src/sss_client/pam_sss.c:771 src/sss_client/pam_sss.c:784 +#: src/sss_client/pam_sss.c:774 src/sss_client/pam_sss.c:787 msgid "Password change failed. " msgstr "Ha fallat el canvi de contrasenya." -#: src/sss_client/pam_sss.c:1921 +#: src/sss_client/pam_sss.c:1977 msgid "New Password: " msgstr "Nova contrasenya: " -#: src/sss_client/pam_sss.c:1922 +#: src/sss_client/pam_sss.c:1978 msgid "Reenter new Password: " msgstr "Torneu a introduir la nova contrasenya: " -#: src/sss_client/pam_sss.c:2038 src/sss_client/pam_sss.c:2041 +#: src/sss_client/pam_sss.c:2139 src/sss_client/pam_sss.c:2142 msgid "First Factor: " msgstr "Primer factor:" -#: src/sss_client/pam_sss.c:2039 src/sss_client/pam_sss.c:2201 +#: src/sss_client/pam_sss.c:2140 src/sss_client/pam_sss.c:2303 msgid "Second Factor (optional): " msgstr "" -#: src/sss_client/pam_sss.c:2042 src/sss_client/pam_sss.c:2204 +#: src/sss_client/pam_sss.c:2143 src/sss_client/pam_sss.c:2306 msgid "Second Factor: " msgstr "Segon factor:" -#: src/sss_client/pam_sss.c:2057 +#: src/sss_client/pam_sss.c:2158 msgid "Password: " msgstr "Contrasenya: " -#: src/sss_client/pam_sss.c:2200 src/sss_client/pam_sss.c:2203 +#: src/sss_client/pam_sss.c:2302 src/sss_client/pam_sss.c:2305 msgid "First Factor (Current Password): " msgstr "" -#: src/sss_client/pam_sss.c:2207 +#: src/sss_client/pam_sss.c:2309 msgid "Current Password: " msgstr "Contrasenya actual: " -#: src/sss_client/pam_sss.c:2562 +#: src/sss_client/pam_sss.c:2664 msgid "Password expired. Change your password now." msgstr "La contrasenya ha vençut. Canvieu ara la vostra contrasenya." @@ -1809,7 +1821,7 @@ msgstr "La contrasenya ha vençut. Canvieu ara la vostra contrasenya." #: src/tools/sss_groupadd.c:41 src/tools/sss_groupdel.c:44 #: src/tools/sss_groupmod.c:42 src/tools/sss_groupshow.c:668 #: src/tools/sss_userdel.c:134 src/tools/sss_usermod.c:47 -#: src/tools/sss_cache.c:687 +#: src/tools/sss_cache.c:704 msgid "The debug level to run with" msgstr "El nivell de depuració amb què s'executa" @@ -1822,7 +1834,7 @@ msgstr "El domini SSSD a utilitzar" #: src/tools/sss_groupadd.c:59 src/tools/sss_groupdel.c:54 #: src/tools/sss_groupmod.c:66 src/tools/sss_groupshow.c:680 #: src/tools/sss_userdel.c:152 src/tools/sss_usermod.c:79 -#: src/tools/sss_cache.c:733 +#: src/tools/sss_cache.c:750 msgid "Error setting the locale\n" msgstr "S'ha produït un error en establir la configuració regional\n" @@ -1858,6 +1870,11 @@ msgstr "No s'ha especificat l'amfitrió\n" msgid "The path to the proxy command must be absolute\n" msgstr "El camí a l'ordre proxy ha de ser absolut\n" +#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:342 +#, c-format +msgid "sss_ssh_knownhostsproxy: Could not resolve hostname %s\n" +msgstr "" + #: src/tools/sss_useradd.c:49 src/tools/sss_usermod.c:48 msgid "The UID of the user" msgstr "L'UID de l'usuari" @@ -2294,95 +2311,95 @@ msgid "Transaction error. Could not modify user.\n" msgstr "" "S'ha produït un error en la transacció. No s'ha pogut modificar l'usuari.\n" -#: src/tools/sss_cache.c:228 +#: src/tools/sss_cache.c:245 msgid "No cache object matched the specified search\n" msgstr "Cap objecte de la memòria cau ha coincidit amb la cerca especificada\n" -#: src/tools/sss_cache.c:519 +#: src/tools/sss_cache.c:536 #, c-format msgid "Couldn't invalidate %1$s\n" msgstr "No s'ha pogut invalidar %1$s\n" -#: src/tools/sss_cache.c:526 +#: src/tools/sss_cache.c:543 #, c-format msgid "Couldn't invalidate %1$s %2$s\n" msgstr "No s'ha pogut invalidar %1$s %2$s\n" -#: src/tools/sss_cache.c:689 +#: src/tools/sss_cache.c:706 msgid "Invalidate all cached entries" msgstr "" -#: src/tools/sss_cache.c:691 +#: src/tools/sss_cache.c:708 msgid "Invalidate particular user" msgstr "Invalida un usuari determinat" -#: src/tools/sss_cache.c:693 +#: src/tools/sss_cache.c:710 msgid "Invalidate all users" msgstr "Invalida tots els usuaris" -#: src/tools/sss_cache.c:695 +#: src/tools/sss_cache.c:712 msgid "Invalidate particular group" msgstr "Invalida un grup determinat" -#: src/tools/sss_cache.c:697 +#: src/tools/sss_cache.c:714 msgid "Invalidate all groups" msgstr "Invalida tots els grups" -#: src/tools/sss_cache.c:699 +#: src/tools/sss_cache.c:716 msgid "Invalidate particular netgroup" msgstr "Invalida un grup de xarxa determinat" -#: src/tools/sss_cache.c:701 +#: src/tools/sss_cache.c:718 msgid "Invalidate all netgroups" msgstr "Invalida tots els grups de xarxa" -#: src/tools/sss_cache.c:703 +#: src/tools/sss_cache.c:720 msgid "Invalidate particular service" msgstr "Invalida un servei determinat" -#: src/tools/sss_cache.c:705 +#: src/tools/sss_cache.c:722 msgid "Invalidate all services" msgstr "Invalida tots els serveis" -#: src/tools/sss_cache.c:708 +#: src/tools/sss_cache.c:725 msgid "Invalidate particular autofs map" msgstr "Invalida una assignació autofs determinada" -#: src/tools/sss_cache.c:710 +#: src/tools/sss_cache.c:727 msgid "Invalidate all autofs maps" msgstr "Invalida totes les assignacions autofs" -#: src/tools/sss_cache.c:714 +#: src/tools/sss_cache.c:731 msgid "Invalidate particular SSH host" msgstr "Invalida un amfitrió SSH determinat" -#: src/tools/sss_cache.c:716 +#: src/tools/sss_cache.c:733 msgid "Invalidate all SSH hosts" msgstr "Invalida tots els amfitrions SSH" -#: src/tools/sss_cache.c:720 +#: src/tools/sss_cache.c:737 msgid "Invalidate particular sudo rule" msgstr "" -#: src/tools/sss_cache.c:722 +#: src/tools/sss_cache.c:739 msgid "Invalidate all cached sudo rules" msgstr "" -#: src/tools/sss_cache.c:725 +#: src/tools/sss_cache.c:742 msgid "Only invalidate entries from a particular domain" msgstr "Invalida les entrades només d'un domini determinat" -#: src/tools/sss_cache.c:779 +#: src/tools/sss_cache.c:796 msgid "" "Unexpected argument(s) provided, options that invalidate a single object " "only accept a single provided argument.\n" msgstr "" -#: src/tools/sss_cache.c:789 +#: src/tools/sss_cache.c:806 msgid "Please select at least one object to invalidate\n" msgstr "Si us plau, seleccioneu almenys un objecte a invalidar\n" -#: src/tools/sss_cache.c:872 +#: src/tools/sss_cache.c:889 #, c-format msgid "" "Could not open domain %1$s. If the domain is a subdomain (trusted domain), " @@ -2391,7 +2408,7 @@ msgstr "" "No es pot obrir el domini %1$s. Si el domini és un subdomini (domini de " "confiança), utilitzeu el FQN en lloc del paràmetre --domain/-d.\n" -#: src/tools/sss_cache.c:877 +#: src/tools/sss_cache.c:894 msgid "Could not open available domains\n" msgstr "No s'han pogut obrir els dominis disponibles\n" @@ -2940,28 +2957,18 @@ msgstr "" msgid " - no env -\n" msgstr "" -#: src/util/util.h:73 +#: src/util/util.h:74 msgid "The user ID to run the server as" msgstr "L'id. d'usuari amb què s'executa el servidor" -#: src/util/util.h:75 +#: src/util/util.h:76 msgid "The group ID to run the server as" msgstr "L'id. de grup amb què s'executa el servidor" -#: src/util/util.h:83 +#: src/util/util.h:84 msgid "Informs that the responder has been socket-activated" msgstr "" -#: src/util/util.h:85 +#: src/util/util.h:86 msgid "Informs that the responder has been dbus-activated" msgstr "" - -#~ msgid "Store password hashes" -#~ msgstr "Emmagatzema els codis hash de les contrasenyes" - -#~ msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for group lookups" -#~ msgstr "Utilitza LDAP_MATCHING_RULE_IN_CHAIN per a la recerca del grup" - -#~ msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for initgroup lookups" -#~ msgstr "" -#~ "Utilitza LDAP_MATCHING_RULE_IN_CHAIN per a la recerca del grup inicial" diff --git a/po/cs.po b/po/cs.po index cba1e8ffe85..5c4de687b03 100644 --- a/po/cs.po +++ b/po/cs.po @@ -1,14 +1,15 @@ # Zdenek , 2017. #zanata # Pavel Borecki , 2018. #zanata +# Pavel Borecki , 2019. #zanata msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n" -"POT-Creation-Date: 2018-06-08 21:01+0200\n" +"POT-Creation-Date: 2019-02-27 19:55+0100\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" -"PO-Revision-Date: 2018-11-26 03:30+0000\n" +"PO-Revision-Date: 2019-05-03 07:12+0000\n" "Last-Translator: Pavel Borecki \n" "Language-Team: Czech\n" "Language: cs\n" @@ -73,12 +74,12 @@ msgid "Timeout for messages sent over the SBUS" msgstr "" #: src/config/SSSDConfig/__init__.py.in:60 -#: src/config/SSSDConfig/__init__.py.in:197 +#: src/config/SSSDConfig/__init__.py.in:199 msgid "Regex to parse username and domain" msgstr "" #: src/config/SSSDConfig/__init__.py.in:61 -#: src/config/SSSDConfig/__init__.py.in:196 +#: src/config/SSSDConfig/__init__.py.in:198 msgid "Printf-compatible format for displaying fully-qualified names" msgstr "" @@ -125,7 +126,7 @@ msgid "Entry cache background update timeout length (seconds)" msgstr "" #: src/config/SSSDConfig/__init__.py.in:74 -#: src/config/SSSDConfig/__init__.py.in:113 +#: src/config/SSSDConfig/__init__.py.in:116 msgid "Negative cache timeout length (seconds)" msgstr "" @@ -253,1030 +254,1032 @@ msgstr "" msgid "Which PAM services are permitted to contact application domains" msgstr "" +#: src/config/SSSDConfig/__init__.py.in:106 +msgid "Allowed services for using smartcards" +msgstr "" + +#: src/config/SSSDConfig/__init__.py.in:107 +msgid "Additional timeout to wait for a card if requested" +msgstr "" + #: src/config/SSSDConfig/__init__.py.in:108 +msgid "" +"PKCS#11 URI to restrict the selection of devices for Smartcard " +"authentication" +msgstr "" + +#: src/config/SSSDConfig/__init__.py.in:111 msgid "Whether to evaluate the time-based attributes in sudo rules" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:109 +#: src/config/SSSDConfig/__init__.py.in:112 msgid "If true, SSSD will switch back to lower-wins ordering logic" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:110 +#: src/config/SSSDConfig/__init__.py.in:113 msgid "" "Maximum number of rules that can be refreshed at once. If this is exceeded, " "full refresh is performed." msgstr "" -#: src/config/SSSDConfig/__init__.py.in:116 +#: src/config/SSSDConfig/__init__.py.in:119 msgid "Whether to hash host names and addresses in the known_hosts file" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:117 +#: src/config/SSSDConfig/__init__.py.in:120 msgid "" "How many seconds to keep a host in the known_hosts file after its host keys " "were requested" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:118 +#: src/config/SSSDConfig/__init__.py.in:121 msgid "Path to storage of trusted CA certificates" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:121 +#: src/config/SSSDConfig/__init__.py.in:124 msgid "List of UIDs or user names allowed to access the PAC responder" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:122 +#: src/config/SSSDConfig/__init__.py.in:125 msgid "How long the PAC data is considered valid" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:125 +#: src/config/SSSDConfig/__init__.py.in:128 msgid "List of UIDs or user names allowed to access the InfoPipe responder" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:126 +#: src/config/SSSDConfig/__init__.py.in:129 msgid "List of user attributes the InfoPipe is allowed to publish" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:129 +#: src/config/SSSDConfig/__init__.py.in:132 msgid "The provider where the secrets will be stored in" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:130 +#: src/config/SSSDConfig/__init__.py.in:133 msgid "The maximum allowed number of nested containers" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:131 +#: src/config/SSSDConfig/__init__.py.in:134 msgid "The maximum number of secrets that can be stored" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:132 +#: src/config/SSSDConfig/__init__.py.in:135 msgid "The maximum number of secrets that can be stored per UID" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:133 +#: src/config/SSSDConfig/__init__.py.in:136 msgid "The maximum payload size of a secret in kilobytes" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:135 +#: src/config/SSSDConfig/__init__.py.in:138 msgid "The URL Custodia server is listening on" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:136 +#: src/config/SSSDConfig/__init__.py.in:139 msgid "The method to use when authenticating to a Custodia server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:137 +#: src/config/SSSDConfig/__init__.py.in:140 msgid "" "The name of the headers that will be added into a HTTP request with the " "value defined in auth_header_value" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:138 +#: src/config/SSSDConfig/__init__.py.in:141 msgid "The value sssd-secrets would use for auth_header_name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:139 +#: src/config/SSSDConfig/__init__.py.in:142 msgid "" "The list of the headers to forward to the Custodia server together with the " "request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:140 +#: src/config/SSSDConfig/__init__.py.in:143 msgid "" "The username to use when authenticating to a Custodia server using " "basic_auth" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:141 +#: src/config/SSSDConfig/__init__.py.in:144 msgid "" "The password to use when authenticating to a Custodia server using " "basic_auth" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:142 +#: src/config/SSSDConfig/__init__.py.in:145 msgid "" "If true peer's certificate is verified if proxy_url uses https protocol" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:143 +#: src/config/SSSDConfig/__init__.py.in:146 msgid "" "If false peer's certificate may contain different hostname than proxy_url " "when https protocol is used" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:144 +#: src/config/SSSDConfig/__init__.py.in:147 msgid "Path to directory where certificate authority certificates are stored" msgstr "" "Popis umístění složky ve které jsou uchovávány certifikáty cert. autority" -#: src/config/SSSDConfig/__init__.py.in:145 +#: src/config/SSSDConfig/__init__.py.in:148 msgid "Path to file containing server's CA certificate" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:146 +#: src/config/SSSDConfig/__init__.py.in:149 msgid "Path to file containing client's certificate" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:147 +#: src/config/SSSDConfig/__init__.py.in:150 msgid "Path to file containing client's private key" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:150 +#: src/config/SSSDConfig/__init__.py.in:153 msgid "Identity provider" msgstr "Poskytovatel identity" -#: src/config/SSSDConfig/__init__.py.in:151 +#: src/config/SSSDConfig/__init__.py.in:154 msgid "Authentication provider" msgstr "Poskytovatel ověřování" -#: src/config/SSSDConfig/__init__.py.in:152 +#: src/config/SSSDConfig/__init__.py.in:155 msgid "Access control provider" msgstr "Poskytovatel řízení přístupu" -#: src/config/SSSDConfig/__init__.py.in:153 +#: src/config/SSSDConfig/__init__.py.in:156 msgid "Password change provider" msgstr "Poskytovatel změny hesel" -#: src/config/SSSDConfig/__init__.py.in:154 +#: src/config/SSSDConfig/__init__.py.in:157 msgid "SUDO provider" msgstr "Poskytovatel SUDO" -#: src/config/SSSDConfig/__init__.py.in:155 +#: src/config/SSSDConfig/__init__.py.in:158 msgid "Autofs provider" msgstr "Poskytovatel autofs" -#: src/config/SSSDConfig/__init__.py.in:156 +#: src/config/SSSDConfig/__init__.py.in:159 msgid "Host identity provider" msgstr "Poskytovatel identity strojů" -#: src/config/SSSDConfig/__init__.py.in:157 +#: src/config/SSSDConfig/__init__.py.in:160 msgid "SELinux provider" msgstr "Poskytovatel SELinux" -#: src/config/SSSDConfig/__init__.py.in:158 +#: src/config/SSSDConfig/__init__.py.in:161 msgid "Session management provider" msgstr "Poskytovatel správy sezení" -#: src/config/SSSDConfig/__init__.py.in:161 +#: src/config/SSSDConfig/__init__.py.in:164 msgid "Whether the domain is usable by the OS or by applications" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:162 +#: src/config/SSSDConfig/__init__.py.in:165 msgid "Minimum user ID" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:163 +#: src/config/SSSDConfig/__init__.py.in:166 msgid "Maximum user ID" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:164 +#: src/config/SSSDConfig/__init__.py.in:167 msgid "Enable enumerating all users/groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:165 +#: src/config/SSSDConfig/__init__.py.in:168 msgid "Cache credentials for offline login" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:166 -msgid "Store password hashes" -msgstr "Ukládat otisky hesel" - -#: src/config/SSSDConfig/__init__.py.in:167 +#: src/config/SSSDConfig/__init__.py.in:169 msgid "Display users/groups in fully-qualified form" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:168 +#: src/config/SSSDConfig/__init__.py.in:170 msgid "Don't include group members in group lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:169 -#: src/config/SSSDConfig/__init__.py.in:176 -#: src/config/SSSDConfig/__init__.py.in:177 +#: src/config/SSSDConfig/__init__.py.in:171 #: src/config/SSSDConfig/__init__.py.in:178 #: src/config/SSSDConfig/__init__.py.in:179 #: src/config/SSSDConfig/__init__.py.in:180 #: src/config/SSSDConfig/__init__.py.in:181 +#: src/config/SSSDConfig/__init__.py.in:182 +#: src/config/SSSDConfig/__init__.py.in:183 msgid "Entry cache timeout length (seconds)" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:170 +#: src/config/SSSDConfig/__init__.py.in:172 msgid "" "Restrict or prefer a specific address family when performing DNS lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:171 +#: src/config/SSSDConfig/__init__.py.in:173 msgid "How long to keep cached entries after last successful login (days)" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:172 +#: src/config/SSSDConfig/__init__.py.in:174 msgid "How long to wait for replies from DNS when resolving servers (seconds)" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:173 +#: src/config/SSSDConfig/__init__.py.in:175 msgid "The domain part of service discovery DNS query" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:174 +#: src/config/SSSDConfig/__init__.py.in:176 msgid "Override GID value from the identity provider with this value" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:175 +#: src/config/SSSDConfig/__init__.py.in:177 msgid "Treat usernames as case sensitive" msgstr "U uživatelských jmen rozlišovat velká a malá písmena" -#: src/config/SSSDConfig/__init__.py.in:182 +#: src/config/SSSDConfig/__init__.py.in:184 msgid "How often should expired entries be refreshed in background" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:183 +#: src/config/SSSDConfig/__init__.py.in:185 msgid "Whether to automatically update the client's DNS entry" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:184 -#: src/config/SSSDConfig/__init__.py.in:206 +#: src/config/SSSDConfig/__init__.py.in:186 +#: src/config/SSSDConfig/__init__.py.in:208 msgid "The TTL to apply to the client's DNS entry after updating it" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:185 -#: src/config/SSSDConfig/__init__.py.in:207 +#: src/config/SSSDConfig/__init__.py.in:187 +#: src/config/SSSDConfig/__init__.py.in:209 msgid "The interface whose IP should be used for dynamic DNS updates" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:186 +#: src/config/SSSDConfig/__init__.py.in:188 msgid "How often to periodically update the client's DNS entry" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:187 +#: src/config/SSSDConfig/__init__.py.in:189 msgid "Whether the provider should explicitly update the PTR record as well" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:188 +#: src/config/SSSDConfig/__init__.py.in:190 msgid "Whether the nsupdate utility should default to using TCP" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:189 +#: src/config/SSSDConfig/__init__.py.in:191 msgid "What kind of authentication should be used to perform the DNS update" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:190 +#: src/config/SSSDConfig/__init__.py.in:192 msgid "Override the DNS server used to perform the DNS update" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:191 +#: src/config/SSSDConfig/__init__.py.in:193 msgid "Control enumeration of trusted domains" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:192 +#: src/config/SSSDConfig/__init__.py.in:194 msgid "How often should subdomains list be refreshed" msgstr "Jak často má být znovu načítán seznam dílčích domén" -#: src/config/SSSDConfig/__init__.py.in:193 +#: src/config/SSSDConfig/__init__.py.in:195 msgid "List of options that should be inherited into a subdomain" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:194 +#: src/config/SSSDConfig/__init__.py.in:196 msgid "Default subdomain homedir value" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:195 +#: src/config/SSSDConfig/__init__.py.in:197 msgid "How long can cached credentials be used for cached authentication" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:198 +#: src/config/SSSDConfig/__init__.py.in:200 msgid "Whether to automatically create private groups for users" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:201 +#: src/config/SSSDConfig/__init__.py.in:203 msgid "IPA domain" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:202 +#: src/config/SSSDConfig/__init__.py.in:204 msgid "IPA server address" msgstr "Adresa IPA serveru" -#: src/config/SSSDConfig/__init__.py.in:203 +#: src/config/SSSDConfig/__init__.py.in:205 msgid "Address of backup IPA server" msgstr "Adresa záložního IPA serveru" -#: src/config/SSSDConfig/__init__.py.in:204 +#: src/config/SSSDConfig/__init__.py.in:206 msgid "IPA client hostname" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:205 +#: src/config/SSSDConfig/__init__.py.in:207 msgid "Whether to automatically update the client's DNS entry in FreeIPA" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:208 +#: src/config/SSSDConfig/__init__.py.in:210 msgid "Search base for HBAC related objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:209 +#: src/config/SSSDConfig/__init__.py.in:211 msgid "" "The amount of time between lookups of the HBAC rules against the IPA server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:210 +#: src/config/SSSDConfig/__init__.py.in:212 msgid "" "The amount of time in seconds between lookups of the SELinux maps against " "the IPA server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:211 +#: src/config/SSSDConfig/__init__.py.in:213 msgid "If set to false, host argument given by PAM will be ignored" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:212 +#: src/config/SSSDConfig/__init__.py.in:214 msgid "The automounter location this IPA client is using" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:213 +#: src/config/SSSDConfig/__init__.py.in:215 msgid "Search base for object containing info about IPA domain" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:214 +#: src/config/SSSDConfig/__init__.py.in:216 msgid "Search base for objects containing info about ID ranges" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:215 -#: src/config/SSSDConfig/__init__.py.in:233 +#: src/config/SSSDConfig/__init__.py.in:217 +#: src/config/SSSDConfig/__init__.py.in:235 msgid "Enable DNS sites - location based service discovery" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:216 +#: src/config/SSSDConfig/__init__.py.in:218 msgid "Search base for view containers" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:217 +#: src/config/SSSDConfig/__init__.py.in:219 msgid "Objectclass for view containers" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:218 +#: src/config/SSSDConfig/__init__.py.in:220 msgid "Attribute with the name of the view" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:219 +#: src/config/SSSDConfig/__init__.py.in:221 msgid "Objectclass for override objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:220 +#: src/config/SSSDConfig/__init__.py.in:222 msgid "Attribute with the reference to the original object" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:221 +#: src/config/SSSDConfig/__init__.py.in:223 msgid "Objectclass for user override objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:222 +#: src/config/SSSDConfig/__init__.py.in:224 msgid "Objectclass for group override objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:223 +#: src/config/SSSDConfig/__init__.py.in:225 msgid "Search base for Desktop Profile related objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:224 +#: src/config/SSSDConfig/__init__.py.in:226 msgid "" "The amount of time in seconds between lookups of the Desktop Profile rules " "against the IPA server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:225 +#: src/config/SSSDConfig/__init__.py.in:227 msgid "" "The amount of time in minutes between lookups of Desktop Profiles rules " "against the IPA server when the last request did not find any rule" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:228 +#: src/config/SSSDConfig/__init__.py.in:230 msgid "Active Directory domain" msgstr "Doména Active Directory" -#: src/config/SSSDConfig/__init__.py.in:229 +#: src/config/SSSDConfig/__init__.py.in:231 msgid "Enabled Active Directory domains" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:230 +#: src/config/SSSDConfig/__init__.py.in:232 msgid "Active Directory server address" msgstr "Adresa serveru s Active Directory" -#: src/config/SSSDConfig/__init__.py.in:231 +#: src/config/SSSDConfig/__init__.py.in:233 msgid "Active Directory backup server address" msgstr "Adresa záložního serveru s Active Directory" -#: src/config/SSSDConfig/__init__.py.in:232 +#: src/config/SSSDConfig/__init__.py.in:234 msgid "Active Directory client hostname" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:234 +#: src/config/SSSDConfig/__init__.py.in:236 #: src/config/SSSDConfig/__init__.py.in:420 msgid "LDAP filter to determine access privileges" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:235 +#: src/config/SSSDConfig/__init__.py.in:237 msgid "Whether to use the Global Catalog for lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:236 +#: src/config/SSSDConfig/__init__.py.in:238 msgid "Operation mode for GPO-based access control" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:237 +#: src/config/SSSDConfig/__init__.py.in:239 msgid "" "The amount of time between lookups of the GPO policy files against the AD " "server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:238 +#: src/config/SSSDConfig/__init__.py.in:240 msgid "" "PAM service names that map to the GPO (Deny)InteractiveLogonRight policy " "settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:239 +#: src/config/SSSDConfig/__init__.py.in:241 msgid "" "PAM service names that map to the GPO (Deny)RemoteInteractiveLogonRight " "policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:240 +#: src/config/SSSDConfig/__init__.py.in:242 msgid "" "PAM service names that map to the GPO (Deny)NetworkLogonRight policy " "settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:241 +#: src/config/SSSDConfig/__init__.py.in:243 msgid "" "PAM service names that map to the GPO (Deny)BatchLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:242 +#: src/config/SSSDConfig/__init__.py.in:244 msgid "" "PAM service names that map to the GPO (Deny)ServiceLogonRight policy " "settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:243 +#: src/config/SSSDConfig/__init__.py.in:245 msgid "PAM service names for which GPO-based access is always granted" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:244 +#: src/config/SSSDConfig/__init__.py.in:246 msgid "PAM service names for which GPO-based access is always denied" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:245 +#: src/config/SSSDConfig/__init__.py.in:247 msgid "" "Default logon right (or permit/deny) to use for unmapped PAM service names" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:246 +#: src/config/SSSDConfig/__init__.py.in:248 msgid "a particular site to be used by the client" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:247 +#: src/config/SSSDConfig/__init__.py.in:249 msgid "" "Maximum age in days before the machine account password should be renewed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:248 +#: src/config/SSSDConfig/__init__.py.in:250 msgid "Option for tuning the machine account renewal task" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:251 -#: src/config/SSSDConfig/__init__.py.in:252 +#: src/config/SSSDConfig/__init__.py.in:253 +#: src/config/SSSDConfig/__init__.py.in:254 msgid "Kerberos server address" msgstr "Adresa kerberos serveru" -#: src/config/SSSDConfig/__init__.py.in:253 +#: src/config/SSSDConfig/__init__.py.in:255 msgid "Kerberos backup server address" msgstr "Adresa záložního kerberos serveru" -#: src/config/SSSDConfig/__init__.py.in:254 +#: src/config/SSSDConfig/__init__.py.in:256 msgid "Kerberos realm" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:255 +#: src/config/SSSDConfig/__init__.py.in:257 msgid "Authentication timeout" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:256 +#: src/config/SSSDConfig/__init__.py.in:258 msgid "Whether to create kdcinfo files" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:257 +#: src/config/SSSDConfig/__init__.py.in:259 msgid "Where to drop krb5 config snippets" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:260 +#: src/config/SSSDConfig/__init__.py.in:262 msgid "Directory to store credential caches" msgstr "Složka ve které ukládat mezipaměť přihlašovacích údajů" -#: src/config/SSSDConfig/__init__.py.in:261 +#: src/config/SSSDConfig/__init__.py.in:263 msgid "Location of the user's credential cache" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:262 +#: src/config/SSSDConfig/__init__.py.in:264 msgid "Location of the keytab to validate credentials" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:263 +#: src/config/SSSDConfig/__init__.py.in:265 msgid "Enable credential validation" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:264 +#: src/config/SSSDConfig/__init__.py.in:266 msgid "Store password if offline for later online authentication" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:265 +#: src/config/SSSDConfig/__init__.py.in:267 msgid "Renewable lifetime of the TGT" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:266 +#: src/config/SSSDConfig/__init__.py.in:268 msgid "Lifetime of the TGT" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:267 +#: src/config/SSSDConfig/__init__.py.in:269 msgid "Time between two checks for renewal" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:268 +#: src/config/SSSDConfig/__init__.py.in:270 msgid "Enables FAST" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:269 +#: src/config/SSSDConfig/__init__.py.in:271 msgid "Selects the principal to use for FAST" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:270 +#: src/config/SSSDConfig/__init__.py.in:272 msgid "Enables principal canonicalization" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:271 +#: src/config/SSSDConfig/__init__.py.in:273 msgid "Enables enterprise principals" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:272 +#: src/config/SSSDConfig/__init__.py.in:274 msgid "A mapping from user names to Kerberos principal names" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:275 -#: src/config/SSSDConfig/__init__.py.in:276 +#: src/config/SSSDConfig/__init__.py.in:277 +#: src/config/SSSDConfig/__init__.py.in:278 msgid "Server where the change password service is running if not on the KDC" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:279 +#: src/config/SSSDConfig/__init__.py.in:281 msgid "ldap_uri, The URI of the LDAP server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:280 +#: src/config/SSSDConfig/__init__.py.in:282 msgid "ldap_backup_uri, The URI of the LDAP server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:281 +#: src/config/SSSDConfig/__init__.py.in:283 msgid "The default base DN" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:282 +#: src/config/SSSDConfig/__init__.py.in:284 msgid "The Schema Type in use on the LDAP server, rfc2307" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:283 +#: src/config/SSSDConfig/__init__.py.in:285 msgid "The default bind DN" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:284 +#: src/config/SSSDConfig/__init__.py.in:286 msgid "The type of the authentication token of the default bind DN" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:285 +#: src/config/SSSDConfig/__init__.py.in:287 msgid "The authentication token of the default bind DN" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:286 +#: src/config/SSSDConfig/__init__.py.in:288 msgid "Length of time to attempt connection" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:287 +#: src/config/SSSDConfig/__init__.py.in:289 msgid "Length of time to attempt synchronous LDAP operations" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:288 +#: src/config/SSSDConfig/__init__.py.in:290 msgid "Length of time between attempts to reconnect while offline" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:289 +#: src/config/SSSDConfig/__init__.py.in:291 msgid "Use only the upper case for realm names" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:290 +#: src/config/SSSDConfig/__init__.py.in:292 msgid "File that contains CA certificates" msgstr "Soubor obsahující certifikáty cert. autorit" -#: src/config/SSSDConfig/__init__.py.in:291 +#: src/config/SSSDConfig/__init__.py.in:293 msgid "Path to CA certificate directory" msgstr "Popis umístění složky s certifikáty cert. autority" -#: src/config/SSSDConfig/__init__.py.in:292 +#: src/config/SSSDConfig/__init__.py.in:294 msgid "File that contains the client certificate" msgstr "Soubor obsahující klientský certifikát" -#: src/config/SSSDConfig/__init__.py.in:293 +#: src/config/SSSDConfig/__init__.py.in:295 msgid "File that contains the client key" msgstr "Soubor který obsahuje klientský klíč" -#: src/config/SSSDConfig/__init__.py.in:294 +#: src/config/SSSDConfig/__init__.py.in:296 msgid "List of possible ciphers suites" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:295 +#: src/config/SSSDConfig/__init__.py.in:297 msgid "Require TLS certificate verification" msgstr "Vyžadovat ověření TSL certifikátem" -#: src/config/SSSDConfig/__init__.py.in:296 +#: src/config/SSSDConfig/__init__.py.in:298 msgid "Specify the sasl mechanism to use" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:297 +#: src/config/SSSDConfig/__init__.py.in:299 msgid "Specify the sasl authorization id to use" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:298 +#: src/config/SSSDConfig/__init__.py.in:300 msgid "Specify the sasl authorization realm to use" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:299 +#: src/config/SSSDConfig/__init__.py.in:301 msgid "Specify the minimal SSF for LDAP sasl authorization" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:300 +#: src/config/SSSDConfig/__init__.py.in:302 msgid "Kerberos service keytab" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:301 +#: src/config/SSSDConfig/__init__.py.in:303 msgid "Use Kerberos auth for LDAP connection" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:302 +#: src/config/SSSDConfig/__init__.py.in:304 msgid "Follow LDAP referrals" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:303 +#: src/config/SSSDConfig/__init__.py.in:305 msgid "Lifetime of TGT for LDAP connection" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:304 +#: src/config/SSSDConfig/__init__.py.in:306 msgid "How to dereference aliases" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:305 +#: src/config/SSSDConfig/__init__.py.in:307 msgid "Service name for DNS service lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:306 +#: src/config/SSSDConfig/__init__.py.in:308 msgid "The number of records to retrieve in a single LDAP query" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:307 +#: src/config/SSSDConfig/__init__.py.in:309 msgid "The number of members that must be missing to trigger a full deref" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:308 +#: src/config/SSSDConfig/__init__.py.in:310 msgid "" "Whether the LDAP library should perform a reverse lookup to canonicalize the " "host name during a SASL bind" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:310 +#: src/config/SSSDConfig/__init__.py.in:312 msgid "entryUSN attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:311 +#: src/config/SSSDConfig/__init__.py.in:313 msgid "lastUSN attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:313 +#: src/config/SSSDConfig/__init__.py.in:315 msgid "" "How long to retain a connection to the LDAP server before disconnecting" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:315 +#: src/config/SSSDConfig/__init__.py.in:317 msgid "Disable the LDAP paging control" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:316 +#: src/config/SSSDConfig/__init__.py.in:318 msgid "Disable Active Directory range retrieval" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:319 +#: src/config/SSSDConfig/__init__.py.in:321 msgid "Length of time to wait for a search request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:320 +#: src/config/SSSDConfig/__init__.py.in:322 msgid "Length of time to wait for a enumeration request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:321 +#: src/config/SSSDConfig/__init__.py.in:323 msgid "Length of time between enumeration updates" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:322 +#: src/config/SSSDConfig/__init__.py.in:324 msgid "Length of time between cache cleanups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:323 +#: src/config/SSSDConfig/__init__.py.in:325 msgid "Require TLS for ID lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:324 +#: src/config/SSSDConfig/__init__.py.in:326 msgid "Use ID-mapping of objectSID instead of pre-set IDs" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:325 +#: src/config/SSSDConfig/__init__.py.in:327 msgid "Base DN for user lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:326 +#: src/config/SSSDConfig/__init__.py.in:328 msgid "Scope of user lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:327 +#: src/config/SSSDConfig/__init__.py.in:329 msgid "Filter for user lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:328 +#: src/config/SSSDConfig/__init__.py.in:330 msgid "Objectclass for users" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:329 +#: src/config/SSSDConfig/__init__.py.in:331 msgid "Username attribute" msgstr "Atribut uživatelské jméno" -#: src/config/SSSDConfig/__init__.py.in:331 +#: src/config/SSSDConfig/__init__.py.in:333 msgid "UID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:332 +#: src/config/SSSDConfig/__init__.py.in:334 msgid "Primary GID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:333 +#: src/config/SSSDConfig/__init__.py.in:335 msgid "GECOS attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:334 +#: src/config/SSSDConfig/__init__.py.in:336 msgid "Home directory attribute" msgstr "Atribut domovská složka" -#: src/config/SSSDConfig/__init__.py.in:335 +#: src/config/SSSDConfig/__init__.py.in:337 msgid "Shell attribute" msgstr "Atribut shell" -#: src/config/SSSDConfig/__init__.py.in:336 +#: src/config/SSSDConfig/__init__.py.in:338 msgid "UUID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:337 -#: src/config/SSSDConfig/__init__.py.in:379 +#: src/config/SSSDConfig/__init__.py.in:339 +#: src/config/SSSDConfig/__init__.py.in:381 msgid "objectSID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:338 +#: src/config/SSSDConfig/__init__.py.in:340 msgid "Active Directory primary group attribute for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:339 +#: src/config/SSSDConfig/__init__.py.in:341 msgid "User principal attribute (for Kerberos)" msgstr "" # auto translated by TM merge from project: Cockpit, version: rhel-7.4, DocId: cockpit -#: src/config/SSSDConfig/__init__.py.in:340 +#: src/config/SSSDConfig/__init__.py.in:342 msgid "Full Name" msgstr "Celé jméno" -#: src/config/SSSDConfig/__init__.py.in:341 +#: src/config/SSSDConfig/__init__.py.in:343 msgid "memberOf attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:342 +#: src/config/SSSDConfig/__init__.py.in:344 msgid "Modification time attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:344 +#: src/config/SSSDConfig/__init__.py.in:346 msgid "shadowLastChange attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:345 +#: src/config/SSSDConfig/__init__.py.in:347 msgid "shadowMin attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:346 +#: src/config/SSSDConfig/__init__.py.in:348 msgid "shadowMax attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:347 +#: src/config/SSSDConfig/__init__.py.in:349 msgid "shadowWarning attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:348 +#: src/config/SSSDConfig/__init__.py.in:350 msgid "shadowInactive attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:349 +#: src/config/SSSDConfig/__init__.py.in:351 msgid "shadowExpire attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:350 +#: src/config/SSSDConfig/__init__.py.in:352 msgid "shadowFlag attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:351 +#: src/config/SSSDConfig/__init__.py.in:353 msgid "Attribute listing authorized PAM services" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:352 +#: src/config/SSSDConfig/__init__.py.in:354 msgid "Attribute listing authorized server hosts" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:353 +#: src/config/SSSDConfig/__init__.py.in:355 msgid "Attribute listing authorized server rhosts" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:354 +#: src/config/SSSDConfig/__init__.py.in:356 msgid "krbLastPwdChange attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:355 +#: src/config/SSSDConfig/__init__.py.in:357 msgid "krbPasswordExpiration attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:356 +#: src/config/SSSDConfig/__init__.py.in:358 msgid "Attribute indicating that server side password policies are active" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:357 +#: src/config/SSSDConfig/__init__.py.in:359 msgid "accountExpires attribute of AD" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:358 +#: src/config/SSSDConfig/__init__.py.in:360 msgid "userAccountControl attribute of AD" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:359 +#: src/config/SSSDConfig/__init__.py.in:361 msgid "nsAccountLock attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:360 +#: src/config/SSSDConfig/__init__.py.in:362 msgid "loginDisabled attribute of NDS" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:361 +#: src/config/SSSDConfig/__init__.py.in:363 msgid "loginExpirationTime attribute of NDS" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:362 +#: src/config/SSSDConfig/__init__.py.in:364 msgid "loginAllowedTimeMap attribute of NDS" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:363 +#: src/config/SSSDConfig/__init__.py.in:365 msgid "SSH public key attribute" msgstr "Atribut veřejná část ssh klíče" -#: src/config/SSSDConfig/__init__.py.in:364 +#: src/config/SSSDConfig/__init__.py.in:366 msgid "attribute listing allowed authentication types for a user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:365 +#: src/config/SSSDConfig/__init__.py.in:367 msgid "attribute containing the X509 certificate of the user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:366 +#: src/config/SSSDConfig/__init__.py.in:368 msgid "attribute containing the email address of the user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:368 +#: src/config/SSSDConfig/__init__.py.in:370 msgid "A list of extra attributes to download along with the user entry" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:370 +#: src/config/SSSDConfig/__init__.py.in:372 msgid "Base DN for group lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:373 +#: src/config/SSSDConfig/__init__.py.in:375 msgid "Objectclass for groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:374 +#: src/config/SSSDConfig/__init__.py.in:376 msgid "Group name" msgstr "Název skupiny" -#: src/config/SSSDConfig/__init__.py.in:375 +#: src/config/SSSDConfig/__init__.py.in:377 msgid "Group password" msgstr "Heslo skupiny" -#: src/config/SSSDConfig/__init__.py.in:376 +#: src/config/SSSDConfig/__init__.py.in:378 msgid "GID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:377 +#: src/config/SSSDConfig/__init__.py.in:379 msgid "Group member attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:378 +#: src/config/SSSDConfig/__init__.py.in:380 msgid "Group UUID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:380 +#: src/config/SSSDConfig/__init__.py.in:382 msgid "Modification time attribute for groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:381 +#: src/config/SSSDConfig/__init__.py.in:383 msgid "Type of the group and other flags" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:382 +#: src/config/SSSDConfig/__init__.py.in:384 msgid "The LDAP group external member attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:384 +#: src/config/SSSDConfig/__init__.py.in:386 msgid "Maximum nesting level SSSD will follow" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:386 +#: src/config/SSSDConfig/__init__.py.in:388 msgid "Base DN for netgroup lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:387 +#: src/config/SSSDConfig/__init__.py.in:389 msgid "Objectclass for netgroups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:388 +#: src/config/SSSDConfig/__init__.py.in:390 msgid "Netgroup name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:389 +#: src/config/SSSDConfig/__init__.py.in:391 msgid "Netgroups members attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:390 +#: src/config/SSSDConfig/__init__.py.in:392 msgid "Netgroup triple attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:391 +#: src/config/SSSDConfig/__init__.py.in:393 msgid "Modification time attribute for netgroups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:393 +#: src/config/SSSDConfig/__init__.py.in:395 msgid "Base DN for service lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:394 +#: src/config/SSSDConfig/__init__.py.in:396 msgid "Objectclass for services" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:395 +#: src/config/SSSDConfig/__init__.py.in:397 msgid "Service name attribute" msgstr "Atribut název služby" -#: src/config/SSSDConfig/__init__.py.in:396 +#: src/config/SSSDConfig/__init__.py.in:398 msgid "Service port attribute" msgstr "Atribut port služby" -#: src/config/SSSDConfig/__init__.py.in:397 +#: src/config/SSSDConfig/__init__.py.in:399 msgid "Service protocol attribute" msgstr "Atribut protokol služby" -#: src/config/SSSDConfig/__init__.py.in:400 +#: src/config/SSSDConfig/__init__.py.in:402 msgid "Lower bound for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:401 +#: src/config/SSSDConfig/__init__.py.in:403 msgid "Upper bound for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:402 +#: src/config/SSSDConfig/__init__.py.in:404 msgid "Number of IDs for each slice when ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:403 +#: src/config/SSSDConfig/__init__.py.in:405 msgid "Use autorid-compatible algorithm for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:404 +#: src/config/SSSDConfig/__init__.py.in:406 msgid "Name of the default domain for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:405 +#: src/config/SSSDConfig/__init__.py.in:407 msgid "SID of the default domain for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:406 -msgid "Number of secondary slices" -msgstr "" - #: src/config/SSSDConfig/__init__.py.in:408 -msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for group lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:409 -msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for initgroup lookups" +msgid "Number of secondary slices" msgstr "" #: src/config/SSSDConfig/__init__.py.in:410 @@ -1476,220 +1479,224 @@ msgstr "" msgid "Path of group file sources." msgstr "" -#: src/monitor/monitor.c:2449 +#: src/monitor/monitor.c:2347 msgid "Become a daemon (default)" msgstr "Přejít v proces služby (výchozí)" -#: src/monitor/monitor.c:2451 +#: src/monitor/monitor.c:2349 msgid "Run interactive (not a daemon)" msgstr "Spustit interaktivně (ne jako proces služby)" -#: src/monitor/monitor.c:2454 +#: src/monitor/monitor.c:2352 msgid "Disable netlink interface" msgstr "" -#: src/monitor/monitor.c:2456 src/tools/sssctl/sssctl_logs.c:311 +#: src/monitor/monitor.c:2354 src/tools/sssctl/sssctl_logs.c:311 msgid "Specify a non-default config file" msgstr "" -#: src/monitor/monitor.c:2458 +#: src/monitor/monitor.c:2356 msgid "Refresh the configuration database, then exit" msgstr "" -#: src/monitor/monitor.c:2461 +#: src/monitor/monitor.c:2359 +msgid "Similar to --genconf, but only refreshes the given section" +msgstr "" + +#: src/monitor/monitor.c:2362 msgid "Print version number and exit" msgstr "Vypsat " -#: src/monitor/monitor.c:2627 +#: src/monitor/monitor.c:2538 msgid "SSSD is already running\n" msgstr "SSSD už je spuštěné" -#: src/providers/krb5/krb5_child.c:3216 src/providers/ldap/ldap_child.c:605 +#: src/providers/krb5/krb5_child.c:3219 src/providers/ldap/ldap_child.c:605 msgid "Debug level" msgstr "" -#: src/providers/krb5/krb5_child.c:3218 src/providers/ldap/ldap_child.c:607 +#: src/providers/krb5/krb5_child.c:3221 src/providers/ldap/ldap_child.c:607 msgid "Add debug timestamps" msgstr "" -#: src/providers/krb5/krb5_child.c:3220 src/providers/ldap/ldap_child.c:609 +#: src/providers/krb5/krb5_child.c:3223 src/providers/ldap/ldap_child.c:609 msgid "Show timestamps with microseconds" msgstr "" -#: src/providers/krb5/krb5_child.c:3222 src/providers/ldap/ldap_child.c:611 +#: src/providers/krb5/krb5_child.c:3225 src/providers/ldap/ldap_child.c:611 msgid "An open file descriptor for the debug logs" msgstr "" -#: src/providers/krb5/krb5_child.c:3225 src/providers/ldap/ldap_child.c:613 +#: src/providers/krb5/krb5_child.c:3228 src/providers/ldap/ldap_child.c:613 msgid "Send the debug output to stderr directly." msgstr "" -#: src/providers/krb5/krb5_child.c:3228 +#: src/providers/krb5/krb5_child.c:3231 msgid "The user to create FAST ccache as" msgstr "" -#: src/providers/krb5/krb5_child.c:3230 +#: src/providers/krb5/krb5_child.c:3233 msgid "The group to create FAST ccache as" msgstr "" -#: src/providers/krb5/krb5_child.c:3232 +#: src/providers/krb5/krb5_child.c:3235 msgid "Kerberos realm to use" msgstr "" -#: src/providers/krb5/krb5_child.c:3234 +#: src/providers/krb5/krb5_child.c:3237 msgid "Requested lifetime of the ticket" msgstr "Požadovaná životnost lístku" -#: src/providers/krb5/krb5_child.c:3236 +#: src/providers/krb5/krb5_child.c:3239 msgid "Requested renewable lifetime of the ticket" msgstr "" -#: src/providers/krb5/krb5_child.c:3238 +#: src/providers/krb5/krb5_child.c:3241 msgid "FAST options ('never', 'try', 'demand')" msgstr "" -#: src/providers/krb5/krb5_child.c:3241 +#: src/providers/krb5/krb5_child.c:3244 msgid "Specifies the server principal to use for FAST" msgstr "" -#: src/providers/krb5/krb5_child.c:3243 +#: src/providers/krb5/krb5_child.c:3246 msgid "Requests canonicalization of the principal name" msgstr "" -#: src/providers/krb5/krb5_child.c:3245 +#: src/providers/krb5/krb5_child.c:3248 msgid "Use custom version of krb5_get_init_creds_password" msgstr "" -#: src/providers/data_provider_be.c:555 +#: src/providers/data_provider_be.c:630 msgid "Domain of the information provider (mandatory)" msgstr "" -#: src/sss_client/common.c:1066 +#: src/sss_client/common.c:1067 msgid "Privileged socket has wrong ownership or permissions." msgstr "" -#: src/sss_client/common.c:1069 +#: src/sss_client/common.c:1070 msgid "Public socket has wrong ownership or permissions." msgstr "" -#: src/sss_client/common.c:1072 +#: src/sss_client/common.c:1073 msgid "Unexpected format of the server credential message." msgstr "" -#: src/sss_client/common.c:1075 +#: src/sss_client/common.c:1076 msgid "SSSD is not run by root." msgstr "SSSD není spouštěno správcem." -#: src/sss_client/common.c:1080 +#: src/sss_client/common.c:1081 msgid "An error occurred, but no description can be found." msgstr "Došlo k chybě, ale nedaří se najít popis." -#: src/sss_client/common.c:1086 +#: src/sss_client/common.c:1087 msgid "Unexpected error while looking for an error description" msgstr "Neočekávaná chyba při hledání popisu chyby" -#: src/sss_client/pam_sss.c:76 +#: src/sss_client/pam_sss.c:67 msgid "Permission denied. " msgstr "Přístup odepřen." -#: src/sss_client/pam_sss.c:77 src/sss_client/pam_sss.c:782 -#: src/sss_client/pam_sss.c:793 +#: src/sss_client/pam_sss.c:68 src/sss_client/pam_sss.c:774 +#: src/sss_client/pam_sss.c:785 msgid "Server message: " msgstr "Zpráva ze serveru:" # auto translated by TM merge from project: FreeIPA, version: ipa-4-5, DocId: po/ipa -#: src/sss_client/pam_sss.c:300 +#: src/sss_client/pam_sss.c:292 msgid "Passwords do not match" msgstr "Zadání hesla se neshodují" -#: src/sss_client/pam_sss.c:488 +#: src/sss_client/pam_sss.c:480 msgid "Password reset by root is not supported." msgstr "Reset hesla správcem není podporován." -#: src/sss_client/pam_sss.c:529 +#: src/sss_client/pam_sss.c:521 msgid "Authenticated with cached credentials" msgstr "Přihlášeni přihlašovacími údaji z mezipaměti" -#: src/sss_client/pam_sss.c:530 +#: src/sss_client/pam_sss.c:522 msgid ", your cached password will expire at: " msgstr ", platnost mezipaměti skončí v:" -#: src/sss_client/pam_sss.c:560 +#: src/sss_client/pam_sss.c:552 #, c-format msgid "Your password has expired. You have %1$d grace login(s) remaining." msgstr "" -#: src/sss_client/pam_sss.c:606 +#: src/sss_client/pam_sss.c:598 #, c-format msgid "Your password will expire in %1$d %2$s." msgstr "Platnost vašeho hesla skončí v %1$d %2$s." -#: src/sss_client/pam_sss.c:655 +#: src/sss_client/pam_sss.c:647 msgid "Authentication is denied until: " msgstr "Ověření odepřeno do:" -#: src/sss_client/pam_sss.c:676 +#: src/sss_client/pam_sss.c:668 msgid "System is offline, password change not possible" msgstr "Systém není dostupný, změna hesla není možná" -#: src/sss_client/pam_sss.c:691 +#: src/sss_client/pam_sss.c:683 msgid "" "After changing the OTP password, you need to log out and back in order to " "acquire a ticket" msgstr "" -#: src/sss_client/pam_sss.c:779 src/sss_client/pam_sss.c:792 +#: src/sss_client/pam_sss.c:771 src/sss_client/pam_sss.c:784 msgid "Password change failed. " msgstr "Změna hesla se nezdařila." -#: src/sss_client/pam_sss.c:1926 +#: src/sss_client/pam_sss.c:1921 msgid "New Password: " msgstr "Nové heslo:" -#: src/sss_client/pam_sss.c:1927 +#: src/sss_client/pam_sss.c:1922 msgid "Reenter new Password: " msgstr "Zopakování nového hesla:" -#: src/sss_client/pam_sss.c:2039 src/sss_client/pam_sss.c:2042 +#: src/sss_client/pam_sss.c:2038 src/sss_client/pam_sss.c:2041 msgid "First Factor: " msgstr "" -#: src/sss_client/pam_sss.c:2040 src/sss_client/pam_sss.c:2202 +#: src/sss_client/pam_sss.c:2039 src/sss_client/pam_sss.c:2201 msgid "Second Factor (optional): " msgstr "" -#: src/sss_client/pam_sss.c:2043 src/sss_client/pam_sss.c:2205 +#: src/sss_client/pam_sss.c:2042 src/sss_client/pam_sss.c:2204 msgid "Second Factor: " msgstr "" # auto translated by TM merge from project: anaconda, version: f25, DocId: main -#: src/sss_client/pam_sss.c:2058 +#: src/sss_client/pam_sss.c:2057 msgid "Password: " msgstr "Heslo: " -#: src/sss_client/pam_sss.c:2201 src/sss_client/pam_sss.c:2204 +#: src/sss_client/pam_sss.c:2200 src/sss_client/pam_sss.c:2203 msgid "First Factor (Current Password): " msgstr "" -#: src/sss_client/pam_sss.c:2208 +#: src/sss_client/pam_sss.c:2207 msgid "Current Password: " msgstr "Stávající heslo:" -#: src/sss_client/pam_sss.c:2536 +#: src/sss_client/pam_sss.c:2562 msgid "Password expired. Change your password now." msgstr "Platnost hesla skončila. Změňte si ho." -#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:40 -#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:203 src/tools/sss_useradd.c:48 +#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:41 +#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:204 src/tools/sss_useradd.c:48 #: src/tools/sss_groupadd.c:41 src/tools/sss_groupdel.c:44 #: src/tools/sss_groupmod.c:42 src/tools/sss_groupshow.c:668 #: src/tools/sss_userdel.c:134 src/tools/sss_usermod.c:47 -#: src/tools/sss_cache.c:670 +#: src/tools/sss_cache.c:687 msgid "The debug level to run with" msgstr "" -#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:42 -#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:207 +#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:43 +#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:208 msgid "The SSSD domain to use" msgstr "" @@ -1697,7 +1704,7 @@ msgstr "" #: src/tools/sss_groupadd.c:59 src/tools/sss_groupdel.c:54 #: src/tools/sss_groupmod.c:66 src/tools/sss_groupshow.c:680 #: src/tools/sss_userdel.c:152 src/tools/sss_usermod.c:79 -#: src/tools/sss_cache.c:716 +#: src/tools/sss_cache.c:733 msgid "Error setting the locale\n" msgstr "Chyba při nastavování místního a jazykového nastavení\n" @@ -1713,19 +1720,23 @@ msgstr "" msgid "Error looking up public keys\n" msgstr "" -#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:205 +#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:206 msgid "The port to use to connect to the host" msgstr "" -#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:249 +#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:210 +msgid "Print the host ssh public keys" +msgstr "" + +#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:252 msgid "Invalid port\n" msgstr "" -#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:254 +#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:257 msgid "Host not specified\n" msgstr "" -#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:260 +#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:263 msgid "The path to the proxy command must be absolute\n" msgstr "" @@ -2126,102 +2137,102 @@ msgstr "" msgid "Transaction error. Could not modify user.\n" msgstr "" -#: src/tools/sss_cache.c:218 +#: src/tools/sss_cache.c:228 msgid "No cache object matched the specified search\n" msgstr "" -#: src/tools/sss_cache.c:502 +#: src/tools/sss_cache.c:519 #, c-format msgid "Couldn't invalidate %1$s\n" msgstr "" -#: src/tools/sss_cache.c:509 +#: src/tools/sss_cache.c:526 #, c-format msgid "Couldn't invalidate %1$s %2$s\n" msgstr "" -#: src/tools/sss_cache.c:672 +#: src/tools/sss_cache.c:689 msgid "Invalidate all cached entries" msgstr "" -#: src/tools/sss_cache.c:674 +#: src/tools/sss_cache.c:691 msgid "Invalidate particular user" msgstr "" -#: src/tools/sss_cache.c:676 +#: src/tools/sss_cache.c:693 msgid "Invalidate all users" msgstr "" -#: src/tools/sss_cache.c:678 +#: src/tools/sss_cache.c:695 msgid "Invalidate particular group" msgstr "" -#: src/tools/sss_cache.c:680 +#: src/tools/sss_cache.c:697 msgid "Invalidate all groups" msgstr "" -#: src/tools/sss_cache.c:682 +#: src/tools/sss_cache.c:699 msgid "Invalidate particular netgroup" msgstr "" -#: src/tools/sss_cache.c:684 +#: src/tools/sss_cache.c:701 msgid "Invalidate all netgroups" msgstr "" -#: src/tools/sss_cache.c:686 +#: src/tools/sss_cache.c:703 msgid "Invalidate particular service" msgstr "" -#: src/tools/sss_cache.c:688 +#: src/tools/sss_cache.c:705 msgid "Invalidate all services" msgstr "" -#: src/tools/sss_cache.c:691 +#: src/tools/sss_cache.c:708 msgid "Invalidate particular autofs map" msgstr "" -#: src/tools/sss_cache.c:693 +#: src/tools/sss_cache.c:710 msgid "Invalidate all autofs maps" msgstr "" -#: src/tools/sss_cache.c:697 +#: src/tools/sss_cache.c:714 msgid "Invalidate particular SSH host" msgstr "" -#: src/tools/sss_cache.c:699 +#: src/tools/sss_cache.c:716 msgid "Invalidate all SSH hosts" msgstr "" -#: src/tools/sss_cache.c:703 +#: src/tools/sss_cache.c:720 msgid "Invalidate particular sudo rule" msgstr "" -#: src/tools/sss_cache.c:705 +#: src/tools/sss_cache.c:722 msgid "Invalidate all cached sudo rules" msgstr "" -#: src/tools/sss_cache.c:708 +#: src/tools/sss_cache.c:725 msgid "Only invalidate entries from a particular domain" msgstr "" -#: src/tools/sss_cache.c:762 +#: src/tools/sss_cache.c:779 msgid "" "Unexpected argument(s) provided, options that invalidate a single object " "only accept a single provided argument.\n" msgstr "" -#: src/tools/sss_cache.c:772 +#: src/tools/sss_cache.c:789 msgid "Please select at least one object to invalidate\n" msgstr "" -#: src/tools/sss_cache.c:852 +#: src/tools/sss_cache.c:872 #, c-format msgid "" "Could not open domain %1$s. If the domain is a subdomain (trusted domain), " "use fully qualified name instead of --domain/-d parameter.\n" msgstr "" -#: src/tools/sss_cache.c:856 +#: src/tools/sss_cache.c:877 msgid "Could not open available domains\n" msgstr "" @@ -2310,38 +2321,38 @@ msgstr "" msgid "Cached in InfoPipe" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:512 +#: src/tools/sssctl/sssctl_cache.c:522 #, c-format msgid "Error: Unable to get object [%d]: %s\n" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:528 +#: src/tools/sssctl/sssctl_cache.c:538 #, c-format msgid "%s: Unable to read value [%d]: %s\n" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:556 +#: src/tools/sssctl/sssctl_cache.c:566 msgid "Specify name." msgstr "" -#: src/tools/sssctl/sssctl_cache.c:566 +#: src/tools/sssctl/sssctl_cache.c:576 #, c-format msgid "Unable to parse name %s.\n" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:592 src/tools/sssctl/sssctl_cache.c:639 +#: src/tools/sssctl/sssctl_cache.c:602 src/tools/sssctl/sssctl_cache.c:649 msgid "Search by SID" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:593 +#: src/tools/sssctl/sssctl_cache.c:603 msgid "Search by user ID" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:602 +#: src/tools/sssctl/sssctl_cache.c:612 msgid "Initgroups expiration time" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:640 +#: src/tools/sssctl/sssctl_cache.c:650 msgid "Search by group ID" msgstr "" @@ -2406,8 +2417,8 @@ msgstr "" msgid "Unable to import group overrides\n" msgstr "" -#: src/tools/sssctl/sssctl_data.c:194 src/tools/sssctl/sssctl_domains.c:74 -#: src/tools/sssctl/sssctl_domains.c:339 +#: src/tools/sssctl/sssctl_data.c:194 src/tools/sssctl/sssctl_domains.c:82 +#: src/tools/sssctl/sssctl_domains.c:315 msgid "Start SSSD if it is not running" msgstr "" @@ -2452,85 +2463,91 @@ msgstr "" msgid "Restoring local data...\n" msgstr "" -#: src/tools/sssctl/sssctl_domains.c:75 +#: src/tools/sssctl/sssctl_domains.c:83 msgid "Show domain list including primary or trusted domain type" msgstr "" -#: src/tools/sssctl/sssctl_domains.c:156 +#: src/tools/sssctl/sssctl_domains.c:105 src/tools/sssctl/sssctl_domains.c:354 +#: src/tools/sssctl/sssctl_user_checks.c:95 +#, c-format +msgid "Unable to connect to system bus!\n" +msgstr "" + +#: src/tools/sssctl/sssctl_domains.c:167 #, c-format msgid "Online status: %s\n" msgstr "" -#: src/tools/sssctl/sssctl_domains.c:156 +#: src/tools/sssctl/sssctl_domains.c:167 msgid "Online" msgstr "" -#: src/tools/sssctl/sssctl_domains.c:156 +#: src/tools/sssctl/sssctl_domains.c:167 msgid "Offline" msgstr "" -#: src/tools/sssctl/sssctl_domains.c:214 +#: src/tools/sssctl/sssctl_domains.c:212 #, c-format msgid "Active servers:\n" msgstr "" -#: src/tools/sssctl/sssctl_domains.c:231 +#: src/tools/sssctl/sssctl_domains.c:223 msgid "not connected" msgstr "" -#: src/tools/sssctl/sssctl_domains.c:278 +#: src/tools/sssctl/sssctl_domains.c:260 #, c-format msgid "Discovered %s servers:\n" msgstr "" -#: src/tools/sssctl/sssctl_domains.c:296 +#: src/tools/sssctl/sssctl_domains.c:272 msgid "None so far.\n" -msgstr "" +msgstr "Zatím žádné.\n" -#: src/tools/sssctl/sssctl_domains.c:336 +#: src/tools/sssctl/sssctl_domains.c:312 msgid "Show online status" msgstr "" -#: src/tools/sssctl/sssctl_domains.c:337 +#: src/tools/sssctl/sssctl_domains.c:313 msgid "Show information about active server" -msgstr "" +msgstr "Zobrazit informace o aktivním serveru" -#: src/tools/sssctl/sssctl_domains.c:338 +#: src/tools/sssctl/sssctl_domains.c:314 msgid "Show list of discovered servers" -msgstr "" +msgstr "Zobrazit seznam objevených serverů" -#: src/tools/sssctl/sssctl_domains.c:344 +#: src/tools/sssctl/sssctl_domains.c:320 msgid "Specify domain name." msgstr "" # auto translated by TM merge from project: FreeIPA, version: ipa-4-5, DocId: po/ipa -#: src/tools/sssctl/sssctl_domains.c:360 +#: src/tools/sssctl/sssctl_domains.c:342 #, c-format msgid "Out of memory!\n" -msgstr "Nedostatek paměti\n" +msgstr "Nedostatek paměti!\n" -#: src/tools/sssctl/sssctl_domains.c:377 src/tools/sssctl/sssctl_domains.c:387 +#: src/tools/sssctl/sssctl_domains.c:362 src/tools/sssctl/sssctl_domains.c:372 #, c-format msgid "Unable to get online status\n" msgstr "" -#: src/tools/sssctl/sssctl_domains.c:397 +#: src/tools/sssctl/sssctl_domains.c:382 #, c-format msgid "Unable to get server list\n" msgstr "" #: src/tools/sssctl/sssctl_logs.c:47 msgid "\n" -msgstr "" +msgstr "\n" #: src/tools/sssctl/sssctl_logs.c:237 msgid "Delete log files instead of truncating" -msgstr "" +msgstr "Namísto zkrácení soubory se záznamem událostí smazat" #: src/tools/sssctl/sssctl_logs.c:248 #, c-format msgid "Deleting log files...\n" -msgstr "" +msgstr "Mazání souborů se záznamem událostí…\n" #: src/tools/sssctl/sssctl_logs.c:251 #, c-format @@ -2540,7 +2557,7 @@ msgstr "" #: src/tools/sssctl/sssctl_logs.c:257 #, c-format msgid "Truncating log files...\n" -msgstr "" +msgstr "Zkracování souborů…\n" #: src/tools/sssctl/sssctl_logs.c:260 #, c-format @@ -2566,227 +2583,210 @@ msgstr "" msgid "Specify debug level you want to set" msgstr "" -#: src/tools/sssctl/sssctl_sifp.c:28 -msgid "" -"Check that SSSD is running and the InfoPipe responder is enabled. Make sure " -"'ifp' is listed in the 'services' option in sssd.conf.\n" -msgstr "" - -#: src/tools/sssctl/sssctl_user_checks.c:91 -#, c-format -msgid "Unable to connect to the InfoPipe" -msgstr "" - -#: src/tools/sssctl/sssctl_user_checks.c:97 -#, c-format -msgid "Unable to get user object" -msgstr "" - -#: src/tools/sssctl/sssctl_user_checks.c:101 +#: src/tools/sssctl/sssctl_user_checks.c:117 #, c-format msgid "SSSD InfoPipe user lookup result:\n" msgstr "" -#: src/tools/sssctl/sssctl_user_checks.c:113 -#, c-format -msgid "Unable to get user name attr" -msgstr "" - -#: src/tools/sssctl/sssctl_user_checks.c:146 +#: src/tools/sssctl/sssctl_user_checks.c:167 #, c-format msgid "dlopen failed with [%s].\n" msgstr "" -#: src/tools/sssctl/sssctl_user_checks.c:153 +#: src/tools/sssctl/sssctl_user_checks.c:174 #, c-format msgid "dlsym failed with [%s].\n" msgstr "" -#: src/tools/sssctl/sssctl_user_checks.c:161 +#: src/tools/sssctl/sssctl_user_checks.c:182 #, c-format msgid "malloc failed.\n" msgstr "" -#: src/tools/sssctl/sssctl_user_checks.c:168 +#: src/tools/sssctl/sssctl_user_checks.c:189 #, c-format msgid "sss_getpwnam_r failed with [%d].\n" msgstr "" -#: src/tools/sssctl/sssctl_user_checks.c:173 +#: src/tools/sssctl/sssctl_user_checks.c:194 #, c-format msgid "SSSD nss user lookup result:\n" msgstr "" -#: src/tools/sssctl/sssctl_user_checks.c:174 +#: src/tools/sssctl/sssctl_user_checks.c:195 #, c-format msgid " - user name: %s\n" msgstr "" -#: src/tools/sssctl/sssctl_user_checks.c:175 +#: src/tools/sssctl/sssctl_user_checks.c:196 #, c-format msgid " - user id: %d\n" -msgstr "" +msgstr " - identif. uživatele: %d\n" -#: src/tools/sssctl/sssctl_user_checks.c:176 +#: src/tools/sssctl/sssctl_user_checks.c:197 #, c-format msgid " - group id: %d\n" -msgstr "" +msgstr " - identif. skupiny: %d\n" -#: src/tools/sssctl/sssctl_user_checks.c:177 +#: src/tools/sssctl/sssctl_user_checks.c:198 #, c-format msgid " - gecos: %s\n" msgstr "" -#: src/tools/sssctl/sssctl_user_checks.c:178 +#: src/tools/sssctl/sssctl_user_checks.c:199 #, c-format msgid " - home directory: %s\n" -msgstr "" +msgstr " - domovská složka: %s\n" -#: src/tools/sssctl/sssctl_user_checks.c:179 +#: src/tools/sssctl/sssctl_user_checks.c:200 #, c-format msgid " - shell: %s\n" "\n" -msgstr "" +msgstr " - shell: %s\n" +"\n" -#: src/tools/sssctl/sssctl_user_checks.c:211 +#: src/tools/sssctl/sssctl_user_checks.c:232 msgid "PAM action [auth|acct|setc|chau|open|clos], default: " msgstr "" -#: src/tools/sssctl/sssctl_user_checks.c:214 +#: src/tools/sssctl/sssctl_user_checks.c:235 msgid "PAM service, default: " -msgstr "" +msgstr "PAM služba, výchozí: " -#: src/tools/sssctl/sssctl_user_checks.c:219 +#: src/tools/sssctl/sssctl_user_checks.c:240 msgid "Specify user name." -msgstr "" +msgstr "Zadejte uživatelské jméno." -#: src/tools/sssctl/sssctl_user_checks.c:226 +#: src/tools/sssctl/sssctl_user_checks.c:247 #, c-format msgid "user: %s\n" "action: %s\n" "service: %s\n" "\n" -msgstr "" +msgstr "uživatel: %s\n" +"akce: %s\n" +"služba: %s\n" +"\n" -#: src/tools/sssctl/sssctl_user_checks.c:232 +#: src/tools/sssctl/sssctl_user_checks.c:253 #, c-format msgid "User name lookup with [%s] failed.\n" msgstr "" -#: src/tools/sssctl/sssctl_user_checks.c:237 +#: src/tools/sssctl/sssctl_user_checks.c:258 #, c-format msgid "InfoPipe User lookup with [%s] failed.\n" msgstr "" -#: src/tools/sssctl/sssctl_user_checks.c:244 +#: src/tools/sssctl/sssctl_user_checks.c:265 #, c-format msgid "pam_start failed: %s\n" msgstr "" -#: src/tools/sssctl/sssctl_user_checks.c:249 +#: src/tools/sssctl/sssctl_user_checks.c:270 #, c-format msgid "testing pam_authenticate\n" "\n" msgstr "" -#: src/tools/sssctl/sssctl_user_checks.c:253 +#: src/tools/sssctl/sssctl_user_checks.c:274 #, c-format msgid "pam_get_item failed: %s\n" msgstr "" -#: src/tools/sssctl/sssctl_user_checks.c:257 +#: src/tools/sssctl/sssctl_user_checks.c:278 #, c-format msgid "pam_authenticate for user [%s]: %s\n" "\n" msgstr "" -#: src/tools/sssctl/sssctl_user_checks.c:260 +#: src/tools/sssctl/sssctl_user_checks.c:281 #, c-format msgid "testing pam_chauthtok\n" "\n" msgstr "" -#: src/tools/sssctl/sssctl_user_checks.c:262 +#: src/tools/sssctl/sssctl_user_checks.c:283 #, c-format msgid "pam_chauthtok: %s\n" "\n" msgstr "" -#: src/tools/sssctl/sssctl_user_checks.c:264 +#: src/tools/sssctl/sssctl_user_checks.c:285 #, c-format msgid "testing pam_acct_mgmt\n" "\n" msgstr "" -#: src/tools/sssctl/sssctl_user_checks.c:266 +#: src/tools/sssctl/sssctl_user_checks.c:287 #, c-format msgid "pam_acct_mgmt: %s\n" "\n" msgstr "" -#: src/tools/sssctl/sssctl_user_checks.c:268 +#: src/tools/sssctl/sssctl_user_checks.c:289 #, c-format msgid "testing pam_setcred\n" "\n" msgstr "" -#: src/tools/sssctl/sssctl_user_checks.c:270 +#: src/tools/sssctl/sssctl_user_checks.c:291 #, c-format msgid "pam_setcred: [%s]\n" "\n" msgstr "" -#: src/tools/sssctl/sssctl_user_checks.c:272 +#: src/tools/sssctl/sssctl_user_checks.c:293 #, c-format msgid "testing pam_open_session\n" "\n" msgstr "" -#: src/tools/sssctl/sssctl_user_checks.c:274 +#: src/tools/sssctl/sssctl_user_checks.c:295 #, c-format msgid "pam_open_session: %s\n" "\n" msgstr "" -#: src/tools/sssctl/sssctl_user_checks.c:276 +#: src/tools/sssctl/sssctl_user_checks.c:297 #, c-format msgid "testing pam_close_session\n" "\n" msgstr "" -#: src/tools/sssctl/sssctl_user_checks.c:278 +#: src/tools/sssctl/sssctl_user_checks.c:299 #, c-format msgid "pam_close_session: %s\n" "\n" msgstr "" -#: src/tools/sssctl/sssctl_user_checks.c:281 +#: src/tools/sssctl/sssctl_user_checks.c:302 #, c-format msgid "unknown action\n" msgstr "" -#: src/tools/sssctl/sssctl_user_checks.c:284 +#: src/tools/sssctl/sssctl_user_checks.c:305 #, c-format msgid "PAM Environment:\n" msgstr "" -#: src/tools/sssctl/sssctl_user_checks.c:292 +#: src/tools/sssctl/sssctl_user_checks.c:313 #, c-format msgid " - no env -\n" msgstr "" -#: src/util/util.h:75 +#: src/util/util.h:73 msgid "The user ID to run the server as" msgstr "" -#: src/util/util.h:77 +#: src/util/util.h:75 msgid "The group ID to run the server as" msgstr "" -#: src/util/util.h:85 +#: src/util/util.h:83 msgid "Informs that the responder has been socket-activated" msgstr "" -#: src/util/util.h:87 +#: src/util/util.h:85 msgid "Informs that the responder has been dbus-activated" msgstr "" diff --git a/po/de.po b/po/de.po index ecdf0bab253..db2d8976e90 100644 --- a/po/de.po +++ b/po/de.po @@ -10,7 +10,7 @@ msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n" -"POT-Creation-Date: 2019-02-27 19:55+0100\n" +"POT-Creation-Date: 2019-06-13 20:35+0200\n" "PO-Revision-Date: 2014-12-14 11:45+0000\n" "Last-Translator: Copied by Zanata \n" "Language-Team: German (http://www.transifex.com/projects/p/sssd/language/" @@ -289,9 +289,8 @@ msgid "Allowed services for using smartcards" msgstr "" #: src/config/SSSDConfig/__init__.py.in:107 -#, fuzzy msgid "Additional timeout to wait for a card if requested" -msgstr "Zeitspanne zum Warten auf eine Suchanfrage" +msgstr "" #: src/config/SSSDConfig/__init__.py.in:108 msgid "" @@ -735,7 +734,7 @@ msgid "Active Directory client hostname" msgstr "Hostname des Active-Directory-Clients" #: src/config/SSSDConfig/__init__.py.in:236 -#: src/config/SSSDConfig/__init__.py.in:420 +#: src/config/SSSDConfig/__init__.py.in:421 msgid "LDAP filter to determine access privileges" msgstr "LDAP-Filter zum Bestimmen der Zugriffsprivilegien" @@ -906,109 +905,114 @@ msgid "The Schema Type in use on the LDAP server, rfc2307" msgstr "Der vom LDAP-Server verwendete Schema-Typ gemäß RFC2307" #: src/config/SSSDConfig/__init__.py.in:285 +#, fuzzy +msgid "Mode used to change user password" +msgstr "Passwort ist abgelaufen. Ändern Sie Ihr Passwort jetzt." + +#: src/config/SSSDConfig/__init__.py.in:286 msgid "The default bind DN" msgstr "Vorgegebene Bind-DN" -#: src/config/SSSDConfig/__init__.py.in:286 +#: src/config/SSSDConfig/__init__.py.in:287 msgid "The type of the authentication token of the default bind DN" msgstr "Typ des Authentifizierungs-Tokens der vorgegebenen Bind-DN" -#: src/config/SSSDConfig/__init__.py.in:287 +#: src/config/SSSDConfig/__init__.py.in:288 msgid "The authentication token of the default bind DN" msgstr "Authentifizierungs-Token für die vorgegebene Bind-DN" -#: src/config/SSSDConfig/__init__.py.in:288 +#: src/config/SSSDConfig/__init__.py.in:289 msgid "Length of time to attempt connection" msgstr "Zeitspanne für einen Verbindungsversuch" -#: src/config/SSSDConfig/__init__.py.in:289 +#: src/config/SSSDConfig/__init__.py.in:290 msgid "Length of time to attempt synchronous LDAP operations" msgstr "Zeitspanne für Versuche zur Ausführung synchroner LDAP-Vorgänge" -#: src/config/SSSDConfig/__init__.py.in:290 +#: src/config/SSSDConfig/__init__.py.in:291 msgid "Length of time between attempts to reconnect while offline" msgstr "" "Zeitspanne zwischen Versuchen zum erneuten Verbindungsaufbau im Offline-Modus" -#: src/config/SSSDConfig/__init__.py.in:291 +#: src/config/SSSDConfig/__init__.py.in:292 msgid "Use only the upper case for realm names" msgstr "Nur Großschreibung für Realm-Namen verwenden" -#: src/config/SSSDConfig/__init__.py.in:292 +#: src/config/SSSDConfig/__init__.py.in:293 msgid "File that contains CA certificates" msgstr "Datei, die CA-Zertifikate enthält" -#: src/config/SSSDConfig/__init__.py.in:293 +#: src/config/SSSDConfig/__init__.py.in:294 msgid "Path to CA certificate directory" msgstr "Pfad zum CA-Zertifikatverzeichnis" -#: src/config/SSSDConfig/__init__.py.in:294 +#: src/config/SSSDConfig/__init__.py.in:295 msgid "File that contains the client certificate" msgstr "Datei, die das Client-Zertifikat enthält" -#: src/config/SSSDConfig/__init__.py.in:295 +#: src/config/SSSDConfig/__init__.py.in:296 msgid "File that contains the client key" msgstr "Datei, die den Client-Schlüssel enthält" -#: src/config/SSSDConfig/__init__.py.in:296 +#: src/config/SSSDConfig/__init__.py.in:297 msgid "List of possible ciphers suites" msgstr "Liste der möglichen Verschlüsselungs-Suites" -#: src/config/SSSDConfig/__init__.py.in:297 +#: src/config/SSSDConfig/__init__.py.in:298 msgid "Require TLS certificate verification" msgstr "TLS-Zertifikatüberprüfung erforderlich machen" -#: src/config/SSSDConfig/__init__.py.in:298 +#: src/config/SSSDConfig/__init__.py.in:299 msgid "Specify the sasl mechanism to use" msgstr "Zu verwendenden sasl-Mechanismus angeben" -#: src/config/SSSDConfig/__init__.py.in:299 +#: src/config/SSSDConfig/__init__.py.in:300 msgid "Specify the sasl authorization id to use" msgstr "Zu verwendende ID für sasl-Authentifizierung angeben" -#: src/config/SSSDConfig/__init__.py.in:300 +#: src/config/SSSDConfig/__init__.py.in:301 msgid "Specify the sasl authorization realm to use" msgstr "Zu verwendenden Realm für sasl-Authentifizierung angeben" -#: src/config/SSSDConfig/__init__.py.in:301 +#: src/config/SSSDConfig/__init__.py.in:302 msgid "Specify the minimal SSF for LDAP sasl authorization" msgstr "Gibt den minimalen SSF für die SASL-Authentifizierung über LDAP an" -#: src/config/SSSDConfig/__init__.py.in:302 +#: src/config/SSSDConfig/__init__.py.in:303 msgid "Kerberos service keytab" msgstr "Schlüsseltabelle des Kerberos-Dienstes" -#: src/config/SSSDConfig/__init__.py.in:303 +#: src/config/SSSDConfig/__init__.py.in:304 msgid "Use Kerberos auth for LDAP connection" msgstr "Kerberos-Authentifizierung für LDAP-Verbindung verwenden" -#: src/config/SSSDConfig/__init__.py.in:304 +#: src/config/SSSDConfig/__init__.py.in:305 msgid "Follow LDAP referrals" msgstr "LDAP-Verweisen folgen" -#: src/config/SSSDConfig/__init__.py.in:305 +#: src/config/SSSDConfig/__init__.py.in:306 msgid "Lifetime of TGT for LDAP connection" msgstr "Lebensdauer von TGT für LDAP-Verbindung" -#: src/config/SSSDConfig/__init__.py.in:306 +#: src/config/SSSDConfig/__init__.py.in:307 msgid "How to dereference aliases" msgstr "Dereferenzierung von Aliasen" -#: src/config/SSSDConfig/__init__.py.in:307 +#: src/config/SSSDConfig/__init__.py.in:308 msgid "Service name for DNS service lookups" msgstr "Dienstname für DNS-Service-Suchanfragen" -#: src/config/SSSDConfig/__init__.py.in:308 +#: src/config/SSSDConfig/__init__.py.in:309 msgid "The number of records to retrieve in a single LDAP query" msgstr "Anzahl der in einer einzelnen LDAP-Abfrage zu holenden Datensätze" -#: src/config/SSSDConfig/__init__.py.in:309 +#: src/config/SSSDConfig/__init__.py.in:310 msgid "The number of members that must be missing to trigger a full deref" msgstr "" "Anzahl der Elemente, die fehlen müssen, um eine vollständige " "Dereferenzierung auszulösen" -#: src/config/SSSDConfig/__init__.py.in:310 +#: src/config/SSSDConfig/__init__.py.in:311 msgid "" "Whether the LDAP library should perform a reverse lookup to canonicalize the " "host name during a SASL bind" @@ -1016,383 +1020,383 @@ msgstr "" "Gibt an, ob die LDAP-Bibliothek eine Rückwärtssuche ausführen soll, um den " "Rechnernamen während einer SASL-Bindung zu kanonisieren" -#: src/config/SSSDConfig/__init__.py.in:312 +#: src/config/SSSDConfig/__init__.py.in:313 msgid "entryUSN attribute" msgstr "entryUSN-Attribut" -#: src/config/SSSDConfig/__init__.py.in:313 +#: src/config/SSSDConfig/__init__.py.in:314 msgid "lastUSN attribute" msgstr "lastUSN-Attribut" -#: src/config/SSSDConfig/__init__.py.in:315 +#: src/config/SSSDConfig/__init__.py.in:316 msgid "How long to retain a connection to the LDAP server before disconnecting" msgstr "" "Zeitspanne zum Halten einer Verbindung zum LDAP-Server, bis diese " "unterbrochen wird" -#: src/config/SSSDConfig/__init__.py.in:317 +#: src/config/SSSDConfig/__init__.py.in:318 msgid "Disable the LDAP paging control" msgstr "LDAP-Paging-Steuerung deaktivieren" -#: src/config/SSSDConfig/__init__.py.in:318 +#: src/config/SSSDConfig/__init__.py.in:319 msgid "Disable Active Directory range retrieval" msgstr "Bereichsermittlung für Active Directory deaktivieren" -#: src/config/SSSDConfig/__init__.py.in:321 +#: src/config/SSSDConfig/__init__.py.in:322 msgid "Length of time to wait for a search request" msgstr "Zeitspanne zum Warten auf eine Suchanfrage" -#: src/config/SSSDConfig/__init__.py.in:322 +#: src/config/SSSDConfig/__init__.py.in:323 msgid "Length of time to wait for a enumeration request" msgstr "Zeitspanne zum Warten auf eine Auflistungsanfrage" -#: src/config/SSSDConfig/__init__.py.in:323 +#: src/config/SSSDConfig/__init__.py.in:324 msgid "Length of time between enumeration updates" msgstr "Zeitspanne zwischen Auflistungsanfragen" -#: src/config/SSSDConfig/__init__.py.in:324 +#: src/config/SSSDConfig/__init__.py.in:325 msgid "Length of time between cache cleanups" msgstr "Zeitspanne zwischen den Leerungen des Zwischenspeichers" -#: src/config/SSSDConfig/__init__.py.in:325 +#: src/config/SSSDConfig/__init__.py.in:326 msgid "Require TLS for ID lookups" msgstr "TLS für ID-Suchvorgänge erforderlich machen" -#: src/config/SSSDConfig/__init__.py.in:326 +#: src/config/SSSDConfig/__init__.py.in:327 msgid "Use ID-mapping of objectSID instead of pre-set IDs" msgstr "ID-Zuweisung von objectSID anstelle von voreingestellten IDs verwenden" -#: src/config/SSSDConfig/__init__.py.in:327 +#: src/config/SSSDConfig/__init__.py.in:328 msgid "Base DN for user lookups" msgstr "Basis-DN für Benutzer-Suchanfragen" -#: src/config/SSSDConfig/__init__.py.in:328 +#: src/config/SSSDConfig/__init__.py.in:329 msgid "Scope of user lookups" msgstr "Bereich für Benutzer-Suchanfragen" -#: src/config/SSSDConfig/__init__.py.in:329 +#: src/config/SSSDConfig/__init__.py.in:330 msgid "Filter for user lookups" msgstr "Filter für Benutzer-Suchanfragen" -#: src/config/SSSDConfig/__init__.py.in:330 +#: src/config/SSSDConfig/__init__.py.in:331 msgid "Objectclass for users" msgstr "Objektklasse für Benutzer" -#: src/config/SSSDConfig/__init__.py.in:331 +#: src/config/SSSDConfig/__init__.py.in:332 msgid "Username attribute" msgstr "Benutzername-Attribut" -#: src/config/SSSDConfig/__init__.py.in:333 +#: src/config/SSSDConfig/__init__.py.in:334 msgid "UID attribute" msgstr "UID-Attribut" -#: src/config/SSSDConfig/__init__.py.in:334 +#: src/config/SSSDConfig/__init__.py.in:335 msgid "Primary GID attribute" msgstr "Primäres GID-Attribut" -#: src/config/SSSDConfig/__init__.py.in:335 +#: src/config/SSSDConfig/__init__.py.in:336 msgid "GECOS attribute" msgstr "GECOS-Attribut" -#: src/config/SSSDConfig/__init__.py.in:336 +#: src/config/SSSDConfig/__init__.py.in:337 msgid "Home directory attribute" msgstr "Home-Verzeichnis-Attribut" -#: src/config/SSSDConfig/__init__.py.in:337 +#: src/config/SSSDConfig/__init__.py.in:338 msgid "Shell attribute" msgstr "Shell-Attribut" -#: src/config/SSSDConfig/__init__.py.in:338 +#: src/config/SSSDConfig/__init__.py.in:339 msgid "UUID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:339 -#: src/config/SSSDConfig/__init__.py.in:381 +#: src/config/SSSDConfig/__init__.py.in:340 +#: src/config/SSSDConfig/__init__.py.in:382 msgid "objectSID attribute" msgstr "objectSID -Attribut" -#: src/config/SSSDConfig/__init__.py.in:340 +#: src/config/SSSDConfig/__init__.py.in:341 msgid "Active Directory primary group attribute for ID-mapping" msgstr "Active-Directory-Primärgruppen-Attribut für ID-Zuweisung" -#: src/config/SSSDConfig/__init__.py.in:341 +#: src/config/SSSDConfig/__init__.py.in:342 msgid "User principal attribute (for Kerberos)" msgstr "Principal-Attribut verwenden (für Kerberos)" -#: src/config/SSSDConfig/__init__.py.in:342 +#: src/config/SSSDConfig/__init__.py.in:343 msgid "Full Name" msgstr "Vollständiger Name" -#: src/config/SSSDConfig/__init__.py.in:343 +#: src/config/SSSDConfig/__init__.py.in:344 msgid "memberOf attribute" msgstr "memberOf-Attribut" -#: src/config/SSSDConfig/__init__.py.in:344 +#: src/config/SSSDConfig/__init__.py.in:345 msgid "Modification time attribute" msgstr "Änderungszeit-Attribut" -#: src/config/SSSDConfig/__init__.py.in:346 +#: src/config/SSSDConfig/__init__.py.in:347 msgid "shadowLastChange attribute" msgstr "shadowLastChange-attribut" -#: src/config/SSSDConfig/__init__.py.in:347 +#: src/config/SSSDConfig/__init__.py.in:348 msgid "shadowMin attribute" msgstr "shadowMin-Attribut" -#: src/config/SSSDConfig/__init__.py.in:348 +#: src/config/SSSDConfig/__init__.py.in:349 msgid "shadowMax attribute" msgstr "shadowMax Attribut" -#: src/config/SSSDConfig/__init__.py.in:349 +#: src/config/SSSDConfig/__init__.py.in:350 msgid "shadowWarning attribute" msgstr "shadowWarning-Attribut" -#: src/config/SSSDConfig/__init__.py.in:350 +#: src/config/SSSDConfig/__init__.py.in:351 msgid "shadowInactive attribute" msgstr "shadowInactive-Attribut" -#: src/config/SSSDConfig/__init__.py.in:351 +#: src/config/SSSDConfig/__init__.py.in:352 msgid "shadowExpire attribute" msgstr "shadowExpire-Attribut" -#: src/config/SSSDConfig/__init__.py.in:352 +#: src/config/SSSDConfig/__init__.py.in:353 msgid "shadowFlag attribute" msgstr "shadowFlag-Attribut" -#: src/config/SSSDConfig/__init__.py.in:353 +#: src/config/SSSDConfig/__init__.py.in:354 msgid "Attribute listing authorized PAM services" msgstr "Attribut, welches die autorisierten PAM-Dienste auflistet" -#: src/config/SSSDConfig/__init__.py.in:354 +#: src/config/SSSDConfig/__init__.py.in:355 msgid "Attribute listing authorized server hosts" msgstr "Attribut, welches die autorisierten Server-Hosts auflistet" -#: src/config/SSSDConfig/__init__.py.in:355 +#: src/config/SSSDConfig/__init__.py.in:356 msgid "Attribute listing authorized server rhosts" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:356 +#: src/config/SSSDConfig/__init__.py.in:357 msgid "krbLastPwdChange attribute" msgstr "krbLastPwdChange-Attribut" -#: src/config/SSSDConfig/__init__.py.in:357 +#: src/config/SSSDConfig/__init__.py.in:358 msgid "krbPasswordExpiration attribute" msgstr "krbPasswordExpiration-Attribut" -#: src/config/SSSDConfig/__init__.py.in:358 +#: src/config/SSSDConfig/__init__.py.in:359 msgid "Attribute indicating that server side password policies are active" msgstr "" "Attribut, welches angibt, dass die serverseitigen Passwortregeln aktiv sind" -#: src/config/SSSDConfig/__init__.py.in:359 +#: src/config/SSSDConfig/__init__.py.in:360 msgid "accountExpires attribute of AD" msgstr "accountExpires-Attribut von AD" -#: src/config/SSSDConfig/__init__.py.in:360 +#: src/config/SSSDConfig/__init__.py.in:361 msgid "userAccountControl attribute of AD" msgstr "userAccountControl-Attribut von AD" -#: src/config/SSSDConfig/__init__.py.in:361 +#: src/config/SSSDConfig/__init__.py.in:362 msgid "nsAccountLock attribute" msgstr "nsAccountLock-Attribut" -#: src/config/SSSDConfig/__init__.py.in:362 +#: src/config/SSSDConfig/__init__.py.in:363 msgid "loginDisabled attribute of NDS" msgstr "loginDisabled-Attribut von NDS" -#: src/config/SSSDConfig/__init__.py.in:363 +#: src/config/SSSDConfig/__init__.py.in:364 msgid "loginExpirationTime attribute of NDS" msgstr "loginExpirationTime-Attribut von NDS" -#: src/config/SSSDConfig/__init__.py.in:364 +#: src/config/SSSDConfig/__init__.py.in:365 msgid "loginAllowedTimeMap attribute of NDS" msgstr "loginAllowedTimeMap-Attribut von NDS" -#: src/config/SSSDConfig/__init__.py.in:365 +#: src/config/SSSDConfig/__init__.py.in:366 msgid "SSH public key attribute" msgstr "Attribut für öffentlichen SSH-Schlüssel" -#: src/config/SSSDConfig/__init__.py.in:366 +#: src/config/SSSDConfig/__init__.py.in:367 msgid "attribute listing allowed authentication types for a user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:367 +#: src/config/SSSDConfig/__init__.py.in:368 msgid "attribute containing the X509 certificate of the user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:368 +#: src/config/SSSDConfig/__init__.py.in:369 msgid "attribute containing the email address of the user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:370 +#: src/config/SSSDConfig/__init__.py.in:371 msgid "A list of extra attributes to download along with the user entry" msgstr "" "Eine Liste der zusätzlich herunterzuladender Attribute zusammen mit dem " "Benutzereintrag" -#: src/config/SSSDConfig/__init__.py.in:372 +#: src/config/SSSDConfig/__init__.py.in:373 msgid "Base DN for group lookups" msgstr "Basis-DN für Gruppen-Suchanfragen" -#: src/config/SSSDConfig/__init__.py.in:375 +#: src/config/SSSDConfig/__init__.py.in:376 msgid "Objectclass for groups" msgstr "Objektklasse für Gruppen" -#: src/config/SSSDConfig/__init__.py.in:376 +#: src/config/SSSDConfig/__init__.py.in:377 msgid "Group name" msgstr "Gruppenname" -#: src/config/SSSDConfig/__init__.py.in:377 +#: src/config/SSSDConfig/__init__.py.in:378 msgid "Group password" msgstr "Gruppenpasswort" -#: src/config/SSSDConfig/__init__.py.in:378 +#: src/config/SSSDConfig/__init__.py.in:379 msgid "GID attribute" msgstr "Gruppen-ID-Attribut" -#: src/config/SSSDConfig/__init__.py.in:379 +#: src/config/SSSDConfig/__init__.py.in:380 msgid "Group member attribute" msgstr "Gruppen-Mitgliedschafts-Attribut" -#: src/config/SSSDConfig/__init__.py.in:380 +#: src/config/SSSDConfig/__init__.py.in:381 msgid "Group UUID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:382 +#: src/config/SSSDConfig/__init__.py.in:383 msgid "Modification time attribute for groups" msgstr "Änderungszeit-Attribut für Gruppen" -#: src/config/SSSDConfig/__init__.py.in:383 +#: src/config/SSSDConfig/__init__.py.in:384 msgid "Type of the group and other flags" msgstr "Typ der Gruppe und weitere Flags" -#: src/config/SSSDConfig/__init__.py.in:384 +#: src/config/SSSDConfig/__init__.py.in:385 msgid "The LDAP group external member attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:386 +#: src/config/SSSDConfig/__init__.py.in:387 msgid "Maximum nesting level SSSD will follow" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:388 +#: src/config/SSSDConfig/__init__.py.in:389 msgid "Base DN for netgroup lookups" msgstr "Basis-DN für Netzgruppen-Suchanfragen" -#: src/config/SSSDConfig/__init__.py.in:389 +#: src/config/SSSDConfig/__init__.py.in:390 msgid "Objectclass for netgroups" msgstr "Objektklasse für Netzgruppen" -#: src/config/SSSDConfig/__init__.py.in:390 +#: src/config/SSSDConfig/__init__.py.in:391 msgid "Netgroup name" msgstr "Netzgruppenname" -#: src/config/SSSDConfig/__init__.py.in:391 +#: src/config/SSSDConfig/__init__.py.in:392 msgid "Netgroups members attribute" msgstr "Netzgruppen-Mitglieder-Attribut" -#: src/config/SSSDConfig/__init__.py.in:392 +#: src/config/SSSDConfig/__init__.py.in:393 msgid "Netgroup triple attribute" msgstr "Netzgruppen-Tripel-Attribut" -#: src/config/SSSDConfig/__init__.py.in:393 +#: src/config/SSSDConfig/__init__.py.in:394 msgid "Modification time attribute for netgroups" msgstr "Änderungszeit-Attribut für Netzgruppen" -#: src/config/SSSDConfig/__init__.py.in:395 +#: src/config/SSSDConfig/__init__.py.in:396 msgid "Base DN for service lookups" msgstr "Basis-DN für Dienste-Suchanfragen" -#: src/config/SSSDConfig/__init__.py.in:396 +#: src/config/SSSDConfig/__init__.py.in:397 msgid "Objectclass for services" msgstr "Objektklasse für Dienste" -#: src/config/SSSDConfig/__init__.py.in:397 +#: src/config/SSSDConfig/__init__.py.in:398 msgid "Service name attribute" msgstr "Name-Attribut des Dienstes" -#: src/config/SSSDConfig/__init__.py.in:398 +#: src/config/SSSDConfig/__init__.py.in:399 msgid "Service port attribute" msgstr "Port-Attribut des Dienstes" -#: src/config/SSSDConfig/__init__.py.in:399 +#: src/config/SSSDConfig/__init__.py.in:400 msgid "Service protocol attribute" msgstr "Protokoll-Attribut des Dienstes" -#: src/config/SSSDConfig/__init__.py.in:402 +#: src/config/SSSDConfig/__init__.py.in:403 msgid "Lower bound for ID-mapping" msgstr "Untere Grenze für ID-Zuweisung" -#: src/config/SSSDConfig/__init__.py.in:403 +#: src/config/SSSDConfig/__init__.py.in:404 msgid "Upper bound for ID-mapping" msgstr "Obere Grenze für ID-Zuweisung" -#: src/config/SSSDConfig/__init__.py.in:404 +#: src/config/SSSDConfig/__init__.py.in:405 msgid "Number of IDs for each slice when ID-mapping" msgstr "Anzahl der IDs für jeden Teil bei der ID-Zuweisung" -#: src/config/SSSDConfig/__init__.py.in:405 +#: src/config/SSSDConfig/__init__.py.in:406 msgid "Use autorid-compatible algorithm for ID-mapping" msgstr "autorid-kompatiblen Algorithmus für ID-Zuweisung verwenden" -#: src/config/SSSDConfig/__init__.py.in:406 +#: src/config/SSSDConfig/__init__.py.in:407 msgid "Name of the default domain for ID-mapping" msgstr "Name der Vorgabe-Domain für ID-Zuweisung" -#: src/config/SSSDConfig/__init__.py.in:407 +#: src/config/SSSDConfig/__init__.py.in:408 msgid "SID of the default domain for ID-mapping" msgstr "SID der Vorgabedomain für ID-Zuweisung" -#: src/config/SSSDConfig/__init__.py.in:408 +#: src/config/SSSDConfig/__init__.py.in:409 msgid "Number of secondary slices" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:410 +#: src/config/SSSDConfig/__init__.py.in:411 msgid "Whether to use Token-Groups" msgstr "Verwendung von Token-Gruppen" -#: src/config/SSSDConfig/__init__.py.in:411 +#: src/config/SSSDConfig/__init__.py.in:412 msgid "Set lower boundary for allowed IDs from the LDAP server" msgstr "Untere Grenze für zulässige IDs des LDAP-Servers angeben" -#: src/config/SSSDConfig/__init__.py.in:412 +#: src/config/SSSDConfig/__init__.py.in:413 msgid "Set upper boundary for allowed IDs from the LDAP server" msgstr "Obere Grenze für zulässige IDs des LDAP-Servers angeben" -#: src/config/SSSDConfig/__init__.py.in:413 +#: src/config/SSSDConfig/__init__.py.in:414 msgid "DN for ppolicy queries" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:414 +#: src/config/SSSDConfig/__init__.py.in:415 msgid "How many maximum entries to fetch during a wildcard request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:417 +#: src/config/SSSDConfig/__init__.py.in:418 msgid "Policy to evaluate the password expiration" msgstr "Regel zum Ermitteln der Ablaufzeit des Passworts" -#: src/config/SSSDConfig/__init__.py.in:421 +#: src/config/SSSDConfig/__init__.py.in:422 msgid "Which attributes shall be used to evaluate if an account is expired" msgstr "" "Attribute, die bei der Ermittlung verwendet werden, ob ein Konto abgelaufen " "ist" -#: src/config/SSSDConfig/__init__.py.in:422 +#: src/config/SSSDConfig/__init__.py.in:423 msgid "Which rules should be used to evaluate access control" msgstr "Regeln für die Ermittlung der Zugriffskontrolle" -#: src/config/SSSDConfig/__init__.py.in:425 +#: src/config/SSSDConfig/__init__.py.in:426 msgid "URI of an LDAP server where password changes are allowed" msgstr "URI eines LDAP-Servers, wo Passwortänderungen zulässig sind" -#: src/config/SSSDConfig/__init__.py.in:426 +#: src/config/SSSDConfig/__init__.py.in:427 msgid "URI of a backup LDAP server where password changes are allowed" msgstr "URI eines Ersatz-LDAP-Servers, wo Passwortänderungen zulässig sind" -#: src/config/SSSDConfig/__init__.py.in:427 +#: src/config/SSSDConfig/__init__.py.in:428 msgid "DNS service name for LDAP password change server" msgstr "DNS-Dienstname für den LDAP-Passwortänderungsserver" -#: src/config/SSSDConfig/__init__.py.in:428 +#: src/config/SSSDConfig/__init__.py.in:429 msgid "" "Whether to update the ldap_user_shadow_last_change attribute after a " "password change" @@ -1400,25 +1404,25 @@ msgstr "" "Gibt an, ob das Attribut ldap_user_shadow_last_change nach einer " "Passwortänderung aktualisiert werden soll" -#: src/config/SSSDConfig/__init__.py.in:431 +#: src/config/SSSDConfig/__init__.py.in:432 msgid "Base DN for sudo rules lookups" msgstr "Basis-DN für Suchanfragen nach Sudo-Regeln" -#: src/config/SSSDConfig/__init__.py.in:432 +#: src/config/SSSDConfig/__init__.py.in:433 msgid "Automatic full refresh period" msgstr "Periode für automatische vollständige Aktualisierung" -#: src/config/SSSDConfig/__init__.py.in:433 +#: src/config/SSSDConfig/__init__.py.in:434 msgid "Automatic smart refresh period" msgstr "Periode für bedingte vollständige Aktualisierung" -#: src/config/SSSDConfig/__init__.py.in:434 +#: src/config/SSSDConfig/__init__.py.in:435 msgid "Whether to filter rules by hostname, IP addresses and network" msgstr "" "Gibt an, ob Regeln nach Hostnamen, IP-Adressen oder Netzwerken gefiltert " "werden sollen" -#: src/config/SSSDConfig/__init__.py.in:435 +#: src/config/SSSDConfig/__init__.py.in:436 msgid "" "Hostnames and/or fully qualified domain names of this machine to filter sudo " "rules" @@ -1426,253 +1430,261 @@ msgstr "" "Hostnamen und/oder voll ausgeschriebene Domain-Namen dieses Rechners zum " "Filtern von Sudo-Regeln" -#: src/config/SSSDConfig/__init__.py.in:436 +#: src/config/SSSDConfig/__init__.py.in:437 msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules" msgstr "" "IPv4- oder IPv6-Adressen oder Netzwerk dieses Rechners zum Filtern von sudo-" "Regeln" -#: src/config/SSSDConfig/__init__.py.in:437 +#: src/config/SSSDConfig/__init__.py.in:438 msgid "Whether to include rules that contains netgroup in host attribute" msgstr "" "Gibt an, ob Regeln im Host-Attribut einbezogen werden sollen, die " "Netzgruppen enthalten" -#: src/config/SSSDConfig/__init__.py.in:438 +#: src/config/SSSDConfig/__init__.py.in:439 msgid "" "Whether to include rules that contains regular expression in host attribute" msgstr "" "Gibt an, ob Regeln im Host-Attribut einbezogen werden sollen, die reguläre " "Ausdrücke enthalten" -#: src/config/SSSDConfig/__init__.py.in:439 +#: src/config/SSSDConfig/__init__.py.in:440 msgid "Object class for sudo rules" msgstr "Objektklasse für Sudo-Regeln" -#: src/config/SSSDConfig/__init__.py.in:440 +#: src/config/SSSDConfig/__init__.py.in:441 msgid "Sudo rule name" msgstr "Sudo-Regelname" -#: src/config/SSSDConfig/__init__.py.in:441 +#: src/config/SSSDConfig/__init__.py.in:442 msgid "Sudo rule command attribute" msgstr "Befehlsattribut der Sudo-Regel" -#: src/config/SSSDConfig/__init__.py.in:442 +#: src/config/SSSDConfig/__init__.py.in:443 msgid "Sudo rule host attribute" msgstr "Host-Attribut der Sudo-Regel" -#: src/config/SSSDConfig/__init__.py.in:443 +#: src/config/SSSDConfig/__init__.py.in:444 msgid "Sudo rule user attribute" msgstr "Benutzer-Attribut der Sudo-Regel" -#: src/config/SSSDConfig/__init__.py.in:444 +#: src/config/SSSDConfig/__init__.py.in:445 msgid "Sudo rule option attribute" msgstr "Optionsattribut der Sudo-Regel" -#: src/config/SSSDConfig/__init__.py.in:445 +#: src/config/SSSDConfig/__init__.py.in:446 msgid "Sudo rule runas attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:446 +#: src/config/SSSDConfig/__init__.py.in:447 msgid "Sudo rule runasuser attribute" msgstr "runasuser-Attribut der Sudo-Regel" -#: src/config/SSSDConfig/__init__.py.in:447 +#: src/config/SSSDConfig/__init__.py.in:448 msgid "Sudo rule runasgroup attribute" msgstr "runasgroup-Attribut der Sudo-Regel" -#: src/config/SSSDConfig/__init__.py.in:448 +#: src/config/SSSDConfig/__init__.py.in:449 msgid "Sudo rule notbefore attribute" msgstr "notbefore-Attribut der Sudo-Regel" -#: src/config/SSSDConfig/__init__.py.in:449 +#: src/config/SSSDConfig/__init__.py.in:450 msgid "Sudo rule notafter attribute" msgstr "notafter-Attribut der sudo-Regel" -#: src/config/SSSDConfig/__init__.py.in:450 +#: src/config/SSSDConfig/__init__.py.in:451 msgid "Sudo rule order attribute" msgstr "Reihenfolge-Attribut der Sudo-Regel" -#: src/config/SSSDConfig/__init__.py.in:453 +#: src/config/SSSDConfig/__init__.py.in:454 msgid "Object class for automounter maps" msgstr "Objektklasse für Automounter-Zuweisungen" -#: src/config/SSSDConfig/__init__.py.in:454 +#: src/config/SSSDConfig/__init__.py.in:455 msgid "Automounter map name attribute" msgstr "Name-Attribut der Automounter-Zuweisung" -#: src/config/SSSDConfig/__init__.py.in:455 +#: src/config/SSSDConfig/__init__.py.in:456 msgid "Object class for automounter map entries" msgstr "Objektklasse für Einträge von Automounter-Zuweisungen" -#: src/config/SSSDConfig/__init__.py.in:456 +#: src/config/SSSDConfig/__init__.py.in:457 msgid "Automounter map entry key attribute" msgstr "Schlüssel-Attribut des Automounter-Zuweisungseintrags" -#: src/config/SSSDConfig/__init__.py.in:457 +#: src/config/SSSDConfig/__init__.py.in:458 msgid "Automounter map entry value attribute" msgstr "Wert-Attribut des Automounter-Zuweisungseintrags" -#: src/config/SSSDConfig/__init__.py.in:458 +#: src/config/SSSDConfig/__init__.py.in:459 msgid "Base DN for automounter map lookups" msgstr "Basis-DN für Suchanfragen nach Automounter-Zuweisungen" -#: src/config/SSSDConfig/__init__.py.in:461 +#: src/config/SSSDConfig/__init__.py.in:462 msgid "Comma separated list of allowed users" msgstr "Durch Kommata getrennte Liste der erlaubten Benutzer" -#: src/config/SSSDConfig/__init__.py.in:462 +#: src/config/SSSDConfig/__init__.py.in:463 msgid "Comma separated list of prohibited users" msgstr "Durch Kommata getrennte Liste der verbotenen Benutzer" -#: src/config/SSSDConfig/__init__.py.in:465 +#: src/config/SSSDConfig/__init__.py.in:466 msgid "Default shell, /bin/bash" msgstr "Vorgabeshell, /bin/bash" -#: src/config/SSSDConfig/__init__.py.in:466 +#: src/config/SSSDConfig/__init__.py.in:467 msgid "Base for home directories" msgstr "Wurzel für Benutzerverzeichnisse" -#: src/config/SSSDConfig/__init__.py.in:469 +#: src/config/SSSDConfig/__init__.py.in:470 msgid "The number of preforked proxy children." msgstr "" -#: src/config/SSSDConfig/__init__.py.in:472 +#: src/config/SSSDConfig/__init__.py.in:473 msgid "The name of the NSS library to use" msgstr "Name der zu verwendenden NSS-Bibliothek" -#: src/config/SSSDConfig/__init__.py.in:473 +#: src/config/SSSDConfig/__init__.py.in:474 msgid "Whether to look up canonical group name from cache if possible" msgstr "" "Gibt an, ob wenn möglich im Zwischenspeicher nach dem kanonischen " "Gruppennamen gesucht werden soll" -#: src/config/SSSDConfig/__init__.py.in:476 +#: src/config/SSSDConfig/__init__.py.in:477 msgid "PAM stack to use" msgstr "Zu verwendender PAM-Stapel" -#: src/config/SSSDConfig/__init__.py.in:479 +#: src/config/SSSDConfig/__init__.py.in:480 msgid "Path of passwd file sources." msgstr "" -#: src/config/SSSDConfig/__init__.py.in:480 +#: src/config/SSSDConfig/__init__.py.in:481 msgid "Path of group file sources." msgstr "" -#: src/monitor/monitor.c:2347 +#: src/monitor/monitor.c:2332 msgid "Become a daemon (default)" msgstr "Zum Hintergrunddienst werden (Vorgabe)" -#: src/monitor/monitor.c:2349 +#: src/monitor/monitor.c:2334 msgid "Run interactive (not a daemon)" msgstr "Interaktiv ausführen (nicht als Hintergrunddienst)" -#: src/monitor/monitor.c:2352 +#: src/monitor/monitor.c:2337 msgid "Disable netlink interface" msgstr "" -#: src/monitor/monitor.c:2354 src/tools/sssctl/sssctl_logs.c:311 +#: src/monitor/monitor.c:2339 src/tools/sssctl/sssctl_logs.c:311 msgid "Specify a non-default config file" msgstr "Angabe einer nicht standardmäßigen Konfigurationsdatei" -#: src/monitor/monitor.c:2356 +#: src/monitor/monitor.c:2341 msgid "Refresh the configuration database, then exit" msgstr "" -#: src/monitor/monitor.c:2359 +#: src/monitor/monitor.c:2344 msgid "Similar to --genconf, but only refreshes the given section" msgstr "" -#: src/monitor/monitor.c:2362 +#: src/monitor/monitor.c:2347 msgid "Print version number and exit" msgstr "Versionsnummer ausgeben und das Programm beenden" -#: src/monitor/monitor.c:2538 +#: src/monitor/monitor.c:2523 msgid "SSSD is already running\n" msgstr "" -#: src/providers/krb5/krb5_child.c:3219 src/providers/ldap/ldap_child.c:605 +#: src/providers/krb5/krb5_child.c:3232 src/providers/ldap/ldap_child.c:605 msgid "Debug level" msgstr "Fehlerdiagnosestufe" -#: src/providers/krb5/krb5_child.c:3221 src/providers/ldap/ldap_child.c:607 +#: src/providers/krb5/krb5_child.c:3234 src/providers/ldap/ldap_child.c:607 msgid "Add debug timestamps" msgstr "Debug-Zeitstempel hinzufügen" -#: src/providers/krb5/krb5_child.c:3223 src/providers/ldap/ldap_child.c:609 +#: src/providers/krb5/krb5_child.c:3236 src/providers/ldap/ldap_child.c:609 msgid "Show timestamps with microseconds" msgstr "Zeitstempel mit Mikrosekunden anzeigen" -#: src/providers/krb5/krb5_child.c:3225 src/providers/ldap/ldap_child.c:611 +#: src/providers/krb5/krb5_child.c:3238 src/providers/ldap/ldap_child.c:611 msgid "An open file descriptor for the debug logs" msgstr "Offener Dateideskriptor für die Debug-Protokolle" -#: src/providers/krb5/krb5_child.c:3228 src/providers/ldap/ldap_child.c:613 +#: src/providers/krb5/krb5_child.c:3241 src/providers/ldap/ldap_child.c:613 msgid "Send the debug output to stderr directly." msgstr "" -#: src/providers/krb5/krb5_child.c:3231 +#: src/providers/krb5/krb5_child.c:3244 msgid "The user to create FAST ccache as" msgstr "" -#: src/providers/krb5/krb5_child.c:3233 +#: src/providers/krb5/krb5_child.c:3246 msgid "The group to create FAST ccache as" msgstr "" -#: src/providers/krb5/krb5_child.c:3235 +#: src/providers/krb5/krb5_child.c:3248 msgid "Kerberos realm to use" msgstr "" -#: src/providers/krb5/krb5_child.c:3237 +#: src/providers/krb5/krb5_child.c:3250 msgid "Requested lifetime of the ticket" msgstr "" -#: src/providers/krb5/krb5_child.c:3239 +#: src/providers/krb5/krb5_child.c:3252 msgid "Requested renewable lifetime of the ticket" msgstr "" -#: src/providers/krb5/krb5_child.c:3241 +#: src/providers/krb5/krb5_child.c:3254 msgid "FAST options ('never', 'try', 'demand')" msgstr "" -#: src/providers/krb5/krb5_child.c:3244 +#: src/providers/krb5/krb5_child.c:3257 msgid "Specifies the server principal to use for FAST" msgstr "" -#: src/providers/krb5/krb5_child.c:3246 +#: src/providers/krb5/krb5_child.c:3259 msgid "Requests canonicalization of the principal name" msgstr "" -#: src/providers/krb5/krb5_child.c:3248 +#: src/providers/krb5/krb5_child.c:3261 msgid "Use custom version of krb5_get_init_creds_password" msgstr "" -#: src/providers/data_provider_be.c:630 +#: src/providers/data_provider_be.c:673 msgid "Domain of the information provider (mandatory)" msgstr "Domain des Informationsanbieters (obligatorisch)" -#: src/sss_client/common.c:1067 +#: src/sss_client/common.c:1079 msgid "Privileged socket has wrong ownership or permissions." msgstr "Privilegierter Socket hat falsche Eigentums- oder Zugriffsrechte." -#: src/sss_client/common.c:1070 +#: src/sss_client/common.c:1082 msgid "Public socket has wrong ownership or permissions." msgstr "Öffentlicher Socket hat falsche Eigentums- oder Zugriffsrechte." -#: src/sss_client/common.c:1073 +#: src/sss_client/common.c:1085 msgid "Unexpected format of the server credential message." msgstr "Unerwartetes Format der Server-Anmeldenachricht." -#: src/sss_client/common.c:1076 +#: src/sss_client/common.c:1088 msgid "SSSD is not run by root." msgstr "SSSD wird nicht durch Root ausgeführt." -#: src/sss_client/common.c:1081 +#: src/sss_client/common.c:1091 +msgid "SSSD socket does not exist." +msgstr "" + +#: src/sss_client/common.c:1094 +msgid "Cannot get stat of SSSD socket." +msgstr "" + +#: src/sss_client/common.c:1099 msgid "An error occurred, but no description can be found." msgstr "" "Ein Fehler ist aufgetreten, aber es kann keine Beschreibung gefunden werden." -#: src/sss_client/common.c:1087 +#: src/sss_client/common.c:1105 msgid "Unexpected error while looking for an error description" msgstr "Unerwarteter Fehler beim Suchen nach einer Fehlerbeschreibung" @@ -1680,47 +1692,47 @@ msgstr "Unerwarteter Fehler beim Suchen nach einer Fehlerbeschreibung" msgid "Permission denied. " msgstr "" -#: src/sss_client/pam_sss.c:68 src/sss_client/pam_sss.c:774 -#: src/sss_client/pam_sss.c:785 +#: src/sss_client/pam_sss.c:68 src/sss_client/pam_sss.c:777 +#: src/sss_client/pam_sss.c:788 msgid "Server message: " msgstr "Server-Meldung: " -#: src/sss_client/pam_sss.c:292 +#: src/sss_client/pam_sss.c:295 msgid "Passwords do not match" msgstr "Passwörter stimmen nicht überein" -#: src/sss_client/pam_sss.c:480 +#: src/sss_client/pam_sss.c:483 msgid "Password reset by root is not supported." msgstr "Das Zurücksetzen des Passworts durch Root wird nicht unterstützt." -#: src/sss_client/pam_sss.c:521 +#: src/sss_client/pam_sss.c:524 msgid "Authenticated with cached credentials" msgstr "Authentifiziert mit zwischengespeicherten Anmeldedaten" -#: src/sss_client/pam_sss.c:522 +#: src/sss_client/pam_sss.c:525 msgid ", your cached password will expire at: " msgstr ", Ihr zwischengespeichertes Passwort läuft ab am: " -#: src/sss_client/pam_sss.c:552 +#: src/sss_client/pam_sss.c:555 #, c-format msgid "Your password has expired. You have %1$d grace login(s) remaining." msgstr "" "Ihr Passwort ist abgelaufen. Ihnen verbleiben nur noch %1$d Anmeldungen." -#: src/sss_client/pam_sss.c:598 +#: src/sss_client/pam_sss.c:601 #, c-format msgid "Your password will expire in %1$d %2$s." msgstr "Ihr Passwort wird in %1$d %2$s ablaufen." -#: src/sss_client/pam_sss.c:647 +#: src/sss_client/pam_sss.c:650 msgid "Authentication is denied until: " msgstr "Authentifizierung wird verweigert bis: " -#: src/sss_client/pam_sss.c:668 +#: src/sss_client/pam_sss.c:671 msgid "System is offline, password change not possible" msgstr "System ist offline, Änderung des Passworts ist nicht möglich" -#: src/sss_client/pam_sss.c:683 +#: src/sss_client/pam_sss.c:686 msgid "" "After changing the OTP password, you need to log out and back in order to " "acquire a ticket" @@ -1728,43 +1740,43 @@ msgstr "" "Nach dem Ändern des OTP-Passworts müssen Sie sich ab- und wieder anmelden, " "um ein Ticket erhalten zu können" -#: src/sss_client/pam_sss.c:771 src/sss_client/pam_sss.c:784 +#: src/sss_client/pam_sss.c:774 src/sss_client/pam_sss.c:787 msgid "Password change failed. " msgstr "Änderung des Passworts fehlgeschlagen. " -#: src/sss_client/pam_sss.c:1921 +#: src/sss_client/pam_sss.c:1977 msgid "New Password: " msgstr "Neues Passwort: " -#: src/sss_client/pam_sss.c:1922 +#: src/sss_client/pam_sss.c:1978 msgid "Reenter new Password: " msgstr "Neues Passwort wiederholen: " -#: src/sss_client/pam_sss.c:2038 src/sss_client/pam_sss.c:2041 +#: src/sss_client/pam_sss.c:2139 src/sss_client/pam_sss.c:2142 msgid "First Factor: " msgstr "" -#: src/sss_client/pam_sss.c:2039 src/sss_client/pam_sss.c:2201 +#: src/sss_client/pam_sss.c:2140 src/sss_client/pam_sss.c:2303 msgid "Second Factor (optional): " msgstr "" -#: src/sss_client/pam_sss.c:2042 src/sss_client/pam_sss.c:2204 +#: src/sss_client/pam_sss.c:2143 src/sss_client/pam_sss.c:2306 msgid "Second Factor: " msgstr "" -#: src/sss_client/pam_sss.c:2057 +#: src/sss_client/pam_sss.c:2158 msgid "Password: " msgstr "Passwort: " -#: src/sss_client/pam_sss.c:2200 src/sss_client/pam_sss.c:2203 +#: src/sss_client/pam_sss.c:2302 src/sss_client/pam_sss.c:2305 msgid "First Factor (Current Password): " msgstr "" -#: src/sss_client/pam_sss.c:2207 +#: src/sss_client/pam_sss.c:2309 msgid "Current Password: " msgstr "Aktuelles Passwort: " -#: src/sss_client/pam_sss.c:2562 +#: src/sss_client/pam_sss.c:2664 msgid "Password expired. Change your password now." msgstr "Passwort ist abgelaufen. Ändern Sie Ihr Passwort jetzt." @@ -1773,7 +1785,7 @@ msgstr "Passwort ist abgelaufen. Ändern Sie Ihr Passwort jetzt." #: src/tools/sss_groupadd.c:41 src/tools/sss_groupdel.c:44 #: src/tools/sss_groupmod.c:42 src/tools/sss_groupshow.c:668 #: src/tools/sss_userdel.c:134 src/tools/sss_usermod.c:47 -#: src/tools/sss_cache.c:687 +#: src/tools/sss_cache.c:704 msgid "The debug level to run with" msgstr "Stufe, mit der die Fehlerdiagnose ausgeführt werden soll" @@ -1786,7 +1798,7 @@ msgstr "Die zu verwendende SSSD-Domain" #: src/tools/sss_groupadd.c:59 src/tools/sss_groupdel.c:54 #: src/tools/sss_groupmod.c:66 src/tools/sss_groupshow.c:680 #: src/tools/sss_userdel.c:152 src/tools/sss_usermod.c:79 -#: src/tools/sss_cache.c:733 +#: src/tools/sss_cache.c:750 msgid "Error setting the locale\n" msgstr "Fehler beim Setzen der Locale-Einstellung\n" @@ -1822,6 +1834,11 @@ msgstr "Rechner nicht angegeben\n" msgid "The path to the proxy command must be absolute\n" msgstr "Der Pfad zum Proxy-Befehl muss absolut sein\n" +#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:342 +#, c-format +msgid "sss_ssh_knownhostsproxy: Could not resolve hostname %s\n" +msgstr "" + #: src/tools/sss_useradd.c:49 src/tools/sss_usermod.c:48 msgid "The UID of the user" msgstr "Benutzer-ID des Benutzers" @@ -2259,96 +2276,96 @@ msgstr "" msgid "Transaction error. Could not modify user.\n" msgstr "Transaktionsfehler. Benutzer kann nicht geändert werden.\n" -#: src/tools/sss_cache.c:228 +#: src/tools/sss_cache.c:245 msgid "No cache object matched the specified search\n" msgstr "" "Kein Objekt im Zwischenspeicher entspricht der angegebenen Suchanfrage\n" -#: src/tools/sss_cache.c:519 +#: src/tools/sss_cache.c:536 #, c-format msgid "Couldn't invalidate %1$s\n" msgstr "" -#: src/tools/sss_cache.c:526 +#: src/tools/sss_cache.c:543 #, c-format msgid "Couldn't invalidate %1$s %2$s\n" msgstr "" -#: src/tools/sss_cache.c:689 +#: src/tools/sss_cache.c:706 msgid "Invalidate all cached entries" msgstr "" -#: src/tools/sss_cache.c:691 +#: src/tools/sss_cache.c:708 msgid "Invalidate particular user" msgstr "Bestimmten Benutzer annullieren" -#: src/tools/sss_cache.c:693 +#: src/tools/sss_cache.c:710 msgid "Invalidate all users" msgstr "Alle Benutzer annullieren" -#: src/tools/sss_cache.c:695 +#: src/tools/sss_cache.c:712 msgid "Invalidate particular group" msgstr "Bestimmte Gruppe annullieren" -#: src/tools/sss_cache.c:697 +#: src/tools/sss_cache.c:714 msgid "Invalidate all groups" msgstr "Alle Gruppen annullieren" -#: src/tools/sss_cache.c:699 +#: src/tools/sss_cache.c:716 msgid "Invalidate particular netgroup" msgstr "Bestimmte Netzgruppe annullieren" -#: src/tools/sss_cache.c:701 +#: src/tools/sss_cache.c:718 msgid "Invalidate all netgroups" msgstr "Alle Netzgruppen annullieren" -#: src/tools/sss_cache.c:703 +#: src/tools/sss_cache.c:720 msgid "Invalidate particular service" msgstr "Bestimmten Dienst annullieren" -#: src/tools/sss_cache.c:705 +#: src/tools/sss_cache.c:722 msgid "Invalidate all services" msgstr "Alle Dienste annullieren" -#: src/tools/sss_cache.c:708 +#: src/tools/sss_cache.c:725 msgid "Invalidate particular autofs map" msgstr "Bestimmte autofs-Zuweisung annullieren" -#: src/tools/sss_cache.c:710 +#: src/tools/sss_cache.c:727 msgid "Invalidate all autofs maps" msgstr "Alle autofs-Zuweisungen annullieren" -#: src/tools/sss_cache.c:714 +#: src/tools/sss_cache.c:731 msgid "Invalidate particular SSH host" msgstr "" -#: src/tools/sss_cache.c:716 +#: src/tools/sss_cache.c:733 msgid "Invalidate all SSH hosts" msgstr "" -#: src/tools/sss_cache.c:720 +#: src/tools/sss_cache.c:737 msgid "Invalidate particular sudo rule" msgstr "" -#: src/tools/sss_cache.c:722 +#: src/tools/sss_cache.c:739 msgid "Invalidate all cached sudo rules" msgstr "" -#: src/tools/sss_cache.c:725 +#: src/tools/sss_cache.c:742 msgid "Only invalidate entries from a particular domain" msgstr "Nur Einträge einer bestimmten Domain annullieren" -#: src/tools/sss_cache.c:779 +#: src/tools/sss_cache.c:796 msgid "" "Unexpected argument(s) provided, options that invalidate a single object " "only accept a single provided argument.\n" msgstr "" -#: src/tools/sss_cache.c:789 +#: src/tools/sss_cache.c:806 msgid "Please select at least one object to invalidate\n" msgstr "Bitte wählen Sie mindestens ein Objekt für die Annullierung\n" -#: src/tools/sss_cache.c:872 +#: src/tools/sss_cache.c:889 #, c-format msgid "" "Could not open domain %1$s. If the domain is a subdomain (trusted domain), " @@ -2358,7 +2375,7 @@ msgstr "" "(trusted domain) handelt, verwenden Sie den voll ausgeschriebenen Namen " "anstelle des Parameters --domain/-d.\n" -#: src/tools/sss_cache.c:877 +#: src/tools/sss_cache.c:894 msgid "Could not open available domains\n" msgstr "Verfügbare Domains konnten nicht geöffnet werden\n" @@ -2907,27 +2924,18 @@ msgstr "" msgid " - no env -\n" msgstr "" -#: src/util/util.h:73 +#: src/util/util.h:74 msgid "The user ID to run the server as" msgstr "" -#: src/util/util.h:75 +#: src/util/util.h:76 msgid "The group ID to run the server as" msgstr "" -#: src/util/util.h:83 +#: src/util/util.h:84 msgid "Informs that the responder has been socket-activated" msgstr "" -#: src/util/util.h:85 +#: src/util/util.h:86 msgid "Informs that the responder has been dbus-activated" msgstr "" - -#~ msgid "Store password hashes" -#~ msgstr "Passwort-Prüfsummen speichern" - -#~ msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for group lookups" -#~ msgstr "LDAP_MATCHING_RULE_IN_CHAIN für Gruppen-Suchanfragen verwenden" - -#~ msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for initgroup lookups" -#~ msgstr "LDAP_MATCHING_RULE_IN_CHAIN für initgroup-Suchanfragen verwenden" diff --git a/po/es.po b/po/es.po index 769d3f18b8e..d1899e732b0 100644 --- a/po/es.po +++ b/po/es.po @@ -17,7 +17,7 @@ msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n" -"POT-Creation-Date: 2019-02-27 19:55+0100\n" +"POT-Creation-Date: 2019-06-13 20:35+0200\n" "PO-Revision-Date: 2018-09-10 10:06+0000\n" "Last-Translator: Emilio Herrera \n" "Language-Team: Spanish (http://www.transifex.com/projects/p/sssd/language/" @@ -302,9 +302,8 @@ msgid "Allowed services for using smartcards" msgstr "" #: src/config/SSSDConfig/__init__.py.in:107 -#, fuzzy msgid "Additional timeout to wait for a card if requested" -msgstr "Tiempo máximo a esperar un pedido de búsqueda" +msgstr "" #: src/config/SSSDConfig/__init__.py.in:108 msgid "" @@ -768,7 +767,7 @@ msgid "Active Directory client hostname" msgstr "Nombre de host del cliente de Active Directory" #: src/config/SSSDConfig/__init__.py.in:236 -#: src/config/SSSDConfig/__init__.py.in:420 +#: src/config/SSSDConfig/__init__.py.in:421 msgid "LDAP filter to determine access privileges" msgstr "Filtro LDAP para determinar privilegios de acceso" @@ -962,107 +961,112 @@ msgid "The Schema Type in use on the LDAP server, rfc2307" msgstr "El Tipo de Esquema a usar en el servidor LDAP, rfc2307" #: src/config/SSSDConfig/__init__.py.in:285 +#, fuzzy +msgid "Mode used to change user password" +msgstr "La contraseña ha expirado. Modifíquela en este preciso momento." + +#: src/config/SSSDConfig/__init__.py.in:286 msgid "The default bind DN" msgstr "El DN Bind predeterminado" -#: src/config/SSSDConfig/__init__.py.in:286 +#: src/config/SSSDConfig/__init__.py.in:287 msgid "The type of the authentication token of the default bind DN" msgstr "El tipo del token de autenticación del DN bind predeterminado" -#: src/config/SSSDConfig/__init__.py.in:287 +#: src/config/SSSDConfig/__init__.py.in:288 msgid "The authentication token of the default bind DN" msgstr "El token de autenticación del DN bind predeterminado" -#: src/config/SSSDConfig/__init__.py.in:288 +#: src/config/SSSDConfig/__init__.py.in:289 msgid "Length of time to attempt connection" msgstr "Tiempo durante el que se intentará la conexión" -#: src/config/SSSDConfig/__init__.py.in:289 +#: src/config/SSSDConfig/__init__.py.in:290 msgid "Length of time to attempt synchronous LDAP operations" msgstr "Tiempo durante el que se intentará operaciones LDAP sincrónicas" -#: src/config/SSSDConfig/__init__.py.in:290 +#: src/config/SSSDConfig/__init__.py.in:291 msgid "Length of time between attempts to reconnect while offline" msgstr "Tiempo entre intentos de reconexión cuando esté fuera de línea" -#: src/config/SSSDConfig/__init__.py.in:291 +#: src/config/SSSDConfig/__init__.py.in:292 msgid "Use only the upper case for realm names" msgstr "Use solo el caso superior para nombres reales" -#: src/config/SSSDConfig/__init__.py.in:292 +#: src/config/SSSDConfig/__init__.py.in:293 msgid "File that contains CA certificates" msgstr "Archivo que contiene los certificados CA" -#: src/config/SSSDConfig/__init__.py.in:293 +#: src/config/SSSDConfig/__init__.py.in:294 msgid "Path to CA certificate directory" msgstr "Ruta hacia un directorio certificado CA" -#: src/config/SSSDConfig/__init__.py.in:294 +#: src/config/SSSDConfig/__init__.py.in:295 msgid "File that contains the client certificate" msgstr "Fichero que contiene el certificado de cliente" -#: src/config/SSSDConfig/__init__.py.in:295 +#: src/config/SSSDConfig/__init__.py.in:296 msgid "File that contains the client key" msgstr "Fichero que contiene la llave de cliente" -#: src/config/SSSDConfig/__init__.py.in:296 +#: src/config/SSSDConfig/__init__.py.in:297 msgid "List of possible ciphers suites" msgstr "Lista de posibles suites de cifrado" -#: src/config/SSSDConfig/__init__.py.in:297 +#: src/config/SSSDConfig/__init__.py.in:298 msgid "Require TLS certificate verification" msgstr "Requiere la verificación de certificado TLS" -#: src/config/SSSDConfig/__init__.py.in:298 +#: src/config/SSSDConfig/__init__.py.in:299 msgid "Specify the sasl mechanism to use" msgstr "Especificar el mecanismo sasl a usar" -#: src/config/SSSDConfig/__init__.py.in:299 +#: src/config/SSSDConfig/__init__.py.in:300 msgid "Specify the sasl authorization id to use" msgstr "Especifique el id de autorización sasl a usar" -#: src/config/SSSDConfig/__init__.py.in:300 +#: src/config/SSSDConfig/__init__.py.in:301 msgid "Specify the sasl authorization realm to use" msgstr "Especifica el reinado de autorización sasl a ser utilizado" -#: src/config/SSSDConfig/__init__.py.in:301 +#: src/config/SSSDConfig/__init__.py.in:302 msgid "Specify the minimal SSF for LDAP sasl authorization" msgstr "Especificar los SSF mínimos para autorizaciones sasl de LDAP" -#: src/config/SSSDConfig/__init__.py.in:302 +#: src/config/SSSDConfig/__init__.py.in:303 msgid "Kerberos service keytab" msgstr "Tabla de clave del servicio Kerberos" -#: src/config/SSSDConfig/__init__.py.in:303 +#: src/config/SSSDConfig/__init__.py.in:304 msgid "Use Kerberos auth for LDAP connection" msgstr "Usar auth Kerberos para la conexión LDAP" -#: src/config/SSSDConfig/__init__.py.in:304 +#: src/config/SSSDConfig/__init__.py.in:305 msgid "Follow LDAP referrals" msgstr "Seguir referencias LDAP" -#: src/config/SSSDConfig/__init__.py.in:305 +#: src/config/SSSDConfig/__init__.py.in:306 msgid "Lifetime of TGT for LDAP connection" msgstr "Período de vida del TGT para la conexión LDAP" -#: src/config/SSSDConfig/__init__.py.in:306 +#: src/config/SSSDConfig/__init__.py.in:307 msgid "How to dereference aliases" msgstr "Como eliminar aliases" -#: src/config/SSSDConfig/__init__.py.in:307 +#: src/config/SSSDConfig/__init__.py.in:308 msgid "Service name for DNS service lookups" msgstr "Nombre de servicio para busquedas de servicios DNS" -#: src/config/SSSDConfig/__init__.py.in:308 +#: src/config/SSSDConfig/__init__.py.in:309 msgid "The number of records to retrieve in a single LDAP query" msgstr "La cantidad de registros a ser obtenidos en una única consulta LDAP" -#: src/config/SSSDConfig/__init__.py.in:309 +#: src/config/SSSDConfig/__init__.py.in:310 msgid "The number of members that must be missing to trigger a full deref" msgstr "" "La cantidad de miembros que deben faltar para desencadenar una deref completa" -#: src/config/SSSDConfig/__init__.py.in:310 +#: src/config/SSSDConfig/__init__.py.in:311 msgid "" "Whether the LDAP library should perform a reverse lookup to canonicalize the " "host name during a SASL bind" @@ -1070,389 +1074,389 @@ msgstr "" "Si la Biblioteca LDAP debería realizar una búsqueda inversa para " "canonicalizar el nombre del host durante un enlace SASL" -#: src/config/SSSDConfig/__init__.py.in:312 +#: src/config/SSSDConfig/__init__.py.in:313 msgid "entryUSN attribute" msgstr "atributo entryUSN" -#: src/config/SSSDConfig/__init__.py.in:313 +#: src/config/SSSDConfig/__init__.py.in:314 msgid "lastUSN attribute" msgstr "atributo lastUSN" -#: src/config/SSSDConfig/__init__.py.in:315 +#: src/config/SSSDConfig/__init__.py.in:316 msgid "How long to retain a connection to the LDAP server before disconnecting" msgstr "" "El período de tiempo máximo para retener una conexión con el servidor LDAP " "antes de desconectar" -#: src/config/SSSDConfig/__init__.py.in:317 +#: src/config/SSSDConfig/__init__.py.in:318 msgid "Disable the LDAP paging control" msgstr "Deshabilita el control de paginación LDAP" -#: src/config/SSSDConfig/__init__.py.in:318 +#: src/config/SSSDConfig/__init__.py.in:319 msgid "Disable Active Directory range retrieval" msgstr "Deshabilitar el rango de recuperación Active Directory" -#: src/config/SSSDConfig/__init__.py.in:321 +#: src/config/SSSDConfig/__init__.py.in:322 msgid "Length of time to wait for a search request" msgstr "Tiempo máximo a esperar un pedido de búsqueda" -#: src/config/SSSDConfig/__init__.py.in:322 +#: src/config/SSSDConfig/__init__.py.in:323 msgid "Length of time to wait for a enumeration request" msgstr "periodo de espera para solicitud de enumeración" -#: src/config/SSSDConfig/__init__.py.in:323 +#: src/config/SSSDConfig/__init__.py.in:324 msgid "Length of time between enumeration updates" msgstr "Tiempo en segundos entre las actualizaciones de enumeración" -#: src/config/SSSDConfig/__init__.py.in:324 +#: src/config/SSSDConfig/__init__.py.in:325 msgid "Length of time between cache cleanups" msgstr "periodo de tiempo entre borrados de la caché" -#: src/config/SSSDConfig/__init__.py.in:325 +#: src/config/SSSDConfig/__init__.py.in:326 msgid "Require TLS for ID lookups" msgstr "Requiere TLS para búsquedas de ID" -#: src/config/SSSDConfig/__init__.py.in:326 +#: src/config/SSSDConfig/__init__.py.in:327 msgid "Use ID-mapping of objectSID instead of pre-set IDs" msgstr "Usar el mapeado ID de objectSID en lugar de las IDs preajustadas" -#: src/config/SSSDConfig/__init__.py.in:327 +#: src/config/SSSDConfig/__init__.py.in:328 msgid "Base DN for user lookups" msgstr "DN base para búsquedas de usuario" -#: src/config/SSSDConfig/__init__.py.in:328 +#: src/config/SSSDConfig/__init__.py.in:329 msgid "Scope of user lookups" msgstr "Ambito de las búsquedas del usuario" -#: src/config/SSSDConfig/__init__.py.in:329 +#: src/config/SSSDConfig/__init__.py.in:330 msgid "Filter for user lookups" msgstr "Filtro para las búsquedas del usuario" -#: src/config/SSSDConfig/__init__.py.in:330 +#: src/config/SSSDConfig/__init__.py.in:331 msgid "Objectclass for users" msgstr "Objectclass para los usuarios" -#: src/config/SSSDConfig/__init__.py.in:331 +#: src/config/SSSDConfig/__init__.py.in:332 msgid "Username attribute" msgstr "Atributo Username" -#: src/config/SSSDConfig/__init__.py.in:333 +#: src/config/SSSDConfig/__init__.py.in:334 msgid "UID attribute" msgstr "Atributo UID" -#: src/config/SSSDConfig/__init__.py.in:334 +#: src/config/SSSDConfig/__init__.py.in:335 msgid "Primary GID attribute" msgstr "Atributo GID primario" -#: src/config/SSSDConfig/__init__.py.in:335 +#: src/config/SSSDConfig/__init__.py.in:336 msgid "GECOS attribute" msgstr "Atributo GECOS" -#: src/config/SSSDConfig/__init__.py.in:336 +#: src/config/SSSDConfig/__init__.py.in:337 msgid "Home directory attribute" msgstr "Atributo Directorio de inicio" -#: src/config/SSSDConfig/__init__.py.in:337 +#: src/config/SSSDConfig/__init__.py.in:338 msgid "Shell attribute" msgstr "Atributo shell" -#: src/config/SSSDConfig/__init__.py.in:338 +#: src/config/SSSDConfig/__init__.py.in:339 msgid "UUID attribute" msgstr "Atributo UUID" -#: src/config/SSSDConfig/__init__.py.in:339 -#: src/config/SSSDConfig/__init__.py.in:381 +#: src/config/SSSDConfig/__init__.py.in:340 +#: src/config/SSSDConfig/__init__.py.in:382 msgid "objectSID attribute" msgstr "Atributo objectSID" -#: src/config/SSSDConfig/__init__.py.in:340 +#: src/config/SSSDConfig/__init__.py.in:341 msgid "Active Directory primary group attribute for ID-mapping" msgstr "Atributo primario del grupo Active Directory para el mapeado de ID" -#: src/config/SSSDConfig/__init__.py.in:341 +#: src/config/SSSDConfig/__init__.py.in:342 msgid "User principal attribute (for Kerberos)" msgstr "Atributo principal del usuario (para Kerberos) " -#: src/config/SSSDConfig/__init__.py.in:342 +#: src/config/SSSDConfig/__init__.py.in:343 msgid "Full Name" msgstr "Nombre completo" -#: src/config/SSSDConfig/__init__.py.in:343 +#: src/config/SSSDConfig/__init__.py.in:344 msgid "memberOf attribute" msgstr "Atributo memberOf" -#: src/config/SSSDConfig/__init__.py.in:344 +#: src/config/SSSDConfig/__init__.py.in:345 msgid "Modification time attribute" msgstr "Atributo hora de modificación" -#: src/config/SSSDConfig/__init__.py.in:346 +#: src/config/SSSDConfig/__init__.py.in:347 msgid "shadowLastChange attribute" msgstr "atributo shadowLastChange" -#: src/config/SSSDConfig/__init__.py.in:347 +#: src/config/SSSDConfig/__init__.py.in:348 msgid "shadowMin attribute" msgstr "atributo shadowMin " -#: src/config/SSSDConfig/__init__.py.in:348 +#: src/config/SSSDConfig/__init__.py.in:349 msgid "shadowMax attribute" msgstr "atributo shadowMax" -#: src/config/SSSDConfig/__init__.py.in:349 +#: src/config/SSSDConfig/__init__.py.in:350 msgid "shadowWarning attribute" msgstr "atributo shadowWarning " -#: src/config/SSSDConfig/__init__.py.in:350 +#: src/config/SSSDConfig/__init__.py.in:351 msgid "shadowInactive attribute" msgstr "atributo shadowInactive " -#: src/config/SSSDConfig/__init__.py.in:351 +#: src/config/SSSDConfig/__init__.py.in:352 msgid "shadowExpire attribute" msgstr "atributo shadowExpire" -#: src/config/SSSDConfig/__init__.py.in:352 +#: src/config/SSSDConfig/__init__.py.in:353 msgid "shadowFlag attribute" msgstr "atributo shadowFlag " -#: src/config/SSSDConfig/__init__.py.in:353 +#: src/config/SSSDConfig/__init__.py.in:354 msgid "Attribute listing authorized PAM services" msgstr "listado de atributos de servicios PAM autorizados" -#: src/config/SSSDConfig/__init__.py.in:354 +#: src/config/SSSDConfig/__init__.py.in:355 msgid "Attribute listing authorized server hosts" msgstr "Atributo de listado de equipos de servidor autorizados" -#: src/config/SSSDConfig/__init__.py.in:355 +#: src/config/SSSDConfig/__init__.py.in:356 msgid "Attribute listing authorized server rhosts" msgstr "Atributo listando los rhosts de los servidores autorizados" -#: src/config/SSSDConfig/__init__.py.in:356 +#: src/config/SSSDConfig/__init__.py.in:357 msgid "krbLastPwdChange attribute" msgstr "atributo krbLastPwdChange " -#: src/config/SSSDConfig/__init__.py.in:357 +#: src/config/SSSDConfig/__init__.py.in:358 msgid "krbPasswordExpiration attribute" msgstr "atributo krbPasswordExpiration " -#: src/config/SSSDConfig/__init__.py.in:358 +#: src/config/SSSDConfig/__init__.py.in:359 msgid "Attribute indicating that server side password policies are active" msgstr "" "atributo indicando que las políticas de contraseña del lado del servidor " "están activas" -#: src/config/SSSDConfig/__init__.py.in:359 +#: src/config/SSSDConfig/__init__.py.in:360 msgid "accountExpires attribute of AD" msgstr "atributo accountExpires de AD" -#: src/config/SSSDConfig/__init__.py.in:360 +#: src/config/SSSDConfig/__init__.py.in:361 msgid "userAccountControl attribute of AD" msgstr "atributo userAccountControl de AD" -#: src/config/SSSDConfig/__init__.py.in:361 +#: src/config/SSSDConfig/__init__.py.in:362 msgid "nsAccountLock attribute" msgstr "atributo nsAccountLock " -#: src/config/SSSDConfig/__init__.py.in:362 +#: src/config/SSSDConfig/__init__.py.in:363 msgid "loginDisabled attribute of NDS" msgstr "loginDisabled atributo de NDS" -#: src/config/SSSDConfig/__init__.py.in:363 +#: src/config/SSSDConfig/__init__.py.in:364 msgid "loginExpirationTime attribute of NDS" msgstr "loginExpirationTime atributo de NDS" -#: src/config/SSSDConfig/__init__.py.in:364 +#: src/config/SSSDConfig/__init__.py.in:365 msgid "loginAllowedTimeMap attribute of NDS" msgstr "loginAllowedTimeMap atributo de NDS" -#: src/config/SSSDConfig/__init__.py.in:365 +#: src/config/SSSDConfig/__init__.py.in:366 msgid "SSH public key attribute" msgstr "Atributo de clave pública SSH" -#: src/config/SSSDConfig/__init__.py.in:366 +#: src/config/SSSDConfig/__init__.py.in:367 msgid "attribute listing allowed authentication types for a user" msgstr "" "atributo listando los tipos de autenticación permitidos para un usuario" -#: src/config/SSSDConfig/__init__.py.in:367 +#: src/config/SSSDConfig/__init__.py.in:368 msgid "attribute containing the X509 certificate of the user" msgstr "atributo conteniendo el certificado X509 del usuario" -#: src/config/SSSDConfig/__init__.py.in:368 +#: src/config/SSSDConfig/__init__.py.in:369 msgid "attribute containing the email address of the user" msgstr "atributo que contiene la dirección de correo electrónico del usuario" -#: src/config/SSSDConfig/__init__.py.in:370 +#: src/config/SSSDConfig/__init__.py.in:371 msgid "A list of extra attributes to download along with the user entry" msgstr "" "Una lista de los atributos extra a descargar junto con la entrada del usuario" -#: src/config/SSSDConfig/__init__.py.in:372 +#: src/config/SSSDConfig/__init__.py.in:373 msgid "Base DN for group lookups" msgstr "DN base para busqueda de grupos" -#: src/config/SSSDConfig/__init__.py.in:375 +#: src/config/SSSDConfig/__init__.py.in:376 msgid "Objectclass for groups" msgstr "clase objeto para" -#: src/config/SSSDConfig/__init__.py.in:376 +#: src/config/SSSDConfig/__init__.py.in:377 msgid "Group name" msgstr "Nombre del grupo" -#: src/config/SSSDConfig/__init__.py.in:377 +#: src/config/SSSDConfig/__init__.py.in:378 msgid "Group password" msgstr "Contraseña del grupo" -#: src/config/SSSDConfig/__init__.py.in:378 +#: src/config/SSSDConfig/__init__.py.in:379 msgid "GID attribute" msgstr "Atributo GID" -#: src/config/SSSDConfig/__init__.py.in:379 +#: src/config/SSSDConfig/__init__.py.in:380 msgid "Group member attribute" msgstr "Atributo de miembro del grupo" -#: src/config/SSSDConfig/__init__.py.in:380 +#: src/config/SSSDConfig/__init__.py.in:381 msgid "Group UUID attribute" msgstr "Atributo UUID de grupo" -#: src/config/SSSDConfig/__init__.py.in:382 +#: src/config/SSSDConfig/__init__.py.in:383 msgid "Modification time attribute for groups" msgstr "Atributo de modificación de tiempo para los grupos" -#: src/config/SSSDConfig/__init__.py.in:383 +#: src/config/SSSDConfig/__init__.py.in:384 msgid "Type of the group and other flags" msgstr "Tipo del grupo y otras banderas" -#: src/config/SSSDConfig/__init__.py.in:384 +#: src/config/SSSDConfig/__init__.py.in:385 msgid "The LDAP group external member attribute" msgstr "Atributo de miembro de grupo externo LDAP" -#: src/config/SSSDConfig/__init__.py.in:386 +#: src/config/SSSDConfig/__init__.py.in:387 msgid "Maximum nesting level SSSD will follow" msgstr "Máximo nivel de anidamiento que seguirá SSSD" -#: src/config/SSSDConfig/__init__.py.in:388 +#: src/config/SSSDConfig/__init__.py.in:389 msgid "Base DN for netgroup lookups" msgstr "DN base para búsquedas de grupos de red" -#: src/config/SSSDConfig/__init__.py.in:389 +#: src/config/SSSDConfig/__init__.py.in:390 msgid "Objectclass for netgroups" msgstr "Clases de objetos para grupos de red" -#: src/config/SSSDConfig/__init__.py.in:390 +#: src/config/SSSDConfig/__init__.py.in:391 msgid "Netgroup name" msgstr "Nombre de grupo de red" -#: src/config/SSSDConfig/__init__.py.in:391 +#: src/config/SSSDConfig/__init__.py.in:392 msgid "Netgroups members attribute" msgstr "Atributo de miembros de grupos de red" -#: src/config/SSSDConfig/__init__.py.in:392 +#: src/config/SSSDConfig/__init__.py.in:393 msgid "Netgroup triple attribute" msgstr "Atributo triple de grupo de red" -#: src/config/SSSDConfig/__init__.py.in:393 +#: src/config/SSSDConfig/__init__.py.in:394 msgid "Modification time attribute for netgroups" msgstr "Atributo de modificación de tiempo para grupos de red" -#: src/config/SSSDConfig/__init__.py.in:395 +#: src/config/SSSDConfig/__init__.py.in:396 msgid "Base DN for service lookups" msgstr "Base DN para servicio de búsquedas" -#: src/config/SSSDConfig/__init__.py.in:396 +#: src/config/SSSDConfig/__init__.py.in:397 msgid "Objectclass for services" msgstr "Clase de objeto para servicio" -#: src/config/SSSDConfig/__init__.py.in:397 +#: src/config/SSSDConfig/__init__.py.in:398 msgid "Service name attribute" msgstr "Atributo de nombre de servicio" -#: src/config/SSSDConfig/__init__.py.in:398 +#: src/config/SSSDConfig/__init__.py.in:399 msgid "Service port attribute" msgstr "Atributo de puerto de servicio" -#: src/config/SSSDConfig/__init__.py.in:399 +#: src/config/SSSDConfig/__init__.py.in:400 msgid "Service protocol attribute" msgstr "Atributo de protocolo de servidor" -#: src/config/SSSDConfig/__init__.py.in:402 +#: src/config/SSSDConfig/__init__.py.in:403 msgid "Lower bound for ID-mapping" msgstr "Límite más bajo para el mapeo de ID" -#: src/config/SSSDConfig/__init__.py.in:403 +#: src/config/SSSDConfig/__init__.py.in:404 msgid "Upper bound for ID-mapping" msgstr "Límite más alto para el mapeo de ID" -#: src/config/SSSDConfig/__init__.py.in:404 +#: src/config/SSSDConfig/__init__.py.in:405 msgid "Number of IDs for each slice when ID-mapping" msgstr "Número de IDs por cada trozo cuando se mapean ID" -#: src/config/SSSDConfig/__init__.py.in:405 +#: src/config/SSSDConfig/__init__.py.in:406 msgid "Use autorid-compatible algorithm for ID-mapping" msgstr "Usar el algoritmo compatible con autorid para el mapeo de ID" -#: src/config/SSSDConfig/__init__.py.in:406 +#: src/config/SSSDConfig/__init__.py.in:407 msgid "Name of the default domain for ID-mapping" msgstr "Nombre del dominio por defecto para el mapeo de ID" -#: src/config/SSSDConfig/__init__.py.in:407 +#: src/config/SSSDConfig/__init__.py.in:408 msgid "SID of the default domain for ID-mapping" msgstr "SID del dominio por defecto para el mapeo de ID" -#: src/config/SSSDConfig/__init__.py.in:408 +#: src/config/SSSDConfig/__init__.py.in:409 msgid "Number of secondary slices" msgstr "Número de trozos secundarios" -#: src/config/SSSDConfig/__init__.py.in:410 +#: src/config/SSSDConfig/__init__.py.in:411 msgid "Whether to use Token-Groups" msgstr "Si usar Token-Groups" -#: src/config/SSSDConfig/__init__.py.in:411 +#: src/config/SSSDConfig/__init__.py.in:412 msgid "Set lower boundary for allowed IDs from the LDAP server" msgstr "Fijar el límite más bajo de IDs permitidas desde el servidor LDAP" -#: src/config/SSSDConfig/__init__.py.in:412 +#: src/config/SSSDConfig/__init__.py.in:413 msgid "Set upper boundary for allowed IDs from the LDAP server" msgstr "" "Fijar el límite más alto para las IDs permitidas desde el servidor LDAP" -#: src/config/SSSDConfig/__init__.py.in:413 +#: src/config/SSSDConfig/__init__.py.in:414 msgid "DN for ppolicy queries" msgstr "DN para consultas ppolicy" -#: src/config/SSSDConfig/__init__.py.in:414 +#: src/config/SSSDConfig/__init__.py.in:415 msgid "How many maximum entries to fetch during a wildcard request" msgstr "Máximas entradas a recuperar durante una solicitud de comodín" -#: src/config/SSSDConfig/__init__.py.in:417 +#: src/config/SSSDConfig/__init__.py.in:418 msgid "Policy to evaluate the password expiration" msgstr "Política para evaluar el vencimiento de la contraseña" -#: src/config/SSSDConfig/__init__.py.in:421 +#: src/config/SSSDConfig/__init__.py.in:422 msgid "Which attributes shall be used to evaluate if an account is expired" msgstr "" "Los atributos que deberán ser utilizados para evaluar si una cuenta ha " "expirado" -#: src/config/SSSDConfig/__init__.py.in:422 +#: src/config/SSSDConfig/__init__.py.in:423 msgid "Which rules should be used to evaluate access control" msgstr "Las reglas que deberían ser utilizadas para evaluar control de acceso" -#: src/config/SSSDConfig/__init__.py.in:425 +#: src/config/SSSDConfig/__init__.py.in:426 msgid "URI of an LDAP server where password changes are allowed" msgstr "" "URI de un servidor LDAP donde se permite la modificación de contraseñas" -#: src/config/SSSDConfig/__init__.py.in:426 +#: src/config/SSSDConfig/__init__.py.in:427 msgid "URI of a backup LDAP server where password changes are allowed" msgstr "" "URI de un servidor de respaldo LDAP donde están permitidos los cambios de " "contraseña" -#: src/config/SSSDConfig/__init__.py.in:427 +#: src/config/SSSDConfig/__init__.py.in:428 msgid "DNS service name for LDAP password change server" msgstr "" "Nombre del servicio DNS para el servidor de modificación de contraseñas LDAP" -#: src/config/SSSDConfig/__init__.py.in:428 +#: src/config/SSSDConfig/__init__.py.in:429 msgid "" "Whether to update the ldap_user_shadow_last_change attribute after a " "password change" @@ -1460,23 +1464,23 @@ msgstr "" "Si actualizar el atributo ldap_user_shadow_last_change después de un cambio " "de contraseña" -#: src/config/SSSDConfig/__init__.py.in:431 +#: src/config/SSSDConfig/__init__.py.in:432 msgid "Base DN for sudo rules lookups" msgstr "Base DN para búsquedas de reglas sudo" -#: src/config/SSSDConfig/__init__.py.in:432 +#: src/config/SSSDConfig/__init__.py.in:433 msgid "Automatic full refresh period" msgstr "Período de refresco total automático" -#: src/config/SSSDConfig/__init__.py.in:433 +#: src/config/SSSDConfig/__init__.py.in:434 msgid "Automatic smart refresh period" msgstr "Período de refresco inteligente automático" -#: src/config/SSSDConfig/__init__.py.in:434 +#: src/config/SSSDConfig/__init__.py.in:435 msgid "Whether to filter rules by hostname, IP addresses and network" msgstr "Si filtrar la reglas por nombre de host, direcciones IP y red" -#: src/config/SSSDConfig/__init__.py.in:435 +#: src/config/SSSDConfig/__init__.py.in:436 msgid "" "Hostnames and/or fully qualified domain names of this machine to filter sudo " "rules" @@ -1484,245 +1488,253 @@ msgstr "" "Nombres de host y/o nombres de dominio totalmente cualificado de esta " "máquina para filtrar las reglas sudo" -#: src/config/SSSDConfig/__init__.py.in:436 +#: src/config/SSSDConfig/__init__.py.in:437 msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules" msgstr "Direcciones o red IPv4 o IPv6 de esta máquina para filtrar reglas sudo" -#: src/config/SSSDConfig/__init__.py.in:437 +#: src/config/SSSDConfig/__init__.py.in:438 msgid "Whether to include rules that contains netgroup in host attribute" msgstr "Si incluir reglas que contienen netgroup en el atributo de host" -#: src/config/SSSDConfig/__init__.py.in:438 +#: src/config/SSSDConfig/__init__.py.in:439 msgid "" "Whether to include rules that contains regular expression in host attribute" msgstr "" "Si incluir reglas que contengan expresiones regulares en el atributo de host" -#: src/config/SSSDConfig/__init__.py.in:439 +#: src/config/SSSDConfig/__init__.py.in:440 msgid "Object class for sudo rules" msgstr "Objeto clase para reglas sudo" -#: src/config/SSSDConfig/__init__.py.in:440 +#: src/config/SSSDConfig/__init__.py.in:441 msgid "Sudo rule name" msgstr "Nombre de regla sudo" -#: src/config/SSSDConfig/__init__.py.in:441 +#: src/config/SSSDConfig/__init__.py.in:442 msgid "Sudo rule command attribute" msgstr "Atributo de regla de comando sudo" -#: src/config/SSSDConfig/__init__.py.in:442 +#: src/config/SSSDConfig/__init__.py.in:443 msgid "Sudo rule host attribute" msgstr "Atributo de la regla host de sudo" -#: src/config/SSSDConfig/__init__.py.in:443 +#: src/config/SSSDConfig/__init__.py.in:444 msgid "Sudo rule user attribute" msgstr "Atributo de la regla usuario de sudo" -#: src/config/SSSDConfig/__init__.py.in:444 +#: src/config/SSSDConfig/__init__.py.in:445 msgid "Sudo rule option attribute" msgstr "Atributo de la regla opción de sudo" -#: src/config/SSSDConfig/__init__.py.in:445 +#: src/config/SSSDConfig/__init__.py.in:446 msgid "Sudo rule runas attribute" msgstr "Atributo runas de regla sudo" -#: src/config/SSSDConfig/__init__.py.in:446 +#: src/config/SSSDConfig/__init__.py.in:447 msgid "Sudo rule runasuser attribute" msgstr "Atributo de la regla suda runasuser" -#: src/config/SSSDConfig/__init__.py.in:447 +#: src/config/SSSDConfig/__init__.py.in:448 msgid "Sudo rule runasgroup attribute" msgstr "Atributo de regla runasgroup de sudo" -#: src/config/SSSDConfig/__init__.py.in:448 +#: src/config/SSSDConfig/__init__.py.in:449 msgid "Sudo rule notbefore attribute" msgstr "Atributo de regla notbefore de sudo" -#: src/config/SSSDConfig/__init__.py.in:449 +#: src/config/SSSDConfig/__init__.py.in:450 msgid "Sudo rule notafter attribute" msgstr "Atributo de regla noafter de sudo" -#: src/config/SSSDConfig/__init__.py.in:450 +#: src/config/SSSDConfig/__init__.py.in:451 msgid "Sudo rule order attribute" msgstr "Atributo de regla orden de sudo" -#: src/config/SSSDConfig/__init__.py.in:453 +#: src/config/SSSDConfig/__init__.py.in:454 msgid "Object class for automounter maps" msgstr "Objeto clase para mapas automontador" -#: src/config/SSSDConfig/__init__.py.in:454 +#: src/config/SSSDConfig/__init__.py.in:455 msgid "Automounter map name attribute" msgstr "Atributo de nombre de mapa de automontador" -#: src/config/SSSDConfig/__init__.py.in:455 +#: src/config/SSSDConfig/__init__.py.in:456 msgid "Object class for automounter map entries" msgstr "Objeto clase para entradas de mapa de automontador" -#: src/config/SSSDConfig/__init__.py.in:456 +#: src/config/SSSDConfig/__init__.py.in:457 msgid "Automounter map entry key attribute" msgstr "Atributo de clave de entrada para mapa de automontador" -#: src/config/SSSDConfig/__init__.py.in:457 +#: src/config/SSSDConfig/__init__.py.in:458 msgid "Automounter map entry value attribute" msgstr "Atributo de valor de entrada para mapa de automontador" -#: src/config/SSSDConfig/__init__.py.in:458 +#: src/config/SSSDConfig/__init__.py.in:459 msgid "Base DN for automounter map lookups" msgstr "Base DN para búsquedas de mapa de automontador" -#: src/config/SSSDConfig/__init__.py.in:461 +#: src/config/SSSDConfig/__init__.py.in:462 msgid "Comma separated list of allowed users" msgstr "Lista separada por comas de usuarios autorizados" -#: src/config/SSSDConfig/__init__.py.in:462 +#: src/config/SSSDConfig/__init__.py.in:463 msgid "Comma separated list of prohibited users" msgstr "Lista separada por comas de usuarios prohibidos" -#: src/config/SSSDConfig/__init__.py.in:465 +#: src/config/SSSDConfig/__init__.py.in:466 msgid "Default shell, /bin/bash" msgstr "Shell predeterminado, /bin/bash" -#: src/config/SSSDConfig/__init__.py.in:466 +#: src/config/SSSDConfig/__init__.py.in:467 msgid "Base for home directories" msgstr "Base de los directorios de inicio" -#: src/config/SSSDConfig/__init__.py.in:469 +#: src/config/SSSDConfig/__init__.py.in:470 msgid "The number of preforked proxy children." msgstr "Número de hijos proxy prefabricados" -#: src/config/SSSDConfig/__init__.py.in:472 +#: src/config/SSSDConfig/__init__.py.in:473 msgid "The name of the NSS library to use" msgstr "Nombre de la biblioteca NSS a usar" -#: src/config/SSSDConfig/__init__.py.in:473 +#: src/config/SSSDConfig/__init__.py.in:474 msgid "Whether to look up canonical group name from cache if possible" msgstr "Si buscar el nombre canónico del grupo desde el cache si es posible" -#: src/config/SSSDConfig/__init__.py.in:476 +#: src/config/SSSDConfig/__init__.py.in:477 msgid "PAM stack to use" msgstr "Pila PAM a usar" -#: src/config/SSSDConfig/__init__.py.in:479 +#: src/config/SSSDConfig/__init__.py.in:480 msgid "Path of passwd file sources." msgstr "Ruta de las fuentes del fichero passwd" -#: src/config/SSSDConfig/__init__.py.in:480 +#: src/config/SSSDConfig/__init__.py.in:481 msgid "Path of group file sources." msgstr "Ruta de las fuentes del fichero group" -#: src/monitor/monitor.c:2347 +#: src/monitor/monitor.c:2332 msgid "Become a daemon (default)" msgstr "Convertirse en demonio (predeterminado)" -#: src/monitor/monitor.c:2349 +#: src/monitor/monitor.c:2334 msgid "Run interactive (not a daemon)" msgstr "Ejecutarse en forma interactiva (no un demonio)" -#: src/monitor/monitor.c:2352 +#: src/monitor/monitor.c:2337 msgid "Disable netlink interface" msgstr "Deshabilitar el interfaz netlink" -#: src/monitor/monitor.c:2354 src/tools/sssctl/sssctl_logs.c:311 +#: src/monitor/monitor.c:2339 src/tools/sssctl/sssctl_logs.c:311 msgid "Specify a non-default config file" msgstr "Indicar un archivo de configuración diferente al predeterminado" -#: src/monitor/monitor.c:2356 +#: src/monitor/monitor.c:2341 msgid "Refresh the configuration database, then exit" msgstr "Refrescar la base de datos de configuración, después salir" -#: src/monitor/monitor.c:2359 +#: src/monitor/monitor.c:2344 msgid "Similar to --genconf, but only refreshes the given section" msgstr "" -#: src/monitor/monitor.c:2362 +#: src/monitor/monitor.c:2347 msgid "Print version number and exit" msgstr "Muestra el número de versión y finaliza" -#: src/monitor/monitor.c:2538 +#: src/monitor/monitor.c:2523 msgid "SSSD is already running\n" msgstr "SSSD ya está corriendo\n" -#: src/providers/krb5/krb5_child.c:3219 src/providers/ldap/ldap_child.c:605 +#: src/providers/krb5/krb5_child.c:3232 src/providers/ldap/ldap_child.c:605 msgid "Debug level" msgstr "Nive de depuración" -#: src/providers/krb5/krb5_child.c:3221 src/providers/ldap/ldap_child.c:607 +#: src/providers/krb5/krb5_child.c:3234 src/providers/ldap/ldap_child.c:607 msgid "Add debug timestamps" msgstr "Agregar marcas de tiempo de depuración" -#: src/providers/krb5/krb5_child.c:3223 src/providers/ldap/ldap_child.c:609 +#: src/providers/krb5/krb5_child.c:3236 src/providers/ldap/ldap_child.c:609 msgid "Show timestamps with microseconds" msgstr "Mostrar marcas de tiempo con microsegundos" -#: src/providers/krb5/krb5_child.c:3225 src/providers/ldap/ldap_child.c:611 +#: src/providers/krb5/krb5_child.c:3238 src/providers/ldap/ldap_child.c:611 msgid "An open file descriptor for the debug logs" msgstr "Un arhivo abierto de descriptor para los registros de depuración" -#: src/providers/krb5/krb5_child.c:3228 src/providers/ldap/ldap_child.c:613 +#: src/providers/krb5/krb5_child.c:3241 src/providers/ldap/ldap_child.c:613 msgid "Send the debug output to stderr directly." msgstr "Enviar la salida de depuración a stderr directamente." -#: src/providers/krb5/krb5_child.c:3231 +#: src/providers/krb5/krb5_child.c:3244 msgid "The user to create FAST ccache as" msgstr "El usuario para crear FAST ccache como" -#: src/providers/krb5/krb5_child.c:3233 +#: src/providers/krb5/krb5_child.c:3246 msgid "The group to create FAST ccache as" msgstr "El grupo para crear FAST ccache como" -#: src/providers/krb5/krb5_child.c:3235 +#: src/providers/krb5/krb5_child.c:3248 msgid "Kerberos realm to use" msgstr "Reino Kerberos a usar" -#: src/providers/krb5/krb5_child.c:3237 +#: src/providers/krb5/krb5_child.c:3250 msgid "Requested lifetime of the ticket" msgstr "Tiempo de vida pedido del ticket" -#: src/providers/krb5/krb5_child.c:3239 +#: src/providers/krb5/krb5_child.c:3252 msgid "Requested renewable lifetime of the ticket" msgstr "Teimpo de vida renovable pedido del ticket" -#: src/providers/krb5/krb5_child.c:3241 +#: src/providers/krb5/krb5_child.c:3254 msgid "FAST options ('never', 'try', 'demand')" msgstr "Opciones FAST ('never', 'try', 'demand')" -#: src/providers/krb5/krb5_child.c:3244 +#: src/providers/krb5/krb5_child.c:3257 msgid "Specifies the server principal to use for FAST" msgstr "Especifica el servidor principal a usar por FAST" -#: src/providers/krb5/krb5_child.c:3246 +#: src/providers/krb5/krb5_child.c:3259 msgid "Requests canonicalization of the principal name" msgstr "Solicita la canonización del nombre principal" -#: src/providers/krb5/krb5_child.c:3248 +#: src/providers/krb5/krb5_child.c:3261 msgid "Use custom version of krb5_get_init_creds_password" msgstr "Usar versión personal de krb5_get_init_creds_password" -#: src/providers/data_provider_be.c:630 +#: src/providers/data_provider_be.c:673 msgid "Domain of the information provider (mandatory)" msgstr "Dominio del proveedor de información (obligatorio)" -#: src/sss_client/common.c:1067 +#: src/sss_client/common.c:1079 msgid "Privileged socket has wrong ownership or permissions." msgstr "El zócalo privilegiado posee permisos o pertenencia equivocados." -#: src/sss_client/common.c:1070 +#: src/sss_client/common.c:1082 msgid "Public socket has wrong ownership or permissions." msgstr "El zócalo público posee permisos o pertenencia equivocados." -#: src/sss_client/common.c:1073 +#: src/sss_client/common.c:1085 msgid "Unexpected format of the server credential message." msgstr "Formato no esperado del mensaje de la credencial del servidor." -#: src/sss_client/common.c:1076 +#: src/sss_client/common.c:1088 msgid "SSSD is not run by root." msgstr "SSSD no está siendo ejecutado por el usuario root." -#: src/sss_client/common.c:1081 +#: src/sss_client/common.c:1091 +msgid "SSSD socket does not exist." +msgstr "" + +#: src/sss_client/common.c:1094 +msgid "Cannot get stat of SSSD socket." +msgstr "" + +#: src/sss_client/common.c:1099 msgid "An error occurred, but no description can be found." msgstr "Ha ocurrido un error, pero no se ha podido encontrar una descripción." -#: src/sss_client/common.c:1087 +#: src/sss_client/common.c:1105 msgid "Unexpected error while looking for an error description" msgstr "" "Ha ocurrido un error no esperado mientras se buscaba la descripción del error" @@ -1731,46 +1743,46 @@ msgstr "" msgid "Permission denied. " msgstr "Permiso denegado." -#: src/sss_client/pam_sss.c:68 src/sss_client/pam_sss.c:774 -#: src/sss_client/pam_sss.c:785 +#: src/sss_client/pam_sss.c:68 src/sss_client/pam_sss.c:777 +#: src/sss_client/pam_sss.c:788 msgid "Server message: " msgstr "Mensaje del servidor:" -#: src/sss_client/pam_sss.c:292 +#: src/sss_client/pam_sss.c:295 msgid "Passwords do not match" msgstr "Las contraseñas no coinciden" -#: src/sss_client/pam_sss.c:480 +#: src/sss_client/pam_sss.c:483 msgid "Password reset by root is not supported." msgstr "No existe soporte para reseteado de la contraseña por el usuario root." -#: src/sss_client/pam_sss.c:521 +#: src/sss_client/pam_sss.c:524 msgid "Authenticated with cached credentials" msgstr "Autenticado mediante credenciales cacheada" -#: src/sss_client/pam_sss.c:522 +#: src/sss_client/pam_sss.c:525 msgid ", your cached password will expire at: " msgstr ", su contraseña cacheada vencerá el:" -#: src/sss_client/pam_sss.c:552 +#: src/sss_client/pam_sss.c:555 #, c-format msgid "Your password has expired. You have %1$d grace login(s) remaining." msgstr "Su contraseña ha expirado. Usted tiene %1$d accesos restantes." -#: src/sss_client/pam_sss.c:598 +#: src/sss_client/pam_sss.c:601 #, c-format msgid "Your password will expire in %1$d %2$s." msgstr "Su contraseña expirará en %1$d %2$s." -#: src/sss_client/pam_sss.c:647 +#: src/sss_client/pam_sss.c:650 msgid "Authentication is denied until: " msgstr "La autenticación ha sido denegada hasta:" -#: src/sss_client/pam_sss.c:668 +#: src/sss_client/pam_sss.c:671 msgid "System is offline, password change not possible" msgstr "El sistema está fuera de línea, no se puede cambiar la contraseña" -#: src/sss_client/pam_sss.c:683 +#: src/sss_client/pam_sss.c:686 msgid "" "After changing the OTP password, you need to log out and back in order to " "acquire a ticket" @@ -1778,43 +1790,43 @@ msgstr "" "Después de cambiar la contraseña OTP, usted debe salir y volver a entrar con " "el objetivo de fijarla" -#: src/sss_client/pam_sss.c:771 src/sss_client/pam_sss.c:784 +#: src/sss_client/pam_sss.c:774 src/sss_client/pam_sss.c:787 msgid "Password change failed. " msgstr "Falló el cambio de contraseña." -#: src/sss_client/pam_sss.c:1921 +#: src/sss_client/pam_sss.c:1977 msgid "New Password: " msgstr "Nueva contraseña: " -#: src/sss_client/pam_sss.c:1922 +#: src/sss_client/pam_sss.c:1978 msgid "Reenter new Password: " msgstr "Reingrese la contraseña nueva:" -#: src/sss_client/pam_sss.c:2038 src/sss_client/pam_sss.c:2041 +#: src/sss_client/pam_sss.c:2139 src/sss_client/pam_sss.c:2142 msgid "First Factor: " msgstr "Primer Factor: " -#: src/sss_client/pam_sss.c:2039 src/sss_client/pam_sss.c:2201 +#: src/sss_client/pam_sss.c:2140 src/sss_client/pam_sss.c:2303 msgid "Second Factor (optional): " msgstr "Segundo Factor (opcional): " -#: src/sss_client/pam_sss.c:2042 src/sss_client/pam_sss.c:2204 +#: src/sss_client/pam_sss.c:2143 src/sss_client/pam_sss.c:2306 msgid "Second Factor: " msgstr "Segundo Factor:" -#: src/sss_client/pam_sss.c:2057 +#: src/sss_client/pam_sss.c:2158 msgid "Password: " msgstr "Contraseña: " -#: src/sss_client/pam_sss.c:2200 src/sss_client/pam_sss.c:2203 +#: src/sss_client/pam_sss.c:2302 src/sss_client/pam_sss.c:2305 msgid "First Factor (Current Password): " msgstr "Primer Factor (Contraseña Actual): " -#: src/sss_client/pam_sss.c:2207 +#: src/sss_client/pam_sss.c:2309 msgid "Current Password: " msgstr "Contraseña actual: " -#: src/sss_client/pam_sss.c:2562 +#: src/sss_client/pam_sss.c:2664 msgid "Password expired. Change your password now." msgstr "La contraseña ha expirado. Modifíquela en este preciso momento." @@ -1823,7 +1835,7 @@ msgstr "La contraseña ha expirado. Modifíquela en este preciso momento." #: src/tools/sss_groupadd.c:41 src/tools/sss_groupdel.c:44 #: src/tools/sss_groupmod.c:42 src/tools/sss_groupshow.c:668 #: src/tools/sss_userdel.c:134 src/tools/sss_usermod.c:47 -#: src/tools/sss_cache.c:687 +#: src/tools/sss_cache.c:704 msgid "The debug level to run with" msgstr "Nivel de depuración en que se debe ejecutar" @@ -1836,7 +1848,7 @@ msgstr "El dominio SSSD a usar" #: src/tools/sss_groupadd.c:59 src/tools/sss_groupdel.c:54 #: src/tools/sss_groupmod.c:66 src/tools/sss_groupshow.c:680 #: src/tools/sss_userdel.c:152 src/tools/sss_usermod.c:79 -#: src/tools/sss_cache.c:733 +#: src/tools/sss_cache.c:750 msgid "Error setting the locale\n" msgstr "Error al poner la región\n" @@ -1872,6 +1884,11 @@ msgstr "Host no especificado\n" msgid "The path to the proxy command must be absolute\n" msgstr "La ruta al comando proxy debe ser absoluta\n" +#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:342 +#, c-format +msgid "sss_ssh_knownhostsproxy: Could not resolve hostname %s\n" +msgstr "" + #: src/tools/sss_useradd.c:49 src/tools/sss_usermod.c:48 msgid "The UID of the user" msgstr "El UID del usuario" @@ -2303,86 +2320,86 @@ msgstr "" msgid "Transaction error. Could not modify user.\n" msgstr "Error de transacción. No se pudo modificar el usuario.\n" -#: src/tools/sss_cache.c:228 +#: src/tools/sss_cache.c:245 msgid "No cache object matched the specified search\n" msgstr "" "No hay objetos en el cache que coincidan con la búsqueda especificada\n" -#: src/tools/sss_cache.c:519 +#: src/tools/sss_cache.c:536 #, c-format msgid "Couldn't invalidate %1$s\n" msgstr "No podría invalidar %1$s\n" -#: src/tools/sss_cache.c:526 +#: src/tools/sss_cache.c:543 #, c-format msgid "Couldn't invalidate %1$s %2$s\n" msgstr "No podría invalidar %1$s %2$s\n" -#: src/tools/sss_cache.c:689 +#: src/tools/sss_cache.c:706 msgid "Invalidate all cached entries" msgstr "Invalidar todas las entradas en el cache" -#: src/tools/sss_cache.c:691 +#: src/tools/sss_cache.c:708 msgid "Invalidate particular user" msgstr "Usuario particular invalidado" -#: src/tools/sss_cache.c:693 +#: src/tools/sss_cache.c:710 msgid "Invalidate all users" msgstr "Todos los usuarios invalidados" -#: src/tools/sss_cache.c:695 +#: src/tools/sss_cache.c:712 msgid "Invalidate particular group" msgstr "Invalidar grupo concreto" -#: src/tools/sss_cache.c:697 +#: src/tools/sss_cache.c:714 msgid "Invalidate all groups" msgstr "Invalidar todos los grupos" -#: src/tools/sss_cache.c:699 +#: src/tools/sss_cache.c:716 msgid "Invalidate particular netgroup" msgstr "Invalidar un grupo de red concreto" -#: src/tools/sss_cache.c:701 +#: src/tools/sss_cache.c:718 msgid "Invalidate all netgroups" msgstr "Invalidar todos los grupos de red" -#: src/tools/sss_cache.c:703 +#: src/tools/sss_cache.c:720 msgid "Invalidate particular service" msgstr "Invalidar un servicio concreto" -#: src/tools/sss_cache.c:705 +#: src/tools/sss_cache.c:722 msgid "Invalidate all services" msgstr "Invalidar todos los servicios" -#: src/tools/sss_cache.c:708 +#: src/tools/sss_cache.c:725 msgid "Invalidate particular autofs map" msgstr "Invalidar mapa autofs concreto" -#: src/tools/sss_cache.c:710 +#: src/tools/sss_cache.c:727 msgid "Invalidate all autofs maps" msgstr "Invalidar todos los mapas autofs" -#: src/tools/sss_cache.c:714 +#: src/tools/sss_cache.c:731 msgid "Invalidate particular SSH host" msgstr "Invalidar SSH host concreto" -#: src/tools/sss_cache.c:716 +#: src/tools/sss_cache.c:733 msgid "Invalidate all SSH hosts" msgstr "Invalidar todos los hosts SSH" -#: src/tools/sss_cache.c:720 +#: src/tools/sss_cache.c:737 msgid "Invalidate particular sudo rule" msgstr "Invalidar una regla sudo concreta" -#: src/tools/sss_cache.c:722 +#: src/tools/sss_cache.c:739 msgid "Invalidate all cached sudo rules" msgstr "Invalidar todas las reglas sudo cacheadas" -#: src/tools/sss_cache.c:725 +#: src/tools/sss_cache.c:742 msgid "Only invalidate entries from a particular domain" msgstr "Solo invalidar las entradas de un dominio concreto" -#: src/tools/sss_cache.c:779 +#: src/tools/sss_cache.c:796 msgid "" "Unexpected argument(s) provided, options that invalidate a single object " "only accept a single provided argument.\n" @@ -2390,11 +2407,11 @@ msgstr "" "Se han suministrado argumento(s) no esperado, opciones que invalidan un " "único objeto solo aceptan que se les suministre un único argumento.\n" -#: src/tools/sss_cache.c:789 +#: src/tools/sss_cache.c:806 msgid "Please select at least one object to invalidate\n" msgstr "Por favor seleccione al menos un objeto par invalidar\n" -#: src/tools/sss_cache.c:872 +#: src/tools/sss_cache.c:889 #, c-format msgid "" "Could not open domain %1$s. If the domain is a subdomain (trusted domain), " @@ -2404,7 +2421,7 @@ msgstr "" "confiable), use el nombre totalmente cualificado en lugar de --domain/-d " "parametro.\n" -#: src/tools/sss_cache.c:877 +#: src/tools/sss_cache.c:894 msgid "Could not open available domains\n" msgstr "No podría abrir los dominios disponibles\n" @@ -2646,9 +2663,9 @@ msgstr "" #: src/tools/sssctl/sssctl_domains.c:105 src/tools/sssctl/sssctl_domains.c:354 #: src/tools/sssctl/sssctl_user_checks.c:95 -#, fuzzy, c-format +#, c-format msgid "Unable to connect to system bus!\n" -msgstr "Incapaz de conectar al InfoPipe" +msgstr "" #: src/tools/sssctl/sssctl_domains.c:167 #, c-format @@ -2991,40 +3008,18 @@ msgstr "Entorno PAM:\n" msgid " - no env -\n" msgstr " - no env -\n" -#: src/util/util.h:73 +#: src/util/util.h:74 msgid "The user ID to run the server as" msgstr "La ID de usuario para ejecutar el servidor como" -#: src/util/util.h:75 +#: src/util/util.h:76 msgid "The group ID to run the server as" msgstr "La ID de grupo para ejecutar el servidor como" -#: src/util/util.h:83 +#: src/util/util.h:84 msgid "Informs that the responder has been socket-activated" msgstr "Informa que el contestador ha sido socket-activated" -#: src/util/util.h:85 +#: src/util/util.h:86 msgid "Informs that the responder has been dbus-activated" msgstr "Informa que el contestador ha sido dbus-activated" - -#~ msgid "Store password hashes" -#~ msgstr "Guardar los hashes de la contraseña" - -#~ msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for group lookups" -#~ msgstr "Use LDAP_MATCHING_RULE_IN_CHAIN para búsquedas de grupo" - -#~ msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for initgroup lookups" -#~ msgstr "Use LDAP_MATCHING_RULE_IN_CHAIN para búsquedas initgroup" - -#~ msgid "" -#~ "Check that SSSD is running and the InfoPipe responder is enabled. Make " -#~ "sure 'ifp' is listed in the 'services' option in sssd.conf.\n" -#~ msgstr "" -#~ "Compruebe que SSSD está corriendo y el contestador InfoPipe habilitado. " -#~ "Asegura que 'ifp' está listado en la opción 'services' de sssd.conf.\n" - -#~ msgid "Unable to get user object" -#~ msgstr "Incapaz de obtener el usuario objeto" - -#~ msgid "Unable to get user name attr" -#~ msgstr "Incapaz de obtener el atributo nombre del usuario" diff --git a/po/eu.po b/po/eu.po index 9384ac901ae..e64e07db833 100644 --- a/po/eu.po +++ b/po/eu.po @@ -8,7 +8,7 @@ msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n" -"POT-Creation-Date: 2019-02-27 19:55+0100\n" +"POT-Creation-Date: 2019-06-13 20:35+0200\n" "PO-Revision-Date: 2014-12-14 11:45+0000\n" "Last-Translator: Copied by Zanata \n" "Language-Team: Basque (http://www.transifex.com/projects/p/sssd/language/" @@ -675,7 +675,7 @@ msgid "Active Directory client hostname" msgstr "" #: src/config/SSSDConfig/__init__.py.in:236 -#: src/config/SSSDConfig/__init__.py.in:420 +#: src/config/SSSDConfig/__init__.py.in:421 msgid "LDAP filter to determine access privileges" msgstr "" @@ -845,746 +845,759 @@ msgid "The Schema Type in use on the LDAP server, rfc2307" msgstr "" #: src/config/SSSDConfig/__init__.py.in:285 +#, fuzzy +msgid "Mode used to change user password" +msgstr "Pasahitza iraungita. Aldatu zure pasahitza orain." + +#: src/config/SSSDConfig/__init__.py.in:286 msgid "The default bind DN" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:286 +#: src/config/SSSDConfig/__init__.py.in:287 msgid "The type of the authentication token of the default bind DN" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:287 +#: src/config/SSSDConfig/__init__.py.in:288 msgid "The authentication token of the default bind DN" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:288 +#: src/config/SSSDConfig/__init__.py.in:289 msgid "Length of time to attempt connection" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:289 +#: src/config/SSSDConfig/__init__.py.in:290 msgid "Length of time to attempt synchronous LDAP operations" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:290 +#: src/config/SSSDConfig/__init__.py.in:291 msgid "Length of time between attempts to reconnect while offline" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:291 +#: src/config/SSSDConfig/__init__.py.in:292 msgid "Use only the upper case for realm names" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:292 +#: src/config/SSSDConfig/__init__.py.in:293 msgid "File that contains CA certificates" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:293 +#: src/config/SSSDConfig/__init__.py.in:294 msgid "Path to CA certificate directory" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:294 +#: src/config/SSSDConfig/__init__.py.in:295 msgid "File that contains the client certificate" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:295 +#: src/config/SSSDConfig/__init__.py.in:296 msgid "File that contains the client key" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:296 +#: src/config/SSSDConfig/__init__.py.in:297 msgid "List of possible ciphers suites" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:297 +#: src/config/SSSDConfig/__init__.py.in:298 msgid "Require TLS certificate verification" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:298 +#: src/config/SSSDConfig/__init__.py.in:299 msgid "Specify the sasl mechanism to use" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:299 +#: src/config/SSSDConfig/__init__.py.in:300 msgid "Specify the sasl authorization id to use" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:300 +#: src/config/SSSDConfig/__init__.py.in:301 msgid "Specify the sasl authorization realm to use" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:301 +#: src/config/SSSDConfig/__init__.py.in:302 msgid "Specify the minimal SSF for LDAP sasl authorization" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:302 +#: src/config/SSSDConfig/__init__.py.in:303 msgid "Kerberos service keytab" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:303 +#: src/config/SSSDConfig/__init__.py.in:304 msgid "Use Kerberos auth for LDAP connection" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:304 +#: src/config/SSSDConfig/__init__.py.in:305 msgid "Follow LDAP referrals" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:305 +#: src/config/SSSDConfig/__init__.py.in:306 msgid "Lifetime of TGT for LDAP connection" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:306 +#: src/config/SSSDConfig/__init__.py.in:307 msgid "How to dereference aliases" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:307 +#: src/config/SSSDConfig/__init__.py.in:308 msgid "Service name for DNS service lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:308 +#: src/config/SSSDConfig/__init__.py.in:309 msgid "The number of records to retrieve in a single LDAP query" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:309 +#: src/config/SSSDConfig/__init__.py.in:310 msgid "The number of members that must be missing to trigger a full deref" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:310 +#: src/config/SSSDConfig/__init__.py.in:311 msgid "" "Whether the LDAP library should perform a reverse lookup to canonicalize the " "host name during a SASL bind" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:312 +#: src/config/SSSDConfig/__init__.py.in:313 msgid "entryUSN attribute" msgstr "entryUSN atributua" -#: src/config/SSSDConfig/__init__.py.in:313 +#: src/config/SSSDConfig/__init__.py.in:314 msgid "lastUSN attribute" msgstr "lastUSN atributua" -#: src/config/SSSDConfig/__init__.py.in:315 +#: src/config/SSSDConfig/__init__.py.in:316 msgid "How long to retain a connection to the LDAP server before disconnecting" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:317 +#: src/config/SSSDConfig/__init__.py.in:318 msgid "Disable the LDAP paging control" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:318 +#: src/config/SSSDConfig/__init__.py.in:319 msgid "Disable Active Directory range retrieval" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:321 +#: src/config/SSSDConfig/__init__.py.in:322 msgid "Length of time to wait for a search request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:322 +#: src/config/SSSDConfig/__init__.py.in:323 msgid "Length of time to wait for a enumeration request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:323 +#: src/config/SSSDConfig/__init__.py.in:324 msgid "Length of time between enumeration updates" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:324 +#: src/config/SSSDConfig/__init__.py.in:325 msgid "Length of time between cache cleanups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:325 +#: src/config/SSSDConfig/__init__.py.in:326 msgid "Require TLS for ID lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:326 +#: src/config/SSSDConfig/__init__.py.in:327 msgid "Use ID-mapping of objectSID instead of pre-set IDs" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:327 +#: src/config/SSSDConfig/__init__.py.in:328 msgid "Base DN for user lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:328 +#: src/config/SSSDConfig/__init__.py.in:329 msgid "Scope of user lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:329 +#: src/config/SSSDConfig/__init__.py.in:330 msgid "Filter for user lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:330 +#: src/config/SSSDConfig/__init__.py.in:331 msgid "Objectclass for users" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:331 +#: src/config/SSSDConfig/__init__.py.in:332 msgid "Username attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:333 +#: src/config/SSSDConfig/__init__.py.in:334 msgid "UID attribute" msgstr "UID atributua" -#: src/config/SSSDConfig/__init__.py.in:334 +#: src/config/SSSDConfig/__init__.py.in:335 msgid "Primary GID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:335 +#: src/config/SSSDConfig/__init__.py.in:336 msgid "GECOS attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:336 +#: src/config/SSSDConfig/__init__.py.in:337 msgid "Home directory attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:337 +#: src/config/SSSDConfig/__init__.py.in:338 msgid "Shell attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:338 +#: src/config/SSSDConfig/__init__.py.in:339 msgid "UUID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:339 -#: src/config/SSSDConfig/__init__.py.in:381 +#: src/config/SSSDConfig/__init__.py.in:340 +#: src/config/SSSDConfig/__init__.py.in:382 msgid "objectSID attribute" msgstr "objectSID atributua" -#: src/config/SSSDConfig/__init__.py.in:340 +#: src/config/SSSDConfig/__init__.py.in:341 msgid "Active Directory primary group attribute for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:341 +#: src/config/SSSDConfig/__init__.py.in:342 msgid "User principal attribute (for Kerberos)" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:342 +#: src/config/SSSDConfig/__init__.py.in:343 msgid "Full Name" msgstr "Izen osoa" -#: src/config/SSSDConfig/__init__.py.in:343 +#: src/config/SSSDConfig/__init__.py.in:344 msgid "memberOf attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:344 +#: src/config/SSSDConfig/__init__.py.in:345 msgid "Modification time attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:346 +#: src/config/SSSDConfig/__init__.py.in:347 msgid "shadowLastChange attribute" msgstr "shadowLastChange atributua" -#: src/config/SSSDConfig/__init__.py.in:347 +#: src/config/SSSDConfig/__init__.py.in:348 msgid "shadowMin attribute" msgstr "shadowMin atributua" -#: src/config/SSSDConfig/__init__.py.in:348 +#: src/config/SSSDConfig/__init__.py.in:349 msgid "shadowMax attribute" msgstr "shadowMax atributua" -#: src/config/SSSDConfig/__init__.py.in:349 +#: src/config/SSSDConfig/__init__.py.in:350 msgid "shadowWarning attribute" msgstr "shadowWarning atributua" -#: src/config/SSSDConfig/__init__.py.in:350 +#: src/config/SSSDConfig/__init__.py.in:351 msgid "shadowInactive attribute" msgstr "shadowInactive atributua" -#: src/config/SSSDConfig/__init__.py.in:351 +#: src/config/SSSDConfig/__init__.py.in:352 msgid "shadowExpire attribute" msgstr "shadowExpire atributua" -#: src/config/SSSDConfig/__init__.py.in:352 +#: src/config/SSSDConfig/__init__.py.in:353 msgid "shadowFlag attribute" msgstr "shadowFlag atributua" -#: src/config/SSSDConfig/__init__.py.in:353 +#: src/config/SSSDConfig/__init__.py.in:354 msgid "Attribute listing authorized PAM services" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:354 +#: src/config/SSSDConfig/__init__.py.in:355 msgid "Attribute listing authorized server hosts" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:355 +#: src/config/SSSDConfig/__init__.py.in:356 msgid "Attribute listing authorized server rhosts" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:356 +#: src/config/SSSDConfig/__init__.py.in:357 msgid "krbLastPwdChange attribute" msgstr "krbLastPwdChange atributua" -#: src/config/SSSDConfig/__init__.py.in:357 +#: src/config/SSSDConfig/__init__.py.in:358 msgid "krbPasswordExpiration attribute" msgstr "krbPasswordExpiration atributua" -#: src/config/SSSDConfig/__init__.py.in:358 +#: src/config/SSSDConfig/__init__.py.in:359 msgid "Attribute indicating that server side password policies are active" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:359 +#: src/config/SSSDConfig/__init__.py.in:360 msgid "accountExpires attribute of AD" msgstr "ADren accountExpires atributua" -#: src/config/SSSDConfig/__init__.py.in:360 +#: src/config/SSSDConfig/__init__.py.in:361 msgid "userAccountControl attribute of AD" msgstr "ADren userAccountControl atributua" -#: src/config/SSSDConfig/__init__.py.in:361 +#: src/config/SSSDConfig/__init__.py.in:362 msgid "nsAccountLock attribute" msgstr "nsAccountLock atributua" -#: src/config/SSSDConfig/__init__.py.in:362 +#: src/config/SSSDConfig/__init__.py.in:363 msgid "loginDisabled attribute of NDS" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:363 +#: src/config/SSSDConfig/__init__.py.in:364 msgid "loginExpirationTime attribute of NDS" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:364 +#: src/config/SSSDConfig/__init__.py.in:365 msgid "loginAllowedTimeMap attribute of NDS" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:365 +#: src/config/SSSDConfig/__init__.py.in:366 msgid "SSH public key attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:366 +#: src/config/SSSDConfig/__init__.py.in:367 msgid "attribute listing allowed authentication types for a user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:367 +#: src/config/SSSDConfig/__init__.py.in:368 msgid "attribute containing the X509 certificate of the user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:368 +#: src/config/SSSDConfig/__init__.py.in:369 msgid "attribute containing the email address of the user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:370 +#: src/config/SSSDConfig/__init__.py.in:371 msgid "A list of extra attributes to download along with the user entry" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:372 +#: src/config/SSSDConfig/__init__.py.in:373 msgid "Base DN for group lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:375 +#: src/config/SSSDConfig/__init__.py.in:376 msgid "Objectclass for groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:376 +#: src/config/SSSDConfig/__init__.py.in:377 msgid "Group name" msgstr "Talde-izena" -#: src/config/SSSDConfig/__init__.py.in:377 +#: src/config/SSSDConfig/__init__.py.in:378 msgid "Group password" msgstr "Taldearen pasahitza" -#: src/config/SSSDConfig/__init__.py.in:378 +#: src/config/SSSDConfig/__init__.py.in:379 msgid "GID attribute" msgstr "GID atributua" -#: src/config/SSSDConfig/__init__.py.in:379 +#: src/config/SSSDConfig/__init__.py.in:380 msgid "Group member attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:380 +#: src/config/SSSDConfig/__init__.py.in:381 msgid "Group UUID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:382 +#: src/config/SSSDConfig/__init__.py.in:383 msgid "Modification time attribute for groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:383 +#: src/config/SSSDConfig/__init__.py.in:384 msgid "Type of the group and other flags" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:384 +#: src/config/SSSDConfig/__init__.py.in:385 msgid "The LDAP group external member attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:386 +#: src/config/SSSDConfig/__init__.py.in:387 msgid "Maximum nesting level SSSD will follow" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:388 +#: src/config/SSSDConfig/__init__.py.in:389 msgid "Base DN for netgroup lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:389 +#: src/config/SSSDConfig/__init__.py.in:390 msgid "Objectclass for netgroups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:390 +#: src/config/SSSDConfig/__init__.py.in:391 msgid "Netgroup name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:391 +#: src/config/SSSDConfig/__init__.py.in:392 msgid "Netgroups members attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:392 +#: src/config/SSSDConfig/__init__.py.in:393 msgid "Netgroup triple attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:393 +#: src/config/SSSDConfig/__init__.py.in:394 msgid "Modification time attribute for netgroups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:395 +#: src/config/SSSDConfig/__init__.py.in:396 msgid "Base DN for service lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:396 +#: src/config/SSSDConfig/__init__.py.in:397 msgid "Objectclass for services" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:397 +#: src/config/SSSDConfig/__init__.py.in:398 msgid "Service name attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:398 +#: src/config/SSSDConfig/__init__.py.in:399 msgid "Service port attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:399 +#: src/config/SSSDConfig/__init__.py.in:400 msgid "Service protocol attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:402 +#: src/config/SSSDConfig/__init__.py.in:403 msgid "Lower bound for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:403 +#: src/config/SSSDConfig/__init__.py.in:404 msgid "Upper bound for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:404 +#: src/config/SSSDConfig/__init__.py.in:405 msgid "Number of IDs for each slice when ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:405 +#: src/config/SSSDConfig/__init__.py.in:406 msgid "Use autorid-compatible algorithm for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:406 +#: src/config/SSSDConfig/__init__.py.in:407 msgid "Name of the default domain for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:407 +#: src/config/SSSDConfig/__init__.py.in:408 msgid "SID of the default domain for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:408 +#: src/config/SSSDConfig/__init__.py.in:409 msgid "Number of secondary slices" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:410 +#: src/config/SSSDConfig/__init__.py.in:411 msgid "Whether to use Token-Groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:411 +#: src/config/SSSDConfig/__init__.py.in:412 msgid "Set lower boundary for allowed IDs from the LDAP server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:412 +#: src/config/SSSDConfig/__init__.py.in:413 msgid "Set upper boundary for allowed IDs from the LDAP server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:413 +#: src/config/SSSDConfig/__init__.py.in:414 msgid "DN for ppolicy queries" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:414 +#: src/config/SSSDConfig/__init__.py.in:415 msgid "How many maximum entries to fetch during a wildcard request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:417 +#: src/config/SSSDConfig/__init__.py.in:418 msgid "Policy to evaluate the password expiration" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:421 +#: src/config/SSSDConfig/__init__.py.in:422 msgid "Which attributes shall be used to evaluate if an account is expired" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:422 +#: src/config/SSSDConfig/__init__.py.in:423 msgid "Which rules should be used to evaluate access control" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:425 +#: src/config/SSSDConfig/__init__.py.in:426 msgid "URI of an LDAP server where password changes are allowed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:426 +#: src/config/SSSDConfig/__init__.py.in:427 msgid "URI of a backup LDAP server where password changes are allowed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:427 +#: src/config/SSSDConfig/__init__.py.in:428 msgid "DNS service name for LDAP password change server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:428 +#: src/config/SSSDConfig/__init__.py.in:429 msgid "" "Whether to update the ldap_user_shadow_last_change attribute after a " "password change" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:431 +#: src/config/SSSDConfig/__init__.py.in:432 msgid "Base DN for sudo rules lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:432 +#: src/config/SSSDConfig/__init__.py.in:433 msgid "Automatic full refresh period" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:433 +#: src/config/SSSDConfig/__init__.py.in:434 msgid "Automatic smart refresh period" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:434 +#: src/config/SSSDConfig/__init__.py.in:435 msgid "Whether to filter rules by hostname, IP addresses and network" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:435 +#: src/config/SSSDConfig/__init__.py.in:436 msgid "" "Hostnames and/or fully qualified domain names of this machine to filter sudo " "rules" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:436 +#: src/config/SSSDConfig/__init__.py.in:437 msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:437 +#: src/config/SSSDConfig/__init__.py.in:438 msgid "Whether to include rules that contains netgroup in host attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:438 +#: src/config/SSSDConfig/__init__.py.in:439 msgid "" "Whether to include rules that contains regular expression in host attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:439 +#: src/config/SSSDConfig/__init__.py.in:440 msgid "Object class for sudo rules" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:440 +#: src/config/SSSDConfig/__init__.py.in:441 msgid "Sudo rule name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:441 +#: src/config/SSSDConfig/__init__.py.in:442 msgid "Sudo rule command attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:442 +#: src/config/SSSDConfig/__init__.py.in:443 msgid "Sudo rule host attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:443 +#: src/config/SSSDConfig/__init__.py.in:444 msgid "Sudo rule user attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:444 +#: src/config/SSSDConfig/__init__.py.in:445 msgid "Sudo rule option attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:445 +#: src/config/SSSDConfig/__init__.py.in:446 msgid "Sudo rule runas attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:446 +#: src/config/SSSDConfig/__init__.py.in:447 msgid "Sudo rule runasuser attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:447 +#: src/config/SSSDConfig/__init__.py.in:448 msgid "Sudo rule runasgroup attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:448 +#: src/config/SSSDConfig/__init__.py.in:449 msgid "Sudo rule notbefore attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:449 +#: src/config/SSSDConfig/__init__.py.in:450 msgid "Sudo rule notafter attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:450 +#: src/config/SSSDConfig/__init__.py.in:451 msgid "Sudo rule order attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:453 +#: src/config/SSSDConfig/__init__.py.in:454 msgid "Object class for automounter maps" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:454 +#: src/config/SSSDConfig/__init__.py.in:455 msgid "Automounter map name attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:455 +#: src/config/SSSDConfig/__init__.py.in:456 msgid "Object class for automounter map entries" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:456 +#: src/config/SSSDConfig/__init__.py.in:457 msgid "Automounter map entry key attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:457 +#: src/config/SSSDConfig/__init__.py.in:458 msgid "Automounter map entry value attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:458 +#: src/config/SSSDConfig/__init__.py.in:459 msgid "Base DN for automounter map lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:461 +#: src/config/SSSDConfig/__init__.py.in:462 msgid "Comma separated list of allowed users" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:462 +#: src/config/SSSDConfig/__init__.py.in:463 msgid "Comma separated list of prohibited users" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:465 +#: src/config/SSSDConfig/__init__.py.in:466 msgid "Default shell, /bin/bash" msgstr "Shell lehenetsia, /bin/bash" -#: src/config/SSSDConfig/__init__.py.in:466 +#: src/config/SSSDConfig/__init__.py.in:467 msgid "Base for home directories" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:469 +#: src/config/SSSDConfig/__init__.py.in:470 msgid "The number of preforked proxy children." msgstr "" -#: src/config/SSSDConfig/__init__.py.in:472 +#: src/config/SSSDConfig/__init__.py.in:473 msgid "The name of the NSS library to use" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:473 +#: src/config/SSSDConfig/__init__.py.in:474 msgid "Whether to look up canonical group name from cache if possible" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:476 +#: src/config/SSSDConfig/__init__.py.in:477 msgid "PAM stack to use" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:479 +#: src/config/SSSDConfig/__init__.py.in:480 msgid "Path of passwd file sources." msgstr "" -#: src/config/SSSDConfig/__init__.py.in:480 +#: src/config/SSSDConfig/__init__.py.in:481 msgid "Path of group file sources." msgstr "" -#: src/monitor/monitor.c:2347 +#: src/monitor/monitor.c:2332 msgid "Become a daemon (default)" msgstr "" -#: src/monitor/monitor.c:2349 +#: src/monitor/monitor.c:2334 msgid "Run interactive (not a daemon)" msgstr "" -#: src/monitor/monitor.c:2352 +#: src/monitor/monitor.c:2337 msgid "Disable netlink interface" msgstr "" -#: src/monitor/monitor.c:2354 src/tools/sssctl/sssctl_logs.c:311 +#: src/monitor/monitor.c:2339 src/tools/sssctl/sssctl_logs.c:311 msgid "Specify a non-default config file" msgstr "" -#: src/monitor/monitor.c:2356 +#: src/monitor/monitor.c:2341 msgid "Refresh the configuration database, then exit" msgstr "" -#: src/monitor/monitor.c:2359 +#: src/monitor/monitor.c:2344 msgid "Similar to --genconf, but only refreshes the given section" msgstr "" -#: src/monitor/monitor.c:2362 +#: src/monitor/monitor.c:2347 msgid "Print version number and exit" msgstr "Inprimatu bertsio zenbakia eta irten" -#: src/monitor/monitor.c:2538 +#: src/monitor/monitor.c:2523 msgid "SSSD is already running\n" msgstr "" -#: src/providers/krb5/krb5_child.c:3219 src/providers/ldap/ldap_child.c:605 +#: src/providers/krb5/krb5_child.c:3232 src/providers/ldap/ldap_child.c:605 msgid "Debug level" msgstr "Arazketa maila" -#: src/providers/krb5/krb5_child.c:3221 src/providers/ldap/ldap_child.c:607 +#: src/providers/krb5/krb5_child.c:3234 src/providers/ldap/ldap_child.c:607 msgid "Add debug timestamps" msgstr "Gehitu arazketako data-zigiluak" -#: src/providers/krb5/krb5_child.c:3223 src/providers/ldap/ldap_child.c:609 +#: src/providers/krb5/krb5_child.c:3236 src/providers/ldap/ldap_child.c:609 msgid "Show timestamps with microseconds" msgstr "" -#: src/providers/krb5/krb5_child.c:3225 src/providers/ldap/ldap_child.c:611 +#: src/providers/krb5/krb5_child.c:3238 src/providers/ldap/ldap_child.c:611 msgid "An open file descriptor for the debug logs" msgstr "" -#: src/providers/krb5/krb5_child.c:3228 src/providers/ldap/ldap_child.c:613 +#: src/providers/krb5/krb5_child.c:3241 src/providers/ldap/ldap_child.c:613 msgid "Send the debug output to stderr directly." msgstr "" -#: src/providers/krb5/krb5_child.c:3231 +#: src/providers/krb5/krb5_child.c:3244 msgid "The user to create FAST ccache as" msgstr "" -#: src/providers/krb5/krb5_child.c:3233 +#: src/providers/krb5/krb5_child.c:3246 msgid "The group to create FAST ccache as" msgstr "" -#: src/providers/krb5/krb5_child.c:3235 +#: src/providers/krb5/krb5_child.c:3248 msgid "Kerberos realm to use" msgstr "" -#: src/providers/krb5/krb5_child.c:3237 +#: src/providers/krb5/krb5_child.c:3250 msgid "Requested lifetime of the ticket" msgstr "" -#: src/providers/krb5/krb5_child.c:3239 +#: src/providers/krb5/krb5_child.c:3252 msgid "Requested renewable lifetime of the ticket" msgstr "" -#: src/providers/krb5/krb5_child.c:3241 +#: src/providers/krb5/krb5_child.c:3254 msgid "FAST options ('never', 'try', 'demand')" msgstr "" -#: src/providers/krb5/krb5_child.c:3244 +#: src/providers/krb5/krb5_child.c:3257 msgid "Specifies the server principal to use for FAST" msgstr "" -#: src/providers/krb5/krb5_child.c:3246 +#: src/providers/krb5/krb5_child.c:3259 msgid "Requests canonicalization of the principal name" msgstr "" -#: src/providers/krb5/krb5_child.c:3248 +#: src/providers/krb5/krb5_child.c:3261 msgid "Use custom version of krb5_get_init_creds_password" msgstr "" -#: src/providers/data_provider_be.c:630 +#: src/providers/data_provider_be.c:673 msgid "Domain of the information provider (mandatory)" msgstr "" -#: src/sss_client/common.c:1067 +#: src/sss_client/common.c:1079 msgid "Privileged socket has wrong ownership or permissions." msgstr "" -#: src/sss_client/common.c:1070 +#: src/sss_client/common.c:1082 msgid "Public socket has wrong ownership or permissions." msgstr "" -#: src/sss_client/common.c:1073 +#: src/sss_client/common.c:1085 msgid "Unexpected format of the server credential message." msgstr "" -#: src/sss_client/common.c:1076 +#: src/sss_client/common.c:1088 msgid "SSSD is not run by root." msgstr "" -#: src/sss_client/common.c:1081 +#: src/sss_client/common.c:1091 +msgid "SSSD socket does not exist." +msgstr "" + +#: src/sss_client/common.c:1094 +msgid "Cannot get stat of SSSD socket." +msgstr "" + +#: src/sss_client/common.c:1099 msgid "An error occurred, but no description can be found." msgstr "" -#: src/sss_client/common.c:1087 +#: src/sss_client/common.c:1105 msgid "Unexpected error while looking for an error description" msgstr "" @@ -1592,88 +1605,88 @@ msgstr "" msgid "Permission denied. " msgstr "" -#: src/sss_client/pam_sss.c:68 src/sss_client/pam_sss.c:774 -#: src/sss_client/pam_sss.c:785 +#: src/sss_client/pam_sss.c:68 src/sss_client/pam_sss.c:777 +#: src/sss_client/pam_sss.c:788 msgid "Server message: " msgstr "" -#: src/sss_client/pam_sss.c:292 +#: src/sss_client/pam_sss.c:295 msgid "Passwords do not match" msgstr "" -#: src/sss_client/pam_sss.c:480 +#: src/sss_client/pam_sss.c:483 msgid "Password reset by root is not supported." msgstr "" -#: src/sss_client/pam_sss.c:521 +#: src/sss_client/pam_sss.c:524 msgid "Authenticated with cached credentials" msgstr "" -#: src/sss_client/pam_sss.c:522 +#: src/sss_client/pam_sss.c:525 msgid ", your cached password will expire at: " msgstr "" -#: src/sss_client/pam_sss.c:552 +#: src/sss_client/pam_sss.c:555 #, c-format msgid "Your password has expired. You have %1$d grace login(s) remaining." msgstr "" -#: src/sss_client/pam_sss.c:598 +#: src/sss_client/pam_sss.c:601 #, c-format msgid "Your password will expire in %1$d %2$s." msgstr "" -#: src/sss_client/pam_sss.c:647 +#: src/sss_client/pam_sss.c:650 msgid "Authentication is denied until: " msgstr "" -#: src/sss_client/pam_sss.c:668 +#: src/sss_client/pam_sss.c:671 msgid "System is offline, password change not possible" msgstr "" -#: src/sss_client/pam_sss.c:683 +#: src/sss_client/pam_sss.c:686 msgid "" "After changing the OTP password, you need to log out and back in order to " "acquire a ticket" msgstr "" -#: src/sss_client/pam_sss.c:771 src/sss_client/pam_sss.c:784 +#: src/sss_client/pam_sss.c:774 src/sss_client/pam_sss.c:787 msgid "Password change failed. " msgstr "Huts egin du pasahitza aldatzeak. " -#: src/sss_client/pam_sss.c:1921 +#: src/sss_client/pam_sss.c:1977 msgid "New Password: " msgstr "Pasahitz berria: " -#: src/sss_client/pam_sss.c:1922 +#: src/sss_client/pam_sss.c:1978 msgid "Reenter new Password: " msgstr "Berriz sartu pasahitz berria: " -#: src/sss_client/pam_sss.c:2038 src/sss_client/pam_sss.c:2041 +#: src/sss_client/pam_sss.c:2139 src/sss_client/pam_sss.c:2142 msgid "First Factor: " msgstr "" -#: src/sss_client/pam_sss.c:2039 src/sss_client/pam_sss.c:2201 +#: src/sss_client/pam_sss.c:2140 src/sss_client/pam_sss.c:2303 msgid "Second Factor (optional): " msgstr "" -#: src/sss_client/pam_sss.c:2042 src/sss_client/pam_sss.c:2204 +#: src/sss_client/pam_sss.c:2143 src/sss_client/pam_sss.c:2306 msgid "Second Factor: " msgstr "" -#: src/sss_client/pam_sss.c:2057 +#: src/sss_client/pam_sss.c:2158 msgid "Password: " msgstr "Pasahitza: " -#: src/sss_client/pam_sss.c:2200 src/sss_client/pam_sss.c:2203 +#: src/sss_client/pam_sss.c:2302 src/sss_client/pam_sss.c:2305 msgid "First Factor (Current Password): " msgstr "" -#: src/sss_client/pam_sss.c:2207 +#: src/sss_client/pam_sss.c:2309 msgid "Current Password: " msgstr "Uneko pasahitza: " -#: src/sss_client/pam_sss.c:2562 +#: src/sss_client/pam_sss.c:2664 msgid "Password expired. Change your password now." msgstr "Pasahitza iraungita. Aldatu zure pasahitza orain." @@ -1682,7 +1695,7 @@ msgstr "Pasahitza iraungita. Aldatu zure pasahitza orain." #: src/tools/sss_groupadd.c:41 src/tools/sss_groupdel.c:44 #: src/tools/sss_groupmod.c:42 src/tools/sss_groupshow.c:668 #: src/tools/sss_userdel.c:134 src/tools/sss_usermod.c:47 -#: src/tools/sss_cache.c:687 +#: src/tools/sss_cache.c:704 msgid "The debug level to run with" msgstr "" @@ -1695,7 +1708,7 @@ msgstr "" #: src/tools/sss_groupadd.c:59 src/tools/sss_groupdel.c:54 #: src/tools/sss_groupmod.c:66 src/tools/sss_groupshow.c:680 #: src/tools/sss_userdel.c:152 src/tools/sss_usermod.c:79 -#: src/tools/sss_cache.c:733 +#: src/tools/sss_cache.c:750 msgid "Error setting the locale\n" msgstr "" @@ -1731,6 +1744,11 @@ msgstr "" msgid "The path to the proxy command must be absolute\n" msgstr "" +#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:342 +#, c-format +msgid "sss_ssh_knownhostsproxy: Could not resolve hostname %s\n" +msgstr "" + #: src/tools/sss_useradd.c:49 src/tools/sss_usermod.c:48 msgid "The UID of the user" msgstr "Erabiltzailearen UIDa" @@ -2129,102 +2147,102 @@ msgstr "" msgid "Transaction error. Could not modify user.\n" msgstr "" -#: src/tools/sss_cache.c:228 +#: src/tools/sss_cache.c:245 msgid "No cache object matched the specified search\n" msgstr "" -#: src/tools/sss_cache.c:519 +#: src/tools/sss_cache.c:536 #, c-format msgid "Couldn't invalidate %1$s\n" msgstr "" -#: src/tools/sss_cache.c:526 +#: src/tools/sss_cache.c:543 #, c-format msgid "Couldn't invalidate %1$s %2$s\n" msgstr "" -#: src/tools/sss_cache.c:689 +#: src/tools/sss_cache.c:706 msgid "Invalidate all cached entries" msgstr "" -#: src/tools/sss_cache.c:691 +#: src/tools/sss_cache.c:708 msgid "Invalidate particular user" msgstr "Baliogabetu erabiltzaile bat" -#: src/tools/sss_cache.c:693 +#: src/tools/sss_cache.c:710 msgid "Invalidate all users" msgstr "Baliogabetu erabiltzaile guztiak" -#: src/tools/sss_cache.c:695 +#: src/tools/sss_cache.c:712 msgid "Invalidate particular group" msgstr "Baliogabetu talde bat" -#: src/tools/sss_cache.c:697 +#: src/tools/sss_cache.c:714 msgid "Invalidate all groups" msgstr "Baliogabetu talde guztiak" -#: src/tools/sss_cache.c:699 +#: src/tools/sss_cache.c:716 msgid "Invalidate particular netgroup" msgstr "" -#: src/tools/sss_cache.c:701 +#: src/tools/sss_cache.c:718 msgid "Invalidate all netgroups" msgstr "" -#: src/tools/sss_cache.c:703 +#: src/tools/sss_cache.c:720 msgid "Invalidate particular service" msgstr "Baliogabetu zerbitzu bat" -#: src/tools/sss_cache.c:705 +#: src/tools/sss_cache.c:722 msgid "Invalidate all services" msgstr "Baliogabetu zerbitzu guztiak" -#: src/tools/sss_cache.c:708 +#: src/tools/sss_cache.c:725 msgid "Invalidate particular autofs map" msgstr "" -#: src/tools/sss_cache.c:710 +#: src/tools/sss_cache.c:727 msgid "Invalidate all autofs maps" msgstr "" -#: src/tools/sss_cache.c:714 +#: src/tools/sss_cache.c:731 msgid "Invalidate particular SSH host" msgstr "" -#: src/tools/sss_cache.c:716 +#: src/tools/sss_cache.c:733 msgid "Invalidate all SSH hosts" msgstr "" -#: src/tools/sss_cache.c:720 +#: src/tools/sss_cache.c:737 msgid "Invalidate particular sudo rule" msgstr "" -#: src/tools/sss_cache.c:722 +#: src/tools/sss_cache.c:739 msgid "Invalidate all cached sudo rules" msgstr "" -#: src/tools/sss_cache.c:725 +#: src/tools/sss_cache.c:742 msgid "Only invalidate entries from a particular domain" msgstr "" -#: src/tools/sss_cache.c:779 +#: src/tools/sss_cache.c:796 msgid "" "Unexpected argument(s) provided, options that invalidate a single object " "only accept a single provided argument.\n" msgstr "" -#: src/tools/sss_cache.c:789 +#: src/tools/sss_cache.c:806 msgid "Please select at least one object to invalidate\n" msgstr "" -#: src/tools/sss_cache.c:872 +#: src/tools/sss_cache.c:889 #, c-format msgid "" "Could not open domain %1$s. If the domain is a subdomain (trusted domain), " "use fully qualified name instead of --domain/-d parameter.\n" msgstr "" -#: src/tools/sss_cache.c:877 +#: src/tools/sss_cache.c:894 msgid "Could not open available domains\n" msgstr "" @@ -2773,18 +2791,18 @@ msgstr "" msgid " - no env -\n" msgstr "" -#: src/util/util.h:73 +#: src/util/util.h:74 msgid "The user ID to run the server as" msgstr "" -#: src/util/util.h:75 +#: src/util/util.h:76 msgid "The group ID to run the server as" msgstr "" -#: src/util/util.h:83 +#: src/util/util.h:84 msgid "Informs that the responder has been socket-activated" msgstr "" -#: src/util/util.h:85 +#: src/util/util.h:86 msgid "Informs that the responder has been dbus-activated" msgstr "" diff --git a/po/fr.po b/po/fr.po index 36ca6ce7102..8f92ed605b3 100644 --- a/po/fr.po +++ b/po/fr.po @@ -13,7 +13,7 @@ msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n" -"POT-Creation-Date: 2019-02-27 19:55+0100\n" +"POT-Creation-Date: 2019-06-13 20:35+0200\n" "PO-Revision-Date: 2016-02-24 03:43+0000\n" "Last-Translator: Jérôme Fenal \n" "Language-Team: French (http://www.transifex.com/projects/p/sssd/language/" @@ -295,9 +295,8 @@ msgid "Allowed services for using smartcards" msgstr "" #: src/config/SSSDConfig/__init__.py.in:107 -#, fuzzy msgid "Additional timeout to wait for a card if requested" -msgstr "Durée d'attente pour une requête de recherche" +msgstr "" #: src/config/SSSDConfig/__init__.py.in:108 msgid "" @@ -732,7 +731,7 @@ msgid "Active Directory client hostname" msgstr "Nom de système du client Active Directory" #: src/config/SSSDConfig/__init__.py.in:236 -#: src/config/SSSDConfig/__init__.py.in:420 +#: src/config/SSSDConfig/__init__.py.in:421 msgid "LDAP filter to determine access privileges" msgstr "Filtre LDAP pour déterminer les autorisations d'accès" @@ -924,108 +923,113 @@ msgid "The Schema Type in use on the LDAP server, rfc2307" msgstr "Le type de schéma utilisé sur le serveur LDAP, rfc2307" #: src/config/SSSDConfig/__init__.py.in:285 +#, fuzzy +msgid "Mode used to change user password" +msgstr "Mot de passe expiré. Changez votre mot de passe maintenant." + +#: src/config/SSSDConfig/__init__.py.in:286 msgid "The default bind DN" msgstr "Le DN de connexion par défaut" -#: src/config/SSSDConfig/__init__.py.in:286 +#: src/config/SSSDConfig/__init__.py.in:287 msgid "The type of the authentication token of the default bind DN" msgstr "Le type de jeton d'authentification du DN de connexion par défaut" -#: src/config/SSSDConfig/__init__.py.in:287 +#: src/config/SSSDConfig/__init__.py.in:288 msgid "The authentication token of the default bind DN" msgstr "Le jeton d'authentification du DN de connexion par défaut" -#: src/config/SSSDConfig/__init__.py.in:288 +#: src/config/SSSDConfig/__init__.py.in:289 msgid "Length of time to attempt connection" msgstr "Durée pendant laquelle il sera tenté d'établir la connexion" -#: src/config/SSSDConfig/__init__.py.in:289 +#: src/config/SSSDConfig/__init__.py.in:290 msgid "Length of time to attempt synchronous LDAP operations" msgstr "Durée pendant laquelle il sera tenté des opérations LDAP synchrones" -#: src/config/SSSDConfig/__init__.py.in:290 +#: src/config/SSSDConfig/__init__.py.in:291 msgid "Length of time between attempts to reconnect while offline" msgstr "Durée d'attente entre deux essais de reconnexion en mode hors-ligne" -#: src/config/SSSDConfig/__init__.py.in:291 +#: src/config/SSSDConfig/__init__.py.in:292 msgid "Use only the upper case for realm names" msgstr "N'utiliser que des majuscules pour les noms de domaine" -#: src/config/SSSDConfig/__init__.py.in:292 +#: src/config/SSSDConfig/__init__.py.in:293 msgid "File that contains CA certificates" msgstr "Fichier contenant les certificats des CA" -#: src/config/SSSDConfig/__init__.py.in:293 +#: src/config/SSSDConfig/__init__.py.in:294 msgid "Path to CA certificate directory" msgstr "Chemin vers le répertoire de certificats des CA" -#: src/config/SSSDConfig/__init__.py.in:294 +#: src/config/SSSDConfig/__init__.py.in:295 msgid "File that contains the client certificate" msgstr "Fichier contenant le certificat client" -#: src/config/SSSDConfig/__init__.py.in:295 +#: src/config/SSSDConfig/__init__.py.in:296 msgid "File that contains the client key" msgstr "Fichier contenant la clé du client" -#: src/config/SSSDConfig/__init__.py.in:296 +#: src/config/SSSDConfig/__init__.py.in:297 msgid "List of possible ciphers suites" msgstr "Liste des suites de chiffrement possibles" -#: src/config/SSSDConfig/__init__.py.in:297 +#: src/config/SSSDConfig/__init__.py.in:298 msgid "Require TLS certificate verification" msgstr "Requiert une vérification de certificat TLS" -#: src/config/SSSDConfig/__init__.py.in:298 +#: src/config/SSSDConfig/__init__.py.in:299 msgid "Specify the sasl mechanism to use" msgstr "Spécifier le mécanisme SASL à utiliser" -#: src/config/SSSDConfig/__init__.py.in:299 +#: src/config/SSSDConfig/__init__.py.in:300 msgid "Specify the sasl authorization id to use" msgstr "Spécifier l'identité d'authorisation SASL à utiliser" -#: src/config/SSSDConfig/__init__.py.in:300 +#: src/config/SSSDConfig/__init__.py.in:301 msgid "Specify the sasl authorization realm to use" msgstr "Spécifier le domaine d'authorisation SASL à utiliser" -#: src/config/SSSDConfig/__init__.py.in:301 +#: src/config/SSSDConfig/__init__.py.in:302 msgid "Specify the minimal SSF for LDAP sasl authorization" msgstr "Spécifie le minimum SSF pour l'autorisation sasl LDAP" -#: src/config/SSSDConfig/__init__.py.in:302 +#: src/config/SSSDConfig/__init__.py.in:303 msgid "Kerberos service keytab" msgstr "Service du fichier keytab de Kerberos" -#: src/config/SSSDConfig/__init__.py.in:303 +#: src/config/SSSDConfig/__init__.py.in:304 msgid "Use Kerberos auth for LDAP connection" msgstr "Utiliser l'authentification Kerberos pour la connexion LDAP" -#: src/config/SSSDConfig/__init__.py.in:304 +#: src/config/SSSDConfig/__init__.py.in:305 msgid "Follow LDAP referrals" msgstr "Suivre les référents LDAP" -#: src/config/SSSDConfig/__init__.py.in:305 +#: src/config/SSSDConfig/__init__.py.in:306 msgid "Lifetime of TGT for LDAP connection" msgstr "Durée de vie du TGT pour la connexion LDAP" -#: src/config/SSSDConfig/__init__.py.in:306 +#: src/config/SSSDConfig/__init__.py.in:307 msgid "How to dereference aliases" msgstr "Comment déréférencer les alias" -#: src/config/SSSDConfig/__init__.py.in:307 +#: src/config/SSSDConfig/__init__.py.in:308 msgid "Service name for DNS service lookups" msgstr "Nom du service pour les recherches DNS" -#: src/config/SSSDConfig/__init__.py.in:308 +#: src/config/SSSDConfig/__init__.py.in:309 msgid "The number of records to retrieve in a single LDAP query" msgstr "Le nombre d'enregistrements à récupérer dans une requête LDAP unique" -#: src/config/SSSDConfig/__init__.py.in:309 +#: src/config/SSSDConfig/__init__.py.in:310 msgid "The number of members that must be missing to trigger a full deref" msgstr "" "Nombre de membres qui doivent être manquants pour activer un déréférencement " "complet" -#: src/config/SSSDConfig/__init__.py.in:310 +#: src/config/SSSDConfig/__init__.py.in:311 msgid "" "Whether the LDAP library should perform a reverse lookup to canonicalize the " "host name during a SASL bind" @@ -1033,389 +1037,389 @@ msgstr "" "Est-ce que la bibliothèque LDAP doit effectuer une requête pour canoniser le " "nom d'hôte pendant une connexion SASL ?" -#: src/config/SSSDConfig/__init__.py.in:312 +#: src/config/SSSDConfig/__init__.py.in:313 msgid "entryUSN attribute" msgstr "attribut entryUSN" -#: src/config/SSSDConfig/__init__.py.in:313 +#: src/config/SSSDConfig/__init__.py.in:314 msgid "lastUSN attribute" msgstr "attribut lastUSN" -#: src/config/SSSDConfig/__init__.py.in:315 +#: src/config/SSSDConfig/__init__.py.in:316 msgid "How long to retain a connection to the LDAP server before disconnecting" msgstr "" "Combien de temps conserver la connexion au serveur LDAP avant de se " "déconnecter" -#: src/config/SSSDConfig/__init__.py.in:317 +#: src/config/SSSDConfig/__init__.py.in:318 msgid "Disable the LDAP paging control" msgstr "Désactiver le contrôle des pages LDAP" -#: src/config/SSSDConfig/__init__.py.in:318 +#: src/config/SSSDConfig/__init__.py.in:319 msgid "Disable Active Directory range retrieval" msgstr "Désactiver la récupération de plage Active Directory." -#: src/config/SSSDConfig/__init__.py.in:321 +#: src/config/SSSDConfig/__init__.py.in:322 msgid "Length of time to wait for a search request" msgstr "Durée d'attente pour une requête de recherche" -#: src/config/SSSDConfig/__init__.py.in:322 +#: src/config/SSSDConfig/__init__.py.in:323 msgid "Length of time to wait for a enumeration request" msgstr "Durée d'attente pour une requête d'énumération" -#: src/config/SSSDConfig/__init__.py.in:323 +#: src/config/SSSDConfig/__init__.py.in:324 msgid "Length of time between enumeration updates" msgstr "Durée entre deux mises à jour d'énumération" -#: src/config/SSSDConfig/__init__.py.in:324 +#: src/config/SSSDConfig/__init__.py.in:325 msgid "Length of time between cache cleanups" msgstr "Durée entre les nettoyages de cache" -#: src/config/SSSDConfig/__init__.py.in:325 +#: src/config/SSSDConfig/__init__.py.in:326 msgid "Require TLS for ID lookups" msgstr "TLS est requis pour les recherches d'identifiants" -#: src/config/SSSDConfig/__init__.py.in:326 +#: src/config/SSSDConfig/__init__.py.in:327 msgid "Use ID-mapping of objectSID instead of pre-set IDs" msgstr "" "Utilisation de la correspondance d'ID pour les objectSID au lieu d'ID pré-" "établis" -#: src/config/SSSDConfig/__init__.py.in:327 +#: src/config/SSSDConfig/__init__.py.in:328 msgid "Base DN for user lookups" msgstr "Base DN pour les recherches d'utilisateurs" -#: src/config/SSSDConfig/__init__.py.in:328 +#: src/config/SSSDConfig/__init__.py.in:329 msgid "Scope of user lookups" msgstr "Scope des recherches d'utilisateurs" -#: src/config/SSSDConfig/__init__.py.in:329 +#: src/config/SSSDConfig/__init__.py.in:330 msgid "Filter for user lookups" msgstr "Filtre pour les recherches d'utilisateurs" -#: src/config/SSSDConfig/__init__.py.in:330 +#: src/config/SSSDConfig/__init__.py.in:331 msgid "Objectclass for users" msgstr "Classe d'objet pour les utilisateurs" -#: src/config/SSSDConfig/__init__.py.in:331 +#: src/config/SSSDConfig/__init__.py.in:332 msgid "Username attribute" msgstr "Attribut de nom d'utilisateur" -#: src/config/SSSDConfig/__init__.py.in:333 +#: src/config/SSSDConfig/__init__.py.in:334 msgid "UID attribute" msgstr "Attribut UID" -#: src/config/SSSDConfig/__init__.py.in:334 +#: src/config/SSSDConfig/__init__.py.in:335 msgid "Primary GID attribute" msgstr "Attribut de GID primaire" -#: src/config/SSSDConfig/__init__.py.in:335 +#: src/config/SSSDConfig/__init__.py.in:336 msgid "GECOS attribute" msgstr "Attribut GECOS" -#: src/config/SSSDConfig/__init__.py.in:336 +#: src/config/SSSDConfig/__init__.py.in:337 msgid "Home directory attribute" msgstr "Attribut de répertoire utilisateur" -#: src/config/SSSDConfig/__init__.py.in:337 +#: src/config/SSSDConfig/__init__.py.in:338 msgid "Shell attribute" msgstr "Attribut d'interpréteur de commandes" -#: src/config/SSSDConfig/__init__.py.in:338 +#: src/config/SSSDConfig/__init__.py.in:339 msgid "UUID attribute" msgstr "attribut UUID" -#: src/config/SSSDConfig/__init__.py.in:339 -#: src/config/SSSDConfig/__init__.py.in:381 +#: src/config/SSSDConfig/__init__.py.in:340 +#: src/config/SSSDConfig/__init__.py.in:382 msgid "objectSID attribute" msgstr "attribut objectSID" -#: src/config/SSSDConfig/__init__.py.in:340 +#: src/config/SSSDConfig/__init__.py.in:341 msgid "Active Directory primary group attribute for ID-mapping" msgstr "Groupe primaire Active Directory pour la correspondance d'ID" -#: src/config/SSSDConfig/__init__.py.in:341 +#: src/config/SSSDConfig/__init__.py.in:342 msgid "User principal attribute (for Kerberos)" msgstr "Attribut d'utilisateur principal (pour Kerberos)" -#: src/config/SSSDConfig/__init__.py.in:342 +#: src/config/SSSDConfig/__init__.py.in:343 msgid "Full Name" msgstr "Nom complet" -#: src/config/SSSDConfig/__init__.py.in:343 +#: src/config/SSSDConfig/__init__.py.in:344 msgid "memberOf attribute" msgstr "Attribut memberOf" -#: src/config/SSSDConfig/__init__.py.in:344 +#: src/config/SSSDConfig/__init__.py.in:345 msgid "Modification time attribute" msgstr "Attribut de date de modification" -#: src/config/SSSDConfig/__init__.py.in:346 +#: src/config/SSSDConfig/__init__.py.in:347 msgid "shadowLastChange attribute" msgstr "Attribut shadowLastChange" -#: src/config/SSSDConfig/__init__.py.in:347 +#: src/config/SSSDConfig/__init__.py.in:348 msgid "shadowMin attribute" msgstr "Attribut shadowMin" -#: src/config/SSSDConfig/__init__.py.in:348 +#: src/config/SSSDConfig/__init__.py.in:349 msgid "shadowMax attribute" msgstr "Attribut shadowMax" -#: src/config/SSSDConfig/__init__.py.in:349 +#: src/config/SSSDConfig/__init__.py.in:350 msgid "shadowWarning attribute" msgstr "Attribut shadowWarning" -#: src/config/SSSDConfig/__init__.py.in:350 +#: src/config/SSSDConfig/__init__.py.in:351 msgid "shadowInactive attribute" msgstr "Attribut shadowInactive" -#: src/config/SSSDConfig/__init__.py.in:351 +#: src/config/SSSDConfig/__init__.py.in:352 msgid "shadowExpire attribute" msgstr "Attribut shadowExpire" -#: src/config/SSSDConfig/__init__.py.in:352 +#: src/config/SSSDConfig/__init__.py.in:353 msgid "shadowFlag attribute" msgstr "Attribut shadowFlag" -#: src/config/SSSDConfig/__init__.py.in:353 +#: src/config/SSSDConfig/__init__.py.in:354 msgid "Attribute listing authorized PAM services" msgstr "Attribut listant les services PAM autorisés" -#: src/config/SSSDConfig/__init__.py.in:354 +#: src/config/SSSDConfig/__init__.py.in:355 msgid "Attribute listing authorized server hosts" msgstr "Attribut listant les systèmes serveurs autorisés" -#: src/config/SSSDConfig/__init__.py.in:355 +#: src/config/SSSDConfig/__init__.py.in:356 msgid "Attribute listing authorized server rhosts" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:356 +#: src/config/SSSDConfig/__init__.py.in:357 msgid "krbLastPwdChange attribute" msgstr "Attribut krbLastPwdChange" -#: src/config/SSSDConfig/__init__.py.in:357 +#: src/config/SSSDConfig/__init__.py.in:358 msgid "krbPasswordExpiration attribute" msgstr "Attribut krbPasswordExpiration" -#: src/config/SSSDConfig/__init__.py.in:358 +#: src/config/SSSDConfig/__init__.py.in:359 msgid "Attribute indicating that server side password policies are active" msgstr "" "Attribut indiquant que la stratégie de mot de passe du serveur est active" -#: src/config/SSSDConfig/__init__.py.in:359 +#: src/config/SSSDConfig/__init__.py.in:360 msgid "accountExpires attribute of AD" msgstr "Attribut AD accountExpires" -#: src/config/SSSDConfig/__init__.py.in:360 +#: src/config/SSSDConfig/__init__.py.in:361 msgid "userAccountControl attribute of AD" msgstr "Attribut AD userAccountControl" -#: src/config/SSSDConfig/__init__.py.in:361 +#: src/config/SSSDConfig/__init__.py.in:362 msgid "nsAccountLock attribute" msgstr "Attribut nsAccountLock" -#: src/config/SSSDConfig/__init__.py.in:362 +#: src/config/SSSDConfig/__init__.py.in:363 msgid "loginDisabled attribute of NDS" msgstr "Attribut NDS loginDisabled" -#: src/config/SSSDConfig/__init__.py.in:363 +#: src/config/SSSDConfig/__init__.py.in:364 msgid "loginExpirationTime attribute of NDS" msgstr "Attribut NDS loginExpirationTime" -#: src/config/SSSDConfig/__init__.py.in:364 +#: src/config/SSSDConfig/__init__.py.in:365 msgid "loginAllowedTimeMap attribute of NDS" msgstr "Attribut NDS loginAllowedTimeMap" -#: src/config/SSSDConfig/__init__.py.in:365 +#: src/config/SSSDConfig/__init__.py.in:366 msgid "SSH public key attribute" msgstr "Attribut de clé public SSH" -#: src/config/SSSDConfig/__init__.py.in:366 +#: src/config/SSSDConfig/__init__.py.in:367 msgid "attribute listing allowed authentication types for a user" msgstr "" "attribut énumérant les types d'authentification autorisés pour un utilisateur" -#: src/config/SSSDConfig/__init__.py.in:367 +#: src/config/SSSDConfig/__init__.py.in:368 msgid "attribute containing the X509 certificate of the user" msgstr "attribut contenant le certificat X509 de l'utilisateur" -#: src/config/SSSDConfig/__init__.py.in:368 +#: src/config/SSSDConfig/__init__.py.in:369 msgid "attribute containing the email address of the user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:370 +#: src/config/SSSDConfig/__init__.py.in:371 msgid "A list of extra attributes to download along with the user entry" msgstr "" "Une liste des attributs supplémentaires à télécharger avec l'entrée de " "l'utilisateur" -#: src/config/SSSDConfig/__init__.py.in:372 +#: src/config/SSSDConfig/__init__.py.in:373 msgid "Base DN for group lookups" msgstr "DN de base pour les recherches de groupes" -#: src/config/SSSDConfig/__init__.py.in:375 +#: src/config/SSSDConfig/__init__.py.in:376 msgid "Objectclass for groups" msgstr "Classe d'objet pour les groupes" -#: src/config/SSSDConfig/__init__.py.in:376 +#: src/config/SSSDConfig/__init__.py.in:377 msgid "Group name" msgstr "Nom du groupe" -#: src/config/SSSDConfig/__init__.py.in:377 +#: src/config/SSSDConfig/__init__.py.in:378 msgid "Group password" msgstr "Mot de passe du groupe" -#: src/config/SSSDConfig/__init__.py.in:378 +#: src/config/SSSDConfig/__init__.py.in:379 msgid "GID attribute" msgstr "Attribut GID" -#: src/config/SSSDConfig/__init__.py.in:379 +#: src/config/SSSDConfig/__init__.py.in:380 msgid "Group member attribute" msgstr "Attribut membre du groupe" -#: src/config/SSSDConfig/__init__.py.in:380 +#: src/config/SSSDConfig/__init__.py.in:381 msgid "Group UUID attribute" msgstr "attribut de l'UUID du groupe" -#: src/config/SSSDConfig/__init__.py.in:382 +#: src/config/SSSDConfig/__init__.py.in:383 msgid "Modification time attribute for groups" msgstr "Attribut de date de modification pour les groupes" -#: src/config/SSSDConfig/__init__.py.in:383 +#: src/config/SSSDConfig/__init__.py.in:384 msgid "Type of the group and other flags" msgstr "Type de groupe et autres indicateurs" -#: src/config/SSSDConfig/__init__.py.in:384 +#: src/config/SSSDConfig/__init__.py.in:385 msgid "The LDAP group external member attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:386 +#: src/config/SSSDConfig/__init__.py.in:387 msgid "Maximum nesting level SSSD will follow" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:388 +#: src/config/SSSDConfig/__init__.py.in:389 msgid "Base DN for netgroup lookups" msgstr "DN de base pour les recherches de netgroup" -#: src/config/SSSDConfig/__init__.py.in:389 +#: src/config/SSSDConfig/__init__.py.in:390 msgid "Objectclass for netgroups" msgstr "Classe d'objet pour les groupes réseau" -#: src/config/SSSDConfig/__init__.py.in:390 +#: src/config/SSSDConfig/__init__.py.in:391 msgid "Netgroup name" msgstr "Nom du groupe réseau" -#: src/config/SSSDConfig/__init__.py.in:391 +#: src/config/SSSDConfig/__init__.py.in:392 msgid "Netgroups members attribute" msgstr "Attribut des membres des groupes réseau" -#: src/config/SSSDConfig/__init__.py.in:392 +#: src/config/SSSDConfig/__init__.py.in:393 msgid "Netgroup triple attribute" msgstr "Attribut triplet du groupe réseau" -#: src/config/SSSDConfig/__init__.py.in:393 +#: src/config/SSSDConfig/__init__.py.in:394 msgid "Modification time attribute for netgroups" msgstr "Attribut date de modification pour les groupes réseau" -#: src/config/SSSDConfig/__init__.py.in:395 +#: src/config/SSSDConfig/__init__.py.in:396 msgid "Base DN for service lookups" msgstr "Nom de domaine (DN) de base pour les recherches de service" -#: src/config/SSSDConfig/__init__.py.in:396 +#: src/config/SSSDConfig/__init__.py.in:397 msgid "Objectclass for services" msgstr "Classe objet pour les services" -#: src/config/SSSDConfig/__init__.py.in:397 +#: src/config/SSSDConfig/__init__.py.in:398 msgid "Service name attribute" msgstr "Attribut de nom de service" -#: src/config/SSSDConfig/__init__.py.in:398 +#: src/config/SSSDConfig/__init__.py.in:399 msgid "Service port attribute" msgstr "Attribut de port du service" -#: src/config/SSSDConfig/__init__.py.in:399 +#: src/config/SSSDConfig/__init__.py.in:400 msgid "Service protocol attribute" msgstr "Attribut de service du protocole" -#: src/config/SSSDConfig/__init__.py.in:402 +#: src/config/SSSDConfig/__init__.py.in:403 msgid "Lower bound for ID-mapping" msgstr "Limite inférieure pour la correspondance d'ID" -#: src/config/SSSDConfig/__init__.py.in:403 +#: src/config/SSSDConfig/__init__.py.in:404 msgid "Upper bound for ID-mapping" msgstr "Limite supérieure pour la correspondance d'ID" -#: src/config/SSSDConfig/__init__.py.in:404 +#: src/config/SSSDConfig/__init__.py.in:405 msgid "Number of IDs for each slice when ID-mapping" msgstr "Nombre d'ID par tranche pour la correspondance d'ID" -#: src/config/SSSDConfig/__init__.py.in:405 +#: src/config/SSSDConfig/__init__.py.in:406 msgid "Use autorid-compatible algorithm for ID-mapping" msgstr "" "Utilisation d'un algorithme compatible autorid pour la correspondance d'ID" -#: src/config/SSSDConfig/__init__.py.in:406 +#: src/config/SSSDConfig/__init__.py.in:407 msgid "Name of the default domain for ID-mapping" msgstr "Nom du domaine par défaut pour la correspondance d'ID" -#: src/config/SSSDConfig/__init__.py.in:407 +#: src/config/SSSDConfig/__init__.py.in:408 msgid "SID of the default domain for ID-mapping" msgstr "SID du domaine par défaut pour la correspondance d'ID" -#: src/config/SSSDConfig/__init__.py.in:408 +#: src/config/SSSDConfig/__init__.py.in:409 msgid "Number of secondary slices" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:410 +#: src/config/SSSDConfig/__init__.py.in:411 msgid "Whether to use Token-Groups" msgstr "Choisir d'utiliser ou non les groupes de jetons" -#: src/config/SSSDConfig/__init__.py.in:411 +#: src/config/SSSDConfig/__init__.py.in:412 msgid "Set lower boundary for allowed IDs from the LDAP server" msgstr "" "Définir la limite inférieure d'identifiants autorisés pour l'annuaire LDAP" -#: src/config/SSSDConfig/__init__.py.in:412 +#: src/config/SSSDConfig/__init__.py.in:413 msgid "Set upper boundary for allowed IDs from the LDAP server" msgstr "" "Définir la limite supérieure d'identifiants autorisés pour l'annuaire LDAP" -#: src/config/SSSDConfig/__init__.py.in:413 +#: src/config/SSSDConfig/__init__.py.in:414 msgid "DN for ppolicy queries" msgstr "DN pour les requêtes sur ppolicy" -#: src/config/SSSDConfig/__init__.py.in:414 +#: src/config/SSSDConfig/__init__.py.in:415 msgid "How many maximum entries to fetch during a wildcard request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:417 +#: src/config/SSSDConfig/__init__.py.in:418 msgid "Policy to evaluate the password expiration" msgstr "Stratégie d'évaluation de l'expiration du mot de passe" -#: src/config/SSSDConfig/__init__.py.in:421 +#: src/config/SSSDConfig/__init__.py.in:422 msgid "Which attributes shall be used to evaluate if an account is expired" msgstr "Quels attributs utiliser pour déterminer si un compte a expiré" -#: src/config/SSSDConfig/__init__.py.in:422 +#: src/config/SSSDConfig/__init__.py.in:423 msgid "Which rules should be used to evaluate access control" msgstr "Quelles règles utiliser pour évaluer le contrôle d'accès" -#: src/config/SSSDConfig/__init__.py.in:425 +#: src/config/SSSDConfig/__init__.py.in:426 msgid "URI of an LDAP server where password changes are allowed" msgstr "URI d'un serveur LDAP où les changements de mot de passe sont acceptés" -#: src/config/SSSDConfig/__init__.py.in:426 +#: src/config/SSSDConfig/__init__.py.in:427 msgid "URI of a backup LDAP server where password changes are allowed" msgstr "" "URI d'un serveur LDAP de secours où sont autorisées les modifications de mot " "de passe" -#: src/config/SSSDConfig/__init__.py.in:427 +#: src/config/SSSDConfig/__init__.py.in:428 msgid "DNS service name for LDAP password change server" msgstr "Nom du service DNS pour le serveur de changement de mot de passe LDAP" -#: src/config/SSSDConfig/__init__.py.in:428 +#: src/config/SSSDConfig/__init__.py.in:429 msgid "" "Whether to update the ldap_user_shadow_last_change attribute after a " "password change" @@ -1423,23 +1427,23 @@ msgstr "" "Choix de mise à jour de l'attribut ldap_user_shadow_last_change après un " "changement de mot de passe" -#: src/config/SSSDConfig/__init__.py.in:431 +#: src/config/SSSDConfig/__init__.py.in:432 msgid "Base DN for sudo rules lookups" msgstr "Nom de domaine (DN) de base pour les recherches de règles sudo" -#: src/config/SSSDConfig/__init__.py.in:432 +#: src/config/SSSDConfig/__init__.py.in:433 msgid "Automatic full refresh period" msgstr "Périodicité de rafraichissement total" -#: src/config/SSSDConfig/__init__.py.in:433 +#: src/config/SSSDConfig/__init__.py.in:434 msgid "Automatic smart refresh period" msgstr "Périodicité de rafraichissement intelligent" -#: src/config/SSSDConfig/__init__.py.in:434 +#: src/config/SSSDConfig/__init__.py.in:435 msgid "Whether to filter rules by hostname, IP addresses and network" msgstr "Filter ou non sur les noms de systèmes, adresses IP et réseaux" -#: src/config/SSSDConfig/__init__.py.in:435 +#: src/config/SSSDConfig/__init__.py.in:436 msgid "" "Hostnames and/or fully qualified domain names of this machine to filter sudo " "rules" @@ -1447,251 +1451,259 @@ msgstr "" "Noms de systèmes et/ou noms pleinement qualifiés de cette machine pour " "filtrer les règles sudo" -#: src/config/SSSDConfig/__init__.py.in:436 +#: src/config/SSSDConfig/__init__.py.in:437 msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules" msgstr "" "Adresses ou réseaux IPv4 ou IPv6 de cette machine pour filtrer les règles " "sudo" -#: src/config/SSSDConfig/__init__.py.in:437 +#: src/config/SSSDConfig/__init__.py.in:438 msgid "Whether to include rules that contains netgroup in host attribute" msgstr "" "Inclure ou non les règles qui contiennent un netgroup dans l'attribut host" -#: src/config/SSSDConfig/__init__.py.in:438 +#: src/config/SSSDConfig/__init__.py.in:439 msgid "" "Whether to include rules that contains regular expression in host attribute" msgstr "" "Inclure ou non les règles qui contiennent une expression rationnelle dans " "l'attribut host" -#: src/config/SSSDConfig/__init__.py.in:439 +#: src/config/SSSDConfig/__init__.py.in:440 msgid "Object class for sudo rules" msgstr "Classe objet pour les règles sudo" -#: src/config/SSSDConfig/__init__.py.in:440 +#: src/config/SSSDConfig/__init__.py.in:441 msgid "Sudo rule name" msgstr "Règle de nom sudo" -#: src/config/SSSDConfig/__init__.py.in:441 +#: src/config/SSSDConfig/__init__.py.in:442 msgid "Sudo rule command attribute" msgstr "Attribut de commande de règle sudo" -#: src/config/SSSDConfig/__init__.py.in:442 +#: src/config/SSSDConfig/__init__.py.in:443 msgid "Sudo rule host attribute" msgstr "Attribut hôte de la règle sudo" -#: src/config/SSSDConfig/__init__.py.in:443 +#: src/config/SSSDConfig/__init__.py.in:444 msgid "Sudo rule user attribute" msgstr "Attribut utilisateur de la règle sudo" -#: src/config/SSSDConfig/__init__.py.in:444 +#: src/config/SSSDConfig/__init__.py.in:445 msgid "Sudo rule option attribute" msgstr "Attribut option de la règle sudo" -#: src/config/SSSDConfig/__init__.py.in:445 +#: src/config/SSSDConfig/__init__.py.in:446 msgid "Sudo rule runas attribute" msgstr "Attribut de règle sudo runas" -#: src/config/SSSDConfig/__init__.py.in:446 +#: src/config/SSSDConfig/__init__.py.in:447 msgid "Sudo rule runasuser attribute" msgstr "Attribut runasuser de la règle sudo" -#: src/config/SSSDConfig/__init__.py.in:447 +#: src/config/SSSDConfig/__init__.py.in:448 msgid "Sudo rule runasgroup attribute" msgstr "Attribut runasgroup de la règle sudo" -#: src/config/SSSDConfig/__init__.py.in:448 +#: src/config/SSSDConfig/__init__.py.in:449 msgid "Sudo rule notbefore attribute" msgstr "Attribut notbefore de la règle sudo" -#: src/config/SSSDConfig/__init__.py.in:449 +#: src/config/SSSDConfig/__init__.py.in:450 msgid "Sudo rule notafter attribute" msgstr "Attribut notafter de règle sudo" -#: src/config/SSSDConfig/__init__.py.in:450 +#: src/config/SSSDConfig/__init__.py.in:451 msgid "Sudo rule order attribute" msgstr "Attribut d'ordre de règle sudo" -#: src/config/SSSDConfig/__init__.py.in:453 +#: src/config/SSSDConfig/__init__.py.in:454 msgid "Object class for automounter maps" msgstr "Classe objet pour la carte de montage automatique" -#: src/config/SSSDConfig/__init__.py.in:454 +#: src/config/SSSDConfig/__init__.py.in:455 msgid "Automounter map name attribute" msgstr "Nom de l'attribut de carte de montage automatique" -#: src/config/SSSDConfig/__init__.py.in:455 +#: src/config/SSSDConfig/__init__.py.in:456 msgid "Object class for automounter map entries" msgstr "Classe objet pour l'entrée de référence de montage automatique" -#: src/config/SSSDConfig/__init__.py.in:456 +#: src/config/SSSDConfig/__init__.py.in:457 msgid "Automounter map entry key attribute" msgstr "Attribut de clé d'entrée pour la carte de montage automatique" -#: src/config/SSSDConfig/__init__.py.in:457 +#: src/config/SSSDConfig/__init__.py.in:458 msgid "Automounter map entry value attribute" msgstr "Attribut de valeur pour la carte de montage automatique" -#: src/config/SSSDConfig/__init__.py.in:458 +#: src/config/SSSDConfig/__init__.py.in:459 msgid "Base DN for automounter map lookups" msgstr "Base DN pour les requêtes de carte de montage automatique" -#: src/config/SSSDConfig/__init__.py.in:461 +#: src/config/SSSDConfig/__init__.py.in:462 msgid "Comma separated list of allowed users" msgstr "Liste, séparée par des virgules, d'utilisateurs autorisés" -#: src/config/SSSDConfig/__init__.py.in:462 +#: src/config/SSSDConfig/__init__.py.in:463 msgid "Comma separated list of prohibited users" msgstr "Liste, séparée par des virgules, d'utilisateurs interdits" -#: src/config/SSSDConfig/__init__.py.in:465 +#: src/config/SSSDConfig/__init__.py.in:466 msgid "Default shell, /bin/bash" msgstr "Interpréteur de commande par défaut : /bin/bash" -#: src/config/SSSDConfig/__init__.py.in:466 +#: src/config/SSSDConfig/__init__.py.in:467 msgid "Base for home directories" msgstr "Base pour les répertoires utilisateur" -#: src/config/SSSDConfig/__init__.py.in:469 +#: src/config/SSSDConfig/__init__.py.in:470 msgid "The number of preforked proxy children." msgstr "" -#: src/config/SSSDConfig/__init__.py.in:472 +#: src/config/SSSDConfig/__init__.py.in:473 msgid "The name of the NSS library to use" msgstr "Nom de la bibliothèque NSS à utiliser" -#: src/config/SSSDConfig/__init__.py.in:473 +#: src/config/SSSDConfig/__init__.py.in:474 msgid "Whether to look up canonical group name from cache if possible" msgstr "Rechercher le nom canonique du groupe dans le cache si possible" -#: src/config/SSSDConfig/__init__.py.in:476 +#: src/config/SSSDConfig/__init__.py.in:477 msgid "PAM stack to use" msgstr "Pile PAM à utiliser" -#: src/config/SSSDConfig/__init__.py.in:479 +#: src/config/SSSDConfig/__init__.py.in:480 msgid "Path of passwd file sources." msgstr "" -#: src/config/SSSDConfig/__init__.py.in:480 +#: src/config/SSSDConfig/__init__.py.in:481 msgid "Path of group file sources." msgstr "" -#: src/monitor/monitor.c:2347 +#: src/monitor/monitor.c:2332 msgid "Become a daemon (default)" msgstr "Devenir un démon (par défaut)" -#: src/monitor/monitor.c:2349 +#: src/monitor/monitor.c:2334 msgid "Run interactive (not a daemon)" msgstr "Fonctionner en interactif (non démon)" -#: src/monitor/monitor.c:2352 +#: src/monitor/monitor.c:2337 msgid "Disable netlink interface" msgstr "" -#: src/monitor/monitor.c:2354 src/tools/sssctl/sssctl_logs.c:311 +#: src/monitor/monitor.c:2339 src/tools/sssctl/sssctl_logs.c:311 msgid "Specify a non-default config file" msgstr "Définir un fichier de configuration différent de celui par défaut" -#: src/monitor/monitor.c:2356 +#: src/monitor/monitor.c:2341 msgid "Refresh the configuration database, then exit" msgstr "" -#: src/monitor/monitor.c:2359 +#: src/monitor/monitor.c:2344 msgid "Similar to --genconf, but only refreshes the given section" msgstr "" -#: src/monitor/monitor.c:2362 +#: src/monitor/monitor.c:2347 msgid "Print version number and exit" msgstr "Afficher le numéro de version et quitte" -#: src/monitor/monitor.c:2538 +#: src/monitor/monitor.c:2523 msgid "SSSD is already running\n" msgstr "" -#: src/providers/krb5/krb5_child.c:3219 src/providers/ldap/ldap_child.c:605 +#: src/providers/krb5/krb5_child.c:3232 src/providers/ldap/ldap_child.c:605 msgid "Debug level" msgstr "Niveau de débogage" -#: src/providers/krb5/krb5_child.c:3221 src/providers/ldap/ldap_child.c:607 +#: src/providers/krb5/krb5_child.c:3234 src/providers/ldap/ldap_child.c:607 msgid "Add debug timestamps" msgstr "Ajouter l'horodatage au débogage" -#: src/providers/krb5/krb5_child.c:3223 src/providers/ldap/ldap_child.c:609 +#: src/providers/krb5/krb5_child.c:3236 src/providers/ldap/ldap_child.c:609 msgid "Show timestamps with microseconds" msgstr "Afficher l'horodatage en microsecondes" -#: src/providers/krb5/krb5_child.c:3225 src/providers/ldap/ldap_child.c:611 +#: src/providers/krb5/krb5_child.c:3238 src/providers/ldap/ldap_child.c:611 msgid "An open file descriptor for the debug logs" msgstr "Un descripteur de fichier ouvert pour les journaux de débogage" -#: src/providers/krb5/krb5_child.c:3228 src/providers/ldap/ldap_child.c:613 +#: src/providers/krb5/krb5_child.c:3241 src/providers/ldap/ldap_child.c:613 msgid "Send the debug output to stderr directly." msgstr "Envoyer la sortie de débogage directement vers l'erreur standard." -#: src/providers/krb5/krb5_child.c:3231 +#: src/providers/krb5/krb5_child.c:3244 msgid "The user to create FAST ccache as" msgstr "L'utilisateur à utiliser pour la création du ccache FAST" -#: src/providers/krb5/krb5_child.c:3233 +#: src/providers/krb5/krb5_child.c:3246 msgid "The group to create FAST ccache as" msgstr "Le groupe à utiliser pour la création du ccache FAST" -#: src/providers/krb5/krb5_child.c:3235 +#: src/providers/krb5/krb5_child.c:3248 msgid "Kerberos realm to use" msgstr "" -#: src/providers/krb5/krb5_child.c:3237 +#: src/providers/krb5/krb5_child.c:3250 msgid "Requested lifetime of the ticket" msgstr "" -#: src/providers/krb5/krb5_child.c:3239 +#: src/providers/krb5/krb5_child.c:3252 msgid "Requested renewable lifetime of the ticket" msgstr "" -#: src/providers/krb5/krb5_child.c:3241 +#: src/providers/krb5/krb5_child.c:3254 msgid "FAST options ('never', 'try', 'demand')" msgstr "" -#: src/providers/krb5/krb5_child.c:3244 +#: src/providers/krb5/krb5_child.c:3257 msgid "Specifies the server principal to use for FAST" msgstr "" -#: src/providers/krb5/krb5_child.c:3246 +#: src/providers/krb5/krb5_child.c:3259 msgid "Requests canonicalization of the principal name" msgstr "" -#: src/providers/krb5/krb5_child.c:3248 +#: src/providers/krb5/krb5_child.c:3261 msgid "Use custom version of krb5_get_init_creds_password" msgstr "" -#: src/providers/data_provider_be.c:630 +#: src/providers/data_provider_be.c:673 msgid "Domain of the information provider (mandatory)" msgstr "Domaine du fournisseur d'informations (obligatoire)" -#: src/sss_client/common.c:1067 +#: src/sss_client/common.c:1079 msgid "Privileged socket has wrong ownership or permissions." msgstr "" "Le socket privilégié a de mauvaises permissions ou un mauvais propriétaire." -#: src/sss_client/common.c:1070 +#: src/sss_client/common.c:1082 msgid "Public socket has wrong ownership or permissions." msgstr "" "Le socket public a de mauvaises permissions ou un mauvais propriétaire." -#: src/sss_client/common.c:1073 +#: src/sss_client/common.c:1085 msgid "Unexpected format of the server credential message." msgstr "Le message du serveur de crédits a un format inattendu." -#: src/sss_client/common.c:1076 +#: src/sss_client/common.c:1088 msgid "SSSD is not run by root." msgstr "SSSD n'est pas démarré par root." -#: src/sss_client/common.c:1081 +#: src/sss_client/common.c:1091 +msgid "SSSD socket does not exist." +msgstr "" + +#: src/sss_client/common.c:1094 +msgid "Cannot get stat of SSSD socket." +msgstr "" + +#: src/sss_client/common.c:1099 msgid "An error occurred, but no description can be found." msgstr "Une erreur est survenue mais aucune description n'est trouvée." -#: src/sss_client/common.c:1087 +#: src/sss_client/common.c:1105 msgid "Unexpected error while looking for an error description" msgstr "Erreur inattendue lors de la recherche de la description de l'erreur" @@ -1699,49 +1711,49 @@ msgstr "Erreur inattendue lors de la recherche de la description de l'erreur" msgid "Permission denied. " msgstr "Accès refusé." -#: src/sss_client/pam_sss.c:68 src/sss_client/pam_sss.c:774 -#: src/sss_client/pam_sss.c:785 +#: src/sss_client/pam_sss.c:68 src/sss_client/pam_sss.c:777 +#: src/sss_client/pam_sss.c:788 msgid "Server message: " msgstr "Message du serveur : " -#: src/sss_client/pam_sss.c:292 +#: src/sss_client/pam_sss.c:295 msgid "Passwords do not match" msgstr "Les mots de passe ne correspondent pas" -#: src/sss_client/pam_sss.c:480 +#: src/sss_client/pam_sss.c:483 msgid "Password reset by root is not supported." msgstr "" "La réinitialisation du mot de passe par root n'est pas prise en charge." -#: src/sss_client/pam_sss.c:521 +#: src/sss_client/pam_sss.c:524 msgid "Authenticated with cached credentials" msgstr "Authentifié avec les crédits mis en cache" -#: src/sss_client/pam_sss.c:522 +#: src/sss_client/pam_sss.c:525 msgid ", your cached password will expire at: " msgstr ", votre mot de passe en cache expirera à :" -#: src/sss_client/pam_sss.c:552 +#: src/sss_client/pam_sss.c:555 #, c-format msgid "Your password has expired. You have %1$d grace login(s) remaining." msgstr "" "Votre mot de passe a expiré. Il vous reste %1$d connexion(s) autorisée(s)." -#: src/sss_client/pam_sss.c:598 +#: src/sss_client/pam_sss.c:601 #, c-format msgid "Your password will expire in %1$d %2$s." msgstr "Votre mot de passe expirera dans %1$d %2$s." -#: src/sss_client/pam_sss.c:647 +#: src/sss_client/pam_sss.c:650 msgid "Authentication is denied until: " msgstr "L'authentification est refusée jusque :" -#: src/sss_client/pam_sss.c:668 +#: src/sss_client/pam_sss.c:671 msgid "System is offline, password change not possible" msgstr "" "Le système est hors-ligne, les modifications du mot de passe sont impossibles" -#: src/sss_client/pam_sss.c:683 +#: src/sss_client/pam_sss.c:686 msgid "" "After changing the OTP password, you need to log out and back in order to " "acquire a ticket" @@ -1749,43 +1761,43 @@ msgstr "" "Après avoir modifié le mot de passe OTP, vous devez vous déconnecter et vous " "reconnecter afin d'acquérir un ticket" -#: src/sss_client/pam_sss.c:771 src/sss_client/pam_sss.c:784 +#: src/sss_client/pam_sss.c:774 src/sss_client/pam_sss.c:787 msgid "Password change failed. " msgstr "Échec du changement de mot de passe." -#: src/sss_client/pam_sss.c:1921 +#: src/sss_client/pam_sss.c:1977 msgid "New Password: " msgstr "Nouveau mot de passe : " -#: src/sss_client/pam_sss.c:1922 +#: src/sss_client/pam_sss.c:1978 msgid "Reenter new Password: " msgstr "Retaper le nouveau mot de passe : " -#: src/sss_client/pam_sss.c:2038 src/sss_client/pam_sss.c:2041 +#: src/sss_client/pam_sss.c:2139 src/sss_client/pam_sss.c:2142 msgid "First Factor: " msgstr "Premier facteur :" -#: src/sss_client/pam_sss.c:2039 src/sss_client/pam_sss.c:2201 +#: src/sss_client/pam_sss.c:2140 src/sss_client/pam_sss.c:2303 msgid "Second Factor (optional): " msgstr "" -#: src/sss_client/pam_sss.c:2042 src/sss_client/pam_sss.c:2204 +#: src/sss_client/pam_sss.c:2143 src/sss_client/pam_sss.c:2306 msgid "Second Factor: " msgstr "Second facteur :" -#: src/sss_client/pam_sss.c:2057 +#: src/sss_client/pam_sss.c:2158 msgid "Password: " msgstr "Mot de passe : " -#: src/sss_client/pam_sss.c:2200 src/sss_client/pam_sss.c:2203 +#: src/sss_client/pam_sss.c:2302 src/sss_client/pam_sss.c:2305 msgid "First Factor (Current Password): " msgstr "" -#: src/sss_client/pam_sss.c:2207 +#: src/sss_client/pam_sss.c:2309 msgid "Current Password: " msgstr "Mot de passe actuel : " -#: src/sss_client/pam_sss.c:2562 +#: src/sss_client/pam_sss.c:2664 msgid "Password expired. Change your password now." msgstr "Mot de passe expiré. Changez votre mot de passe maintenant." @@ -1794,7 +1806,7 @@ msgstr "Mot de passe expiré. Changez votre mot de passe maintenant." #: src/tools/sss_groupadd.c:41 src/tools/sss_groupdel.c:44 #: src/tools/sss_groupmod.c:42 src/tools/sss_groupshow.c:668 #: src/tools/sss_userdel.c:134 src/tools/sss_usermod.c:47 -#: src/tools/sss_cache.c:687 +#: src/tools/sss_cache.c:704 msgid "The debug level to run with" msgstr "Le niveau de débogage utilisé avec" @@ -1807,7 +1819,7 @@ msgstr "Le domaine SSSD à utiliser" #: src/tools/sss_groupadd.c:59 src/tools/sss_groupdel.c:54 #: src/tools/sss_groupmod.c:66 src/tools/sss_groupshow.c:680 #: src/tools/sss_userdel.c:152 src/tools/sss_usermod.c:79 -#: src/tools/sss_cache.c:733 +#: src/tools/sss_cache.c:750 msgid "Error setting the locale\n" msgstr "Erreur lors du paramétrage de la locale\n" @@ -1843,6 +1855,11 @@ msgstr "Hôte non spécifié\n" msgid "The path to the proxy command must be absolute\n" msgstr "Le chemin vers la commande de proxy doit être absolue\n" +#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:342 +#, c-format +msgid "sss_ssh_knownhostsproxy: Could not resolve hostname %s\n" +msgstr "" + #: src/tools/sss_useradd.c:49 src/tools/sss_usermod.c:48 msgid "The UID of the user" msgstr "L'UID de l'utilisateur" @@ -2286,95 +2303,95 @@ msgstr "" msgid "Transaction error. Could not modify user.\n" msgstr "Erreur de transaction. Impossible de modifier l'utlisateur.\n" -#: src/tools/sss_cache.c:228 +#: src/tools/sss_cache.c:245 msgid "No cache object matched the specified search\n" msgstr "Aucun object trouvé dans le cache pour la recherche spécifiée\n" -#: src/tools/sss_cache.c:519 +#: src/tools/sss_cache.c:536 #, c-format msgid "Couldn't invalidate %1$s\n" msgstr "Impossible d'invalider %1$s\n" -#: src/tools/sss_cache.c:526 +#: src/tools/sss_cache.c:543 #, c-format msgid "Couldn't invalidate %1$s %2$s\n" msgstr "Impossible d'invalider %1$s %2$s\n" -#: src/tools/sss_cache.c:689 +#: src/tools/sss_cache.c:706 msgid "Invalidate all cached entries" msgstr "" -#: src/tools/sss_cache.c:691 +#: src/tools/sss_cache.c:708 msgid "Invalidate particular user" msgstr "Invalider un utilisateur spécifique" -#: src/tools/sss_cache.c:693 +#: src/tools/sss_cache.c:710 msgid "Invalidate all users" msgstr "Invalider tous les utilisateurs" -#: src/tools/sss_cache.c:695 +#: src/tools/sss_cache.c:712 msgid "Invalidate particular group" msgstr "Invalider un groupe particulier" -#: src/tools/sss_cache.c:697 +#: src/tools/sss_cache.c:714 msgid "Invalidate all groups" msgstr "Invalider tous les groupes" -#: src/tools/sss_cache.c:699 +#: src/tools/sss_cache.c:716 msgid "Invalidate particular netgroup" msgstr "Invalider un groupe réseau particulier" -#: src/tools/sss_cache.c:701 +#: src/tools/sss_cache.c:718 msgid "Invalidate all netgroups" msgstr "Invalider tous les groupes réseau" -#: src/tools/sss_cache.c:703 +#: src/tools/sss_cache.c:720 msgid "Invalidate particular service" msgstr "Invalidation d'un service particulier" -#: src/tools/sss_cache.c:705 +#: src/tools/sss_cache.c:722 msgid "Invalidate all services" msgstr "Invalidation de tous les services" -#: src/tools/sss_cache.c:708 +#: src/tools/sss_cache.c:725 msgid "Invalidate particular autofs map" msgstr "Invalidation d'une carte autofs particulière" -#: src/tools/sss_cache.c:710 +#: src/tools/sss_cache.c:727 msgid "Invalidate all autofs maps" msgstr "Invalidation de toutes les cartes autofs" -#: src/tools/sss_cache.c:714 +#: src/tools/sss_cache.c:731 msgid "Invalidate particular SSH host" msgstr "Invalider un hôte SSH particulier" -#: src/tools/sss_cache.c:716 +#: src/tools/sss_cache.c:733 msgid "Invalidate all SSH hosts" msgstr "Invalider tous les hôtes SSH" -#: src/tools/sss_cache.c:720 +#: src/tools/sss_cache.c:737 msgid "Invalidate particular sudo rule" msgstr "" -#: src/tools/sss_cache.c:722 +#: src/tools/sss_cache.c:739 msgid "Invalidate all cached sudo rules" msgstr "" -#: src/tools/sss_cache.c:725 +#: src/tools/sss_cache.c:742 msgid "Only invalidate entries from a particular domain" msgstr "N'invalider des entrées que d'un domaine spécifique" -#: src/tools/sss_cache.c:779 +#: src/tools/sss_cache.c:796 msgid "" "Unexpected argument(s) provided, options that invalidate a single object " "only accept a single provided argument.\n" msgstr "" -#: src/tools/sss_cache.c:789 +#: src/tools/sss_cache.c:806 msgid "Please select at least one object to invalidate\n" msgstr "Merci de sélectionner au moins un objet à invalider\n" -#: src/tools/sss_cache.c:872 +#: src/tools/sss_cache.c:889 #, c-format msgid "" "Could not open domain %1$s. If the domain is a subdomain (trusted domain), " @@ -2384,7 +2401,7 @@ msgstr "" "(domaine approuvé), utiliser le nom pleinement qualifié au lieu du paramètre " "--domain/-d.\n" -#: src/tools/sss_cache.c:877 +#: src/tools/sss_cache.c:894 msgid "Could not open available domains\n" msgstr "Impossible d'ouvrir aucun des domaines disponibles\n" @@ -2934,29 +2951,18 @@ msgstr "" msgid " - no env -\n" msgstr "" -#: src/util/util.h:73 +#: src/util/util.h:74 msgid "The user ID to run the server as" msgstr "L'identifiant utilisateur sous lequel faire tourner le serveur" -#: src/util/util.h:75 +#: src/util/util.h:76 msgid "The group ID to run the server as" msgstr "L'identifiant de groupe sous lequel faire tourner le serveur" -#: src/util/util.h:83 +#: src/util/util.h:84 msgid "Informs that the responder has been socket-activated" msgstr "" -#: src/util/util.h:85 +#: src/util/util.h:86 msgid "Informs that the responder has been dbus-activated" msgstr "" - -#~ msgid "Store password hashes" -#~ msgstr "Stocker les sommes de contrôle des mots de passe" - -#~ msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for group lookups" -#~ msgstr "Utiliser LDAP_MATCHING_RULE_IN_CHAIN pour les recherches de groupes" - -#~ msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for initgroup lookups" -#~ msgstr "" -#~ "Utiliser LDAP_MATCHING_RULE_IN_CHAIN pour les recherches de groupes " -#~ "d'initialisation" diff --git a/po/hu.po b/po/hu.po index 45bff9b88b0..31523a9a8e8 100644 --- a/po/hu.po +++ b/po/hu.po @@ -10,7 +10,7 @@ msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n" -"POT-Creation-Date: 2019-02-27 19:55+0100\n" +"POT-Creation-Date: 2019-06-13 20:35+0200\n" "PO-Revision-Date: 2014-12-14 11:45+0000\n" "Last-Translator: Copied by Zanata \n" "Language-Team: Hungarian (http://www.transifex.com/projects/p/sssd/language/" @@ -677,7 +677,7 @@ msgid "Active Directory client hostname" msgstr "" #: src/config/SSSDConfig/__init__.py.in:236 -#: src/config/SSSDConfig/__init__.py.in:420 +#: src/config/SSSDConfig/__init__.py.in:421 msgid "LDAP filter to determine access privileges" msgstr "" @@ -847,746 +847,759 @@ msgid "The Schema Type in use on the LDAP server, rfc2307" msgstr "Az LDAP szerveren használt séma-típus, rfc2307" #: src/config/SSSDConfig/__init__.py.in:285 +#, fuzzy +msgid "Mode used to change user password" +msgstr "A jelszava lejárt, változtass meg most." + +#: src/config/SSSDConfig/__init__.py.in:286 msgid "The default bind DN" msgstr "Az alapértelmezett bind DN" -#: src/config/SSSDConfig/__init__.py.in:286 +#: src/config/SSSDConfig/__init__.py.in:287 msgid "The type of the authentication token of the default bind DN" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:287 +#: src/config/SSSDConfig/__init__.py.in:288 msgid "The authentication token of the default bind DN" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:288 +#: src/config/SSSDConfig/__init__.py.in:289 msgid "Length of time to attempt connection" msgstr "A kapcsolódási próbálkozás időtartama" -#: src/config/SSSDConfig/__init__.py.in:289 +#: src/config/SSSDConfig/__init__.py.in:290 msgid "Length of time to attempt synchronous LDAP operations" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:290 +#: src/config/SSSDConfig/__init__.py.in:291 msgid "Length of time between attempts to reconnect while offline" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:291 +#: src/config/SSSDConfig/__init__.py.in:292 msgid "Use only the upper case for realm names" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:292 +#: src/config/SSSDConfig/__init__.py.in:293 msgid "File that contains CA certificates" msgstr "A CA tanusítványokat tartalmazó fájl" -#: src/config/SSSDConfig/__init__.py.in:293 +#: src/config/SSSDConfig/__init__.py.in:294 msgid "Path to CA certificate directory" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:294 +#: src/config/SSSDConfig/__init__.py.in:295 msgid "File that contains the client certificate" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:295 +#: src/config/SSSDConfig/__init__.py.in:296 msgid "File that contains the client key" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:296 +#: src/config/SSSDConfig/__init__.py.in:297 msgid "List of possible ciphers suites" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:297 +#: src/config/SSSDConfig/__init__.py.in:298 msgid "Require TLS certificate verification" msgstr "TLS tanusítvány ellenőrzése" -#: src/config/SSSDConfig/__init__.py.in:298 +#: src/config/SSSDConfig/__init__.py.in:299 msgid "Specify the sasl mechanism to use" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:299 +#: src/config/SSSDConfig/__init__.py.in:300 msgid "Specify the sasl authorization id to use" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:300 +#: src/config/SSSDConfig/__init__.py.in:301 msgid "Specify the sasl authorization realm to use" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:301 +#: src/config/SSSDConfig/__init__.py.in:302 msgid "Specify the minimal SSF for LDAP sasl authorization" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:302 +#: src/config/SSSDConfig/__init__.py.in:303 msgid "Kerberos service keytab" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:303 +#: src/config/SSSDConfig/__init__.py.in:304 msgid "Use Kerberos auth for LDAP connection" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:304 +#: src/config/SSSDConfig/__init__.py.in:305 msgid "Follow LDAP referrals" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:305 +#: src/config/SSSDConfig/__init__.py.in:306 msgid "Lifetime of TGT for LDAP connection" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:306 +#: src/config/SSSDConfig/__init__.py.in:307 msgid "How to dereference aliases" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:307 +#: src/config/SSSDConfig/__init__.py.in:308 msgid "Service name for DNS service lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:308 +#: src/config/SSSDConfig/__init__.py.in:309 msgid "The number of records to retrieve in a single LDAP query" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:309 +#: src/config/SSSDConfig/__init__.py.in:310 msgid "The number of members that must be missing to trigger a full deref" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:310 +#: src/config/SSSDConfig/__init__.py.in:311 msgid "" "Whether the LDAP library should perform a reverse lookup to canonicalize the " "host name during a SASL bind" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:312 +#: src/config/SSSDConfig/__init__.py.in:313 msgid "entryUSN attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:313 +#: src/config/SSSDConfig/__init__.py.in:314 msgid "lastUSN attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:315 +#: src/config/SSSDConfig/__init__.py.in:316 msgid "How long to retain a connection to the LDAP server before disconnecting" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:317 +#: src/config/SSSDConfig/__init__.py.in:318 msgid "Disable the LDAP paging control" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:318 +#: src/config/SSSDConfig/__init__.py.in:319 msgid "Disable Active Directory range retrieval" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:321 +#: src/config/SSSDConfig/__init__.py.in:322 msgid "Length of time to wait for a search request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:322 +#: src/config/SSSDConfig/__init__.py.in:323 msgid "Length of time to wait for a enumeration request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:323 +#: src/config/SSSDConfig/__init__.py.in:324 msgid "Length of time between enumeration updates" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:324 +#: src/config/SSSDConfig/__init__.py.in:325 msgid "Length of time between cache cleanups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:325 +#: src/config/SSSDConfig/__init__.py.in:326 msgid "Require TLS for ID lookups" msgstr "TLS megkövetelése ID keresésekor" -#: src/config/SSSDConfig/__init__.py.in:326 +#: src/config/SSSDConfig/__init__.py.in:327 msgid "Use ID-mapping of objectSID instead of pre-set IDs" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:327 +#: src/config/SSSDConfig/__init__.py.in:328 msgid "Base DN for user lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:328 +#: src/config/SSSDConfig/__init__.py.in:329 msgid "Scope of user lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:329 +#: src/config/SSSDConfig/__init__.py.in:330 msgid "Filter for user lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:330 +#: src/config/SSSDConfig/__init__.py.in:331 msgid "Objectclass for users" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:331 +#: src/config/SSSDConfig/__init__.py.in:332 msgid "Username attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:333 +#: src/config/SSSDConfig/__init__.py.in:334 msgid "UID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:334 +#: src/config/SSSDConfig/__init__.py.in:335 msgid "Primary GID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:335 +#: src/config/SSSDConfig/__init__.py.in:336 msgid "GECOS attribute" msgstr "GECOS attribútum" -#: src/config/SSSDConfig/__init__.py.in:336 +#: src/config/SSSDConfig/__init__.py.in:337 msgid "Home directory attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:337 +#: src/config/SSSDConfig/__init__.py.in:338 msgid "Shell attribute" msgstr "Shell attribútum" -#: src/config/SSSDConfig/__init__.py.in:338 +#: src/config/SSSDConfig/__init__.py.in:339 msgid "UUID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:339 -#: src/config/SSSDConfig/__init__.py.in:381 +#: src/config/SSSDConfig/__init__.py.in:340 +#: src/config/SSSDConfig/__init__.py.in:382 msgid "objectSID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:340 +#: src/config/SSSDConfig/__init__.py.in:341 msgid "Active Directory primary group attribute for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:341 +#: src/config/SSSDConfig/__init__.py.in:342 msgid "User principal attribute (for Kerberos)" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:342 +#: src/config/SSSDConfig/__init__.py.in:343 msgid "Full Name" msgstr "Teljes név" -#: src/config/SSSDConfig/__init__.py.in:343 +#: src/config/SSSDConfig/__init__.py.in:344 msgid "memberOf attribute" msgstr "memberOf attribútum" -#: src/config/SSSDConfig/__init__.py.in:344 +#: src/config/SSSDConfig/__init__.py.in:345 msgid "Modification time attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:346 +#: src/config/SSSDConfig/__init__.py.in:347 msgid "shadowLastChange attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:347 +#: src/config/SSSDConfig/__init__.py.in:348 msgid "shadowMin attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:348 +#: src/config/SSSDConfig/__init__.py.in:349 msgid "shadowMax attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:349 +#: src/config/SSSDConfig/__init__.py.in:350 msgid "shadowWarning attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:350 +#: src/config/SSSDConfig/__init__.py.in:351 msgid "shadowInactive attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:351 +#: src/config/SSSDConfig/__init__.py.in:352 msgid "shadowExpire attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:352 +#: src/config/SSSDConfig/__init__.py.in:353 msgid "shadowFlag attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:353 +#: src/config/SSSDConfig/__init__.py.in:354 msgid "Attribute listing authorized PAM services" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:354 +#: src/config/SSSDConfig/__init__.py.in:355 msgid "Attribute listing authorized server hosts" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:355 +#: src/config/SSSDConfig/__init__.py.in:356 msgid "Attribute listing authorized server rhosts" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:356 +#: src/config/SSSDConfig/__init__.py.in:357 msgid "krbLastPwdChange attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:357 +#: src/config/SSSDConfig/__init__.py.in:358 msgid "krbPasswordExpiration attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:358 +#: src/config/SSSDConfig/__init__.py.in:359 msgid "Attribute indicating that server side password policies are active" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:359 +#: src/config/SSSDConfig/__init__.py.in:360 msgid "accountExpires attribute of AD" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:360 +#: src/config/SSSDConfig/__init__.py.in:361 msgid "userAccountControl attribute of AD" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:361 +#: src/config/SSSDConfig/__init__.py.in:362 msgid "nsAccountLock attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:362 +#: src/config/SSSDConfig/__init__.py.in:363 msgid "loginDisabled attribute of NDS" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:363 +#: src/config/SSSDConfig/__init__.py.in:364 msgid "loginExpirationTime attribute of NDS" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:364 +#: src/config/SSSDConfig/__init__.py.in:365 msgid "loginAllowedTimeMap attribute of NDS" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:365 +#: src/config/SSSDConfig/__init__.py.in:366 msgid "SSH public key attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:366 +#: src/config/SSSDConfig/__init__.py.in:367 msgid "attribute listing allowed authentication types for a user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:367 +#: src/config/SSSDConfig/__init__.py.in:368 msgid "attribute containing the X509 certificate of the user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:368 +#: src/config/SSSDConfig/__init__.py.in:369 msgid "attribute containing the email address of the user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:370 +#: src/config/SSSDConfig/__init__.py.in:371 msgid "A list of extra attributes to download along with the user entry" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:372 +#: src/config/SSSDConfig/__init__.py.in:373 msgid "Base DN for group lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:375 +#: src/config/SSSDConfig/__init__.py.in:376 msgid "Objectclass for groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:376 +#: src/config/SSSDConfig/__init__.py.in:377 msgid "Group name" msgstr "Csoport neve" -#: src/config/SSSDConfig/__init__.py.in:377 +#: src/config/SSSDConfig/__init__.py.in:378 msgid "Group password" msgstr "Csoport jelszava" -#: src/config/SSSDConfig/__init__.py.in:378 +#: src/config/SSSDConfig/__init__.py.in:379 msgid "GID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:379 +#: src/config/SSSDConfig/__init__.py.in:380 msgid "Group member attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:380 +#: src/config/SSSDConfig/__init__.py.in:381 msgid "Group UUID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:382 +#: src/config/SSSDConfig/__init__.py.in:383 msgid "Modification time attribute for groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:383 +#: src/config/SSSDConfig/__init__.py.in:384 msgid "Type of the group and other flags" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:384 +#: src/config/SSSDConfig/__init__.py.in:385 msgid "The LDAP group external member attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:386 +#: src/config/SSSDConfig/__init__.py.in:387 msgid "Maximum nesting level SSSD will follow" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:388 +#: src/config/SSSDConfig/__init__.py.in:389 msgid "Base DN for netgroup lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:389 +#: src/config/SSSDConfig/__init__.py.in:390 msgid "Objectclass for netgroups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:390 +#: src/config/SSSDConfig/__init__.py.in:391 msgid "Netgroup name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:391 +#: src/config/SSSDConfig/__init__.py.in:392 msgid "Netgroups members attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:392 +#: src/config/SSSDConfig/__init__.py.in:393 msgid "Netgroup triple attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:393 +#: src/config/SSSDConfig/__init__.py.in:394 msgid "Modification time attribute for netgroups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:395 +#: src/config/SSSDConfig/__init__.py.in:396 msgid "Base DN for service lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:396 +#: src/config/SSSDConfig/__init__.py.in:397 msgid "Objectclass for services" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:397 +#: src/config/SSSDConfig/__init__.py.in:398 msgid "Service name attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:398 +#: src/config/SSSDConfig/__init__.py.in:399 msgid "Service port attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:399 +#: src/config/SSSDConfig/__init__.py.in:400 msgid "Service protocol attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:402 +#: src/config/SSSDConfig/__init__.py.in:403 msgid "Lower bound for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:403 +#: src/config/SSSDConfig/__init__.py.in:404 msgid "Upper bound for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:404 +#: src/config/SSSDConfig/__init__.py.in:405 msgid "Number of IDs for each slice when ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:405 +#: src/config/SSSDConfig/__init__.py.in:406 msgid "Use autorid-compatible algorithm for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:406 +#: src/config/SSSDConfig/__init__.py.in:407 msgid "Name of the default domain for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:407 +#: src/config/SSSDConfig/__init__.py.in:408 msgid "SID of the default domain for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:408 +#: src/config/SSSDConfig/__init__.py.in:409 msgid "Number of secondary slices" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:410 +#: src/config/SSSDConfig/__init__.py.in:411 msgid "Whether to use Token-Groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:411 +#: src/config/SSSDConfig/__init__.py.in:412 msgid "Set lower boundary for allowed IDs from the LDAP server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:412 +#: src/config/SSSDConfig/__init__.py.in:413 msgid "Set upper boundary for allowed IDs from the LDAP server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:413 +#: src/config/SSSDConfig/__init__.py.in:414 msgid "DN for ppolicy queries" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:414 +#: src/config/SSSDConfig/__init__.py.in:415 msgid "How many maximum entries to fetch during a wildcard request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:417 +#: src/config/SSSDConfig/__init__.py.in:418 msgid "Policy to evaluate the password expiration" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:421 +#: src/config/SSSDConfig/__init__.py.in:422 msgid "Which attributes shall be used to evaluate if an account is expired" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:422 +#: src/config/SSSDConfig/__init__.py.in:423 msgid "Which rules should be used to evaluate access control" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:425 +#: src/config/SSSDConfig/__init__.py.in:426 msgid "URI of an LDAP server where password changes are allowed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:426 +#: src/config/SSSDConfig/__init__.py.in:427 msgid "URI of a backup LDAP server where password changes are allowed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:427 +#: src/config/SSSDConfig/__init__.py.in:428 msgid "DNS service name for LDAP password change server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:428 +#: src/config/SSSDConfig/__init__.py.in:429 msgid "" "Whether to update the ldap_user_shadow_last_change attribute after a " "password change" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:431 +#: src/config/SSSDConfig/__init__.py.in:432 msgid "Base DN for sudo rules lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:432 +#: src/config/SSSDConfig/__init__.py.in:433 msgid "Automatic full refresh period" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:433 +#: src/config/SSSDConfig/__init__.py.in:434 msgid "Automatic smart refresh period" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:434 +#: src/config/SSSDConfig/__init__.py.in:435 msgid "Whether to filter rules by hostname, IP addresses and network" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:435 +#: src/config/SSSDConfig/__init__.py.in:436 msgid "" "Hostnames and/or fully qualified domain names of this machine to filter sudo " "rules" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:436 +#: src/config/SSSDConfig/__init__.py.in:437 msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:437 +#: src/config/SSSDConfig/__init__.py.in:438 msgid "Whether to include rules that contains netgroup in host attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:438 +#: src/config/SSSDConfig/__init__.py.in:439 msgid "" "Whether to include rules that contains regular expression in host attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:439 +#: src/config/SSSDConfig/__init__.py.in:440 msgid "Object class for sudo rules" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:440 +#: src/config/SSSDConfig/__init__.py.in:441 msgid "Sudo rule name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:441 +#: src/config/SSSDConfig/__init__.py.in:442 msgid "Sudo rule command attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:442 +#: src/config/SSSDConfig/__init__.py.in:443 msgid "Sudo rule host attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:443 +#: src/config/SSSDConfig/__init__.py.in:444 msgid "Sudo rule user attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:444 +#: src/config/SSSDConfig/__init__.py.in:445 msgid "Sudo rule option attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:445 +#: src/config/SSSDConfig/__init__.py.in:446 msgid "Sudo rule runas attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:446 +#: src/config/SSSDConfig/__init__.py.in:447 msgid "Sudo rule runasuser attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:447 +#: src/config/SSSDConfig/__init__.py.in:448 msgid "Sudo rule runasgroup attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:448 +#: src/config/SSSDConfig/__init__.py.in:449 msgid "Sudo rule notbefore attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:449 +#: src/config/SSSDConfig/__init__.py.in:450 msgid "Sudo rule notafter attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:450 +#: src/config/SSSDConfig/__init__.py.in:451 msgid "Sudo rule order attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:453 +#: src/config/SSSDConfig/__init__.py.in:454 msgid "Object class for automounter maps" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:454 +#: src/config/SSSDConfig/__init__.py.in:455 msgid "Automounter map name attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:455 +#: src/config/SSSDConfig/__init__.py.in:456 msgid "Object class for automounter map entries" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:456 +#: src/config/SSSDConfig/__init__.py.in:457 msgid "Automounter map entry key attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:457 +#: src/config/SSSDConfig/__init__.py.in:458 msgid "Automounter map entry value attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:458 +#: src/config/SSSDConfig/__init__.py.in:459 msgid "Base DN for automounter map lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:461 +#: src/config/SSSDConfig/__init__.py.in:462 msgid "Comma separated list of allowed users" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:462 +#: src/config/SSSDConfig/__init__.py.in:463 msgid "Comma separated list of prohibited users" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:465 +#: src/config/SSSDConfig/__init__.py.in:466 msgid "Default shell, /bin/bash" msgstr "Alapértelmezett shell, /bin/bash" -#: src/config/SSSDConfig/__init__.py.in:466 +#: src/config/SSSDConfig/__init__.py.in:467 msgid "Base for home directories" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:469 +#: src/config/SSSDConfig/__init__.py.in:470 msgid "The number of preforked proxy children." msgstr "" -#: src/config/SSSDConfig/__init__.py.in:472 +#: src/config/SSSDConfig/__init__.py.in:473 msgid "The name of the NSS library to use" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:473 +#: src/config/SSSDConfig/__init__.py.in:474 msgid "Whether to look up canonical group name from cache if possible" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:476 +#: src/config/SSSDConfig/__init__.py.in:477 msgid "PAM stack to use" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:479 +#: src/config/SSSDConfig/__init__.py.in:480 msgid "Path of passwd file sources." msgstr "" -#: src/config/SSSDConfig/__init__.py.in:480 +#: src/config/SSSDConfig/__init__.py.in:481 msgid "Path of group file sources." msgstr "" -#: src/monitor/monitor.c:2347 +#: src/monitor/monitor.c:2332 msgid "Become a daemon (default)" msgstr "" -#: src/monitor/monitor.c:2349 +#: src/monitor/monitor.c:2334 msgid "Run interactive (not a daemon)" msgstr "" -#: src/monitor/monitor.c:2352 +#: src/monitor/monitor.c:2337 msgid "Disable netlink interface" msgstr "" -#: src/monitor/monitor.c:2354 src/tools/sssctl/sssctl_logs.c:311 +#: src/monitor/monitor.c:2339 src/tools/sssctl/sssctl_logs.c:311 msgid "Specify a non-default config file" msgstr "" -#: src/monitor/monitor.c:2356 +#: src/monitor/monitor.c:2341 msgid "Refresh the configuration database, then exit" msgstr "" -#: src/monitor/monitor.c:2359 +#: src/monitor/monitor.c:2344 msgid "Similar to --genconf, but only refreshes the given section" msgstr "" -#: src/monitor/monitor.c:2362 +#: src/monitor/monitor.c:2347 msgid "Print version number and exit" msgstr "" -#: src/monitor/monitor.c:2538 +#: src/monitor/monitor.c:2523 msgid "SSSD is already running\n" msgstr "" -#: src/providers/krb5/krb5_child.c:3219 src/providers/ldap/ldap_child.c:605 +#: src/providers/krb5/krb5_child.c:3232 src/providers/ldap/ldap_child.c:605 msgid "Debug level" msgstr "" -#: src/providers/krb5/krb5_child.c:3221 src/providers/ldap/ldap_child.c:607 +#: src/providers/krb5/krb5_child.c:3234 src/providers/ldap/ldap_child.c:607 msgid "Add debug timestamps" msgstr "Időbélyegek a hibakeresési kimenetben" -#: src/providers/krb5/krb5_child.c:3223 src/providers/ldap/ldap_child.c:609 +#: src/providers/krb5/krb5_child.c:3236 src/providers/ldap/ldap_child.c:609 msgid "Show timestamps with microseconds" msgstr "Mikroszekundum pontosságú időbélyegek" -#: src/providers/krb5/krb5_child.c:3225 src/providers/ldap/ldap_child.c:611 +#: src/providers/krb5/krb5_child.c:3238 src/providers/ldap/ldap_child.c:611 msgid "An open file descriptor for the debug logs" msgstr "" -#: src/providers/krb5/krb5_child.c:3228 src/providers/ldap/ldap_child.c:613 +#: src/providers/krb5/krb5_child.c:3241 src/providers/ldap/ldap_child.c:613 msgid "Send the debug output to stderr directly." msgstr "" -#: src/providers/krb5/krb5_child.c:3231 +#: src/providers/krb5/krb5_child.c:3244 msgid "The user to create FAST ccache as" msgstr "" -#: src/providers/krb5/krb5_child.c:3233 +#: src/providers/krb5/krb5_child.c:3246 msgid "The group to create FAST ccache as" msgstr "" -#: src/providers/krb5/krb5_child.c:3235 +#: src/providers/krb5/krb5_child.c:3248 msgid "Kerberos realm to use" msgstr "" -#: src/providers/krb5/krb5_child.c:3237 +#: src/providers/krb5/krb5_child.c:3250 msgid "Requested lifetime of the ticket" msgstr "" -#: src/providers/krb5/krb5_child.c:3239 +#: src/providers/krb5/krb5_child.c:3252 msgid "Requested renewable lifetime of the ticket" msgstr "" -#: src/providers/krb5/krb5_child.c:3241 +#: src/providers/krb5/krb5_child.c:3254 msgid "FAST options ('never', 'try', 'demand')" msgstr "" -#: src/providers/krb5/krb5_child.c:3244 +#: src/providers/krb5/krb5_child.c:3257 msgid "Specifies the server principal to use for FAST" msgstr "" -#: src/providers/krb5/krb5_child.c:3246 +#: src/providers/krb5/krb5_child.c:3259 msgid "Requests canonicalization of the principal name" msgstr "" -#: src/providers/krb5/krb5_child.c:3248 +#: src/providers/krb5/krb5_child.c:3261 msgid "Use custom version of krb5_get_init_creds_password" msgstr "" -#: src/providers/data_provider_be.c:630 +#: src/providers/data_provider_be.c:673 msgid "Domain of the information provider (mandatory)" msgstr "" -#: src/sss_client/common.c:1067 +#: src/sss_client/common.c:1079 msgid "Privileged socket has wrong ownership or permissions." msgstr "" -#: src/sss_client/common.c:1070 +#: src/sss_client/common.c:1082 msgid "Public socket has wrong ownership or permissions." msgstr "" -#: src/sss_client/common.c:1073 +#: src/sss_client/common.c:1085 msgid "Unexpected format of the server credential message." msgstr "" -#: src/sss_client/common.c:1076 +#: src/sss_client/common.c:1088 msgid "SSSD is not run by root." msgstr "Az SSSD nem root-ként fut." -#: src/sss_client/common.c:1081 +#: src/sss_client/common.c:1091 +msgid "SSSD socket does not exist." +msgstr "" + +#: src/sss_client/common.c:1094 +msgid "Cannot get stat of SSSD socket." +msgstr "" + +#: src/sss_client/common.c:1099 msgid "An error occurred, but no description can be found." msgstr "Hiba lépett fel, de nem érhetőek el részletek." -#: src/sss_client/common.c:1087 +#: src/sss_client/common.c:1105 msgid "Unexpected error while looking for an error description" msgstr "" @@ -1594,88 +1607,88 @@ msgstr "" msgid "Permission denied. " msgstr "" -#: src/sss_client/pam_sss.c:68 src/sss_client/pam_sss.c:774 -#: src/sss_client/pam_sss.c:785 +#: src/sss_client/pam_sss.c:68 src/sss_client/pam_sss.c:777 +#: src/sss_client/pam_sss.c:788 msgid "Server message: " msgstr "Szerver üzenete:" -#: src/sss_client/pam_sss.c:292 +#: src/sss_client/pam_sss.c:295 msgid "Passwords do not match" msgstr "A jelszavak nem egyeznek" -#: src/sss_client/pam_sss.c:480 +#: src/sss_client/pam_sss.c:483 msgid "Password reset by root is not supported." msgstr "A jelszó root általi visszaállítása nem támogatott." -#: src/sss_client/pam_sss.c:521 +#: src/sss_client/pam_sss.c:524 msgid "Authenticated with cached credentials" msgstr "Azonosítva gyorsítótárazott adatbázisból" -#: src/sss_client/pam_sss.c:522 +#: src/sss_client/pam_sss.c:525 msgid ", your cached password will expire at: " msgstr ", a gyorsítótárazott jelszó lejár ekkor: " -#: src/sss_client/pam_sss.c:552 +#: src/sss_client/pam_sss.c:555 #, c-format msgid "Your password has expired. You have %1$d grace login(s) remaining." msgstr "" -#: src/sss_client/pam_sss.c:598 +#: src/sss_client/pam_sss.c:601 #, c-format msgid "Your password will expire in %1$d %2$s." msgstr "" -#: src/sss_client/pam_sss.c:647 +#: src/sss_client/pam_sss.c:650 msgid "Authentication is denied until: " msgstr "A bejelentkezés tiltott eddig:" -#: src/sss_client/pam_sss.c:668 +#: src/sss_client/pam_sss.c:671 msgid "System is offline, password change not possible" msgstr "A rendszer nem érhető el, a jelszó megváltoztatása nem lehetséges" -#: src/sss_client/pam_sss.c:683 +#: src/sss_client/pam_sss.c:686 msgid "" "After changing the OTP password, you need to log out and back in order to " "acquire a ticket" msgstr "" -#: src/sss_client/pam_sss.c:771 src/sss_client/pam_sss.c:784 +#: src/sss_client/pam_sss.c:774 src/sss_client/pam_sss.c:787 msgid "Password change failed. " msgstr "A jelszó megváltoztatása nem sikerült." -#: src/sss_client/pam_sss.c:1921 +#: src/sss_client/pam_sss.c:1977 msgid "New Password: " msgstr "Új jelszó:" -#: src/sss_client/pam_sss.c:1922 +#: src/sss_client/pam_sss.c:1978 msgid "Reenter new Password: " msgstr "Jelszó mégegyszer: " -#: src/sss_client/pam_sss.c:2038 src/sss_client/pam_sss.c:2041 +#: src/sss_client/pam_sss.c:2139 src/sss_client/pam_sss.c:2142 msgid "First Factor: " msgstr "" -#: src/sss_client/pam_sss.c:2039 src/sss_client/pam_sss.c:2201 +#: src/sss_client/pam_sss.c:2140 src/sss_client/pam_sss.c:2303 msgid "Second Factor (optional): " msgstr "" -#: src/sss_client/pam_sss.c:2042 src/sss_client/pam_sss.c:2204 +#: src/sss_client/pam_sss.c:2143 src/sss_client/pam_sss.c:2306 msgid "Second Factor: " msgstr "" -#: src/sss_client/pam_sss.c:2057 +#: src/sss_client/pam_sss.c:2158 msgid "Password: " msgstr "Jelszó: " -#: src/sss_client/pam_sss.c:2200 src/sss_client/pam_sss.c:2203 +#: src/sss_client/pam_sss.c:2302 src/sss_client/pam_sss.c:2305 msgid "First Factor (Current Password): " msgstr "" -#: src/sss_client/pam_sss.c:2207 +#: src/sss_client/pam_sss.c:2309 msgid "Current Password: " msgstr "Jelenlegi jelszó:" -#: src/sss_client/pam_sss.c:2562 +#: src/sss_client/pam_sss.c:2664 msgid "Password expired. Change your password now." msgstr "A jelszava lejárt, változtass meg most." @@ -1684,7 +1697,7 @@ msgstr "A jelszava lejárt, változtass meg most." #: src/tools/sss_groupadd.c:41 src/tools/sss_groupdel.c:44 #: src/tools/sss_groupmod.c:42 src/tools/sss_groupshow.c:668 #: src/tools/sss_userdel.c:134 src/tools/sss_usermod.c:47 -#: src/tools/sss_cache.c:687 +#: src/tools/sss_cache.c:704 msgid "The debug level to run with" msgstr "" @@ -1697,7 +1710,7 @@ msgstr "" #: src/tools/sss_groupadd.c:59 src/tools/sss_groupdel.c:54 #: src/tools/sss_groupmod.c:66 src/tools/sss_groupshow.c:680 #: src/tools/sss_userdel.c:152 src/tools/sss_usermod.c:79 -#: src/tools/sss_cache.c:733 +#: src/tools/sss_cache.c:750 msgid "Error setting the locale\n" msgstr "" @@ -1733,6 +1746,11 @@ msgstr "" msgid "The path to the proxy command must be absolute\n" msgstr "" +#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:342 +#, c-format +msgid "sss_ssh_knownhostsproxy: Could not resolve hostname %s\n" +msgstr "" + #: src/tools/sss_useradd.c:49 src/tools/sss_usermod.c:48 msgid "The UID of the user" msgstr "A felhasználó UID-je" @@ -2133,102 +2151,102 @@ msgstr "" msgid "Transaction error. Could not modify user.\n" msgstr "Tranzakcióhiba történt, a felhasználó nem módosítható.\n" -#: src/tools/sss_cache.c:228 +#: src/tools/sss_cache.c:245 msgid "No cache object matched the specified search\n" msgstr "" -#: src/tools/sss_cache.c:519 +#: src/tools/sss_cache.c:536 #, c-format msgid "Couldn't invalidate %1$s\n" msgstr "" -#: src/tools/sss_cache.c:526 +#: src/tools/sss_cache.c:543 #, c-format msgid "Couldn't invalidate %1$s %2$s\n" msgstr "" -#: src/tools/sss_cache.c:689 +#: src/tools/sss_cache.c:706 msgid "Invalidate all cached entries" msgstr "" -#: src/tools/sss_cache.c:691 +#: src/tools/sss_cache.c:708 msgid "Invalidate particular user" msgstr "" -#: src/tools/sss_cache.c:693 +#: src/tools/sss_cache.c:710 msgid "Invalidate all users" msgstr "" -#: src/tools/sss_cache.c:695 +#: src/tools/sss_cache.c:712 msgid "Invalidate particular group" msgstr "" -#: src/tools/sss_cache.c:697 +#: src/tools/sss_cache.c:714 msgid "Invalidate all groups" msgstr "" -#: src/tools/sss_cache.c:699 +#: src/tools/sss_cache.c:716 msgid "Invalidate particular netgroup" msgstr "" -#: src/tools/sss_cache.c:701 +#: src/tools/sss_cache.c:718 msgid "Invalidate all netgroups" msgstr "" -#: src/tools/sss_cache.c:703 +#: src/tools/sss_cache.c:720 msgid "Invalidate particular service" msgstr "" -#: src/tools/sss_cache.c:705 +#: src/tools/sss_cache.c:722 msgid "Invalidate all services" msgstr "" -#: src/tools/sss_cache.c:708 +#: src/tools/sss_cache.c:725 msgid "Invalidate particular autofs map" msgstr "" -#: src/tools/sss_cache.c:710 +#: src/tools/sss_cache.c:727 msgid "Invalidate all autofs maps" msgstr "" -#: src/tools/sss_cache.c:714 +#: src/tools/sss_cache.c:731 msgid "Invalidate particular SSH host" msgstr "" -#: src/tools/sss_cache.c:716 +#: src/tools/sss_cache.c:733 msgid "Invalidate all SSH hosts" msgstr "" -#: src/tools/sss_cache.c:720 +#: src/tools/sss_cache.c:737 msgid "Invalidate particular sudo rule" msgstr "" -#: src/tools/sss_cache.c:722 +#: src/tools/sss_cache.c:739 msgid "Invalidate all cached sudo rules" msgstr "" -#: src/tools/sss_cache.c:725 +#: src/tools/sss_cache.c:742 msgid "Only invalidate entries from a particular domain" msgstr "" -#: src/tools/sss_cache.c:779 +#: src/tools/sss_cache.c:796 msgid "" "Unexpected argument(s) provided, options that invalidate a single object " "only accept a single provided argument.\n" msgstr "" -#: src/tools/sss_cache.c:789 +#: src/tools/sss_cache.c:806 msgid "Please select at least one object to invalidate\n" msgstr "" -#: src/tools/sss_cache.c:872 +#: src/tools/sss_cache.c:889 #, c-format msgid "" "Could not open domain %1$s. If the domain is a subdomain (trusted domain), " "use fully qualified name instead of --domain/-d parameter.\n" msgstr "" -#: src/tools/sss_cache.c:877 +#: src/tools/sss_cache.c:894 msgid "Could not open available domains\n" msgstr "" @@ -2777,21 +2795,18 @@ msgstr "" msgid " - no env -\n" msgstr "" -#: src/util/util.h:73 +#: src/util/util.h:74 msgid "The user ID to run the server as" msgstr "" -#: src/util/util.h:75 +#: src/util/util.h:76 msgid "The group ID to run the server as" msgstr "" -#: src/util/util.h:83 +#: src/util/util.h:84 msgid "Informs that the responder has been socket-activated" msgstr "" -#: src/util/util.h:85 +#: src/util/util.h:86 msgid "Informs that the responder has been dbus-activated" msgstr "" - -#~ msgid "Store password hashes" -#~ msgstr "Jelszó hash-ek tárolása" diff --git a/po/id.po b/po/id.po index 5cd3739b4d6..4ba1faefa01 100644 --- a/po/id.po +++ b/po/id.po @@ -7,7 +7,7 @@ msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n" -"POT-Creation-Date: 2019-02-27 19:55+0100\n" +"POT-Creation-Date: 2019-06-13 20:35+0200\n" "PO-Revision-Date: 2014-12-14 11:46+0000\n" "Last-Translator: Copied by Zanata \n" "Language-Team: Indonesian (http://www.transifex.com/projects/p/sssd/language/" @@ -674,7 +674,7 @@ msgid "Active Directory client hostname" msgstr "" #: src/config/SSSDConfig/__init__.py.in:236 -#: src/config/SSSDConfig/__init__.py.in:420 +#: src/config/SSSDConfig/__init__.py.in:421 msgid "LDAP filter to determine access privileges" msgstr "" @@ -844,746 +844,758 @@ msgid "The Schema Type in use on the LDAP server, rfc2307" msgstr "Jenis Skema yang digunakan pada server LDAP, rfc2307" #: src/config/SSSDConfig/__init__.py.in:285 -msgid "The default bind DN" +msgid "Mode used to change user password" msgstr "" #: src/config/SSSDConfig/__init__.py.in:286 -msgid "The type of the authentication token of the default bind DN" +msgid "The default bind DN" msgstr "" #: src/config/SSSDConfig/__init__.py.in:287 -msgid "The authentication token of the default bind DN" +msgid "The type of the authentication token of the default bind DN" msgstr "" #: src/config/SSSDConfig/__init__.py.in:288 +msgid "The authentication token of the default bind DN" +msgstr "" + +#: src/config/SSSDConfig/__init__.py.in:289 msgid "Length of time to attempt connection" msgstr "Lamanya waktu untuk mencoba koneksi" -#: src/config/SSSDConfig/__init__.py.in:289 +#: src/config/SSSDConfig/__init__.py.in:290 msgid "Length of time to attempt synchronous LDAP operations" msgstr "Lamanya waktu untuk mencoba operasi LDAP yang sinkron" -#: src/config/SSSDConfig/__init__.py.in:290 +#: src/config/SSSDConfig/__init__.py.in:291 msgid "Length of time between attempts to reconnect while offline" msgstr "Lamanya waktu antara upaya untuk menyambung kembali saat luring" -#: src/config/SSSDConfig/__init__.py.in:291 +#: src/config/SSSDConfig/__init__.py.in:292 msgid "Use only the upper case for realm names" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:292 +#: src/config/SSSDConfig/__init__.py.in:293 msgid "File that contains CA certificates" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:293 +#: src/config/SSSDConfig/__init__.py.in:294 msgid "Path to CA certificate directory" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:294 +#: src/config/SSSDConfig/__init__.py.in:295 msgid "File that contains the client certificate" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:295 +#: src/config/SSSDConfig/__init__.py.in:296 msgid "File that contains the client key" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:296 +#: src/config/SSSDConfig/__init__.py.in:297 msgid "List of possible ciphers suites" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:297 +#: src/config/SSSDConfig/__init__.py.in:298 msgid "Require TLS certificate verification" msgstr "Membutuhkan verifikasi sertifikat TLS" -#: src/config/SSSDConfig/__init__.py.in:298 +#: src/config/SSSDConfig/__init__.py.in:299 msgid "Specify the sasl mechanism to use" msgstr "Tentukan mekanisme sasl yang digunakan" -#: src/config/SSSDConfig/__init__.py.in:299 +#: src/config/SSSDConfig/__init__.py.in:300 msgid "Specify the sasl authorization id to use" msgstr "Tentukan id otorisasi sasl yang digunakan" -#: src/config/SSSDConfig/__init__.py.in:300 +#: src/config/SSSDConfig/__init__.py.in:301 msgid "Specify the sasl authorization realm to use" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:301 +#: src/config/SSSDConfig/__init__.py.in:302 msgid "Specify the minimal SSF for LDAP sasl authorization" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:302 +#: src/config/SSSDConfig/__init__.py.in:303 msgid "Kerberos service keytab" msgstr "Keytab layanan Kerberos" -#: src/config/SSSDConfig/__init__.py.in:303 +#: src/config/SSSDConfig/__init__.py.in:304 msgid "Use Kerberos auth for LDAP connection" msgstr "Gunakan otentikasi Kerberos untuk koneksi LDAP" -#: src/config/SSSDConfig/__init__.py.in:304 +#: src/config/SSSDConfig/__init__.py.in:305 msgid "Follow LDAP referrals" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:305 +#: src/config/SSSDConfig/__init__.py.in:306 msgid "Lifetime of TGT for LDAP connection" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:306 +#: src/config/SSSDConfig/__init__.py.in:307 msgid "How to dereference aliases" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:307 +#: src/config/SSSDConfig/__init__.py.in:308 msgid "Service name for DNS service lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:308 +#: src/config/SSSDConfig/__init__.py.in:309 msgid "The number of records to retrieve in a single LDAP query" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:309 +#: src/config/SSSDConfig/__init__.py.in:310 msgid "The number of members that must be missing to trigger a full deref" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:310 +#: src/config/SSSDConfig/__init__.py.in:311 msgid "" "Whether the LDAP library should perform a reverse lookup to canonicalize the " "host name during a SASL bind" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:312 +#: src/config/SSSDConfig/__init__.py.in:313 msgid "entryUSN attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:313 +#: src/config/SSSDConfig/__init__.py.in:314 msgid "lastUSN attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:315 +#: src/config/SSSDConfig/__init__.py.in:316 msgid "How long to retain a connection to the LDAP server before disconnecting" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:317 +#: src/config/SSSDConfig/__init__.py.in:318 msgid "Disable the LDAP paging control" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:318 +#: src/config/SSSDConfig/__init__.py.in:319 msgid "Disable Active Directory range retrieval" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:321 +#: src/config/SSSDConfig/__init__.py.in:322 msgid "Length of time to wait for a search request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:322 +#: src/config/SSSDConfig/__init__.py.in:323 msgid "Length of time to wait for a enumeration request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:323 +#: src/config/SSSDConfig/__init__.py.in:324 msgid "Length of time between enumeration updates" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:324 +#: src/config/SSSDConfig/__init__.py.in:325 msgid "Length of time between cache cleanups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:325 +#: src/config/SSSDConfig/__init__.py.in:326 msgid "Require TLS for ID lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:326 +#: src/config/SSSDConfig/__init__.py.in:327 msgid "Use ID-mapping of objectSID instead of pre-set IDs" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:327 +#: src/config/SSSDConfig/__init__.py.in:328 msgid "Base DN for user lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:328 +#: src/config/SSSDConfig/__init__.py.in:329 msgid "Scope of user lookups" msgstr "Lingkup pencarian pengguna" -#: src/config/SSSDConfig/__init__.py.in:329 +#: src/config/SSSDConfig/__init__.py.in:330 msgid "Filter for user lookups" msgstr "Filter pencarian pengguna" -#: src/config/SSSDConfig/__init__.py.in:330 +#: src/config/SSSDConfig/__init__.py.in:331 msgid "Objectclass for users" msgstr "Objectclass untuk pengguna" -#: src/config/SSSDConfig/__init__.py.in:331 +#: src/config/SSSDConfig/__init__.py.in:332 msgid "Username attribute" msgstr "Atribut Nama pengguna" -#: src/config/SSSDConfig/__init__.py.in:333 +#: src/config/SSSDConfig/__init__.py.in:334 msgid "UID attribute" msgstr "Atribut UID" -#: src/config/SSSDConfig/__init__.py.in:334 +#: src/config/SSSDConfig/__init__.py.in:335 msgid "Primary GID attribute" msgstr "Atribut GID Primer" -#: src/config/SSSDConfig/__init__.py.in:335 +#: src/config/SSSDConfig/__init__.py.in:336 msgid "GECOS attribute" msgstr "Atribut GECOS" -#: src/config/SSSDConfig/__init__.py.in:336 +#: src/config/SSSDConfig/__init__.py.in:337 msgid "Home directory attribute" msgstr "Atribut direktori Home" -#: src/config/SSSDConfig/__init__.py.in:337 +#: src/config/SSSDConfig/__init__.py.in:338 msgid "Shell attribute" msgstr "Atribut Shell" -#: src/config/SSSDConfig/__init__.py.in:338 +#: src/config/SSSDConfig/__init__.py.in:339 msgid "UUID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:339 -#: src/config/SSSDConfig/__init__.py.in:381 +#: src/config/SSSDConfig/__init__.py.in:340 +#: src/config/SSSDConfig/__init__.py.in:382 msgid "objectSID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:340 +#: src/config/SSSDConfig/__init__.py.in:341 msgid "Active Directory primary group attribute for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:341 +#: src/config/SSSDConfig/__init__.py.in:342 msgid "User principal attribute (for Kerberos)" msgstr "Atribut utama pengguna (untuk Kerberos)" -#: src/config/SSSDConfig/__init__.py.in:342 +#: src/config/SSSDConfig/__init__.py.in:343 msgid "Full Name" msgstr "Nama Lengkap" -#: src/config/SSSDConfig/__init__.py.in:343 +#: src/config/SSSDConfig/__init__.py.in:344 msgid "memberOf attribute" msgstr "Atribut memberOf" -#: src/config/SSSDConfig/__init__.py.in:344 +#: src/config/SSSDConfig/__init__.py.in:345 msgid "Modification time attribute" msgstr "Atribut waktu modifikasi" -#: src/config/SSSDConfig/__init__.py.in:346 +#: src/config/SSSDConfig/__init__.py.in:347 msgid "shadowLastChange attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:347 +#: src/config/SSSDConfig/__init__.py.in:348 msgid "shadowMin attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:348 +#: src/config/SSSDConfig/__init__.py.in:349 msgid "shadowMax attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:349 +#: src/config/SSSDConfig/__init__.py.in:350 msgid "shadowWarning attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:350 +#: src/config/SSSDConfig/__init__.py.in:351 msgid "shadowInactive attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:351 +#: src/config/SSSDConfig/__init__.py.in:352 msgid "shadowExpire attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:352 +#: src/config/SSSDConfig/__init__.py.in:353 msgid "shadowFlag attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:353 +#: src/config/SSSDConfig/__init__.py.in:354 msgid "Attribute listing authorized PAM services" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:354 +#: src/config/SSSDConfig/__init__.py.in:355 msgid "Attribute listing authorized server hosts" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:355 +#: src/config/SSSDConfig/__init__.py.in:356 msgid "Attribute listing authorized server rhosts" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:356 +#: src/config/SSSDConfig/__init__.py.in:357 msgid "krbLastPwdChange attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:357 +#: src/config/SSSDConfig/__init__.py.in:358 msgid "krbPasswordExpiration attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:358 +#: src/config/SSSDConfig/__init__.py.in:359 msgid "Attribute indicating that server side password policies are active" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:359 +#: src/config/SSSDConfig/__init__.py.in:360 msgid "accountExpires attribute of AD" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:360 +#: src/config/SSSDConfig/__init__.py.in:361 msgid "userAccountControl attribute of AD" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:361 +#: src/config/SSSDConfig/__init__.py.in:362 msgid "nsAccountLock attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:362 +#: src/config/SSSDConfig/__init__.py.in:363 msgid "loginDisabled attribute of NDS" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:363 +#: src/config/SSSDConfig/__init__.py.in:364 msgid "loginExpirationTime attribute of NDS" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:364 +#: src/config/SSSDConfig/__init__.py.in:365 msgid "loginAllowedTimeMap attribute of NDS" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:365 +#: src/config/SSSDConfig/__init__.py.in:366 msgid "SSH public key attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:366 +#: src/config/SSSDConfig/__init__.py.in:367 msgid "attribute listing allowed authentication types for a user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:367 +#: src/config/SSSDConfig/__init__.py.in:368 msgid "attribute containing the X509 certificate of the user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:368 +#: src/config/SSSDConfig/__init__.py.in:369 msgid "attribute containing the email address of the user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:370 +#: src/config/SSSDConfig/__init__.py.in:371 msgid "A list of extra attributes to download along with the user entry" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:372 +#: src/config/SSSDConfig/__init__.py.in:373 msgid "Base DN for group lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:375 +#: src/config/SSSDConfig/__init__.py.in:376 msgid "Objectclass for groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:376 +#: src/config/SSSDConfig/__init__.py.in:377 msgid "Group name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:377 +#: src/config/SSSDConfig/__init__.py.in:378 msgid "Group password" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:378 +#: src/config/SSSDConfig/__init__.py.in:379 msgid "GID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:379 +#: src/config/SSSDConfig/__init__.py.in:380 msgid "Group member attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:380 +#: src/config/SSSDConfig/__init__.py.in:381 msgid "Group UUID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:382 +#: src/config/SSSDConfig/__init__.py.in:383 msgid "Modification time attribute for groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:383 +#: src/config/SSSDConfig/__init__.py.in:384 msgid "Type of the group and other flags" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:384 +#: src/config/SSSDConfig/__init__.py.in:385 msgid "The LDAP group external member attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:386 +#: src/config/SSSDConfig/__init__.py.in:387 msgid "Maximum nesting level SSSD will follow" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:388 +#: src/config/SSSDConfig/__init__.py.in:389 msgid "Base DN for netgroup lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:389 +#: src/config/SSSDConfig/__init__.py.in:390 msgid "Objectclass for netgroups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:390 +#: src/config/SSSDConfig/__init__.py.in:391 msgid "Netgroup name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:391 +#: src/config/SSSDConfig/__init__.py.in:392 msgid "Netgroups members attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:392 +#: src/config/SSSDConfig/__init__.py.in:393 msgid "Netgroup triple attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:393 +#: src/config/SSSDConfig/__init__.py.in:394 msgid "Modification time attribute for netgroups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:395 +#: src/config/SSSDConfig/__init__.py.in:396 msgid "Base DN for service lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:396 +#: src/config/SSSDConfig/__init__.py.in:397 msgid "Objectclass for services" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:397 +#: src/config/SSSDConfig/__init__.py.in:398 msgid "Service name attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:398 +#: src/config/SSSDConfig/__init__.py.in:399 msgid "Service port attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:399 +#: src/config/SSSDConfig/__init__.py.in:400 msgid "Service protocol attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:402 +#: src/config/SSSDConfig/__init__.py.in:403 msgid "Lower bound for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:403 +#: src/config/SSSDConfig/__init__.py.in:404 msgid "Upper bound for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:404 +#: src/config/SSSDConfig/__init__.py.in:405 msgid "Number of IDs for each slice when ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:405 +#: src/config/SSSDConfig/__init__.py.in:406 msgid "Use autorid-compatible algorithm for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:406 +#: src/config/SSSDConfig/__init__.py.in:407 msgid "Name of the default domain for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:407 +#: src/config/SSSDConfig/__init__.py.in:408 msgid "SID of the default domain for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:408 +#: src/config/SSSDConfig/__init__.py.in:409 msgid "Number of secondary slices" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:410 +#: src/config/SSSDConfig/__init__.py.in:411 msgid "Whether to use Token-Groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:411 +#: src/config/SSSDConfig/__init__.py.in:412 msgid "Set lower boundary for allowed IDs from the LDAP server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:412 +#: src/config/SSSDConfig/__init__.py.in:413 msgid "Set upper boundary for allowed IDs from the LDAP server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:413 +#: src/config/SSSDConfig/__init__.py.in:414 msgid "DN for ppolicy queries" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:414 +#: src/config/SSSDConfig/__init__.py.in:415 msgid "How many maximum entries to fetch during a wildcard request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:417 +#: src/config/SSSDConfig/__init__.py.in:418 msgid "Policy to evaluate the password expiration" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:421 +#: src/config/SSSDConfig/__init__.py.in:422 msgid "Which attributes shall be used to evaluate if an account is expired" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:422 +#: src/config/SSSDConfig/__init__.py.in:423 msgid "Which rules should be used to evaluate access control" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:425 +#: src/config/SSSDConfig/__init__.py.in:426 msgid "URI of an LDAP server where password changes are allowed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:426 +#: src/config/SSSDConfig/__init__.py.in:427 msgid "URI of a backup LDAP server where password changes are allowed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:427 +#: src/config/SSSDConfig/__init__.py.in:428 msgid "DNS service name for LDAP password change server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:428 +#: src/config/SSSDConfig/__init__.py.in:429 msgid "" "Whether to update the ldap_user_shadow_last_change attribute after a " "password change" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:431 +#: src/config/SSSDConfig/__init__.py.in:432 msgid "Base DN for sudo rules lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:432 +#: src/config/SSSDConfig/__init__.py.in:433 msgid "Automatic full refresh period" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:433 +#: src/config/SSSDConfig/__init__.py.in:434 msgid "Automatic smart refresh period" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:434 +#: src/config/SSSDConfig/__init__.py.in:435 msgid "Whether to filter rules by hostname, IP addresses and network" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:435 +#: src/config/SSSDConfig/__init__.py.in:436 msgid "" "Hostnames and/or fully qualified domain names of this machine to filter sudo " "rules" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:436 +#: src/config/SSSDConfig/__init__.py.in:437 msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:437 +#: src/config/SSSDConfig/__init__.py.in:438 msgid "Whether to include rules that contains netgroup in host attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:438 +#: src/config/SSSDConfig/__init__.py.in:439 msgid "" "Whether to include rules that contains regular expression in host attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:439 +#: src/config/SSSDConfig/__init__.py.in:440 msgid "Object class for sudo rules" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:440 +#: src/config/SSSDConfig/__init__.py.in:441 msgid "Sudo rule name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:441 +#: src/config/SSSDConfig/__init__.py.in:442 msgid "Sudo rule command attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:442 +#: src/config/SSSDConfig/__init__.py.in:443 msgid "Sudo rule host attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:443 +#: src/config/SSSDConfig/__init__.py.in:444 msgid "Sudo rule user attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:444 +#: src/config/SSSDConfig/__init__.py.in:445 msgid "Sudo rule option attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:445 +#: src/config/SSSDConfig/__init__.py.in:446 msgid "Sudo rule runas attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:446 +#: src/config/SSSDConfig/__init__.py.in:447 msgid "Sudo rule runasuser attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:447 +#: src/config/SSSDConfig/__init__.py.in:448 msgid "Sudo rule runasgroup attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:448 +#: src/config/SSSDConfig/__init__.py.in:449 msgid "Sudo rule notbefore attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:449 +#: src/config/SSSDConfig/__init__.py.in:450 msgid "Sudo rule notafter attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:450 +#: src/config/SSSDConfig/__init__.py.in:451 msgid "Sudo rule order attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:453 +#: src/config/SSSDConfig/__init__.py.in:454 msgid "Object class for automounter maps" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:454 +#: src/config/SSSDConfig/__init__.py.in:455 msgid "Automounter map name attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:455 +#: src/config/SSSDConfig/__init__.py.in:456 msgid "Object class for automounter map entries" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:456 +#: src/config/SSSDConfig/__init__.py.in:457 msgid "Automounter map entry key attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:457 +#: src/config/SSSDConfig/__init__.py.in:458 msgid "Automounter map entry value attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:458 +#: src/config/SSSDConfig/__init__.py.in:459 msgid "Base DN for automounter map lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:461 +#: src/config/SSSDConfig/__init__.py.in:462 msgid "Comma separated list of allowed users" msgstr "Daftar pengguna yang diijinkan dalam format yang dipisahkan koma" -#: src/config/SSSDConfig/__init__.py.in:462 +#: src/config/SSSDConfig/__init__.py.in:463 msgid "Comma separated list of prohibited users" msgstr "Daftar pengguna yang tidak diijinkan dalam format yang dipisahkan koma" -#: src/config/SSSDConfig/__init__.py.in:465 +#: src/config/SSSDConfig/__init__.py.in:466 msgid "Default shell, /bin/bash" msgstr "Shell default, /bin/bash" -#: src/config/SSSDConfig/__init__.py.in:466 +#: src/config/SSSDConfig/__init__.py.in:467 msgid "Base for home directories" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:469 +#: src/config/SSSDConfig/__init__.py.in:470 msgid "The number of preforked proxy children." msgstr "" -#: src/config/SSSDConfig/__init__.py.in:472 +#: src/config/SSSDConfig/__init__.py.in:473 msgid "The name of the NSS library to use" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:473 +#: src/config/SSSDConfig/__init__.py.in:474 msgid "Whether to look up canonical group name from cache if possible" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:476 +#: src/config/SSSDConfig/__init__.py.in:477 msgid "PAM stack to use" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:479 +#: src/config/SSSDConfig/__init__.py.in:480 msgid "Path of passwd file sources." msgstr "" -#: src/config/SSSDConfig/__init__.py.in:480 +#: src/config/SSSDConfig/__init__.py.in:481 msgid "Path of group file sources." msgstr "" -#: src/monitor/monitor.c:2347 +#: src/monitor/monitor.c:2332 msgid "Become a daemon (default)" msgstr "" -#: src/monitor/monitor.c:2349 +#: src/monitor/monitor.c:2334 msgid "Run interactive (not a daemon)" msgstr "" -#: src/monitor/monitor.c:2352 +#: src/monitor/monitor.c:2337 msgid "Disable netlink interface" msgstr "" -#: src/monitor/monitor.c:2354 src/tools/sssctl/sssctl_logs.c:311 +#: src/monitor/monitor.c:2339 src/tools/sssctl/sssctl_logs.c:311 msgid "Specify a non-default config file" msgstr "" -#: src/monitor/monitor.c:2356 +#: src/monitor/monitor.c:2341 msgid "Refresh the configuration database, then exit" msgstr "" -#: src/monitor/monitor.c:2359 +#: src/monitor/monitor.c:2344 msgid "Similar to --genconf, but only refreshes the given section" msgstr "" -#: src/monitor/monitor.c:2362 +#: src/monitor/monitor.c:2347 msgid "Print version number and exit" msgstr "" -#: src/monitor/monitor.c:2538 +#: src/monitor/monitor.c:2523 msgid "SSSD is already running\n" msgstr "" -#: src/providers/krb5/krb5_child.c:3219 src/providers/ldap/ldap_child.c:605 +#: src/providers/krb5/krb5_child.c:3232 src/providers/ldap/ldap_child.c:605 msgid "Debug level" msgstr "" -#: src/providers/krb5/krb5_child.c:3221 src/providers/ldap/ldap_child.c:607 +#: src/providers/krb5/krb5_child.c:3234 src/providers/ldap/ldap_child.c:607 msgid "Add debug timestamps" msgstr "" -#: src/providers/krb5/krb5_child.c:3223 src/providers/ldap/ldap_child.c:609 +#: src/providers/krb5/krb5_child.c:3236 src/providers/ldap/ldap_child.c:609 msgid "Show timestamps with microseconds" msgstr "" -#: src/providers/krb5/krb5_child.c:3225 src/providers/ldap/ldap_child.c:611 +#: src/providers/krb5/krb5_child.c:3238 src/providers/ldap/ldap_child.c:611 msgid "An open file descriptor for the debug logs" msgstr "" -#: src/providers/krb5/krb5_child.c:3228 src/providers/ldap/ldap_child.c:613 +#: src/providers/krb5/krb5_child.c:3241 src/providers/ldap/ldap_child.c:613 msgid "Send the debug output to stderr directly." msgstr "" -#: src/providers/krb5/krb5_child.c:3231 +#: src/providers/krb5/krb5_child.c:3244 msgid "The user to create FAST ccache as" msgstr "" -#: src/providers/krb5/krb5_child.c:3233 +#: src/providers/krb5/krb5_child.c:3246 msgid "The group to create FAST ccache as" msgstr "" -#: src/providers/krb5/krb5_child.c:3235 +#: src/providers/krb5/krb5_child.c:3248 msgid "Kerberos realm to use" msgstr "" -#: src/providers/krb5/krb5_child.c:3237 +#: src/providers/krb5/krb5_child.c:3250 msgid "Requested lifetime of the ticket" msgstr "" -#: src/providers/krb5/krb5_child.c:3239 +#: src/providers/krb5/krb5_child.c:3252 msgid "Requested renewable lifetime of the ticket" msgstr "" -#: src/providers/krb5/krb5_child.c:3241 +#: src/providers/krb5/krb5_child.c:3254 msgid "FAST options ('never', 'try', 'demand')" msgstr "" -#: src/providers/krb5/krb5_child.c:3244 +#: src/providers/krb5/krb5_child.c:3257 msgid "Specifies the server principal to use for FAST" msgstr "" -#: src/providers/krb5/krb5_child.c:3246 +#: src/providers/krb5/krb5_child.c:3259 msgid "Requests canonicalization of the principal name" msgstr "" -#: src/providers/krb5/krb5_child.c:3248 +#: src/providers/krb5/krb5_child.c:3261 msgid "Use custom version of krb5_get_init_creds_password" msgstr "" -#: src/providers/data_provider_be.c:630 +#: src/providers/data_provider_be.c:673 msgid "Domain of the information provider (mandatory)" msgstr "" -#: src/sss_client/common.c:1067 +#: src/sss_client/common.c:1079 msgid "Privileged socket has wrong ownership or permissions." msgstr "" -#: src/sss_client/common.c:1070 +#: src/sss_client/common.c:1082 msgid "Public socket has wrong ownership or permissions." msgstr "" -#: src/sss_client/common.c:1073 +#: src/sss_client/common.c:1085 msgid "Unexpected format of the server credential message." msgstr "" -#: src/sss_client/common.c:1076 +#: src/sss_client/common.c:1088 msgid "SSSD is not run by root." msgstr "" -#: src/sss_client/common.c:1081 +#: src/sss_client/common.c:1091 +msgid "SSSD socket does not exist." +msgstr "" + +#: src/sss_client/common.c:1094 +msgid "Cannot get stat of SSSD socket." +msgstr "" + +#: src/sss_client/common.c:1099 msgid "An error occurred, but no description can be found." msgstr "" -#: src/sss_client/common.c:1087 +#: src/sss_client/common.c:1105 msgid "Unexpected error while looking for an error description" msgstr "" @@ -1591,88 +1603,88 @@ msgstr "" msgid "Permission denied. " msgstr "" -#: src/sss_client/pam_sss.c:68 src/sss_client/pam_sss.c:774 -#: src/sss_client/pam_sss.c:785 +#: src/sss_client/pam_sss.c:68 src/sss_client/pam_sss.c:777 +#: src/sss_client/pam_sss.c:788 msgid "Server message: " msgstr "Pesan server:" -#: src/sss_client/pam_sss.c:292 +#: src/sss_client/pam_sss.c:295 msgid "Passwords do not match" msgstr "Kata sandi tidak cocok" -#: src/sss_client/pam_sss.c:480 +#: src/sss_client/pam_sss.c:483 msgid "Password reset by root is not supported." msgstr "" -#: src/sss_client/pam_sss.c:521 +#: src/sss_client/pam_sss.c:524 msgid "Authenticated with cached credentials" msgstr "" -#: src/sss_client/pam_sss.c:522 +#: src/sss_client/pam_sss.c:525 msgid ", your cached password will expire at: " msgstr "" -#: src/sss_client/pam_sss.c:552 +#: src/sss_client/pam_sss.c:555 #, c-format msgid "Your password has expired. You have %1$d grace login(s) remaining." msgstr "" -#: src/sss_client/pam_sss.c:598 +#: src/sss_client/pam_sss.c:601 #, c-format msgid "Your password will expire in %1$d %2$s." msgstr "" -#: src/sss_client/pam_sss.c:647 +#: src/sss_client/pam_sss.c:650 msgid "Authentication is denied until: " msgstr "" -#: src/sss_client/pam_sss.c:668 +#: src/sss_client/pam_sss.c:671 msgid "System is offline, password change not possible" msgstr "Sistem sedang luring, perubahan kata sandi tidak dimungkinkan" -#: src/sss_client/pam_sss.c:683 +#: src/sss_client/pam_sss.c:686 msgid "" "After changing the OTP password, you need to log out and back in order to " "acquire a ticket" msgstr "" -#: src/sss_client/pam_sss.c:771 src/sss_client/pam_sss.c:784 +#: src/sss_client/pam_sss.c:774 src/sss_client/pam_sss.c:787 msgid "Password change failed. " msgstr "Perubahan kata sandi gagal." -#: src/sss_client/pam_sss.c:1921 +#: src/sss_client/pam_sss.c:1977 msgid "New Password: " msgstr "Kata Sandi Baru: " -#: src/sss_client/pam_sss.c:1922 +#: src/sss_client/pam_sss.c:1978 msgid "Reenter new Password: " msgstr "Masukkan lagi kata sandi baru:" -#: src/sss_client/pam_sss.c:2038 src/sss_client/pam_sss.c:2041 +#: src/sss_client/pam_sss.c:2139 src/sss_client/pam_sss.c:2142 msgid "First Factor: " msgstr "" -#: src/sss_client/pam_sss.c:2039 src/sss_client/pam_sss.c:2201 +#: src/sss_client/pam_sss.c:2140 src/sss_client/pam_sss.c:2303 msgid "Second Factor (optional): " msgstr "" -#: src/sss_client/pam_sss.c:2042 src/sss_client/pam_sss.c:2204 +#: src/sss_client/pam_sss.c:2143 src/sss_client/pam_sss.c:2306 msgid "Second Factor: " msgstr "" -#: src/sss_client/pam_sss.c:2057 +#: src/sss_client/pam_sss.c:2158 msgid "Password: " msgstr "Kata sandi:" -#: src/sss_client/pam_sss.c:2200 src/sss_client/pam_sss.c:2203 +#: src/sss_client/pam_sss.c:2302 src/sss_client/pam_sss.c:2305 msgid "First Factor (Current Password): " msgstr "" -#: src/sss_client/pam_sss.c:2207 +#: src/sss_client/pam_sss.c:2309 msgid "Current Password: " msgstr "Kata sandi saat ini:" -#: src/sss_client/pam_sss.c:2562 +#: src/sss_client/pam_sss.c:2664 msgid "Password expired. Change your password now." msgstr "" @@ -1681,7 +1693,7 @@ msgstr "" #: src/tools/sss_groupadd.c:41 src/tools/sss_groupdel.c:44 #: src/tools/sss_groupmod.c:42 src/tools/sss_groupshow.c:668 #: src/tools/sss_userdel.c:134 src/tools/sss_usermod.c:47 -#: src/tools/sss_cache.c:687 +#: src/tools/sss_cache.c:704 msgid "The debug level to run with" msgstr "" @@ -1694,7 +1706,7 @@ msgstr "" #: src/tools/sss_groupadd.c:59 src/tools/sss_groupdel.c:54 #: src/tools/sss_groupmod.c:66 src/tools/sss_groupshow.c:680 #: src/tools/sss_userdel.c:152 src/tools/sss_usermod.c:79 -#: src/tools/sss_cache.c:733 +#: src/tools/sss_cache.c:750 msgid "Error setting the locale\n" msgstr "" @@ -1730,6 +1742,11 @@ msgstr "" msgid "The path to the proxy command must be absolute\n" msgstr "" +#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:342 +#, c-format +msgid "sss_ssh_knownhostsproxy: Could not resolve hostname %s\n" +msgstr "" + #: src/tools/sss_useradd.c:49 src/tools/sss_usermod.c:48 msgid "The UID of the user" msgstr "UID dari pengguna" @@ -2142,102 +2159,102 @@ msgstr "" msgid "Transaction error. Could not modify user.\n" msgstr "Kesalahan transaksi. Pengguna tidak dapat dimodifikasi.\n" -#: src/tools/sss_cache.c:228 +#: src/tools/sss_cache.c:245 msgid "No cache object matched the specified search\n" msgstr "" -#: src/tools/sss_cache.c:519 +#: src/tools/sss_cache.c:536 #, c-format msgid "Couldn't invalidate %1$s\n" msgstr "" -#: src/tools/sss_cache.c:526 +#: src/tools/sss_cache.c:543 #, c-format msgid "Couldn't invalidate %1$s %2$s\n" msgstr "" -#: src/tools/sss_cache.c:689 +#: src/tools/sss_cache.c:706 msgid "Invalidate all cached entries" msgstr "" -#: src/tools/sss_cache.c:691 +#: src/tools/sss_cache.c:708 msgid "Invalidate particular user" msgstr "" -#: src/tools/sss_cache.c:693 +#: src/tools/sss_cache.c:710 msgid "Invalidate all users" msgstr "" -#: src/tools/sss_cache.c:695 +#: src/tools/sss_cache.c:712 msgid "Invalidate particular group" msgstr "" -#: src/tools/sss_cache.c:697 +#: src/tools/sss_cache.c:714 msgid "Invalidate all groups" msgstr "" -#: src/tools/sss_cache.c:699 +#: src/tools/sss_cache.c:716 msgid "Invalidate particular netgroup" msgstr "" -#: src/tools/sss_cache.c:701 +#: src/tools/sss_cache.c:718 msgid "Invalidate all netgroups" msgstr "" -#: src/tools/sss_cache.c:703 +#: src/tools/sss_cache.c:720 msgid "Invalidate particular service" msgstr "" -#: src/tools/sss_cache.c:705 +#: src/tools/sss_cache.c:722 msgid "Invalidate all services" msgstr "" -#: src/tools/sss_cache.c:708 +#: src/tools/sss_cache.c:725 msgid "Invalidate particular autofs map" msgstr "" -#: src/tools/sss_cache.c:710 +#: src/tools/sss_cache.c:727 msgid "Invalidate all autofs maps" msgstr "" -#: src/tools/sss_cache.c:714 +#: src/tools/sss_cache.c:731 msgid "Invalidate particular SSH host" msgstr "" -#: src/tools/sss_cache.c:716 +#: src/tools/sss_cache.c:733 msgid "Invalidate all SSH hosts" msgstr "" -#: src/tools/sss_cache.c:720 +#: src/tools/sss_cache.c:737 msgid "Invalidate particular sudo rule" msgstr "" -#: src/tools/sss_cache.c:722 +#: src/tools/sss_cache.c:739 msgid "Invalidate all cached sudo rules" msgstr "" -#: src/tools/sss_cache.c:725 +#: src/tools/sss_cache.c:742 msgid "Only invalidate entries from a particular domain" msgstr "" -#: src/tools/sss_cache.c:779 +#: src/tools/sss_cache.c:796 msgid "" "Unexpected argument(s) provided, options that invalidate a single object " "only accept a single provided argument.\n" msgstr "" -#: src/tools/sss_cache.c:789 +#: src/tools/sss_cache.c:806 msgid "Please select at least one object to invalidate\n" msgstr "" -#: src/tools/sss_cache.c:872 +#: src/tools/sss_cache.c:889 #, c-format msgid "" "Could not open domain %1$s. If the domain is a subdomain (trusted domain), " "use fully qualified name instead of --domain/-d parameter.\n" msgstr "" -#: src/tools/sss_cache.c:877 +#: src/tools/sss_cache.c:894 msgid "Could not open available domains\n" msgstr "" @@ -2786,18 +2803,18 @@ msgstr "" msgid " - no env -\n" msgstr "" -#: src/util/util.h:73 +#: src/util/util.h:74 msgid "The user ID to run the server as" msgstr "" -#: src/util/util.h:75 +#: src/util/util.h:76 msgid "The group ID to run the server as" msgstr "" -#: src/util/util.h:83 +#: src/util/util.h:84 msgid "Informs that the responder has been socket-activated" msgstr "" -#: src/util/util.h:85 +#: src/util/util.h:86 msgid "Informs that the responder has been dbus-activated" msgstr "" diff --git a/po/it.po b/po/it.po index 121ceabc08d..9649a2959e2 100644 --- a/po/it.po +++ b/po/it.po @@ -4,13 +4,14 @@ # # Translators: # Guido Grazioli , 2011 +# Milo Casagrande , 2019. #zanata msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n" -"POT-Creation-Date: 2019-02-27 19:55+0100\n" -"PO-Revision-Date: 2014-12-14 11:46+0000\n" -"Last-Translator: Copied by Zanata \n" +"POT-Creation-Date: 2019-06-13 20:35+0200\n" +"PO-Revision-Date: 2019-03-06 08:57+0000\n" +"Last-Translator: Milo Casagrande \n" "Language-Team: Italian (http://www.transifex.com/projects/p/sssd/language/" "it/)\n" "Language: it\n" @@ -27,19 +28,19 @@ msgstr "Imposta il livello di dettaglio dei messaggi di debug" #: src/config/SSSDConfig/__init__.py.in:45 msgid "Include timestamps in debug logs" -msgstr "Includi i timestamp nei log" +msgstr "Include marcatura temporale nei messaggi di registro" #: src/config/SSSDConfig/__init__.py.in:46 msgid "Include microseconds in timestamps in debug logs" -msgstr "" +msgstr "Include i microsecondi nella marcatura temporale per il debug" #: src/config/SSSDConfig/__init__.py.in:47 msgid "Write debug messages to logfiles" -msgstr "Scrivere i messaggi di debug nei file di log" +msgstr "Scrive i messaggi di debug nei file di registro" #: src/config/SSSDConfig/__init__.py.in:48 msgid "Watchdog timeout before restarting service" -msgstr "" +msgstr "Timeout di controllo prima di riavviare il servizio" #: src/config/SSSDConfig/__init__.py.in:49 msgid "Command to start service" @@ -47,40 +48,44 @@ msgstr "Comando per avviare il servizio" #: src/config/SSSDConfig/__init__.py.in:50 msgid "Number of times to attempt connection to Data Providers" -msgstr "Numero di tentativi di connessione ai data providers" +msgstr "Numero di tentativi di connessione ai provider dati" #: src/config/SSSDConfig/__init__.py.in:51 msgid "The number of file descriptors that may be opened by this responder" msgstr "" +"Il numero di descrittori file che possono essere aperti da questo responder" #: src/config/SSSDConfig/__init__.py.in:52 +#, fuzzy msgid "Idle time before automatic disconnection of a client" msgstr "" +"Tempo di attesa prima di interrompere automaticamente una connessione client" #: src/config/SSSDConfig/__init__.py.in:53 +#, fuzzy msgid "Idle time before automatic shutdown of the responder" -msgstr "" +msgstr "Tempo di attesa prima di chiudere automaticamente il responder" #: src/config/SSSDConfig/__init__.py.in:54 msgid "Always query all the caches before querying the Data Providers" -msgstr "" +msgstr "Interrogare tutte le cache prima dei provider dati" #: src/config/SSSDConfig/__init__.py.in:57 msgid "SSSD Services to start" -msgstr "Avvio dei servizi SSSD" +msgstr "Servizi SSD da avviare" #: src/config/SSSDConfig/__init__.py.in:58 msgid "SSSD Domains to start" -msgstr "Avvio dei domini SSSD" +msgstr "Domini SSD da avviare" #: src/config/SSSDConfig/__init__.py.in:59 msgid "Timeout for messages sent over the SBUS" -msgstr "Timeout dei messaggi inviati sul SBUS" +msgstr "Timeout dei messaggi inviati tramite SBUS" #: src/config/SSSDConfig/__init__.py.in:60 #: src/config/SSSDConfig/__init__.py.in:199 msgid "Regex to parse username and domain" -msgstr "Regex per il parsing di nome utente e dominio" +msgstr "Espressione regolare per leggere nome utente e dominio" #: src/config/SSSDConfig/__init__.py.in:61 #: src/config/SSSDConfig/__init__.py.in:198 @@ -91,7 +96,7 @@ msgstr "Formato compatibile con printf per la visualizzazione di nomi completi" msgid "" "Directory on the filesystem where SSSD should store Kerberos replay cache " "files." -msgstr "" +msgstr "Directory dove salvare file di cache delle risposte Kerberos" #: src/config/SSSDConfig/__init__.py.in:63 msgid "Domain to add to names without a domain component." @@ -103,7 +108,7 @@ msgstr "" #: src/config/SSSDConfig/__init__.py.in:65 msgid "Tune certificate verification" -msgstr "" +msgstr "Regola il controllo del certificato" #: src/config/SSSDConfig/__init__.py.in:66 msgid "All spaces in group or user names will be replaced with this character" @@ -123,7 +128,7 @@ msgstr "" #: src/config/SSSDConfig/__init__.py.in:72 msgid "Enumeration cache timeout length (seconds)" -msgstr "Durata timeout per la cache enumeration (secondi)" +msgstr "" #: src/config/SSSDConfig/__init__.py.in:73 msgid "Entry cache background update timeout length (seconds)" @@ -148,7 +153,7 @@ msgstr "Gruppi che SSSD dovrebbe ignorare esplicitamente" #: src/config/SSSDConfig/__init__.py.in:78 msgid "Should filtered users appear in groups" -msgstr "Specifica se mostrare gli utenti filtrati nei gruppi" +msgstr "Indica se mostrare gli utenti filtrati nei gruppi" #: src/config/SSSDConfig/__init__.py.in:79 msgid "The value of the password field the NSS provider should return" @@ -264,9 +269,8 @@ msgid "Allowed services for using smartcards" msgstr "" #: src/config/SSSDConfig/__init__.py.in:107 -#, fuzzy msgid "Additional timeout to wait for a card if requested" -msgstr "Durata attesa per le richieste di ricerca" +msgstr "" #: src/config/SSSDConfig/__init__.py.in:108 msgid "" @@ -685,7 +689,7 @@ msgid "Active Directory client hostname" msgstr "" #: src/config/SSSDConfig/__init__.py.in:236 -#: src/config/SSSDConfig/__init__.py.in:420 +#: src/config/SSSDConfig/__init__.py.in:421 msgid "LDAP filter to determine access privileges" msgstr "Filtro LDAP per determinare i privilegi di accesso" @@ -856,746 +860,759 @@ msgid "The Schema Type in use on the LDAP server, rfc2307" msgstr "Lo Schema Type utilizzato dal server LDAP, rfc2307" #: src/config/SSSDConfig/__init__.py.in:285 +#, fuzzy +msgid "Mode used to change user password" +msgstr "Password scaduta. Cambiare la password ora." + +#: src/config/SSSDConfig/__init__.py.in:286 msgid "The default bind DN" msgstr "Il bind DN predefinito" -#: src/config/SSSDConfig/__init__.py.in:286 +#: src/config/SSSDConfig/__init__.py.in:287 msgid "The type of the authentication token of the default bind DN" msgstr "Il tipo di token di autenticazione del bind DN predefinito" -#: src/config/SSSDConfig/__init__.py.in:287 +#: src/config/SSSDConfig/__init__.py.in:288 msgid "The authentication token of the default bind DN" msgstr "Il token di autenticazione del bind DN predefinito" -#: src/config/SSSDConfig/__init__.py.in:288 +#: src/config/SSSDConfig/__init__.py.in:289 msgid "Length of time to attempt connection" msgstr "Durata del tentativo di connessione" -#: src/config/SSSDConfig/__init__.py.in:289 +#: src/config/SSSDConfig/__init__.py.in:290 msgid "Length of time to attempt synchronous LDAP operations" msgstr "Durata del tentativo di esecuzione di operazioni LDAP sincrone" -#: src/config/SSSDConfig/__init__.py.in:290 +#: src/config/SSSDConfig/__init__.py.in:291 msgid "Length of time between attempts to reconnect while offline" msgstr "Durata tra tentativi di riconnessione quando offline" -#: src/config/SSSDConfig/__init__.py.in:291 +#: src/config/SSSDConfig/__init__.py.in:292 msgid "Use only the upper case for realm names" msgstr "Usare solo maiuscole per i nomi dei realm" -#: src/config/SSSDConfig/__init__.py.in:292 +#: src/config/SSSDConfig/__init__.py.in:293 msgid "File that contains CA certificates" msgstr "File contenente i certificati CA" -#: src/config/SSSDConfig/__init__.py.in:293 +#: src/config/SSSDConfig/__init__.py.in:294 msgid "Path to CA certificate directory" msgstr "Percorso della directory dei cerficati della CA" -#: src/config/SSSDConfig/__init__.py.in:294 +#: src/config/SSSDConfig/__init__.py.in:295 msgid "File that contains the client certificate" msgstr "File contenente il certificato client" -#: src/config/SSSDConfig/__init__.py.in:295 +#: src/config/SSSDConfig/__init__.py.in:296 msgid "File that contains the client key" msgstr "File contenente la chiave client" -#: src/config/SSSDConfig/__init__.py.in:296 +#: src/config/SSSDConfig/__init__.py.in:297 msgid "List of possible ciphers suites" msgstr "Lista delle possibili cipher suite" -#: src/config/SSSDConfig/__init__.py.in:297 +#: src/config/SSSDConfig/__init__.py.in:298 msgid "Require TLS certificate verification" msgstr "Richiedere la verifica del certificato TLS" -#: src/config/SSSDConfig/__init__.py.in:298 +#: src/config/SSSDConfig/__init__.py.in:299 msgid "Specify the sasl mechanism to use" msgstr "Specificare il meccanismo sasl da usare" -#: src/config/SSSDConfig/__init__.py.in:299 +#: src/config/SSSDConfig/__init__.py.in:300 msgid "Specify the sasl authorization id to use" msgstr "Specificare l'id di autorizzazione sasl da usare" -#: src/config/SSSDConfig/__init__.py.in:300 +#: src/config/SSSDConfig/__init__.py.in:301 msgid "Specify the sasl authorization realm to use" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:301 +#: src/config/SSSDConfig/__init__.py.in:302 msgid "Specify the minimal SSF for LDAP sasl authorization" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:302 +#: src/config/SSSDConfig/__init__.py.in:303 msgid "Kerberos service keytab" msgstr "Keytab del servizio Kerberos" -#: src/config/SSSDConfig/__init__.py.in:303 +#: src/config/SSSDConfig/__init__.py.in:304 msgid "Use Kerberos auth for LDAP connection" msgstr "Usare autorizzazione Kerberos per la connessione LDAP" -#: src/config/SSSDConfig/__init__.py.in:304 +#: src/config/SSSDConfig/__init__.py.in:305 msgid "Follow LDAP referrals" msgstr "Seguire i referral LDAP" -#: src/config/SSSDConfig/__init__.py.in:305 +#: src/config/SSSDConfig/__init__.py.in:306 msgid "Lifetime of TGT for LDAP connection" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:306 +#: src/config/SSSDConfig/__init__.py.in:307 msgid "How to dereference aliases" msgstr "Metodo di deferenziazione degli alias" -#: src/config/SSSDConfig/__init__.py.in:307 +#: src/config/SSSDConfig/__init__.py.in:308 msgid "Service name for DNS service lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:308 +#: src/config/SSSDConfig/__init__.py.in:309 msgid "The number of records to retrieve in a single LDAP query" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:309 +#: src/config/SSSDConfig/__init__.py.in:310 msgid "The number of members that must be missing to trigger a full deref" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:310 +#: src/config/SSSDConfig/__init__.py.in:311 msgid "" "Whether the LDAP library should perform a reverse lookup to canonicalize the " "host name during a SASL bind" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:312 +#: src/config/SSSDConfig/__init__.py.in:313 msgid "entryUSN attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:313 +#: src/config/SSSDConfig/__init__.py.in:314 msgid "lastUSN attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:315 +#: src/config/SSSDConfig/__init__.py.in:316 msgid "How long to retain a connection to the LDAP server before disconnecting" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:317 +#: src/config/SSSDConfig/__init__.py.in:318 msgid "Disable the LDAP paging control" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:318 +#: src/config/SSSDConfig/__init__.py.in:319 msgid "Disable Active Directory range retrieval" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:321 +#: src/config/SSSDConfig/__init__.py.in:322 msgid "Length of time to wait for a search request" msgstr "Durata attesa per le richieste di ricerca" -#: src/config/SSSDConfig/__init__.py.in:322 +#: src/config/SSSDConfig/__init__.py.in:323 msgid "Length of time to wait for a enumeration request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:323 +#: src/config/SSSDConfig/__init__.py.in:324 msgid "Length of time between enumeration updates" msgstr "Durata tra gli aggiornamenti alle enumeration" -#: src/config/SSSDConfig/__init__.py.in:324 +#: src/config/SSSDConfig/__init__.py.in:325 msgid "Length of time between cache cleanups" msgstr "Intervallo di tempo per la pulizia cache" -#: src/config/SSSDConfig/__init__.py.in:325 +#: src/config/SSSDConfig/__init__.py.in:326 msgid "Require TLS for ID lookups" msgstr "Richiedere TLS per gli ID lookup" -#: src/config/SSSDConfig/__init__.py.in:326 +#: src/config/SSSDConfig/__init__.py.in:327 msgid "Use ID-mapping of objectSID instead of pre-set IDs" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:327 +#: src/config/SSSDConfig/__init__.py.in:328 msgid "Base DN for user lookups" msgstr "Base DN per i lookup utente" -#: src/config/SSSDConfig/__init__.py.in:328 +#: src/config/SSSDConfig/__init__.py.in:329 msgid "Scope of user lookups" msgstr "Ambito di applicazione dei lookup utente" -#: src/config/SSSDConfig/__init__.py.in:329 +#: src/config/SSSDConfig/__init__.py.in:330 msgid "Filter for user lookups" msgstr "Filtro per i lookup utente" -#: src/config/SSSDConfig/__init__.py.in:330 +#: src/config/SSSDConfig/__init__.py.in:331 msgid "Objectclass for users" msgstr "Objectclass per gli utenti" -#: src/config/SSSDConfig/__init__.py.in:331 +#: src/config/SSSDConfig/__init__.py.in:332 msgid "Username attribute" msgstr "Attributo del nome utente" -#: src/config/SSSDConfig/__init__.py.in:333 +#: src/config/SSSDConfig/__init__.py.in:334 msgid "UID attribute" msgstr "Attributo UID" -#: src/config/SSSDConfig/__init__.py.in:334 +#: src/config/SSSDConfig/__init__.py.in:335 msgid "Primary GID attribute" msgstr "Attributo del GID primario" -#: src/config/SSSDConfig/__init__.py.in:335 +#: src/config/SSSDConfig/__init__.py.in:336 msgid "GECOS attribute" msgstr "Attributo GECOS" -#: src/config/SSSDConfig/__init__.py.in:336 +#: src/config/SSSDConfig/__init__.py.in:337 msgid "Home directory attribute" msgstr "Attributo della home directory" -#: src/config/SSSDConfig/__init__.py.in:337 +#: src/config/SSSDConfig/__init__.py.in:338 msgid "Shell attribute" msgstr "Attributo della shell" -#: src/config/SSSDConfig/__init__.py.in:338 +#: src/config/SSSDConfig/__init__.py.in:339 msgid "UUID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:339 -#: src/config/SSSDConfig/__init__.py.in:381 +#: src/config/SSSDConfig/__init__.py.in:340 +#: src/config/SSSDConfig/__init__.py.in:382 msgid "objectSID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:340 +#: src/config/SSSDConfig/__init__.py.in:341 msgid "Active Directory primary group attribute for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:341 +#: src/config/SSSDConfig/__init__.py.in:342 msgid "User principal attribute (for Kerberos)" msgstr "Attributo user principal (per Kerberos)" -#: src/config/SSSDConfig/__init__.py.in:342 +#: src/config/SSSDConfig/__init__.py.in:343 msgid "Full Name" msgstr "Nome completo" -#: src/config/SSSDConfig/__init__.py.in:343 +#: src/config/SSSDConfig/__init__.py.in:344 msgid "memberOf attribute" msgstr "Attributo memberOf" -#: src/config/SSSDConfig/__init__.py.in:344 +#: src/config/SSSDConfig/__init__.py.in:345 msgid "Modification time attribute" msgstr "Attributo data di modifica" -#: src/config/SSSDConfig/__init__.py.in:346 +#: src/config/SSSDConfig/__init__.py.in:347 msgid "shadowLastChange attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:347 +#: src/config/SSSDConfig/__init__.py.in:348 msgid "shadowMin attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:348 +#: src/config/SSSDConfig/__init__.py.in:349 msgid "shadowMax attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:349 +#: src/config/SSSDConfig/__init__.py.in:350 msgid "shadowWarning attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:350 +#: src/config/SSSDConfig/__init__.py.in:351 msgid "shadowInactive attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:351 +#: src/config/SSSDConfig/__init__.py.in:352 msgid "shadowExpire attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:352 +#: src/config/SSSDConfig/__init__.py.in:353 msgid "shadowFlag attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:353 +#: src/config/SSSDConfig/__init__.py.in:354 msgid "Attribute listing authorized PAM services" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:354 +#: src/config/SSSDConfig/__init__.py.in:355 msgid "Attribute listing authorized server hosts" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:355 +#: src/config/SSSDConfig/__init__.py.in:356 msgid "Attribute listing authorized server rhosts" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:356 +#: src/config/SSSDConfig/__init__.py.in:357 msgid "krbLastPwdChange attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:357 +#: src/config/SSSDConfig/__init__.py.in:358 msgid "krbPasswordExpiration attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:358 +#: src/config/SSSDConfig/__init__.py.in:359 msgid "Attribute indicating that server side password policies are active" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:359 +#: src/config/SSSDConfig/__init__.py.in:360 msgid "accountExpires attribute of AD" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:360 +#: src/config/SSSDConfig/__init__.py.in:361 msgid "userAccountControl attribute of AD" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:361 +#: src/config/SSSDConfig/__init__.py.in:362 msgid "nsAccountLock attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:362 +#: src/config/SSSDConfig/__init__.py.in:363 msgid "loginDisabled attribute of NDS" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:363 +#: src/config/SSSDConfig/__init__.py.in:364 msgid "loginExpirationTime attribute of NDS" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:364 +#: src/config/SSSDConfig/__init__.py.in:365 msgid "loginAllowedTimeMap attribute of NDS" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:365 +#: src/config/SSSDConfig/__init__.py.in:366 msgid "SSH public key attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:366 +#: src/config/SSSDConfig/__init__.py.in:367 msgid "attribute listing allowed authentication types for a user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:367 +#: src/config/SSSDConfig/__init__.py.in:368 msgid "attribute containing the X509 certificate of the user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:368 +#: src/config/SSSDConfig/__init__.py.in:369 msgid "attribute containing the email address of the user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:370 +#: src/config/SSSDConfig/__init__.py.in:371 msgid "A list of extra attributes to download along with the user entry" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:372 +#: src/config/SSSDConfig/__init__.py.in:373 msgid "Base DN for group lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:375 +#: src/config/SSSDConfig/__init__.py.in:376 msgid "Objectclass for groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:376 +#: src/config/SSSDConfig/__init__.py.in:377 msgid "Group name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:377 +#: src/config/SSSDConfig/__init__.py.in:378 msgid "Group password" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:378 +#: src/config/SSSDConfig/__init__.py.in:379 msgid "GID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:379 +#: src/config/SSSDConfig/__init__.py.in:380 msgid "Group member attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:380 +#: src/config/SSSDConfig/__init__.py.in:381 msgid "Group UUID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:382 +#: src/config/SSSDConfig/__init__.py.in:383 msgid "Modification time attribute for groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:383 +#: src/config/SSSDConfig/__init__.py.in:384 msgid "Type of the group and other flags" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:384 +#: src/config/SSSDConfig/__init__.py.in:385 msgid "The LDAP group external member attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:386 +#: src/config/SSSDConfig/__init__.py.in:387 msgid "Maximum nesting level SSSD will follow" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:388 +#: src/config/SSSDConfig/__init__.py.in:389 msgid "Base DN for netgroup lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:389 +#: src/config/SSSDConfig/__init__.py.in:390 msgid "Objectclass for netgroups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:390 +#: src/config/SSSDConfig/__init__.py.in:391 msgid "Netgroup name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:391 +#: src/config/SSSDConfig/__init__.py.in:392 msgid "Netgroups members attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:392 +#: src/config/SSSDConfig/__init__.py.in:393 msgid "Netgroup triple attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:393 +#: src/config/SSSDConfig/__init__.py.in:394 msgid "Modification time attribute for netgroups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:395 +#: src/config/SSSDConfig/__init__.py.in:396 msgid "Base DN for service lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:396 +#: src/config/SSSDConfig/__init__.py.in:397 msgid "Objectclass for services" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:397 +#: src/config/SSSDConfig/__init__.py.in:398 msgid "Service name attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:398 +#: src/config/SSSDConfig/__init__.py.in:399 msgid "Service port attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:399 +#: src/config/SSSDConfig/__init__.py.in:400 msgid "Service protocol attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:402 +#: src/config/SSSDConfig/__init__.py.in:403 msgid "Lower bound for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:403 +#: src/config/SSSDConfig/__init__.py.in:404 msgid "Upper bound for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:404 +#: src/config/SSSDConfig/__init__.py.in:405 msgid "Number of IDs for each slice when ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:405 +#: src/config/SSSDConfig/__init__.py.in:406 msgid "Use autorid-compatible algorithm for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:406 +#: src/config/SSSDConfig/__init__.py.in:407 msgid "Name of the default domain for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:407 +#: src/config/SSSDConfig/__init__.py.in:408 msgid "SID of the default domain for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:408 +#: src/config/SSSDConfig/__init__.py.in:409 msgid "Number of secondary slices" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:410 +#: src/config/SSSDConfig/__init__.py.in:411 msgid "Whether to use Token-Groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:411 +#: src/config/SSSDConfig/__init__.py.in:412 msgid "Set lower boundary for allowed IDs from the LDAP server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:412 +#: src/config/SSSDConfig/__init__.py.in:413 msgid "Set upper boundary for allowed IDs from the LDAP server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:413 +#: src/config/SSSDConfig/__init__.py.in:414 msgid "DN for ppolicy queries" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:414 +#: src/config/SSSDConfig/__init__.py.in:415 msgid "How many maximum entries to fetch during a wildcard request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:417 +#: src/config/SSSDConfig/__init__.py.in:418 msgid "Policy to evaluate the password expiration" msgstr "Politica per controllare la scadenza della password" -#: src/config/SSSDConfig/__init__.py.in:421 +#: src/config/SSSDConfig/__init__.py.in:422 msgid "Which attributes shall be used to evaluate if an account is expired" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:422 +#: src/config/SSSDConfig/__init__.py.in:423 msgid "Which rules should be used to evaluate access control" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:425 +#: src/config/SSSDConfig/__init__.py.in:426 msgid "URI of an LDAP server where password changes are allowed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:426 +#: src/config/SSSDConfig/__init__.py.in:427 msgid "URI of a backup LDAP server where password changes are allowed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:427 +#: src/config/SSSDConfig/__init__.py.in:428 msgid "DNS service name for LDAP password change server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:428 +#: src/config/SSSDConfig/__init__.py.in:429 msgid "" "Whether to update the ldap_user_shadow_last_change attribute after a " "password change" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:431 +#: src/config/SSSDConfig/__init__.py.in:432 msgid "Base DN for sudo rules lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:432 +#: src/config/SSSDConfig/__init__.py.in:433 msgid "Automatic full refresh period" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:433 +#: src/config/SSSDConfig/__init__.py.in:434 msgid "Automatic smart refresh period" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:434 +#: src/config/SSSDConfig/__init__.py.in:435 msgid "Whether to filter rules by hostname, IP addresses and network" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:435 +#: src/config/SSSDConfig/__init__.py.in:436 msgid "" "Hostnames and/or fully qualified domain names of this machine to filter sudo " "rules" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:436 +#: src/config/SSSDConfig/__init__.py.in:437 msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:437 +#: src/config/SSSDConfig/__init__.py.in:438 msgid "Whether to include rules that contains netgroup in host attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:438 +#: src/config/SSSDConfig/__init__.py.in:439 msgid "" "Whether to include rules that contains regular expression in host attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:439 +#: src/config/SSSDConfig/__init__.py.in:440 msgid "Object class for sudo rules" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:440 +#: src/config/SSSDConfig/__init__.py.in:441 msgid "Sudo rule name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:441 +#: src/config/SSSDConfig/__init__.py.in:442 msgid "Sudo rule command attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:442 +#: src/config/SSSDConfig/__init__.py.in:443 msgid "Sudo rule host attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:443 +#: src/config/SSSDConfig/__init__.py.in:444 msgid "Sudo rule user attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:444 +#: src/config/SSSDConfig/__init__.py.in:445 msgid "Sudo rule option attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:445 +#: src/config/SSSDConfig/__init__.py.in:446 msgid "Sudo rule runas attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:446 +#: src/config/SSSDConfig/__init__.py.in:447 msgid "Sudo rule runasuser attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:447 +#: src/config/SSSDConfig/__init__.py.in:448 msgid "Sudo rule runasgroup attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:448 +#: src/config/SSSDConfig/__init__.py.in:449 msgid "Sudo rule notbefore attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:449 +#: src/config/SSSDConfig/__init__.py.in:450 msgid "Sudo rule notafter attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:450 +#: src/config/SSSDConfig/__init__.py.in:451 msgid "Sudo rule order attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:453 +#: src/config/SSSDConfig/__init__.py.in:454 msgid "Object class for automounter maps" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:454 +#: src/config/SSSDConfig/__init__.py.in:455 msgid "Automounter map name attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:455 +#: src/config/SSSDConfig/__init__.py.in:456 msgid "Object class for automounter map entries" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:456 +#: src/config/SSSDConfig/__init__.py.in:457 msgid "Automounter map entry key attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:457 +#: src/config/SSSDConfig/__init__.py.in:458 msgid "Automounter map entry value attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:458 +#: src/config/SSSDConfig/__init__.py.in:459 msgid "Base DN for automounter map lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:461 +#: src/config/SSSDConfig/__init__.py.in:462 msgid "Comma separated list of allowed users" msgstr "Lista separata da virgola degli utenti abilitati" -#: src/config/SSSDConfig/__init__.py.in:462 +#: src/config/SSSDConfig/__init__.py.in:463 msgid "Comma separated list of prohibited users" msgstr "Lista separata da virgola degli utenti non abilitati" -#: src/config/SSSDConfig/__init__.py.in:465 +#: src/config/SSSDConfig/__init__.py.in:466 msgid "Default shell, /bin/bash" msgstr "Shell predefinita, /bin/bash" -#: src/config/SSSDConfig/__init__.py.in:466 +#: src/config/SSSDConfig/__init__.py.in:467 msgid "Base for home directories" msgstr "Base delle home directory" -#: src/config/SSSDConfig/__init__.py.in:469 +#: src/config/SSSDConfig/__init__.py.in:470 msgid "The number of preforked proxy children." msgstr "" -#: src/config/SSSDConfig/__init__.py.in:472 +#: src/config/SSSDConfig/__init__.py.in:473 msgid "The name of the NSS library to use" msgstr "Il nome della libreria NSS da usare" -#: src/config/SSSDConfig/__init__.py.in:473 +#: src/config/SSSDConfig/__init__.py.in:474 msgid "Whether to look up canonical group name from cache if possible" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:476 +#: src/config/SSSDConfig/__init__.py.in:477 msgid "PAM stack to use" msgstr "Stack PAM da usare" -#: src/config/SSSDConfig/__init__.py.in:479 +#: src/config/SSSDConfig/__init__.py.in:480 msgid "Path of passwd file sources." msgstr "" -#: src/config/SSSDConfig/__init__.py.in:480 +#: src/config/SSSDConfig/__init__.py.in:481 msgid "Path of group file sources." msgstr "" -#: src/monitor/monitor.c:2347 +#: src/monitor/monitor.c:2332 msgid "Become a daemon (default)" msgstr "Esegui come demone (default)" -#: src/monitor/monitor.c:2349 +#: src/monitor/monitor.c:2334 msgid "Run interactive (not a daemon)" msgstr "Esegui interattivamente (non come demone)" -#: src/monitor/monitor.c:2352 +#: src/monitor/monitor.c:2337 msgid "Disable netlink interface" msgstr "" -#: src/monitor/monitor.c:2354 src/tools/sssctl/sssctl_logs.c:311 +#: src/monitor/monitor.c:2339 src/tools/sssctl/sssctl_logs.c:311 msgid "Specify a non-default config file" msgstr "Specificare un file di configurazione specifico" -#: src/monitor/monitor.c:2356 +#: src/monitor/monitor.c:2341 msgid "Refresh the configuration database, then exit" msgstr "" -#: src/monitor/monitor.c:2359 +#: src/monitor/monitor.c:2344 msgid "Similar to --genconf, but only refreshes the given section" msgstr "" -#: src/monitor/monitor.c:2362 +#: src/monitor/monitor.c:2347 msgid "Print version number and exit" msgstr "" -#: src/monitor/monitor.c:2538 +#: src/monitor/monitor.c:2523 msgid "SSSD is already running\n" msgstr "" -#: src/providers/krb5/krb5_child.c:3219 src/providers/ldap/ldap_child.c:605 +#: src/providers/krb5/krb5_child.c:3232 src/providers/ldap/ldap_child.c:605 msgid "Debug level" msgstr "Livello debug" -#: src/providers/krb5/krb5_child.c:3221 src/providers/ldap/ldap_child.c:607 +#: src/providers/krb5/krb5_child.c:3234 src/providers/ldap/ldap_child.c:607 msgid "Add debug timestamps" msgstr "Includi timestamp di debug" -#: src/providers/krb5/krb5_child.c:3223 src/providers/ldap/ldap_child.c:609 +#: src/providers/krb5/krb5_child.c:3236 src/providers/ldap/ldap_child.c:609 msgid "Show timestamps with microseconds" msgstr "" -#: src/providers/krb5/krb5_child.c:3225 src/providers/ldap/ldap_child.c:611 +#: src/providers/krb5/krb5_child.c:3238 src/providers/ldap/ldap_child.c:611 msgid "An open file descriptor for the debug logs" msgstr "Un descrittore di file aperto per l'output di debug" -#: src/providers/krb5/krb5_child.c:3228 src/providers/ldap/ldap_child.c:613 +#: src/providers/krb5/krb5_child.c:3241 src/providers/ldap/ldap_child.c:613 msgid "Send the debug output to stderr directly." msgstr "" -#: src/providers/krb5/krb5_child.c:3231 +#: src/providers/krb5/krb5_child.c:3244 msgid "The user to create FAST ccache as" msgstr "" -#: src/providers/krb5/krb5_child.c:3233 +#: src/providers/krb5/krb5_child.c:3246 msgid "The group to create FAST ccache as" msgstr "" -#: src/providers/krb5/krb5_child.c:3235 +#: src/providers/krb5/krb5_child.c:3248 msgid "Kerberos realm to use" msgstr "" -#: src/providers/krb5/krb5_child.c:3237 +#: src/providers/krb5/krb5_child.c:3250 msgid "Requested lifetime of the ticket" msgstr "" -#: src/providers/krb5/krb5_child.c:3239 +#: src/providers/krb5/krb5_child.c:3252 msgid "Requested renewable lifetime of the ticket" msgstr "" -#: src/providers/krb5/krb5_child.c:3241 +#: src/providers/krb5/krb5_child.c:3254 msgid "FAST options ('never', 'try', 'demand')" msgstr "" -#: src/providers/krb5/krb5_child.c:3244 +#: src/providers/krb5/krb5_child.c:3257 msgid "Specifies the server principal to use for FAST" msgstr "" -#: src/providers/krb5/krb5_child.c:3246 +#: src/providers/krb5/krb5_child.c:3259 msgid "Requests canonicalization of the principal name" msgstr "" -#: src/providers/krb5/krb5_child.c:3248 +#: src/providers/krb5/krb5_child.c:3261 msgid "Use custom version of krb5_get_init_creds_password" msgstr "" -#: src/providers/data_provider_be.c:630 +#: src/providers/data_provider_be.c:673 msgid "Domain of the information provider (mandatory)" msgstr "Dominio del provider di informazioni (obbligatorio)" -#: src/sss_client/common.c:1067 +#: src/sss_client/common.c:1079 msgid "Privileged socket has wrong ownership or permissions." msgstr "Il socket privilegiato ha permessi o propritario non validi." -#: src/sss_client/common.c:1070 +#: src/sss_client/common.c:1082 msgid "Public socket has wrong ownership or permissions." msgstr "Il socket pubblico ha permessi o propritario non validi." -#: src/sss_client/common.c:1073 +#: src/sss_client/common.c:1085 msgid "Unexpected format of the server credential message." msgstr "" -#: src/sss_client/common.c:1076 +#: src/sss_client/common.c:1088 msgid "SSSD is not run by root." msgstr "SSSD non è eseguito da root." -#: src/sss_client/common.c:1081 +#: src/sss_client/common.c:1091 +msgid "SSSD socket does not exist." +msgstr "" + +#: src/sss_client/common.c:1094 +msgid "Cannot get stat of SSSD socket." +msgstr "" + +#: src/sss_client/common.c:1099 msgid "An error occurred, but no description can be found." msgstr "" -#: src/sss_client/common.c:1087 +#: src/sss_client/common.c:1105 msgid "Unexpected error while looking for an error description" msgstr "" @@ -1603,88 +1620,88 @@ msgstr "" msgid "Permission denied. " msgstr "" -#: src/sss_client/pam_sss.c:68 src/sss_client/pam_sss.c:774 -#: src/sss_client/pam_sss.c:785 +#: src/sss_client/pam_sss.c:68 src/sss_client/pam_sss.c:777 +#: src/sss_client/pam_sss.c:788 msgid "Server message: " msgstr "Messaggio del server:" -#: src/sss_client/pam_sss.c:292 +#: src/sss_client/pam_sss.c:295 msgid "Passwords do not match" msgstr "Le password non coincidono" -#: src/sss_client/pam_sss.c:480 +#: src/sss_client/pam_sss.c:483 msgid "Password reset by root is not supported." msgstr "" -#: src/sss_client/pam_sss.c:521 +#: src/sss_client/pam_sss.c:524 msgid "Authenticated with cached credentials" msgstr "Autenticato con le credenziali nella cache" -#: src/sss_client/pam_sss.c:522 +#: src/sss_client/pam_sss.c:525 msgid ", your cached password will expire at: " msgstr ", la password in cache scadrà il: " -#: src/sss_client/pam_sss.c:552 +#: src/sss_client/pam_sss.c:555 #, c-format msgid "Your password has expired. You have %1$d grace login(s) remaining." msgstr "" -#: src/sss_client/pam_sss.c:598 +#: src/sss_client/pam_sss.c:601 #, c-format msgid "Your password will expire in %1$d %2$s." msgstr "" -#: src/sss_client/pam_sss.c:647 +#: src/sss_client/pam_sss.c:650 msgid "Authentication is denied until: " msgstr "L'autenticazione verrà negata fino al: " -#: src/sss_client/pam_sss.c:668 +#: src/sss_client/pam_sss.c:671 msgid "System is offline, password change not possible" msgstr "Il sistema è offline, non è possibile richiedere un cambio password" -#: src/sss_client/pam_sss.c:683 +#: src/sss_client/pam_sss.c:686 msgid "" "After changing the OTP password, you need to log out and back in order to " "acquire a ticket" msgstr "" -#: src/sss_client/pam_sss.c:771 src/sss_client/pam_sss.c:784 +#: src/sss_client/pam_sss.c:774 src/sss_client/pam_sss.c:787 msgid "Password change failed. " msgstr "Cambio password fallito." -#: src/sss_client/pam_sss.c:1921 +#: src/sss_client/pam_sss.c:1977 msgid "New Password: " msgstr "Nuova password: " -#: src/sss_client/pam_sss.c:1922 +#: src/sss_client/pam_sss.c:1978 msgid "Reenter new Password: " msgstr "Conferma nuova password: " -#: src/sss_client/pam_sss.c:2038 src/sss_client/pam_sss.c:2041 +#: src/sss_client/pam_sss.c:2139 src/sss_client/pam_sss.c:2142 msgid "First Factor: " msgstr "" -#: src/sss_client/pam_sss.c:2039 src/sss_client/pam_sss.c:2201 +#: src/sss_client/pam_sss.c:2140 src/sss_client/pam_sss.c:2303 msgid "Second Factor (optional): " msgstr "" -#: src/sss_client/pam_sss.c:2042 src/sss_client/pam_sss.c:2204 +#: src/sss_client/pam_sss.c:2143 src/sss_client/pam_sss.c:2306 msgid "Second Factor: " msgstr "" -#: src/sss_client/pam_sss.c:2057 +#: src/sss_client/pam_sss.c:2158 msgid "Password: " msgstr "Password: " -#: src/sss_client/pam_sss.c:2200 src/sss_client/pam_sss.c:2203 +#: src/sss_client/pam_sss.c:2302 src/sss_client/pam_sss.c:2305 msgid "First Factor (Current Password): " msgstr "" -#: src/sss_client/pam_sss.c:2207 +#: src/sss_client/pam_sss.c:2309 msgid "Current Password: " msgstr "Password corrente: " -#: src/sss_client/pam_sss.c:2562 +#: src/sss_client/pam_sss.c:2664 msgid "Password expired. Change your password now." msgstr "Password scaduta. Cambiare la password ora." @@ -1693,7 +1710,7 @@ msgstr "Password scaduta. Cambiare la password ora." #: src/tools/sss_groupadd.c:41 src/tools/sss_groupdel.c:44 #: src/tools/sss_groupmod.c:42 src/tools/sss_groupshow.c:668 #: src/tools/sss_userdel.c:134 src/tools/sss_usermod.c:47 -#: src/tools/sss_cache.c:687 +#: src/tools/sss_cache.c:704 msgid "The debug level to run with" msgstr "Il livello di debug da utilizzare" @@ -1706,7 +1723,7 @@ msgstr "" #: src/tools/sss_groupadd.c:59 src/tools/sss_groupdel.c:54 #: src/tools/sss_groupmod.c:66 src/tools/sss_groupshow.c:680 #: src/tools/sss_userdel.c:152 src/tools/sss_usermod.c:79 -#: src/tools/sss_cache.c:733 +#: src/tools/sss_cache.c:750 msgid "Error setting the locale\n" msgstr "Errore di impostazione del locale\n" @@ -1742,6 +1759,11 @@ msgstr "" msgid "The path to the proxy command must be absolute\n" msgstr "" +#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:342 +#, c-format +msgid "sss_ssh_knownhostsproxy: Could not resolve hostname %s\n" +msgstr "" + #: src/tools/sss_useradd.c:49 src/tools/sss_usermod.c:48 msgid "The UID of the user" msgstr "L'UID dell'utente" @@ -2159,102 +2181,102 @@ msgstr "Impossibile modificare l'utente - utente già membro di gruppi?\n" msgid "Transaction error. Could not modify user.\n" msgstr "Errore nella transazione. Impossibile modificare l'utente.\n" -#: src/tools/sss_cache.c:228 +#: src/tools/sss_cache.c:245 msgid "No cache object matched the specified search\n" msgstr "" -#: src/tools/sss_cache.c:519 +#: src/tools/sss_cache.c:536 #, c-format msgid "Couldn't invalidate %1$s\n" msgstr "" -#: src/tools/sss_cache.c:526 +#: src/tools/sss_cache.c:543 #, c-format msgid "Couldn't invalidate %1$s %2$s\n" msgstr "" -#: src/tools/sss_cache.c:689 +#: src/tools/sss_cache.c:706 msgid "Invalidate all cached entries" msgstr "" -#: src/tools/sss_cache.c:691 +#: src/tools/sss_cache.c:708 msgid "Invalidate particular user" msgstr "" -#: src/tools/sss_cache.c:693 +#: src/tools/sss_cache.c:710 msgid "Invalidate all users" msgstr "" -#: src/tools/sss_cache.c:695 +#: src/tools/sss_cache.c:712 msgid "Invalidate particular group" msgstr "" -#: src/tools/sss_cache.c:697 +#: src/tools/sss_cache.c:714 msgid "Invalidate all groups" msgstr "" -#: src/tools/sss_cache.c:699 +#: src/tools/sss_cache.c:716 msgid "Invalidate particular netgroup" msgstr "" -#: src/tools/sss_cache.c:701 +#: src/tools/sss_cache.c:718 msgid "Invalidate all netgroups" msgstr "" -#: src/tools/sss_cache.c:703 +#: src/tools/sss_cache.c:720 msgid "Invalidate particular service" msgstr "" -#: src/tools/sss_cache.c:705 +#: src/tools/sss_cache.c:722 msgid "Invalidate all services" msgstr "" -#: src/tools/sss_cache.c:708 +#: src/tools/sss_cache.c:725 msgid "Invalidate particular autofs map" msgstr "" -#: src/tools/sss_cache.c:710 +#: src/tools/sss_cache.c:727 msgid "Invalidate all autofs maps" msgstr "" -#: src/tools/sss_cache.c:714 +#: src/tools/sss_cache.c:731 msgid "Invalidate particular SSH host" msgstr "" -#: src/tools/sss_cache.c:716 +#: src/tools/sss_cache.c:733 msgid "Invalidate all SSH hosts" msgstr "" -#: src/tools/sss_cache.c:720 +#: src/tools/sss_cache.c:737 msgid "Invalidate particular sudo rule" msgstr "" -#: src/tools/sss_cache.c:722 +#: src/tools/sss_cache.c:739 msgid "Invalidate all cached sudo rules" msgstr "" -#: src/tools/sss_cache.c:725 +#: src/tools/sss_cache.c:742 msgid "Only invalidate entries from a particular domain" msgstr "" -#: src/tools/sss_cache.c:779 +#: src/tools/sss_cache.c:796 msgid "" "Unexpected argument(s) provided, options that invalidate a single object " "only accept a single provided argument.\n" msgstr "" -#: src/tools/sss_cache.c:789 +#: src/tools/sss_cache.c:806 msgid "Please select at least one object to invalidate\n" msgstr "" -#: src/tools/sss_cache.c:872 +#: src/tools/sss_cache.c:889 #, c-format msgid "" "Could not open domain %1$s. If the domain is a subdomain (trusted domain), " "use fully qualified name instead of --domain/-d parameter.\n" msgstr "" -#: src/tools/sss_cache.c:877 +#: src/tools/sss_cache.c:894 msgid "Could not open available domains\n" msgstr "" @@ -2803,21 +2825,18 @@ msgstr "" msgid " - no env -\n" msgstr "" -#: src/util/util.h:73 +#: src/util/util.h:74 msgid "The user ID to run the server as" msgstr "" -#: src/util/util.h:75 +#: src/util/util.h:76 msgid "The group ID to run the server as" msgstr "" -#: src/util/util.h:83 +#: src/util/util.h:84 msgid "Informs that the responder has been socket-activated" msgstr "" -#: src/util/util.h:85 +#: src/util/util.h:86 msgid "Informs that the responder has been dbus-activated" msgstr "" - -#~ msgid "Store password hashes" -#~ msgstr "Salvare gli hash delle password" diff --git a/po/ja.po b/po/ja.po index 89bee756450..21851dcb238 100644 --- a/po/ja.po +++ b/po/ja.po @@ -5,13 +5,14 @@ # Translators: # Tomoyuki KATO , 2012-2013 # Noriko Mizumoto , 2016. #zanata +# Keiko Moriguchi , 2019. #zanata msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n" -"POT-Creation-Date: 2019-02-27 19:55+0100\n" -"PO-Revision-Date: 2016-08-18 08:06+0000\n" -"Last-Translator: Noriko Mizumoto \n" +"POT-Creation-Date: 2019-06-13 20:35+0200\n" +"PO-Revision-Date: 2019-05-28 11:45+0000\n" +"Last-Translator: Keiko Moriguchi \n" "Language-Team: Japanese (http://www.transifex.com/projects/p/sssd/language/" "ja/)\n" "Language: ja\n" @@ -40,7 +41,7 @@ msgstr "デバッグメッセージをログファイルに書き込む" #: src/config/SSSDConfig/__init__.py.in:48 msgid "Watchdog timeout before restarting service" -msgstr "" +msgstr "サービス再起動前の Watchdog タイムアウト" #: src/config/SSSDConfig/__init__.py.in:49 msgid "Command to start service" @@ -60,11 +61,12 @@ msgstr "クライアントの自動切断までのアイドル時間" #: src/config/SSSDConfig/__init__.py.in:53 msgid "Idle time before automatic shutdown of the responder" -msgstr "" +msgstr "レスポンダーの自動シャットダウンまでのアイドル時間" #: src/config/SSSDConfig/__init__.py.in:54 msgid "Always query all the caches before querying the Data Providers" msgstr "" +"データプロバイダーをクエリーする前に、常にすべてのキャッシュをクエリーします" #: src/config/SSSDConfig/__init__.py.in:57 msgid "SSSD Services to start" @@ -102,27 +104,28 @@ msgstr "domain 要素なしで追加するドメインの名前。" #: src/config/SSSDConfig/__init__.py.in:64 msgid "The user to drop privileges to" -msgstr "" +msgstr "ユーザーが特権を停止します" #: src/config/SSSDConfig/__init__.py.in:65 msgid "Tune certificate verification" -msgstr "" +msgstr "証明書検証の調整" #: src/config/SSSDConfig/__init__.py.in:66 msgid "All spaces in group or user names will be replaced with this character" msgstr "" +"グループ名またはユーザー名のすべてのスペースは、この文字に置き換えられます" #: src/config/SSSDConfig/__init__.py.in:67 msgid "Tune sssd to honor or ignore netlink state changes" -msgstr "" +msgstr "SSSD を調整し、netlink の状態変更を尊重するか、または無視します" #: src/config/SSSDConfig/__init__.py.in:68 msgid "Enable or disable the implicit files domain" -msgstr "" +msgstr "暗黙のファイルドメインを有効化または無効化する" #: src/config/SSSDConfig/__init__.py.in:69 msgid "A specific order of the domains to be looked up" -msgstr "" +msgstr "検索するドメインの特定の順番" #: src/config/SSSDConfig/__init__.py.in:72 msgid "Enumeration cache timeout length (seconds)" @@ -139,7 +142,7 @@ msgstr "ネガティブキャッシュのタイムアウト(秒)" #: src/config/SSSDConfig/__init__.py.in:75 msgid "Files negative cache timeout length (seconds)" -msgstr "" +msgstr "ファイルネガティブキャッシュのタイムアウト時間(秒)" #: src/config/SSSDConfig/__init__.py.in:76 msgid "Users that SSSD should explicitly ignore" @@ -199,7 +202,7 @@ msgstr "メモリー内のキャッシュレコードが有効な期間" #: src/config/SSSDConfig/__init__.py.in:88 msgid "List of user attributes the NSS responder is allowed to publish" -msgstr "" +msgstr "NSS レスポンダーがパブリッシュを許可されたユーザー属性の一覧" #: src/config/SSSDConfig/__init__.py.in:91 msgid "How long to allow cached logins between online logins (days)" @@ -221,7 +224,7 @@ msgstr "認証中にユーザーに表示されるメッセージの種類" #: src/config/SSSDConfig/__init__.py.in:95 msgid "Filter PAM responses sent to the pam_sss" -msgstr "" +msgstr "pam_sss へ送信された PAM のレスポンスをフィルタリングします" #: src/config/SSSDConfig/__init__.py.in:96 msgid "How many seconds to keep identity information cached for PAM requests" @@ -233,49 +236,48 @@ msgstr "警告が表示されるパスワード失効前の日数" #: src/config/SSSDConfig/__init__.py.in:98 msgid "List of trusted uids or user's name" -msgstr "" +msgstr "信頼できる UID またはユーザー名の一覧" #: src/config/SSSDConfig/__init__.py.in:99 msgid "List of domains accessible even for untrusted users." -msgstr "" +msgstr "信頼できないユーザーでさえアクセス可能なドメインの一覧。" #: src/config/SSSDConfig/__init__.py.in:100 msgid "Message printed when user account is expired." -msgstr "" +msgstr "ユーザーアカウントの有効期限が切れると、メッセージが印刷されます。" #: src/config/SSSDConfig/__init__.py.in:101 msgid "Message printed when user account is locked." -msgstr "" +msgstr "ユーザーアカウントがロックされると、メッセージが印刷されます。" #: src/config/SSSDConfig/__init__.py.in:102 msgid "Allow certificate based/Smartcard authentication." -msgstr "" +msgstr "証明書ベースまたはスマートカードによる認証を許可します。" #: src/config/SSSDConfig/__init__.py.in:103 msgid "Path to certificate database with PKCS#11 modules." -msgstr "" +msgstr "PKCS#11 モジュールでの証明書データベースへのパス。" #: src/config/SSSDConfig/__init__.py.in:104 msgid "How many seconds will pam_sss wait for p11_child to finish" -msgstr "" +msgstr "p11_child が完了するまでに pam_sss が待つ秒数" #: src/config/SSSDConfig/__init__.py.in:105 msgid "Which PAM services are permitted to contact application domains" -msgstr "" +msgstr "アプリケーションドメインへの接続を許可される PAM サービスはどれか" #: src/config/SSSDConfig/__init__.py.in:106 msgid "Allowed services for using smartcards" -msgstr "" +msgstr "スマートカードの使用が許可されたサービス" #: src/config/SSSDConfig/__init__.py.in:107 -#, fuzzy msgid "Additional timeout to wait for a card if requested" -msgstr "検索要求を待つ時間" +msgstr "要求された場合に、カードが待つ追加のタイムアウト" #: src/config/SSSDConfig/__init__.py.in:108 msgid "" "PKCS#11 URI to restrict the selection of devices for Smartcard authentication" -msgstr "" +msgstr "スマートカード認証向けのデバイスの選択を PKCS#11 URI が制限" #: src/config/SSSDConfig/__init__.py.in:111 msgid "Whether to evaluate the time-based attributes in sudo rules" @@ -283,13 +285,15 @@ msgstr "sudo ルールにおいて時間による属性を評価するかどう #: src/config/SSSDConfig/__init__.py.in:112 msgid "If true, SSSD will switch back to lower-wins ordering logic" -msgstr "" +msgstr "正しい場合、SSSD は小さい番号が優先される順位付けのロジックへ戻ります" #: src/config/SSSDConfig/__init__.py.in:113 msgid "" "Maximum number of rules that can be refreshed at once. If this is exceeded, " "full refresh is performed." msgstr "" +"一度にリフレッシュ可能なルールの最大数。最大数を超えると、フルリフレッシュが" +"実行されます。" #: src/config/SSSDConfig/__init__.py.in:119 msgid "Whether to hash host names and addresses in the known_hosts file" @@ -303,7 +307,7 @@ msgstr "ホスト鍵が要求された後 known_hosts ファイルにホスト #: src/config/SSSDConfig/__init__.py.in:121 msgid "Path to storage of trusted CA certificates" -msgstr "" +msgstr "信頼された CA 証明書のストレージへのパス" #: src/config/SSSDConfig/__init__.py.in:124 msgid "List of UIDs or user names allowed to access the PAC responder" @@ -311,95 +315,101 @@ msgstr "PAC レスポンダーへのアクセスが許可された UID または #: src/config/SSSDConfig/__init__.py.in:125 msgid "How long the PAC data is considered valid" -msgstr "" +msgstr "PAC データが有効とされる期間" #: src/config/SSSDConfig/__init__.py.in:128 msgid "List of UIDs or user names allowed to access the InfoPipe responder" msgstr "" +"InfoPipe レスポンダーへのアクセスが許可された UID またはユーザー名の一覧" #: src/config/SSSDConfig/__init__.py.in:129 msgid "List of user attributes the InfoPipe is allowed to publish" -msgstr "" +msgstr "InfoPipe がパブリッシュを許可されたユーザー属性の一覧" #: src/config/SSSDConfig/__init__.py.in:132 msgid "The provider where the secrets will be stored in" -msgstr "" +msgstr "シークレットが保存されるプロバイダー" #: src/config/SSSDConfig/__init__.py.in:133 msgid "The maximum allowed number of nested containers" -msgstr "" +msgstr "ネストされたコンテナーの最大許可数" #: src/config/SSSDConfig/__init__.py.in:134 msgid "The maximum number of secrets that can be stored" -msgstr "" +msgstr "保存可能なシークレットの最大数" #: src/config/SSSDConfig/__init__.py.in:135 msgid "The maximum number of secrets that can be stored per UID" -msgstr "" +msgstr "UID ごとに保存可能なシークレットの最大数" #: src/config/SSSDConfig/__init__.py.in:136 msgid "The maximum payload size of a secret in kilobytes" -msgstr "" +msgstr "キロバイトでのシークレットの最大ペイロードサイズ" #: src/config/SSSDConfig/__init__.py.in:138 msgid "The URL Custodia server is listening on" -msgstr "" +msgstr "URL Custodia サーバーはリッスンしています" #: src/config/SSSDConfig/__init__.py.in:139 msgid "The method to use when authenticating to a Custodia server" -msgstr "" +msgstr "Custodia サーバーへの認証時に使用する方法" #: src/config/SSSDConfig/__init__.py.in:140 msgid "" "The name of the headers that will be added into a HTTP request with the " "value defined in auth_header_value" msgstr "" +"auth_header_value で値が定義され、HTTP リクエストに追加されるヘッダーの名前" #: src/config/SSSDConfig/__init__.py.in:141 msgid "The value sssd-secrets would use for auth_header_name" -msgstr "" +msgstr "sssd-secrets の値は、auth_header_name で使用します" #: src/config/SSSDConfig/__init__.py.in:142 msgid "" "The list of the headers to forward to the Custodia server together with the " "request" -msgstr "" +msgstr "要求と共に Custodia サーバーへ転送するヘッダーの一覧" #: src/config/SSSDConfig/__init__.py.in:143 msgid "" "The username to use when authenticating to a Custodia server using basic_auth" -msgstr "" +msgstr "basic_auth を使った Custodia サーバーへの認証時に使用するユーザー名" #: src/config/SSSDConfig/__init__.py.in:144 msgid "" "The password to use when authenticating to a Custodia server using basic_auth" -msgstr "" +msgstr "basic_auth を使った Custodia サーバーへの認証時に使用するパスワード" #: src/config/SSSDConfig/__init__.py.in:145 msgid "If true peer's certificate is verified if proxy_url uses https protocol" msgstr "" +"proxy_url が https protocol を使用する場合に、正しいピアの証明書が検証される" +"かどうか" #: src/config/SSSDConfig/__init__.py.in:146 msgid "" "If false peer's certificate may contain different hostname than proxy_url " "when https protocol is used" msgstr "" +"https プロトコルが使用される場合に、間違ったピアの証明書が proxy_url 以外の異" +"なるホスト名を含むかどうか" #: src/config/SSSDConfig/__init__.py.in:147 msgid "Path to directory where certificate authority certificates are stored" -msgstr "" +msgstr "CA 証明書が保存されているディレクトリーへのパス" #: src/config/SSSDConfig/__init__.py.in:148 msgid "Path to file containing server's CA certificate" -msgstr "" +msgstr "サーバーの CA 証明書を含むファイルへのパス" #: src/config/SSSDConfig/__init__.py.in:149 msgid "Path to file containing client's certificate" -msgstr "" +msgstr "クライアントの証明書を含むファイルへのパス" #: src/config/SSSDConfig/__init__.py.in:150 msgid "Path to file containing client's private key" -msgstr "" +msgstr "クライアントのプライベートキーを含むファイルへのパス" #: src/config/SSSDConfig/__init__.py.in:153 msgid "Identity provider" @@ -431,15 +441,15 @@ msgstr "ホスト識別プロバイダー" #: src/config/SSSDConfig/__init__.py.in:160 msgid "SELinux provider" -msgstr "" +msgstr "SELinux プロバイダー" #: src/config/SSSDConfig/__init__.py.in:161 msgid "Session management provider" -msgstr "" +msgstr "セッションマネージャーのプロバイダー" #: src/config/SSSDConfig/__init__.py.in:164 msgid "Whether the domain is usable by the OS or by applications" -msgstr "" +msgstr "OS またはアプリケーションがドメインを使用できるかどうか" #: src/config/SSSDConfig/__init__.py.in:165 msgid "Minimum user ID" @@ -537,31 +547,31 @@ msgstr "DNS 更新を実行するために使用すべき認証の種類" #: src/config/SSSDConfig/__init__.py.in:192 msgid "Override the DNS server used to perform the DNS update" -msgstr "" +msgstr "DNS の更新を実行する際に使用する DNS サーバーを上書き" #: src/config/SSSDConfig/__init__.py.in:193 msgid "Control enumeration of trusted domains" -msgstr "" +msgstr "信頼されたドメインの列挙を制御" #: src/config/SSSDConfig/__init__.py.in:194 msgid "How often should subdomains list be refreshed" -msgstr "" +msgstr "サブドメインの一覧のリフレッシュ回数" #: src/config/SSSDConfig/__init__.py.in:195 msgid "List of options that should be inherited into a subdomain" -msgstr "" +msgstr "サブドメインに継承すべきオプションの一覧" #: src/config/SSSDConfig/__init__.py.in:196 msgid "Default subdomain homedir value" -msgstr "" +msgstr "デフォルトのサブドメインホームディレクトリーの値" #: src/config/SSSDConfig/__init__.py.in:197 msgid "How long can cached credentials be used for cached authentication" -msgstr "" +msgstr "証明書キャッシュを認証キャッシュに使用できる期間" #: src/config/SSSDConfig/__init__.py.in:200 msgid "Whether to automatically create private groups for users" -msgstr "" +msgstr "ユーザーにプライベートグループを自動的に作成するかどうか" #: src/config/SSSDConfig/__init__.py.in:203 msgid "IPA domain" @@ -621,47 +631,51 @@ msgstr "DNS サイトの有効化 - 位置にサービス探索" #: src/config/SSSDConfig/__init__.py.in:218 msgid "Search base for view containers" -msgstr "" +msgstr "ビューコンテナーの検索ベース" #: src/config/SSSDConfig/__init__.py.in:219 msgid "Objectclass for view containers" -msgstr "" +msgstr "ビューコンテナーのオブジェクトクラス" #: src/config/SSSDConfig/__init__.py.in:220 msgid "Attribute with the name of the view" -msgstr "" +msgstr "ビューの名前の属性" #: src/config/SSSDConfig/__init__.py.in:221 msgid "Objectclass for override objects" -msgstr "" +msgstr "上書きされたオブジェクトのオブジェクトクラス" #: src/config/SSSDConfig/__init__.py.in:222 msgid "Attribute with the reference to the original object" -msgstr "" +msgstr "オリジナルオブジェクトを参照する属性" #: src/config/SSSDConfig/__init__.py.in:223 msgid "Objectclass for user override objects" -msgstr "" +msgstr "ユーザーが上書きするオブジェクトのオブジェクトクラス" #: src/config/SSSDConfig/__init__.py.in:224 msgid "Objectclass for group override objects" -msgstr "" +msgstr "グループが上書きするオブジェクトのオブジェクトクラス" #: src/config/SSSDConfig/__init__.py.in:225 msgid "Search base for Desktop Profile related objects" -msgstr "" +msgstr "デスクトッププロファイルに関連するオブジェクトの検索ベース" #: src/config/SSSDConfig/__init__.py.in:226 msgid "" "The amount of time in seconds between lookups of the Desktop Profile rules " "against the IPA server" msgstr "" +"IPA サーバーに対するデスクトッププロファイルルールを検索している間の秒単位の" +"合計時間" #: src/config/SSSDConfig/__init__.py.in:227 msgid "" "The amount of time in minutes between lookups of Desktop Profiles rules " "against the IPA server when the last request did not find any rule" msgstr "" +"最後の要求がルールを何も見つけなかった場合の IPA サーバーに対するデスクトップ" +"プロファイルル ールを検索している間の分単位の合計時間" #: src/config/SSSDConfig/__init__.py.in:230 msgid "Active Directory domain" @@ -669,7 +683,7 @@ msgstr "Active Directory ドメイン" #: src/config/SSSDConfig/__init__.py.in:231 msgid "Enabled Active Directory domains" -msgstr "" +msgstr "有効化された Active Directory ドメイン" #: src/config/SSSDConfig/__init__.py.in:232 msgid "Active Directory server address" @@ -684,76 +698,83 @@ msgid "Active Directory client hostname" msgstr "Active Directory クライアントホスト名" #: src/config/SSSDConfig/__init__.py.in:236 -#: src/config/SSSDConfig/__init__.py.in:420 +#: src/config/SSSDConfig/__init__.py.in:421 msgid "LDAP filter to determine access privileges" msgstr "アクセス権限を決めるための LDAP フィルター" #: src/config/SSSDConfig/__init__.py.in:237 msgid "Whether to use the Global Catalog for lookups" -msgstr "" +msgstr "検索にグローバルカタログを使用するかどうか" #: src/config/SSSDConfig/__init__.py.in:238 msgid "Operation mode for GPO-based access control" -msgstr "" +msgstr "グローバルカタログベースのアクセス制御に対するオペレーションモード" #: src/config/SSSDConfig/__init__.py.in:239 msgid "" "The amount of time between lookups of the GPO policy files against the AD " "server" -msgstr "" +msgstr "AD サーバーに対する GPO ポリシーファイルを検索している間の合計時間" #: src/config/SSSDConfig/__init__.py.in:240 msgid "" "PAM service names that map to the GPO (Deny)InteractiveLogonRight policy " "settings" msgstr "" +"GPO (Deny)InteractiveLogonRight のポリシー設定にマッピングした PAM サービス名" #: src/config/SSSDConfig/__init__.py.in:241 msgid "" "PAM service names that map to the GPO (Deny)RemoteInteractiveLogonRight " "policy settings" msgstr "" +"GPO (Deny)RemoteInteractiveLogonRight のポリシー設定にマッピングした PAM サー" +"ビス名" #: src/config/SSSDConfig/__init__.py.in:242 msgid "" "PAM service names that map to the GPO (Deny)NetworkLogonRight policy settings" msgstr "" +"GPO (Deny)NetworkLogonRight のポリシー設定にマッピングした PAM サービス名" #: src/config/SSSDConfig/__init__.py.in:243 msgid "" "PAM service names that map to the GPO (Deny)BatchLogonRight policy settings" msgstr "" +"GPO (Deny)BatchLogonRight のポリシー設定にマッピングした PAM サービス名" #: src/config/SSSDConfig/__init__.py.in:244 msgid "" "PAM service names that map to the GPO (Deny)ServiceLogonRight policy settings" -msgstr "" +msgstr "(Deny)ServiceLogonRight のポリシー設定にマッピングした PAM サービス名" #: src/config/SSSDConfig/__init__.py.in:245 msgid "PAM service names for which GPO-based access is always granted" -msgstr "" +msgstr "GPO ベースのアクセスが常に許可される PAM サービス名" #: src/config/SSSDConfig/__init__.py.in:246 msgid "PAM service names for which GPO-based access is always denied" -msgstr "" +msgstr "GPO ベースのアクセスが常に拒否される PAM サービス名" #: src/config/SSSDConfig/__init__.py.in:247 msgid "" "Default logon right (or permit/deny) to use for unmapped PAM service names" msgstr "" +"マッピングされていない PAM サービス名に使用するデフォルトのログオン権利 (また" +"は許可/拒否)" #: src/config/SSSDConfig/__init__.py.in:248 msgid "a particular site to be used by the client" -msgstr "" +msgstr "クライアントが使用する特定のサイト" #: src/config/SSSDConfig/__init__.py.in:249 msgid "" "Maximum age in days before the machine account password should be renewed" -msgstr "" +msgstr "マシンアカウントのパスワードの更新が必要となるまでの最大日数" #: src/config/SSSDConfig/__init__.py.in:250 msgid "Option for tuning the machine account renewal task" -msgstr "" +msgstr "マシンアカウントの更新タスクをチューニングするオプション" #: src/config/SSSDConfig/__init__.py.in:253 #: src/config/SSSDConfig/__init__.py.in:254 @@ -778,7 +799,7 @@ msgstr "kdcinfo ファイルを作成するかどうか" #: src/config/SSSDConfig/__init__.py.in:259 msgid "Where to drop krb5 config snippets" -msgstr "" +msgstr "krb5 設定スニペットを削除する場所" #: src/config/SSSDConfig/__init__.py.in:262 msgid "Directory to store credential caches" @@ -830,7 +851,7 @@ msgstr "エンタープライズ・プリンシパルの有効化" #: src/config/SSSDConfig/__init__.py.in:274 msgid "A mapping from user names to Kerberos principal names" -msgstr "" +msgstr "ユーザー名から Kerberos プリンシパル名までのマッピング" #: src/config/SSSDConfig/__init__.py.in:277 #: src/config/SSSDConfig/__init__.py.in:278 @@ -854,106 +875,111 @@ msgid "The Schema Type in use on the LDAP server, rfc2307" msgstr "LDAP サーバーにおいて使用中のスキーマ形式, rfc2307" #: src/config/SSSDConfig/__init__.py.in:285 +#, fuzzy +msgid "Mode used to change user password" +msgstr "パスワードの期限が切れました。いますぐパスワードを変更してください。" + +#: src/config/SSSDConfig/__init__.py.in:286 msgid "The default bind DN" msgstr "デフォルトのバインド DN" -#: src/config/SSSDConfig/__init__.py.in:286 +#: src/config/SSSDConfig/__init__.py.in:287 msgid "The type of the authentication token of the default bind DN" msgstr "デフォルトのバインド DN の認証トークンの種類" -#: src/config/SSSDConfig/__init__.py.in:287 +#: src/config/SSSDConfig/__init__.py.in:288 msgid "The authentication token of the default bind DN" msgstr "デフォルトのバインド DN の認証トークン" -#: src/config/SSSDConfig/__init__.py.in:288 +#: src/config/SSSDConfig/__init__.py.in:289 msgid "Length of time to attempt connection" msgstr "接続を試行する時間" -#: src/config/SSSDConfig/__init__.py.in:289 +#: src/config/SSSDConfig/__init__.py.in:290 msgid "Length of time to attempt synchronous LDAP operations" msgstr "LDAP 同期操作を試行する時間" -#: src/config/SSSDConfig/__init__.py.in:290 +#: src/config/SSSDConfig/__init__.py.in:291 msgid "Length of time between attempts to reconnect while offline" msgstr "オフラインの間に再接続を試行する時間" -#: src/config/SSSDConfig/__init__.py.in:291 +#: src/config/SSSDConfig/__init__.py.in:292 msgid "Use only the upper case for realm names" msgstr "レルム名に対して大文字のみを使用する" -#: src/config/SSSDConfig/__init__.py.in:292 +#: src/config/SSSDConfig/__init__.py.in:293 msgid "File that contains CA certificates" msgstr "CA 証明書を含むファイル" -#: src/config/SSSDConfig/__init__.py.in:293 +#: src/config/SSSDConfig/__init__.py.in:294 msgid "Path to CA certificate directory" msgstr "CA 証明書のディレクトリーのパス" -#: src/config/SSSDConfig/__init__.py.in:294 +#: src/config/SSSDConfig/__init__.py.in:295 msgid "File that contains the client certificate" msgstr "クライアント証明書を含むファイル" -#: src/config/SSSDConfig/__init__.py.in:295 +#: src/config/SSSDConfig/__init__.py.in:296 msgid "File that contains the client key" msgstr "クライアントの鍵を含むファイル" -#: src/config/SSSDConfig/__init__.py.in:296 +#: src/config/SSSDConfig/__init__.py.in:297 msgid "List of possible ciphers suites" msgstr "利用可能な暗号の一覧" -#: src/config/SSSDConfig/__init__.py.in:297 +#: src/config/SSSDConfig/__init__.py.in:298 msgid "Require TLS certificate verification" msgstr "TLS 証明書の検証を要求する" -#: src/config/SSSDConfig/__init__.py.in:298 +#: src/config/SSSDConfig/__init__.py.in:299 msgid "Specify the sasl mechanism to use" msgstr "使用する SASL メカニズムを指定する" -#: src/config/SSSDConfig/__init__.py.in:299 +#: src/config/SSSDConfig/__init__.py.in:300 msgid "Specify the sasl authorization id to use" msgstr "使用する SASL 認可 ID を指定する" -#: src/config/SSSDConfig/__init__.py.in:300 +#: src/config/SSSDConfig/__init__.py.in:301 msgid "Specify the sasl authorization realm to use" msgstr "使用する SASL 認可レルムを指定する" -#: src/config/SSSDConfig/__init__.py.in:301 +#: src/config/SSSDConfig/__init__.py.in:302 msgid "Specify the minimal SSF for LDAP sasl authorization" msgstr "LDAP SASL 認可の最小 SSF を指定する" -#: src/config/SSSDConfig/__init__.py.in:302 +#: src/config/SSSDConfig/__init__.py.in:303 msgid "Kerberos service keytab" msgstr "Kerberos サービスのキーテーブル" -#: src/config/SSSDConfig/__init__.py.in:303 +#: src/config/SSSDConfig/__init__.py.in:304 msgid "Use Kerberos auth for LDAP connection" msgstr "LDAP 接続に対して Kerberos 認証を使用する" -#: src/config/SSSDConfig/__init__.py.in:304 +#: src/config/SSSDConfig/__init__.py.in:305 msgid "Follow LDAP referrals" msgstr "LDAP リフェラルにしたがう" -#: src/config/SSSDConfig/__init__.py.in:305 +#: src/config/SSSDConfig/__init__.py.in:306 msgid "Lifetime of TGT for LDAP connection" msgstr "LDAP 接続の TGT の有効期間" -#: src/config/SSSDConfig/__init__.py.in:306 +#: src/config/SSSDConfig/__init__.py.in:307 msgid "How to dereference aliases" msgstr "エイリアスを参照解決する方法" -#: src/config/SSSDConfig/__init__.py.in:307 +#: src/config/SSSDConfig/__init__.py.in:308 msgid "Service name for DNS service lookups" msgstr "DNS サービス検索のサービス名" -#: src/config/SSSDConfig/__init__.py.in:308 +#: src/config/SSSDConfig/__init__.py.in:309 msgid "The number of records to retrieve in a single LDAP query" msgstr "単一の LDAP 問い合わせにおいて取得するレコード数" -#: src/config/SSSDConfig/__init__.py.in:309 +#: src/config/SSSDConfig/__init__.py.in:310 msgid "The number of members that must be missing to trigger a full deref" msgstr "完全な参照解決を引き起こすために欠けている必要があるメンバーの数" -#: src/config/SSSDConfig/__init__.py.in:310 +#: src/config/SSSDConfig/__init__.py.in:311 msgid "" "Whether the LDAP library should perform a reverse lookup to canonicalize the " "host name during a SASL bind" @@ -961,400 +987,400 @@ msgstr "" "LDAP ライブラリーが SASL バインド中にホスト名を正規化するために逆引きを実行す" "るかどうか" -#: src/config/SSSDConfig/__init__.py.in:312 +#: src/config/SSSDConfig/__init__.py.in:313 msgid "entryUSN attribute" msgstr "entryUSN 属性" -#: src/config/SSSDConfig/__init__.py.in:313 +#: src/config/SSSDConfig/__init__.py.in:314 msgid "lastUSN attribute" msgstr "lastUSN 属性" -#: src/config/SSSDConfig/__init__.py.in:315 +#: src/config/SSSDConfig/__init__.py.in:316 msgid "How long to retain a connection to the LDAP server before disconnecting" msgstr "LDAP サーバーを切断する前に接続を保持する時間" -#: src/config/SSSDConfig/__init__.py.in:317 +#: src/config/SSSDConfig/__init__.py.in:318 msgid "Disable the LDAP paging control" msgstr "LDAP ページング制御を無効化する" -#: src/config/SSSDConfig/__init__.py.in:318 +#: src/config/SSSDConfig/__init__.py.in:319 msgid "Disable Active Directory range retrieval" msgstr "Active Directory 範囲の取得の無効化" -#: src/config/SSSDConfig/__init__.py.in:321 +#: src/config/SSSDConfig/__init__.py.in:322 msgid "Length of time to wait for a search request" msgstr "検索要求を待つ時間" -#: src/config/SSSDConfig/__init__.py.in:322 +#: src/config/SSSDConfig/__init__.py.in:323 msgid "Length of time to wait for a enumeration request" msgstr "列挙の要求を待つ時間" -#: src/config/SSSDConfig/__init__.py.in:323 +#: src/config/SSSDConfig/__init__.py.in:324 msgid "Length of time between enumeration updates" msgstr "列挙の更新間隔" -#: src/config/SSSDConfig/__init__.py.in:324 +#: src/config/SSSDConfig/__init__.py.in:325 msgid "Length of time between cache cleanups" msgstr "キャッシュをクリーンアップする間隔" -#: src/config/SSSDConfig/__init__.py.in:325 +#: src/config/SSSDConfig/__init__.py.in:326 msgid "Require TLS for ID lookups" msgstr "ID 検索に TLS を要求する" -#: src/config/SSSDConfig/__init__.py.in:326 +#: src/config/SSSDConfig/__init__.py.in:327 msgid "Use ID-mapping of objectSID instead of pre-set IDs" msgstr "事前設定済み ID の代わりに objectSID の ID マッピングを使用します" -#: src/config/SSSDConfig/__init__.py.in:327 +#: src/config/SSSDConfig/__init__.py.in:328 msgid "Base DN for user lookups" msgstr "ユーザー検索のベース DN" -#: src/config/SSSDConfig/__init__.py.in:328 +#: src/config/SSSDConfig/__init__.py.in:329 msgid "Scope of user lookups" msgstr "ユーザー検索の範囲" -#: src/config/SSSDConfig/__init__.py.in:329 +#: src/config/SSSDConfig/__init__.py.in:330 msgid "Filter for user lookups" msgstr "ユーザー検索のフィルター" -#: src/config/SSSDConfig/__init__.py.in:330 +#: src/config/SSSDConfig/__init__.py.in:331 msgid "Objectclass for users" msgstr "ユーザーのオブジェクトクラス" -#: src/config/SSSDConfig/__init__.py.in:331 +#: src/config/SSSDConfig/__init__.py.in:332 msgid "Username attribute" msgstr "ユーザー名の属性" -#: src/config/SSSDConfig/__init__.py.in:333 +#: src/config/SSSDConfig/__init__.py.in:334 msgid "UID attribute" msgstr "UID の属性" -#: src/config/SSSDConfig/__init__.py.in:334 +#: src/config/SSSDConfig/__init__.py.in:335 msgid "Primary GID attribute" msgstr "プライマリー GID の属性" -#: src/config/SSSDConfig/__init__.py.in:335 +#: src/config/SSSDConfig/__init__.py.in:336 msgid "GECOS attribute" msgstr "GECOS の属性" -#: src/config/SSSDConfig/__init__.py.in:336 +#: src/config/SSSDConfig/__init__.py.in:337 msgid "Home directory attribute" msgstr "ホームディレクトリの属性" -#: src/config/SSSDConfig/__init__.py.in:337 +#: src/config/SSSDConfig/__init__.py.in:338 msgid "Shell attribute" msgstr "シェルの属性" -#: src/config/SSSDConfig/__init__.py.in:338 +#: src/config/SSSDConfig/__init__.py.in:339 msgid "UUID attribute" -msgstr "" +msgstr "UUID 属性" -#: src/config/SSSDConfig/__init__.py.in:339 -#: src/config/SSSDConfig/__init__.py.in:381 +#: src/config/SSSDConfig/__init__.py.in:340 +#: src/config/SSSDConfig/__init__.py.in:382 msgid "objectSID attribute" msgstr "objectSID 属性" -#: src/config/SSSDConfig/__init__.py.in:340 +#: src/config/SSSDConfig/__init__.py.in:341 msgid "Active Directory primary group attribute for ID-mapping" msgstr "ID マッピングの Active Directory プライマリーグループ属性" -#: src/config/SSSDConfig/__init__.py.in:341 +#: src/config/SSSDConfig/__init__.py.in:342 msgid "User principal attribute (for Kerberos)" msgstr "ユーザープリンシパルの属性(Kerberos 用)" -#: src/config/SSSDConfig/__init__.py.in:342 +#: src/config/SSSDConfig/__init__.py.in:343 msgid "Full Name" msgstr "氏名" -#: src/config/SSSDConfig/__init__.py.in:343 +#: src/config/SSSDConfig/__init__.py.in:344 msgid "memberOf attribute" msgstr "memberOf 属性" -#: src/config/SSSDConfig/__init__.py.in:344 +#: src/config/SSSDConfig/__init__.py.in:345 msgid "Modification time attribute" msgstr "変更日時の属性" -#: src/config/SSSDConfig/__init__.py.in:346 +#: src/config/SSSDConfig/__init__.py.in:347 msgid "shadowLastChange attribute" msgstr "shadowLastChange 属性" -#: src/config/SSSDConfig/__init__.py.in:347 +#: src/config/SSSDConfig/__init__.py.in:348 msgid "shadowMin attribute" msgstr "shadowMin 属性" -#: src/config/SSSDConfig/__init__.py.in:348 +#: src/config/SSSDConfig/__init__.py.in:349 msgid "shadowMax attribute" msgstr "shadowMax 属性" -#: src/config/SSSDConfig/__init__.py.in:349 +#: src/config/SSSDConfig/__init__.py.in:350 msgid "shadowWarning attribute" msgstr "shadowWarning 属性" -#: src/config/SSSDConfig/__init__.py.in:350 +#: src/config/SSSDConfig/__init__.py.in:351 msgid "shadowInactive attribute" msgstr "shadowInactive 属性" -#: src/config/SSSDConfig/__init__.py.in:351 +#: src/config/SSSDConfig/__init__.py.in:352 msgid "shadowExpire attribute" msgstr "shadowExpire 属性" -#: src/config/SSSDConfig/__init__.py.in:352 +#: src/config/SSSDConfig/__init__.py.in:353 msgid "shadowFlag attribute" msgstr "shadowFlag 属性" -#: src/config/SSSDConfig/__init__.py.in:353 +#: src/config/SSSDConfig/__init__.py.in:354 msgid "Attribute listing authorized PAM services" msgstr "認可された PAM サービスを一覧化する属性" -#: src/config/SSSDConfig/__init__.py.in:354 +#: src/config/SSSDConfig/__init__.py.in:355 msgid "Attribute listing authorized server hosts" msgstr "認可されたサーバーホストを一覧化する属性" -#: src/config/SSSDConfig/__init__.py.in:355 +#: src/config/SSSDConfig/__init__.py.in:356 msgid "Attribute listing authorized server rhosts" -msgstr "" +msgstr "認可されたサーバー rhosts を一覧化する属性" -#: src/config/SSSDConfig/__init__.py.in:356 +#: src/config/SSSDConfig/__init__.py.in:357 msgid "krbLastPwdChange attribute" msgstr "krbLastPwdChange 属性" -#: src/config/SSSDConfig/__init__.py.in:357 +#: src/config/SSSDConfig/__init__.py.in:358 msgid "krbPasswordExpiration attribute" msgstr "krbPasswordExpiration 属性" -#: src/config/SSSDConfig/__init__.py.in:358 +#: src/config/SSSDConfig/__init__.py.in:359 msgid "Attribute indicating that server side password policies are active" msgstr "サーバー側パスワードポリシーが有効であることを意味する属性" -#: src/config/SSSDConfig/__init__.py.in:359 +#: src/config/SSSDConfig/__init__.py.in:360 msgid "accountExpires attribute of AD" msgstr "AD の accountExpires 属性" -#: src/config/SSSDConfig/__init__.py.in:360 +#: src/config/SSSDConfig/__init__.py.in:361 msgid "userAccountControl attribute of AD" msgstr "AD の userAccountControl 属性" -#: src/config/SSSDConfig/__init__.py.in:361 +#: src/config/SSSDConfig/__init__.py.in:362 msgid "nsAccountLock attribute" msgstr "nsAccountLock 属性" -#: src/config/SSSDConfig/__init__.py.in:362 +#: src/config/SSSDConfig/__init__.py.in:363 msgid "loginDisabled attribute of NDS" msgstr "NDS の loginDisabled 属性" -#: src/config/SSSDConfig/__init__.py.in:363 +#: src/config/SSSDConfig/__init__.py.in:364 msgid "loginExpirationTime attribute of NDS" msgstr "NDS の loginExpirationTime 属性" -#: src/config/SSSDConfig/__init__.py.in:364 +#: src/config/SSSDConfig/__init__.py.in:365 msgid "loginAllowedTimeMap attribute of NDS" msgstr "NDS の loginAllowedTimeMap 属性" -#: src/config/SSSDConfig/__init__.py.in:365 +#: src/config/SSSDConfig/__init__.py.in:366 msgid "SSH public key attribute" msgstr "SSH 公開鍵の属性" -#: src/config/SSSDConfig/__init__.py.in:366 +#: src/config/SSSDConfig/__init__.py.in:367 msgid "attribute listing allowed authentication types for a user" -msgstr "" +msgstr "ユーザー用に許可された認証タイプを一覧化する属性" -#: src/config/SSSDConfig/__init__.py.in:367 +#: src/config/SSSDConfig/__init__.py.in:368 msgid "attribute containing the X509 certificate of the user" -msgstr "" +msgstr "ユーザーの X509 証明書を含む属性" -#: src/config/SSSDConfig/__init__.py.in:368 +#: src/config/SSSDConfig/__init__.py.in:369 msgid "attribute containing the email address of the user" -msgstr "" +msgstr "ユーザーの電子メールアドレスを含む属性" -#: src/config/SSSDConfig/__init__.py.in:370 +#: src/config/SSSDConfig/__init__.py.in:371 msgid "A list of extra attributes to download along with the user entry" -msgstr "" +msgstr "ユーザーエントリーと共にダウンロードする追加的な属性の一覧" -#: src/config/SSSDConfig/__init__.py.in:372 +#: src/config/SSSDConfig/__init__.py.in:373 msgid "Base DN for group lookups" msgstr "グループ検索のベース DN" -#: src/config/SSSDConfig/__init__.py.in:375 +#: src/config/SSSDConfig/__init__.py.in:376 msgid "Objectclass for groups" msgstr "グループのオブジェクトクラス" -#: src/config/SSSDConfig/__init__.py.in:376 +#: src/config/SSSDConfig/__init__.py.in:377 msgid "Group name" msgstr "グループ名" -#: src/config/SSSDConfig/__init__.py.in:377 +#: src/config/SSSDConfig/__init__.py.in:378 msgid "Group password" msgstr "グループのパスワード" -#: src/config/SSSDConfig/__init__.py.in:378 +#: src/config/SSSDConfig/__init__.py.in:379 msgid "GID attribute" msgstr "GID 属性" -#: src/config/SSSDConfig/__init__.py.in:379 +#: src/config/SSSDConfig/__init__.py.in:380 msgid "Group member attribute" msgstr "グループメンバー属性" -#: src/config/SSSDConfig/__init__.py.in:380 +#: src/config/SSSDConfig/__init__.py.in:381 msgid "Group UUID attribute" -msgstr "" +msgstr "グループ UUID 属性" -#: src/config/SSSDConfig/__init__.py.in:382 +#: src/config/SSSDConfig/__init__.py.in:383 msgid "Modification time attribute for groups" msgstr "グループの変更日時の属性" -#: src/config/SSSDConfig/__init__.py.in:383 +#: src/config/SSSDConfig/__init__.py.in:384 msgid "Type of the group and other flags" -msgstr "" +msgstr "グループおよび他のフラグのタイプ" -#: src/config/SSSDConfig/__init__.py.in:384 +#: src/config/SSSDConfig/__init__.py.in:385 msgid "The LDAP group external member attribute" -msgstr "" +msgstr "LDAP グループの外部メンバーの属性" -#: src/config/SSSDConfig/__init__.py.in:386 +#: src/config/SSSDConfig/__init__.py.in:387 msgid "Maximum nesting level SSSD will follow" -msgstr "" +msgstr "SSSD が従う最大ネストレベル" -#: src/config/SSSDConfig/__init__.py.in:388 +#: src/config/SSSDConfig/__init__.py.in:389 msgid "Base DN for netgroup lookups" msgstr "ネットグループ検索のベース DN" -#: src/config/SSSDConfig/__init__.py.in:389 +#: src/config/SSSDConfig/__init__.py.in:390 msgid "Objectclass for netgroups" msgstr "ネットグループのオブジェクトクラス" -#: src/config/SSSDConfig/__init__.py.in:390 +#: src/config/SSSDConfig/__init__.py.in:391 msgid "Netgroup name" msgstr "ネットグループ名" -#: src/config/SSSDConfig/__init__.py.in:391 +#: src/config/SSSDConfig/__init__.py.in:392 msgid "Netgroups members attribute" msgstr "ネットグループメンバーの属性" -#: src/config/SSSDConfig/__init__.py.in:392 +#: src/config/SSSDConfig/__init__.py.in:393 msgid "Netgroup triple attribute" msgstr "ネットグループの三つ組の属性" -#: src/config/SSSDConfig/__init__.py.in:393 +#: src/config/SSSDConfig/__init__.py.in:394 msgid "Modification time attribute for netgroups" msgstr "ネットグループの変更日時の属性" -#: src/config/SSSDConfig/__init__.py.in:395 +#: src/config/SSSDConfig/__init__.py.in:396 msgid "Base DN for service lookups" msgstr "サービス検索のベース DN" -#: src/config/SSSDConfig/__init__.py.in:396 +#: src/config/SSSDConfig/__init__.py.in:397 msgid "Objectclass for services" msgstr "サービスのオブジェクトクラス" -#: src/config/SSSDConfig/__init__.py.in:397 +#: src/config/SSSDConfig/__init__.py.in:398 msgid "Service name attribute" msgstr "サービス名の属性" -#: src/config/SSSDConfig/__init__.py.in:398 +#: src/config/SSSDConfig/__init__.py.in:399 msgid "Service port attribute" msgstr "サービスポートの属性" -#: src/config/SSSDConfig/__init__.py.in:399 +#: src/config/SSSDConfig/__init__.py.in:400 msgid "Service protocol attribute" msgstr "サービスプロトコルの属性" -#: src/config/SSSDConfig/__init__.py.in:402 +#: src/config/SSSDConfig/__init__.py.in:403 msgid "Lower bound for ID-mapping" msgstr "ID マッピングの下限" -#: src/config/SSSDConfig/__init__.py.in:403 +#: src/config/SSSDConfig/__init__.py.in:404 msgid "Upper bound for ID-mapping" msgstr "ID マッピングの上限" -#: src/config/SSSDConfig/__init__.py.in:404 +#: src/config/SSSDConfig/__init__.py.in:405 msgid "Number of IDs for each slice when ID-mapping" msgstr "ID マッピングするとき、各スライスに対する ID の数" -#: src/config/SSSDConfig/__init__.py.in:405 +#: src/config/SSSDConfig/__init__.py.in:406 msgid "Use autorid-compatible algorithm for ID-mapping" msgstr "ID マッピングに対する autorid 互換アルゴリズムを使用します" -#: src/config/SSSDConfig/__init__.py.in:406 +#: src/config/SSSDConfig/__init__.py.in:407 msgid "Name of the default domain for ID-mapping" msgstr "ID マッピングに対するデフォルトドメインの名前" -#: src/config/SSSDConfig/__init__.py.in:407 +#: src/config/SSSDConfig/__init__.py.in:408 msgid "SID of the default domain for ID-mapping" msgstr "ID マッピングに対するデフォルトドメインの SID" -#: src/config/SSSDConfig/__init__.py.in:408 +#: src/config/SSSDConfig/__init__.py.in:409 msgid "Number of secondary slices" -msgstr "" +msgstr "セカンダリースライスの数" -#: src/config/SSSDConfig/__init__.py.in:410 +#: src/config/SSSDConfig/__init__.py.in:411 msgid "Whether to use Token-Groups" -msgstr "" +msgstr "Token-Group を使うかどうか" -#: src/config/SSSDConfig/__init__.py.in:411 +#: src/config/SSSDConfig/__init__.py.in:412 msgid "Set lower boundary for allowed IDs from the LDAP server" msgstr "LDAP サーバーから許可される ID の下限の設定" -#: src/config/SSSDConfig/__init__.py.in:412 +#: src/config/SSSDConfig/__init__.py.in:413 msgid "Set upper boundary for allowed IDs from the LDAP server" msgstr "LDAP サーバーから許可される ID の上限の設定" -#: src/config/SSSDConfig/__init__.py.in:413 +#: src/config/SSSDConfig/__init__.py.in:414 msgid "DN for ppolicy queries" -msgstr "" +msgstr "ppolicy クエリーの DN" -#: src/config/SSSDConfig/__init__.py.in:414 +#: src/config/SSSDConfig/__init__.py.in:415 msgid "How many maximum entries to fetch during a wildcard request" -msgstr "" +msgstr "ワイルドカードの要求の間に取得する最大エントリーの数" -#: src/config/SSSDConfig/__init__.py.in:417 +#: src/config/SSSDConfig/__init__.py.in:418 msgid "Policy to evaluate the password expiration" msgstr "パスワード失効の評価のポリシー" -#: src/config/SSSDConfig/__init__.py.in:421 +#: src/config/SSSDConfig/__init__.py.in:422 msgid "Which attributes shall be used to evaluate if an account is expired" msgstr "どの属性がアカウントが失効しているかを評価するために使用されるか" -#: src/config/SSSDConfig/__init__.py.in:422 +#: src/config/SSSDConfig/__init__.py.in:423 msgid "Which rules should be used to evaluate access control" msgstr "どのルールがアクセス制御を評価するために使用されるか" -#: src/config/SSSDConfig/__init__.py.in:425 +#: src/config/SSSDConfig/__init__.py.in:426 msgid "URI of an LDAP server where password changes are allowed" msgstr "パスワードの変更が許可される LDAP サーバーの URI" -#: src/config/SSSDConfig/__init__.py.in:426 +#: src/config/SSSDConfig/__init__.py.in:427 msgid "URI of a backup LDAP server where password changes are allowed" msgstr "パスワードの変更が許可されるバックアップ LDAP サーバーの URI" -#: src/config/SSSDConfig/__init__.py.in:427 +#: src/config/SSSDConfig/__init__.py.in:428 msgid "DNS service name for LDAP password change server" msgstr "LDAP パスワードの変更サーバーの DNS サービス名" -#: src/config/SSSDConfig/__init__.py.in:428 +#: src/config/SSSDConfig/__init__.py.in:429 msgid "" "Whether to update the ldap_user_shadow_last_change attribute after a " "password change" msgstr "パスワード変更後 ldap_user_shadow_last_change 属性を更新するかどうか" -#: src/config/SSSDConfig/__init__.py.in:431 +#: src/config/SSSDConfig/__init__.py.in:432 msgid "Base DN for sudo rules lookups" msgstr "sudo ルール検索のベース DN" -#: src/config/SSSDConfig/__init__.py.in:432 +#: src/config/SSSDConfig/__init__.py.in:433 msgid "Automatic full refresh period" msgstr "自動的な完全更新間隔" -#: src/config/SSSDConfig/__init__.py.in:433 +#: src/config/SSSDConfig/__init__.py.in:434 msgid "Automatic smart refresh period" msgstr "自動的なスマート更新間隔" -#: src/config/SSSDConfig/__init__.py.in:434 +#: src/config/SSSDConfig/__init__.py.in:435 msgid "Whether to filter rules by hostname, IP addresses and network" msgstr "" "ホスト名、IP アドレスおよびネットワークによるフィルタールールを使用するかどう" "か" -#: src/config/SSSDConfig/__init__.py.in:435 +#: src/config/SSSDConfig/__init__.py.in:436 msgid "" "Hostnames and/or fully qualified domain names of this machine to filter sudo " "rules" @@ -1362,335 +1388,345 @@ msgstr "" "sudo ルールをフィルターするこのマシンのホスト名および/または完全修飾ドメイン" "名" -#: src/config/SSSDConfig/__init__.py.in:436 +#: src/config/SSSDConfig/__init__.py.in:437 msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules" msgstr "" "sudo ルールをフィルターするこのマシンの IPv4 または IPv6 アドレスまたはネット" "ワーク" -#: src/config/SSSDConfig/__init__.py.in:437 +#: src/config/SSSDConfig/__init__.py.in:438 msgid "Whether to include rules that contains netgroup in host attribute" msgstr "ホスト属性にネットワークグループを含むルールを含めるかどうか" -#: src/config/SSSDConfig/__init__.py.in:438 +#: src/config/SSSDConfig/__init__.py.in:439 msgid "" "Whether to include rules that contains regular expression in host attribute" msgstr "ホスト属性に正規表現を含むルールを含めるかどうか" -#: src/config/SSSDConfig/__init__.py.in:439 +#: src/config/SSSDConfig/__init__.py.in:440 msgid "Object class for sudo rules" msgstr "sudo ルールのオブジェクトクラス" -#: src/config/SSSDConfig/__init__.py.in:440 +#: src/config/SSSDConfig/__init__.py.in:441 msgid "Sudo rule name" msgstr "sudo ルール名" -#: src/config/SSSDConfig/__init__.py.in:441 +#: src/config/SSSDConfig/__init__.py.in:442 msgid "Sudo rule command attribute" msgstr "sudo ルールのコマンドの属性" -#: src/config/SSSDConfig/__init__.py.in:442 +#: src/config/SSSDConfig/__init__.py.in:443 msgid "Sudo rule host attribute" msgstr "sudo ルールのホストの属性" -#: src/config/SSSDConfig/__init__.py.in:443 +#: src/config/SSSDConfig/__init__.py.in:444 msgid "Sudo rule user attribute" msgstr "sudo ルールのユーザーの属性" -#: src/config/SSSDConfig/__init__.py.in:444 +#: src/config/SSSDConfig/__init__.py.in:445 msgid "Sudo rule option attribute" msgstr "sudo ルールのオプションの属性" -#: src/config/SSSDConfig/__init__.py.in:445 +#: src/config/SSSDConfig/__init__.py.in:446 msgid "Sudo rule runas attribute" -msgstr "" +msgstr "sudo ルールの runas の属性" -#: src/config/SSSDConfig/__init__.py.in:446 +#: src/config/SSSDConfig/__init__.py.in:447 msgid "Sudo rule runasuser attribute" msgstr "sudo ルールの runasuser の属性" -#: src/config/SSSDConfig/__init__.py.in:447 +#: src/config/SSSDConfig/__init__.py.in:448 msgid "Sudo rule runasgroup attribute" msgstr "sudo ルールの runasgroup の属性" -#: src/config/SSSDConfig/__init__.py.in:448 +#: src/config/SSSDConfig/__init__.py.in:449 msgid "Sudo rule notbefore attribute" msgstr "sudo ルールの notbefore の属性" -#: src/config/SSSDConfig/__init__.py.in:449 +#: src/config/SSSDConfig/__init__.py.in:450 msgid "Sudo rule notafter attribute" msgstr "sudo ルールの notafter の属性" -#: src/config/SSSDConfig/__init__.py.in:450 +#: src/config/SSSDConfig/__init__.py.in:451 msgid "Sudo rule order attribute" msgstr "sudo ルールの order の属性" -#: src/config/SSSDConfig/__init__.py.in:453 +#: src/config/SSSDConfig/__init__.py.in:454 msgid "Object class for automounter maps" msgstr "automounter マップのオブジェクトクラス" -#: src/config/SSSDConfig/__init__.py.in:454 +#: src/config/SSSDConfig/__init__.py.in:455 msgid "Automounter map name attribute" msgstr "オートマウントのマップ名の属性" -#: src/config/SSSDConfig/__init__.py.in:455 +#: src/config/SSSDConfig/__init__.py.in:456 msgid "Object class for automounter map entries" msgstr "automounter マップエントリーのオブジェクトクラス" -#: src/config/SSSDConfig/__init__.py.in:456 +#: src/config/SSSDConfig/__init__.py.in:457 msgid "Automounter map entry key attribute" msgstr "automounter マップエントリーのキー属性" -#: src/config/SSSDConfig/__init__.py.in:457 +#: src/config/SSSDConfig/__init__.py.in:458 msgid "Automounter map entry value attribute" msgstr "automounter マップエントリーの値属性" -#: src/config/SSSDConfig/__init__.py.in:458 +#: src/config/SSSDConfig/__init__.py.in:459 msgid "Base DN for automounter map lookups" msgstr "automonter のマップ検索のベース DN" -#: src/config/SSSDConfig/__init__.py.in:461 +#: src/config/SSSDConfig/__init__.py.in:462 msgid "Comma separated list of allowed users" msgstr "許可ユーザーのカンマ区切り一覧" -#: src/config/SSSDConfig/__init__.py.in:462 +#: src/config/SSSDConfig/__init__.py.in:463 msgid "Comma separated list of prohibited users" msgstr "禁止ユーザーのカンマ区切り一覧" -#: src/config/SSSDConfig/__init__.py.in:465 +#: src/config/SSSDConfig/__init__.py.in:466 msgid "Default shell, /bin/bash" msgstr "デフォルトのシェル, /bin/bash" -#: src/config/SSSDConfig/__init__.py.in:466 +#: src/config/SSSDConfig/__init__.py.in:467 msgid "Base for home directories" msgstr "ホームディレクトリーのベース" -#: src/config/SSSDConfig/__init__.py.in:469 +#: src/config/SSSDConfig/__init__.py.in:470 msgid "The number of preforked proxy children." -msgstr "" +msgstr "事前にフォークされた子プロキシの数" -#: src/config/SSSDConfig/__init__.py.in:472 +#: src/config/SSSDConfig/__init__.py.in:473 msgid "The name of the NSS library to use" msgstr "使用する NSS ライブラリーの名前" -#: src/config/SSSDConfig/__init__.py.in:473 +#: src/config/SSSDConfig/__init__.py.in:474 msgid "Whether to look up canonical group name from cache if possible" msgstr "可能ならばキャッシュから正規化されたグループ名を検索するかどうか" -#: src/config/SSSDConfig/__init__.py.in:476 +#: src/config/SSSDConfig/__init__.py.in:477 msgid "PAM stack to use" msgstr "使用する PAM スタック" -#: src/config/SSSDConfig/__init__.py.in:479 +#: src/config/SSSDConfig/__init__.py.in:480 msgid "Path of passwd file sources." -msgstr "" +msgstr "passwd ファイルソースへのパス" -#: src/config/SSSDConfig/__init__.py.in:480 +#: src/config/SSSDConfig/__init__.py.in:481 msgid "Path of group file sources." -msgstr "" +msgstr "グループファイルソースへのパス" -#: src/monitor/monitor.c:2347 +#: src/monitor/monitor.c:2332 msgid "Become a daemon (default)" msgstr "デーモンとして実行(デフォルト)" -#: src/monitor/monitor.c:2349 +#: src/monitor/monitor.c:2334 msgid "Run interactive (not a daemon)" msgstr "対話的に実行(デーモンではない)" -#: src/monitor/monitor.c:2352 +#: src/monitor/monitor.c:2337 msgid "Disable netlink interface" -msgstr "" +msgstr "netlink インターフェースを無効にする" -#: src/monitor/monitor.c:2354 src/tools/sssctl/sssctl_logs.c:311 +#: src/monitor/monitor.c:2339 src/tools/sssctl/sssctl_logs.c:311 msgid "Specify a non-default config file" msgstr "非標準の設定ファイルの指定" -#: src/monitor/monitor.c:2356 +#: src/monitor/monitor.c:2341 msgid "Refresh the configuration database, then exit" -msgstr "" +msgstr "設定データベースをリフレッシュし、その後終了します" -#: src/monitor/monitor.c:2359 +#: src/monitor/monitor.c:2344 msgid "Similar to --genconf, but only refreshes the given section" -msgstr "" +msgstr "--genconf と似ていますが、任意のセクションのみをリフレッシュします" -#: src/monitor/monitor.c:2362 +#: src/monitor/monitor.c:2347 msgid "Print version number and exit" msgstr "バージョン番号を表示して終了する" -#: src/monitor/monitor.c:2538 +#: src/monitor/monitor.c:2523 msgid "SSSD is already running\n" -msgstr "" +msgstr "SSSD はすでに実行中です\n" -#: src/providers/krb5/krb5_child.c:3219 src/providers/ldap/ldap_child.c:605 +#: src/providers/krb5/krb5_child.c:3232 src/providers/ldap/ldap_child.c:605 msgid "Debug level" msgstr "デバッグレベル" -#: src/providers/krb5/krb5_child.c:3221 src/providers/ldap/ldap_child.c:607 +#: src/providers/krb5/krb5_child.c:3234 src/providers/ldap/ldap_child.c:607 msgid "Add debug timestamps" msgstr "デバッグのタイムスタンプを追加する" -#: src/providers/krb5/krb5_child.c:3223 src/providers/ldap/ldap_child.c:609 +#: src/providers/krb5/krb5_child.c:3236 src/providers/ldap/ldap_child.c:609 msgid "Show timestamps with microseconds" msgstr "タイムスタンプをミリ秒単位で表示する" -#: src/providers/krb5/krb5_child.c:3225 src/providers/ldap/ldap_child.c:611 +#: src/providers/krb5/krb5_child.c:3238 src/providers/ldap/ldap_child.c:611 msgid "An open file descriptor for the debug logs" msgstr "デバッグログのオープンファイルディスクリプター" -#: src/providers/krb5/krb5_child.c:3228 src/providers/ldap/ldap_child.c:613 +#: src/providers/krb5/krb5_child.c:3241 src/providers/ldap/ldap_child.c:613 msgid "Send the debug output to stderr directly." -msgstr "" +msgstr "デバッグ出力を stderr に直接送信します。" -#: src/providers/krb5/krb5_child.c:3231 +#: src/providers/krb5/krb5_child.c:3244 msgid "The user to create FAST ccache as" -msgstr "" +msgstr "次のように FAST ccache を作成するユーザー" -#: src/providers/krb5/krb5_child.c:3233 +#: src/providers/krb5/krb5_child.c:3246 msgid "The group to create FAST ccache as" -msgstr "" +msgstr "次のように FAST ccache を作成するグループ" -#: src/providers/krb5/krb5_child.c:3235 +#: src/providers/krb5/krb5_child.c:3248 msgid "Kerberos realm to use" -msgstr "" +msgstr "使用する Kerberos レルム" -#: src/providers/krb5/krb5_child.c:3237 +#: src/providers/krb5/krb5_child.c:3250 msgid "Requested lifetime of the ticket" -msgstr "" +msgstr "チケットの要求された有効期間" -#: src/providers/krb5/krb5_child.c:3239 +#: src/providers/krb5/krb5_child.c:3252 msgid "Requested renewable lifetime of the ticket" -msgstr "" +msgstr "チケットの要求された更新可能な有効期間" -#: src/providers/krb5/krb5_child.c:3241 +#: src/providers/krb5/krb5_child.c:3254 msgid "FAST options ('never', 'try', 'demand')" -msgstr "" +msgstr "FAST のオプション ('never'、'try'、'demand')" -#: src/providers/krb5/krb5_child.c:3244 +#: src/providers/krb5/krb5_child.c:3257 msgid "Specifies the server principal to use for FAST" -msgstr "" +msgstr "FAST で使用するサーバープリンシパルを指定します" -#: src/providers/krb5/krb5_child.c:3246 +#: src/providers/krb5/krb5_child.c:3259 msgid "Requests canonicalization of the principal name" -msgstr "" +msgstr "プリンシパル名の正規化を要求します" -#: src/providers/krb5/krb5_child.c:3248 +#: src/providers/krb5/krb5_child.c:3261 msgid "Use custom version of krb5_get_init_creds_password" -msgstr "" +msgstr "krb5_get_init_creds_password のカスタムバージョンを使用します" -#: src/providers/data_provider_be.c:630 +#: src/providers/data_provider_be.c:673 msgid "Domain of the information provider (mandatory)" msgstr "情報プロバイダーのドメイン (必須)" -#: src/sss_client/common.c:1067 +#: src/sss_client/common.c:1079 msgid "Privileged socket has wrong ownership or permissions." msgstr "特権ソケットの所有者またはパーミッションが誤っています。" -#: src/sss_client/common.c:1070 +#: src/sss_client/common.c:1082 msgid "Public socket has wrong ownership or permissions." msgstr "公開ソケットの所有者またはパーミッションが誤っています。" -#: src/sss_client/common.c:1073 +#: src/sss_client/common.c:1085 msgid "Unexpected format of the server credential message." msgstr "サーバーのクレディンシャルメッセージの予期しない形式です。" -#: src/sss_client/common.c:1076 +#: src/sss_client/common.c:1088 msgid "SSSD is not run by root." msgstr "SSSD は root により実行されません。" -#: src/sss_client/common.c:1081 +#: src/sss_client/common.c:1091 +msgid "SSSD socket does not exist." +msgstr "" + +#: src/sss_client/common.c:1094 +msgid "Cannot get stat of SSSD socket." +msgstr "" + +#: src/sss_client/common.c:1099 msgid "An error occurred, but no description can be found." msgstr "エラーが発生しましたが、説明がありませんでした。" -#: src/sss_client/common.c:1087 +#: src/sss_client/common.c:1105 msgid "Unexpected error while looking for an error description" msgstr "エラーの説明を検索中に予期しないエラーが発生しました" #: src/sss_client/pam_sss.c:67 msgid "Permission denied. " -msgstr "" +msgstr "パーミッションが拒否されました。" -#: src/sss_client/pam_sss.c:68 src/sss_client/pam_sss.c:774 -#: src/sss_client/pam_sss.c:785 +#: src/sss_client/pam_sss.c:68 src/sss_client/pam_sss.c:777 +#: src/sss_client/pam_sss.c:788 msgid "Server message: " msgstr "サーバーのメッセージ: " -#: src/sss_client/pam_sss.c:292 +#: src/sss_client/pam_sss.c:295 msgid "Passwords do not match" msgstr "パスワードが一致しません" -#: src/sss_client/pam_sss.c:480 +#: src/sss_client/pam_sss.c:483 msgid "Password reset by root is not supported." msgstr "root によるパスワードのリセットはサポートされません。" -#: src/sss_client/pam_sss.c:521 +#: src/sss_client/pam_sss.c:524 msgid "Authenticated with cached credentials" msgstr "キャッシュされているクレディンシャルを用いて認証されました" -#: src/sss_client/pam_sss.c:522 +#: src/sss_client/pam_sss.c:525 msgid ", your cached password will expire at: " msgstr "、キャッシュされたパスワードが失効します: " -#: src/sss_client/pam_sss.c:552 +#: src/sss_client/pam_sss.c:555 #, c-format msgid "Your password has expired. You have %1$d grace login(s) remaining." msgstr "パスワードの期限が切れています。あと %1$d 回ログインできます。" -#: src/sss_client/pam_sss.c:598 +#: src/sss_client/pam_sss.c:601 #, c-format msgid "Your password will expire in %1$d %2$s." msgstr "あなたのパスワードは %1$d %2$s に期限切れになります。" -#: src/sss_client/pam_sss.c:647 +#: src/sss_client/pam_sss.c:650 msgid "Authentication is denied until: " msgstr "次まで認証が拒否されます: " -#: src/sss_client/pam_sss.c:668 +#: src/sss_client/pam_sss.c:671 msgid "System is offline, password change not possible" msgstr "システムがオフラインです、パスワード変更ができません" -#: src/sss_client/pam_sss.c:683 +#: src/sss_client/pam_sss.c:686 msgid "" "After changing the OTP password, you need to log out and back in order to " "acquire a ticket" msgstr "" +"OTP パスワードの変更後、チケットを取得するためにログアウト後に再びログインす" +"る必要があります" -#: src/sss_client/pam_sss.c:771 src/sss_client/pam_sss.c:784 +#: src/sss_client/pam_sss.c:774 src/sss_client/pam_sss.c:787 msgid "Password change failed. " msgstr "パスワードの変更に失敗しました。 " -#: src/sss_client/pam_sss.c:1921 +#: src/sss_client/pam_sss.c:1977 msgid "New Password: " msgstr "新しいパスワード: " -#: src/sss_client/pam_sss.c:1922 +#: src/sss_client/pam_sss.c:1978 msgid "Reenter new Password: " msgstr "新しいパスワードの再入力: " -#: src/sss_client/pam_sss.c:2038 src/sss_client/pam_sss.c:2041 +#: src/sss_client/pam_sss.c:2139 src/sss_client/pam_sss.c:2142 msgid "First Factor: " -msgstr "" +msgstr "1 番目の要素: " -#: src/sss_client/pam_sss.c:2039 src/sss_client/pam_sss.c:2201 +#: src/sss_client/pam_sss.c:2140 src/sss_client/pam_sss.c:2303 msgid "Second Factor (optional): " -msgstr "" +msgstr "2 番目の要素 (オプション): " -#: src/sss_client/pam_sss.c:2042 src/sss_client/pam_sss.c:2204 +#: src/sss_client/pam_sss.c:2143 src/sss_client/pam_sss.c:2306 msgid "Second Factor: " -msgstr "" +msgstr "2 番目の要素: " -#: src/sss_client/pam_sss.c:2057 +#: src/sss_client/pam_sss.c:2158 msgid "Password: " msgstr "パスワード: " -#: src/sss_client/pam_sss.c:2200 src/sss_client/pam_sss.c:2203 +#: src/sss_client/pam_sss.c:2302 src/sss_client/pam_sss.c:2305 msgid "First Factor (Current Password): " -msgstr "" +msgstr "1 番目の要素 (現在のパスワード): " -#: src/sss_client/pam_sss.c:2207 +#: src/sss_client/pam_sss.c:2309 msgid "Current Password: " msgstr "現在のパスワード: " -#: src/sss_client/pam_sss.c:2562 +#: src/sss_client/pam_sss.c:2664 msgid "Password expired. Change your password now." msgstr "パスワードの期限が切れました。いますぐパスワードを変更してください。" @@ -1699,7 +1735,7 @@ msgstr "パスワードの期限が切れました。いますぐパスワード #: src/tools/sss_groupadd.c:41 src/tools/sss_groupdel.c:44 #: src/tools/sss_groupmod.c:42 src/tools/sss_groupshow.c:668 #: src/tools/sss_userdel.c:134 src/tools/sss_usermod.c:47 -#: src/tools/sss_cache.c:687 +#: src/tools/sss_cache.c:704 msgid "The debug level to run with" msgstr "実行するデバッグレベル" @@ -1712,7 +1748,7 @@ msgstr "使用する SSSD ドメイン" #: src/tools/sss_groupadd.c:59 src/tools/sss_groupdel.c:54 #: src/tools/sss_groupmod.c:66 src/tools/sss_groupshow.c:680 #: src/tools/sss_userdel.c:152 src/tools/sss_usermod.c:79 -#: src/tools/sss_cache.c:733 +#: src/tools/sss_cache.c:750 msgid "Error setting the locale\n" msgstr "ロケールの設定中にエラーが発生しました\n" @@ -1734,7 +1770,7 @@ msgstr "ホストへの接続に使用するポート" #: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:210 msgid "Print the host ssh public keys" -msgstr "" +msgstr "ホスト SSH 公開鍵を印刷" #: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:252 msgid "Invalid port\n" @@ -1746,7 +1782,12 @@ msgstr "ホストが指定されていません\n" #: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:263 msgid "The path to the proxy command must be absolute\n" -msgstr "プロキシーコマンドへのパスは絶対パスにする必要があります\n" +msgstr "プロキシコマンドへのパスは絶対パスにする必要があります\n" + +#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:342 +#, c-format +msgid "sss_ssh_knownhostsproxy: Could not resolve hostname %s\n" +msgstr "" #: src/tools/sss_useradd.c:49 src/tools/sss_usermod.c:48 msgid "The UID of the user" @@ -2131,22 +2172,24 @@ msgstr "アカウントをロック解除する" #: src/tools/sss_usermod.c:57 msgid "Add an attribute/value pair. The format is attrname=value." -msgstr "" +msgstr "属性/値のペアを追加します。フォーマットは attrname=value です。" #: src/tools/sss_usermod.c:58 msgid "Delete an attribute/value pair. The format is attrname=value." -msgstr "" +msgstr "属性/値のペアを削除します。フォーマットは attrname=value です。" #: src/tools/sss_usermod.c:59 msgid "" "Set an attribute to a name/value pair. The format is attrname=value. For " "multi-valued attributes, the command replaces the values already present" msgstr "" +"名前/値のペアに属性を指定します。形式は attrname=value です。複数の値を持つ属" +"性の場合、コマンドがすでに存在する値に置き換えられます。" #: src/tools/sss_usermod.c:117 src/tools/sss_usermod.c:126 #: src/tools/sss_usermod.c:135 msgid "Specify the attribute name/value pair(s)\n" -msgstr "" +msgstr "属性の名前/値のペアを指定します\n" #: src/tools/sss_usermod.c:152 msgid "Specify user to modify\n" @@ -2174,95 +2217,97 @@ msgstr "" msgid "Transaction error. Could not modify user.\n" msgstr "トランザクションエラー。ユーザーを変更できませんでした。\n" -#: src/tools/sss_cache.c:228 +#: src/tools/sss_cache.c:245 msgid "No cache object matched the specified search\n" msgstr "指定された検索に一致するキャッシュオブジェクトがありません\n" -#: src/tools/sss_cache.c:519 +#: src/tools/sss_cache.c:536 #, c-format msgid "Couldn't invalidate %1$s\n" -msgstr "" +msgstr "%1$s を無効化できませんでした\n" -#: src/tools/sss_cache.c:526 +#: src/tools/sss_cache.c:543 #, c-format msgid "Couldn't invalidate %1$s %2$s\n" -msgstr "" +msgstr "%1$s %2$s を無効化できませんでした\n" -#: src/tools/sss_cache.c:689 +#: src/tools/sss_cache.c:706 msgid "Invalidate all cached entries" -msgstr "" +msgstr "すべてのキャッシュエントリーを無効化します" -#: src/tools/sss_cache.c:691 +#: src/tools/sss_cache.c:708 msgid "Invalidate particular user" msgstr "特定のユーザーを無効にする" -#: src/tools/sss_cache.c:693 +#: src/tools/sss_cache.c:710 msgid "Invalidate all users" msgstr "すべてのユーザーを無効にする" -#: src/tools/sss_cache.c:695 +#: src/tools/sss_cache.c:712 msgid "Invalidate particular group" msgstr "特定のグループを無効にする" -#: src/tools/sss_cache.c:697 +#: src/tools/sss_cache.c:714 msgid "Invalidate all groups" msgstr "すべてのグループを無効にする" -#: src/tools/sss_cache.c:699 +#: src/tools/sss_cache.c:716 msgid "Invalidate particular netgroup" msgstr "特定のネットワークグループを無効にする" -#: src/tools/sss_cache.c:701 +#: src/tools/sss_cache.c:718 msgid "Invalidate all netgroups" msgstr "すべてのネットワークグループを無効にする" -#: src/tools/sss_cache.c:703 +#: src/tools/sss_cache.c:720 msgid "Invalidate particular service" msgstr "特定のサービスの無効化" -#: src/tools/sss_cache.c:705 +#: src/tools/sss_cache.c:722 msgid "Invalidate all services" msgstr "すべてのサービスの無効化" -#: src/tools/sss_cache.c:708 +#: src/tools/sss_cache.c:725 msgid "Invalidate particular autofs map" msgstr "特定の autofs マップの無効化" -#: src/tools/sss_cache.c:710 +#: src/tools/sss_cache.c:727 msgid "Invalidate all autofs maps" msgstr "すべての autofs マップの無効化" -#: src/tools/sss_cache.c:714 +#: src/tools/sss_cache.c:731 msgid "Invalidate particular SSH host" -msgstr "" +msgstr "特定の SSH ホストを無効化します" -#: src/tools/sss_cache.c:716 +#: src/tools/sss_cache.c:733 msgid "Invalidate all SSH hosts" -msgstr "" +msgstr "すべての SSH ホストを無効化します" -#: src/tools/sss_cache.c:720 +#: src/tools/sss_cache.c:737 msgid "Invalidate particular sudo rule" -msgstr "" +msgstr "特定の sudo ルールを無効化します" -#: src/tools/sss_cache.c:722 +#: src/tools/sss_cache.c:739 msgid "Invalidate all cached sudo rules" -msgstr "" +msgstr "すべてのキャッシュ sudo ルールを無効化します" -#: src/tools/sss_cache.c:725 +#: src/tools/sss_cache.c:742 msgid "Only invalidate entries from a particular domain" msgstr "特定のドメインのみからエントリーを無効にする" -#: src/tools/sss_cache.c:779 +#: src/tools/sss_cache.c:796 msgid "" "Unexpected argument(s) provided, options that invalidate a single object " "only accept a single provided argument.\n" msgstr "" +"予期しない引数が提供される場合、1 つのオブジェクトを無効化するオプションは、" +"提供された引数を 1 つだけ受け取ります。\n" -#: src/tools/sss_cache.c:789 +#: src/tools/sss_cache.c:806 msgid "Please select at least one object to invalidate\n" msgstr "無効化するオブジェクトを少なくとも一つ選択してください\n" -#: src/tools/sss_cache.c:872 +#: src/tools/sss_cache.c:889 #, c-format msgid "" "Could not open domain %1$s. If the domain is a subdomain (trusted domain), " @@ -2271,7 +2316,7 @@ msgstr "" "ドメイン %1$s を開けませんでした。ドメインがサブドメイン (信頼済みドメイン) " "であれば、--domain/-d パラメーターの代わりに完全修飾名を使用してください。\n" -#: src/tools/sss_cache.c:877 +#: src/tools/sss_cache.c:894 msgid "Could not open available domains\n" msgstr "利用可能なドメインを開けませんでした\n" @@ -2292,106 +2337,107 @@ msgstr "%1$s は root として実行する必要があります\n" #: src/tools/sssctl/sssctl.c:35 msgid "yes" -msgstr "" +msgstr "はい" #: src/tools/sssctl/sssctl.c:37 msgid "no" -msgstr "" +msgstr "いいえ" #: src/tools/sssctl/sssctl.c:39 msgid "error" -msgstr "" +msgstr "エラー" #: src/tools/sssctl/sssctl.c:42 msgid "Invalid result." -msgstr "" +msgstr "無効な結果。" #: src/tools/sssctl/sssctl.c:78 #, c-format msgid "Unable to read user input\n" -msgstr "" +msgstr "ユーザーインプットの読み込みができませんでした\n" #: src/tools/sssctl/sssctl.c:91 #, c-format msgid "Invalid input, please provide either '%s' or '%s'.\n" msgstr "" +"無効なインプットです。'%s' または '%s' のいずれかを提供してください。\n" #: src/tools/sssctl/sssctl.c:109 src/tools/sssctl/sssctl.c:114 #, c-format msgid "Error while executing external command\n" -msgstr "" +msgstr "外部のコマンドを実行中にエラーが発生しました\n" #: src/tools/sssctl/sssctl.c:156 msgid "SSSD needs to be running. Start SSSD now?" -msgstr "" +msgstr "SSSD を実行する必要があります。SSSD をすぐに実行しますか?" #: src/tools/sssctl/sssctl.c:195 msgid "SSSD must not be running. Stop SSSD now?" -msgstr "" +msgstr "SSSD を実行してはいけません。SSSD を今、停止しますか?" #: src/tools/sssctl/sssctl.c:231 msgid "SSSD needs to be restarted. Restart SSSD now?" -msgstr "" +msgstr "SSSD は再起動が必要です。SSSD を今、再起動しますか?" #: src/tools/sssctl/sssctl_cache.c:31 #, c-format msgid " %s is not present in cache.\n" -msgstr "" +msgstr " %s はキャッシュにありません\n" #: src/tools/sssctl/sssctl_cache.c:33 msgid "Name" -msgstr "" +msgstr "名前" #: src/tools/sssctl/sssctl_cache.c:34 msgid "Cache entry creation date" -msgstr "" +msgstr "キャッシュエントリーの作成日" #: src/tools/sssctl/sssctl_cache.c:35 msgid "Cache entry last update time" -msgstr "" +msgstr "キャッシュエントリーが最後に更新された時間" #: src/tools/sssctl/sssctl_cache.c:36 msgid "Cache entry expiration time" -msgstr "" +msgstr "キャッシュエントリーの期限切れ時間" #: src/tools/sssctl/sssctl_cache.c:37 msgid "Cached in InfoPipe" -msgstr "" +msgstr "InfoPipe にキャッシュ" #: src/tools/sssctl/sssctl_cache.c:522 #, c-format msgid "Error: Unable to get object [%d]: %s\n" -msgstr "" +msgstr "エラー: オブジェクト [%d] を取得できません: %s\n" #: src/tools/sssctl/sssctl_cache.c:538 #, c-format msgid "%s: Unable to read value [%d]: %s\n" -msgstr "" +msgstr "%s: 値 [%d] の読み込みができません: %s\n" #: src/tools/sssctl/sssctl_cache.c:566 msgid "Specify name." -msgstr "" +msgstr "名前を指定します。" #: src/tools/sssctl/sssctl_cache.c:576 #, c-format msgid "Unable to parse name %s.\n" -msgstr "" +msgstr "名前 %s を構文解析できません。\n" #: src/tools/sssctl/sssctl_cache.c:602 src/tools/sssctl/sssctl_cache.c:649 msgid "Search by SID" -msgstr "" +msgstr "SID で検索" #: src/tools/sssctl/sssctl_cache.c:603 msgid "Search by user ID" -msgstr "" +msgstr "ユーザーID で検索" #: src/tools/sssctl/sssctl_cache.c:612 msgid "Initgroups expiration time" -msgstr "" +msgstr "Initgroups の期限切れ時間" #: src/tools/sssctl/sssctl_cache.c:650 msgid "Search by group ID" -msgstr "" +msgstr "グループ ID で検索" #: src/tools/sssctl/sssctl_config.c:67 #, c-format @@ -2399,178 +2445,186 @@ msgid "" "File %1$s does not exist. SSSD will use default configuration with files " "provider.\n" msgstr "" +"ファイル %1$s は存在しません。SSSD は、ファイルプロバイダーでデフォルトの設定" +"を使用します。\n" #: src/tools/sssctl/sssctl_config.c:81 #, c-format msgid "" "File ownership and permissions check failed. Expected root:root and 0600.\n" msgstr "" +"ファイルの所有権とパーミッションの確認に失敗しました。予期される root:root お" +"よび 0600。\n" #: src/tools/sssctl/sssctl_config.c:104 #, c-format msgid "Issues identified by validators: %zu\n" -msgstr "" +msgstr "バリデーターで特定された問題: %zu\n" #: src/tools/sssctl/sssctl_config.c:114 #, c-format msgid "Messages generated during configuration merging: %zu\n" -msgstr "" +msgstr "設定のマージ中に生成されたメッセージ: %zu\n" #: src/tools/sssctl/sssctl_config.c:127 #, c-format msgid "Used configuration snippet files: %u\n" -msgstr "" +msgstr "設定スニペットファイルを使用: %u\n" #: src/tools/sssctl/sssctl_data.c:89 #, c-format msgid "Unable to create backup directory [%d]: %s" -msgstr "" +msgstr "バックアップディレクトリー [%d] の作成に失敗: %s" #: src/tools/sssctl/sssctl_data.c:95 msgid "SSSD backup of local data already exists, override?" msgstr "" +"ローカルデータの SSSD バックアップはすでに存在しますが、上書きしますか?" #: src/tools/sssctl/sssctl_data.c:111 #, c-format msgid "Unable to export user overrides\n" -msgstr "" +msgstr "ユーザーの上書きをエクスポートできません\n" #: src/tools/sssctl/sssctl_data.c:118 #, c-format msgid "Unable to export group overrides\n" -msgstr "" +msgstr "グループの上書きをエクスポートできません\n" #: src/tools/sssctl/sssctl_data.c:134 src/tools/sssctl/sssctl_data.c:217 msgid "Override existing backup" -msgstr "" +msgstr "既存のバックアップを上書き" #: src/tools/sssctl/sssctl_data.c:164 #, c-format msgid "Unable to import user overrides\n" -msgstr "" +msgstr "ユーザーの上書きをインポートできません\n" #: src/tools/sssctl/sssctl_data.c:173 #, c-format msgid "Unable to import group overrides\n" -msgstr "" +msgstr "グループの上書きをインポートできません\n" #: src/tools/sssctl/sssctl_data.c:194 src/tools/sssctl/sssctl_domains.c:82 #: src/tools/sssctl/sssctl_domains.c:315 msgid "Start SSSD if it is not running" -msgstr "" +msgstr "実行中でない場合、SSSD を開始します" #: src/tools/sssctl/sssctl_data.c:195 msgid "Restart SSSD after data import" -msgstr "" +msgstr "データのインポートの後、SSSD を再起動します" #: src/tools/sssctl/sssctl_data.c:218 msgid "Create clean cache files and import local data" -msgstr "" +msgstr "クリーンなキャッシュファイルを作成し、ローカルデータをインポートします" #: src/tools/sssctl/sssctl_data.c:219 msgid "Stop SSSD before removing the cache" -msgstr "" +msgstr "キャッシュを削除する前に SSSD を停止します" #: src/tools/sssctl/sssctl_data.c:220 msgid "Start SSSD when the cache is removed" -msgstr "" +msgstr "キャッシュの削除後に SSSD を開始します" #: src/tools/sssctl/sssctl_data.c:235 #, c-format msgid "Creating backup of local data...\n" -msgstr "" +msgstr "ローカルデータのバックアップを作成中...\n" #: src/tools/sssctl/sssctl_data.c:238 #, c-format msgid "Unable to create backup of local data, can not remove the cache.\n" msgstr "" +"ローカルデータのバックアップの作成ができません。キャッシュを削除できませ" +"ん。\n" #: src/tools/sssctl/sssctl_data.c:243 #, c-format msgid "Removing cache files...\n" -msgstr "" +msgstr "キャッシュファイルの削除中...\n" #: src/tools/sssctl/sssctl_data.c:246 #, c-format msgid "Unable to remove cache files\n" -msgstr "" +msgstr "キャッシュファイルを削除できません\n" #: src/tools/sssctl/sssctl_data.c:251 #, c-format msgid "Restoring local data...\n" -msgstr "" +msgstr "ローカルデータの復元中...\n" #: src/tools/sssctl/sssctl_domains.c:83 msgid "Show domain list including primary or trusted domain type" msgstr "" +"プライマリーまたは信頼されたドメインタイプを含むドメインリストを表示します" #: src/tools/sssctl/sssctl_domains.c:105 src/tools/sssctl/sssctl_domains.c:354 #: src/tools/sssctl/sssctl_user_checks.c:95 #, c-format msgid "Unable to connect to system bus!\n" -msgstr "" +msgstr "システムバスに接続できません!\n" #: src/tools/sssctl/sssctl_domains.c:167 #, c-format msgid "Online status: %s\n" -msgstr "" +msgstr "オンライン状態: %s\n" #: src/tools/sssctl/sssctl_domains.c:167 msgid "Online" -msgstr "" +msgstr "オンライン" #: src/tools/sssctl/sssctl_domains.c:167 msgid "Offline" -msgstr "" +msgstr "オフライン" #: src/tools/sssctl/sssctl_domains.c:212 #, c-format msgid "Active servers:\n" -msgstr "" +msgstr "アクティブサーバー:\n" #: src/tools/sssctl/sssctl_domains.c:223 msgid "not connected" -msgstr "" +msgstr "接続していません" #: src/tools/sssctl/sssctl_domains.c:260 #, c-format msgid "Discovered %s servers:\n" -msgstr "" +msgstr "%s サーバーを発見:\n" #: src/tools/sssctl/sssctl_domains.c:272 msgid "None so far.\n" -msgstr "" +msgstr "今のところありません。\n" #: src/tools/sssctl/sssctl_domains.c:312 msgid "Show online status" -msgstr "" +msgstr "オンライン状態を表示" #: src/tools/sssctl/sssctl_domains.c:313 msgid "Show information about active server" -msgstr "" +msgstr "アクティブサーバーに関する情報の表示" #: src/tools/sssctl/sssctl_domains.c:314 msgid "Show list of discovered servers" -msgstr "" +msgstr "発見されたサーバーに関する一覧を表示" #: src/tools/sssctl/sssctl_domains.c:320 msgid "Specify domain name." -msgstr "" +msgstr "ドメイン名を指定します。" #: src/tools/sssctl/sssctl_domains.c:342 #, c-format msgid "Out of memory!\n" -msgstr "" +msgstr "メモリの空き容量がありません。\n" #: src/tools/sssctl/sssctl_domains.c:362 src/tools/sssctl/sssctl_domains.c:372 #, c-format msgid "Unable to get online status\n" -msgstr "" +msgstr "オンライン状態を取得できません\n" #: src/tools/sssctl/sssctl_domains.c:382 #, c-format msgid "Unable to get server list\n" -msgstr "" +msgstr "サーバー一覧を取得できません\n" #: src/tools/sssctl/sssctl_logs.c:47 msgid "\n" @@ -2578,101 +2632,101 @@ msgstr "\n" #: src/tools/sssctl/sssctl_logs.c:237 msgid "Delete log files instead of truncating" -msgstr "" +msgstr "切り捨てる代わりにログファイルを削除します" #: src/tools/sssctl/sssctl_logs.c:248 #, c-format msgid "Deleting log files...\n" -msgstr "" +msgstr "ログファイルを削除中...\n" #: src/tools/sssctl/sssctl_logs.c:251 #, c-format msgid "Unable to remove log files\n" -msgstr "" +msgstr "ログファイルを削除できません\n" #: src/tools/sssctl/sssctl_logs.c:257 #, c-format msgid "Truncating log files...\n" -msgstr "" +msgstr "ログファイルを切り捨てます...\n" #: src/tools/sssctl/sssctl_logs.c:260 #, c-format msgid "Unable to truncate log files\n" -msgstr "" +msgstr "ログファイルの切り捨てができません\n" #: src/tools/sssctl/sssctl_logs.c:286 #, c-format msgid "Out of memory!" -msgstr "" +msgstr "メモリの空き容量がありません。" #: src/tools/sssctl/sssctl_logs.c:289 #, c-format msgid "Archiving log files into %s...\n" -msgstr "" +msgstr "ログファイルを %s へアーカイブ...\n" #: src/tools/sssctl/sssctl_logs.c:292 #, c-format msgid "Unable to archive log files\n" -msgstr "" +msgstr "ログファイルのアーカイブができません\n" #: src/tools/sssctl/sssctl_logs.c:317 msgid "Specify debug level you want to set" -msgstr "" +msgstr "設定したいデバッグレベルを指定します" #: src/tools/sssctl/sssctl_user_checks.c:117 #, c-format msgid "SSSD InfoPipe user lookup result:\n" -msgstr "" +msgstr "SSSD InfoPipe ユーザー検索の結果:\n" #: src/tools/sssctl/sssctl_user_checks.c:167 #, c-format msgid "dlopen failed with [%s].\n" -msgstr "" +msgstr "dlopen は [%s] で失敗しました。\n" #: src/tools/sssctl/sssctl_user_checks.c:174 #, c-format msgid "dlsym failed with [%s].\n" -msgstr "" +msgstr "dlsym は [%s] で失敗しました。\n" #: src/tools/sssctl/sssctl_user_checks.c:182 #, c-format msgid "malloc failed.\n" -msgstr "" +msgstr "malloc は失敗しました。\n" #: src/tools/sssctl/sssctl_user_checks.c:189 #, c-format msgid "sss_getpwnam_r failed with [%d].\n" -msgstr "" +msgstr "sss_getpwnam_r が [%d] で失敗しました。\n" #: src/tools/sssctl/sssctl_user_checks.c:194 #, c-format msgid "SSSD nss user lookup result:\n" -msgstr "" +msgstr "SSSD nss ユーザー検索の結果:\n" #: src/tools/sssctl/sssctl_user_checks.c:195 #, c-format msgid " - user name: %s\n" -msgstr "" +msgstr " - user name: %s\n" #: src/tools/sssctl/sssctl_user_checks.c:196 #, c-format msgid " - user id: %d\n" -msgstr "" +msgstr " - user id: %d\n" #: src/tools/sssctl/sssctl_user_checks.c:197 #, c-format msgid " - group id: %d\n" -msgstr "" +msgstr " - group id: %d\n" #: src/tools/sssctl/sssctl_user_checks.c:198 #, c-format msgid " - gecos: %s\n" -msgstr "" +msgstr " - gecos: %s\n" #: src/tools/sssctl/sssctl_user_checks.c:199 #, c-format msgid " - home directory: %s\n" -msgstr "" +msgstr " - home directory: %s\n" #: src/tools/sssctl/sssctl_user_checks.c:200 #, c-format @@ -2680,18 +2734,20 @@ msgid "" " - shell: %s\n" "\n" msgstr "" +" - shell: %s\n" +"\n" #: src/tools/sssctl/sssctl_user_checks.c:232 msgid "PAM action [auth|acct|setc|chau|open|clos], default: " -msgstr "" +msgstr "PAM アクション [auth|acct|setc|chau|open|clos]、デフォルト: " #: src/tools/sssctl/sssctl_user_checks.c:235 msgid "PAM service, default: " -msgstr "" +msgstr "PAM サービス、デフォルト: " #: src/tools/sssctl/sssctl_user_checks.c:240 msgid "Specify user name." -msgstr "" +msgstr "ユーザー名を指定します。" #: src/tools/sssctl/sssctl_user_checks.c:247 #, c-format @@ -2701,21 +2757,25 @@ msgid "" "service: %s\n" "\n" msgstr "" +"ユーザー: %s\n" +"アクション: %s\n" +"サービス: %s\n" +"\n" #: src/tools/sssctl/sssctl_user_checks.c:253 #, c-format msgid "User name lookup with [%s] failed.\n" -msgstr "" +msgstr "[%s] でのユーザー名の検索に失敗しました。\n" #: src/tools/sssctl/sssctl_user_checks.c:258 #, c-format msgid "InfoPipe User lookup with [%s] failed.\n" -msgstr "" +msgstr "[%s] での InfoPipe ユーザーの検索に失敗しました。\n" #: src/tools/sssctl/sssctl_user_checks.c:265 #, c-format msgid "pam_start failed: %s\n" -msgstr "" +msgstr "pam_start に失敗しました: %s\n" #: src/tools/sssctl/sssctl_user_checks.c:270 #, c-format @@ -2723,11 +2783,13 @@ msgid "" "testing pam_authenticate\n" "\n" msgstr "" +"pam_authenticate のテスト中\n" +"\n" #: src/tools/sssctl/sssctl_user_checks.c:274 #, c-format msgid "pam_get_item failed: %s\n" -msgstr "" +msgstr "pam_get_item に失敗しました: %s\n" #: src/tools/sssctl/sssctl_user_checks.c:278 #, c-format @@ -2735,6 +2797,8 @@ msgid "" "pam_authenticate for user [%s]: %s\n" "\n" msgstr "" +"ユーザー [%s] 向けの pam_authenticate: %s\n" +"\n" #: src/tools/sssctl/sssctl_user_checks.c:281 #, c-format @@ -2742,6 +2806,8 @@ msgid "" "testing pam_chauthtok\n" "\n" msgstr "" +"pam_chauthtok のテスト中\n" +"\n" #: src/tools/sssctl/sssctl_user_checks.c:283 #, c-format @@ -2749,13 +2815,15 @@ msgid "" "pam_chauthtok: %s\n" "\n" msgstr "" +"pam_chauthtok: %s\n" +"\n" #: src/tools/sssctl/sssctl_user_checks.c:285 #, c-format msgid "" "testing pam_acct_mgmt\n" "\n" -msgstr "" +msgstr "pam_acct_mgmt のテスト中\n" #: src/tools/sssctl/sssctl_user_checks.c:287 #, c-format @@ -2763,6 +2831,8 @@ msgid "" "pam_acct_mgmt: %s\n" "\n" msgstr "" +"pam_acct_mgmt: %s\n" +"\n" #: src/tools/sssctl/sssctl_user_checks.c:289 #, c-format @@ -2770,6 +2840,8 @@ msgid "" "testing pam_setcred\n" "\n" msgstr "" +"pam_setcred のテスト中\n" +"\n" #: src/tools/sssctl/sssctl_user_checks.c:291 #, c-format @@ -2777,13 +2849,15 @@ msgid "" "pam_setcred: [%s]\n" "\n" msgstr "" +"pam_setcred: [%s]\n" +"\n" #: src/tools/sssctl/sssctl_user_checks.c:293 #, c-format msgid "" "testing pam_open_session\n" "\n" -msgstr "" +msgstr "pam_open_session のテスト中\n" #: src/tools/sssctl/sssctl_user_checks.c:295 #, c-format @@ -2791,13 +2865,15 @@ msgid "" "pam_open_session: %s\n" "\n" msgstr "" +"pam_open_session: %s\n" +"\n" #: src/tools/sssctl/sssctl_user_checks.c:297 #, c-format msgid "" "testing pam_close_session\n" "\n" -msgstr "" +msgstr "pam_close_session のテスト中\n" #: src/tools/sssctl/sssctl_user_checks.c:299 #, c-format @@ -2805,43 +2881,36 @@ msgid "" "pam_close_session: %s\n" "\n" msgstr "" +"pam_close_session: %s\n" +"\n" #: src/tools/sssctl/sssctl_user_checks.c:302 #, c-format msgid "unknown action\n" -msgstr "" +msgstr "不明なアクション\n" #: src/tools/sssctl/sssctl_user_checks.c:305 #, c-format msgid "PAM Environment:\n" -msgstr "" +msgstr "PAM 環境:\n" #: src/tools/sssctl/sssctl_user_checks.c:313 #, c-format msgid " - no env -\n" -msgstr "" +msgstr " - no env -\n" -#: src/util/util.h:73 +#: src/util/util.h:74 msgid "The user ID to run the server as" -msgstr "" +msgstr "次のようにサーバーを実行するユーザー ID" -#: src/util/util.h:75 +#: src/util/util.h:76 msgid "The group ID to run the server as" -msgstr "" +msgstr "次のようにサーバーを実行するグループ ID" -#: src/util/util.h:83 +#: src/util/util.h:84 msgid "Informs that the responder has been socket-activated" -msgstr "" +msgstr "レスポンダーがソケットでアクティベートされたと知らせます" -#: src/util/util.h:85 +#: src/util/util.h:86 msgid "Informs that the responder has been dbus-activated" -msgstr "" - -#~ msgid "Store password hashes" -#~ msgstr "パスワードハッシュを保存する" - -#~ msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for group lookups" -#~ msgstr "グループ検索のために LDAP_MATCHING_RULE_IN_CHAIN を使用します" - -#~ msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for initgroup lookups" -#~ msgstr "初期グループの検索のために LDAP_MATCHING_RULE_IN_CHAIN を使用します" +msgstr "レスポンダーが dbus でアクティベートされたと知らせます" diff --git a/po/nb.po b/po/nb.po index 1092e46ee4a..0c666ed93e4 100644 --- a/po/nb.po +++ b/po/nb.po @@ -8,7 +8,7 @@ msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n" -"POT-Creation-Date: 2019-02-27 19:55+0100\n" +"POT-Creation-Date: 2019-06-13 20:35+0200\n" "PO-Revision-Date: 2014-12-14 11:46+0000\n" "Last-Translator: Copied by Zanata \n" "Language-Team: Norwegian Bokmål (http://www.transifex.com/projects/p/sssd/" @@ -675,7 +675,7 @@ msgid "Active Directory client hostname" msgstr "" #: src/config/SSSDConfig/__init__.py.in:236 -#: src/config/SSSDConfig/__init__.py.in:420 +#: src/config/SSSDConfig/__init__.py.in:421 msgid "LDAP filter to determine access privileges" msgstr "" @@ -845,746 +845,758 @@ msgid "The Schema Type in use on the LDAP server, rfc2307" msgstr "" #: src/config/SSSDConfig/__init__.py.in:285 -msgid "The default bind DN" +msgid "Mode used to change user password" msgstr "" #: src/config/SSSDConfig/__init__.py.in:286 -msgid "The type of the authentication token of the default bind DN" +msgid "The default bind DN" msgstr "" #: src/config/SSSDConfig/__init__.py.in:287 -msgid "The authentication token of the default bind DN" +msgid "The type of the authentication token of the default bind DN" msgstr "" #: src/config/SSSDConfig/__init__.py.in:288 -msgid "Length of time to attempt connection" +msgid "The authentication token of the default bind DN" msgstr "" #: src/config/SSSDConfig/__init__.py.in:289 -msgid "Length of time to attempt synchronous LDAP operations" +msgid "Length of time to attempt connection" msgstr "" #: src/config/SSSDConfig/__init__.py.in:290 -msgid "Length of time between attempts to reconnect while offline" +msgid "Length of time to attempt synchronous LDAP operations" msgstr "" #: src/config/SSSDConfig/__init__.py.in:291 -msgid "Use only the upper case for realm names" +msgid "Length of time between attempts to reconnect while offline" msgstr "" #: src/config/SSSDConfig/__init__.py.in:292 -msgid "File that contains CA certificates" +msgid "Use only the upper case for realm names" msgstr "" #: src/config/SSSDConfig/__init__.py.in:293 -msgid "Path to CA certificate directory" +msgid "File that contains CA certificates" msgstr "" #: src/config/SSSDConfig/__init__.py.in:294 -msgid "File that contains the client certificate" +msgid "Path to CA certificate directory" msgstr "" #: src/config/SSSDConfig/__init__.py.in:295 -msgid "File that contains the client key" +msgid "File that contains the client certificate" msgstr "" #: src/config/SSSDConfig/__init__.py.in:296 -msgid "List of possible ciphers suites" +msgid "File that contains the client key" msgstr "" #: src/config/SSSDConfig/__init__.py.in:297 -msgid "Require TLS certificate verification" +msgid "List of possible ciphers suites" msgstr "" #: src/config/SSSDConfig/__init__.py.in:298 -msgid "Specify the sasl mechanism to use" +msgid "Require TLS certificate verification" msgstr "" #: src/config/SSSDConfig/__init__.py.in:299 -msgid "Specify the sasl authorization id to use" +msgid "Specify the sasl mechanism to use" msgstr "" #: src/config/SSSDConfig/__init__.py.in:300 -msgid "Specify the sasl authorization realm to use" +msgid "Specify the sasl authorization id to use" msgstr "" #: src/config/SSSDConfig/__init__.py.in:301 -msgid "Specify the minimal SSF for LDAP sasl authorization" +msgid "Specify the sasl authorization realm to use" msgstr "" #: src/config/SSSDConfig/__init__.py.in:302 -msgid "Kerberos service keytab" +msgid "Specify the minimal SSF for LDAP sasl authorization" msgstr "" #: src/config/SSSDConfig/__init__.py.in:303 -msgid "Use Kerberos auth for LDAP connection" +msgid "Kerberos service keytab" msgstr "" #: src/config/SSSDConfig/__init__.py.in:304 -msgid "Follow LDAP referrals" +msgid "Use Kerberos auth for LDAP connection" msgstr "" #: src/config/SSSDConfig/__init__.py.in:305 -msgid "Lifetime of TGT for LDAP connection" +msgid "Follow LDAP referrals" msgstr "" #: src/config/SSSDConfig/__init__.py.in:306 -msgid "How to dereference aliases" +msgid "Lifetime of TGT for LDAP connection" msgstr "" #: src/config/SSSDConfig/__init__.py.in:307 -msgid "Service name for DNS service lookups" +msgid "How to dereference aliases" msgstr "" #: src/config/SSSDConfig/__init__.py.in:308 -msgid "The number of records to retrieve in a single LDAP query" +msgid "Service name for DNS service lookups" msgstr "" #: src/config/SSSDConfig/__init__.py.in:309 -msgid "The number of members that must be missing to trigger a full deref" +msgid "The number of records to retrieve in a single LDAP query" msgstr "" #: src/config/SSSDConfig/__init__.py.in:310 +msgid "The number of members that must be missing to trigger a full deref" +msgstr "" + +#: src/config/SSSDConfig/__init__.py.in:311 msgid "" "Whether the LDAP library should perform a reverse lookup to canonicalize the " "host name during a SASL bind" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:312 +#: src/config/SSSDConfig/__init__.py.in:313 msgid "entryUSN attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:313 +#: src/config/SSSDConfig/__init__.py.in:314 msgid "lastUSN attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:315 +#: src/config/SSSDConfig/__init__.py.in:316 msgid "How long to retain a connection to the LDAP server before disconnecting" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:317 +#: src/config/SSSDConfig/__init__.py.in:318 msgid "Disable the LDAP paging control" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:318 +#: src/config/SSSDConfig/__init__.py.in:319 msgid "Disable Active Directory range retrieval" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:321 +#: src/config/SSSDConfig/__init__.py.in:322 msgid "Length of time to wait for a search request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:322 +#: src/config/SSSDConfig/__init__.py.in:323 msgid "Length of time to wait for a enumeration request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:323 +#: src/config/SSSDConfig/__init__.py.in:324 msgid "Length of time between enumeration updates" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:324 +#: src/config/SSSDConfig/__init__.py.in:325 msgid "Length of time between cache cleanups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:325 +#: src/config/SSSDConfig/__init__.py.in:326 msgid "Require TLS for ID lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:326 +#: src/config/SSSDConfig/__init__.py.in:327 msgid "Use ID-mapping of objectSID instead of pre-set IDs" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:327 +#: src/config/SSSDConfig/__init__.py.in:328 msgid "Base DN for user lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:328 +#: src/config/SSSDConfig/__init__.py.in:329 msgid "Scope of user lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:329 +#: src/config/SSSDConfig/__init__.py.in:330 msgid "Filter for user lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:330 +#: src/config/SSSDConfig/__init__.py.in:331 msgid "Objectclass for users" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:331 +#: src/config/SSSDConfig/__init__.py.in:332 msgid "Username attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:333 +#: src/config/SSSDConfig/__init__.py.in:334 msgid "UID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:334 +#: src/config/SSSDConfig/__init__.py.in:335 msgid "Primary GID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:335 +#: src/config/SSSDConfig/__init__.py.in:336 msgid "GECOS attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:336 +#: src/config/SSSDConfig/__init__.py.in:337 msgid "Home directory attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:337 +#: src/config/SSSDConfig/__init__.py.in:338 msgid "Shell attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:338 +#: src/config/SSSDConfig/__init__.py.in:339 msgid "UUID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:339 -#: src/config/SSSDConfig/__init__.py.in:381 +#: src/config/SSSDConfig/__init__.py.in:340 +#: src/config/SSSDConfig/__init__.py.in:382 msgid "objectSID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:340 +#: src/config/SSSDConfig/__init__.py.in:341 msgid "Active Directory primary group attribute for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:341 +#: src/config/SSSDConfig/__init__.py.in:342 msgid "User principal attribute (for Kerberos)" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:342 +#: src/config/SSSDConfig/__init__.py.in:343 msgid "Full Name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:343 +#: src/config/SSSDConfig/__init__.py.in:344 msgid "memberOf attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:344 +#: src/config/SSSDConfig/__init__.py.in:345 msgid "Modification time attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:346 +#: src/config/SSSDConfig/__init__.py.in:347 msgid "shadowLastChange attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:347 +#: src/config/SSSDConfig/__init__.py.in:348 msgid "shadowMin attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:348 +#: src/config/SSSDConfig/__init__.py.in:349 msgid "shadowMax attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:349 +#: src/config/SSSDConfig/__init__.py.in:350 msgid "shadowWarning attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:350 +#: src/config/SSSDConfig/__init__.py.in:351 msgid "shadowInactive attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:351 +#: src/config/SSSDConfig/__init__.py.in:352 msgid "shadowExpire attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:352 +#: src/config/SSSDConfig/__init__.py.in:353 msgid "shadowFlag attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:353 +#: src/config/SSSDConfig/__init__.py.in:354 msgid "Attribute listing authorized PAM services" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:354 +#: src/config/SSSDConfig/__init__.py.in:355 msgid "Attribute listing authorized server hosts" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:355 +#: src/config/SSSDConfig/__init__.py.in:356 msgid "Attribute listing authorized server rhosts" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:356 +#: src/config/SSSDConfig/__init__.py.in:357 msgid "krbLastPwdChange attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:357 +#: src/config/SSSDConfig/__init__.py.in:358 msgid "krbPasswordExpiration attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:358 +#: src/config/SSSDConfig/__init__.py.in:359 msgid "Attribute indicating that server side password policies are active" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:359 +#: src/config/SSSDConfig/__init__.py.in:360 msgid "accountExpires attribute of AD" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:360 +#: src/config/SSSDConfig/__init__.py.in:361 msgid "userAccountControl attribute of AD" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:361 +#: src/config/SSSDConfig/__init__.py.in:362 msgid "nsAccountLock attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:362 +#: src/config/SSSDConfig/__init__.py.in:363 msgid "loginDisabled attribute of NDS" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:363 +#: src/config/SSSDConfig/__init__.py.in:364 msgid "loginExpirationTime attribute of NDS" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:364 +#: src/config/SSSDConfig/__init__.py.in:365 msgid "loginAllowedTimeMap attribute of NDS" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:365 +#: src/config/SSSDConfig/__init__.py.in:366 msgid "SSH public key attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:366 +#: src/config/SSSDConfig/__init__.py.in:367 msgid "attribute listing allowed authentication types for a user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:367 +#: src/config/SSSDConfig/__init__.py.in:368 msgid "attribute containing the X509 certificate of the user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:368 +#: src/config/SSSDConfig/__init__.py.in:369 msgid "attribute containing the email address of the user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:370 +#: src/config/SSSDConfig/__init__.py.in:371 msgid "A list of extra attributes to download along with the user entry" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:372 +#: src/config/SSSDConfig/__init__.py.in:373 msgid "Base DN for group lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:375 +#: src/config/SSSDConfig/__init__.py.in:376 msgid "Objectclass for groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:376 +#: src/config/SSSDConfig/__init__.py.in:377 msgid "Group name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:377 +#: src/config/SSSDConfig/__init__.py.in:378 msgid "Group password" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:378 +#: src/config/SSSDConfig/__init__.py.in:379 msgid "GID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:379 +#: src/config/SSSDConfig/__init__.py.in:380 msgid "Group member attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:380 +#: src/config/SSSDConfig/__init__.py.in:381 msgid "Group UUID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:382 +#: src/config/SSSDConfig/__init__.py.in:383 msgid "Modification time attribute for groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:383 +#: src/config/SSSDConfig/__init__.py.in:384 msgid "Type of the group and other flags" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:384 +#: src/config/SSSDConfig/__init__.py.in:385 msgid "The LDAP group external member attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:386 +#: src/config/SSSDConfig/__init__.py.in:387 msgid "Maximum nesting level SSSD will follow" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:388 +#: src/config/SSSDConfig/__init__.py.in:389 msgid "Base DN for netgroup lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:389 +#: src/config/SSSDConfig/__init__.py.in:390 msgid "Objectclass for netgroups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:390 +#: src/config/SSSDConfig/__init__.py.in:391 msgid "Netgroup name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:391 +#: src/config/SSSDConfig/__init__.py.in:392 msgid "Netgroups members attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:392 +#: src/config/SSSDConfig/__init__.py.in:393 msgid "Netgroup triple attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:393 +#: src/config/SSSDConfig/__init__.py.in:394 msgid "Modification time attribute for netgroups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:395 +#: src/config/SSSDConfig/__init__.py.in:396 msgid "Base DN for service lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:396 +#: src/config/SSSDConfig/__init__.py.in:397 msgid "Objectclass for services" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:397 +#: src/config/SSSDConfig/__init__.py.in:398 msgid "Service name attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:398 +#: src/config/SSSDConfig/__init__.py.in:399 msgid "Service port attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:399 +#: src/config/SSSDConfig/__init__.py.in:400 msgid "Service protocol attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:402 +#: src/config/SSSDConfig/__init__.py.in:403 msgid "Lower bound for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:403 +#: src/config/SSSDConfig/__init__.py.in:404 msgid "Upper bound for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:404 +#: src/config/SSSDConfig/__init__.py.in:405 msgid "Number of IDs for each slice when ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:405 +#: src/config/SSSDConfig/__init__.py.in:406 msgid "Use autorid-compatible algorithm for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:406 +#: src/config/SSSDConfig/__init__.py.in:407 msgid "Name of the default domain for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:407 +#: src/config/SSSDConfig/__init__.py.in:408 msgid "SID of the default domain for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:408 +#: src/config/SSSDConfig/__init__.py.in:409 msgid "Number of secondary slices" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:410 +#: src/config/SSSDConfig/__init__.py.in:411 msgid "Whether to use Token-Groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:411 +#: src/config/SSSDConfig/__init__.py.in:412 msgid "Set lower boundary for allowed IDs from the LDAP server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:412 +#: src/config/SSSDConfig/__init__.py.in:413 msgid "Set upper boundary for allowed IDs from the LDAP server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:413 +#: src/config/SSSDConfig/__init__.py.in:414 msgid "DN for ppolicy queries" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:414 +#: src/config/SSSDConfig/__init__.py.in:415 msgid "How many maximum entries to fetch during a wildcard request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:417 +#: src/config/SSSDConfig/__init__.py.in:418 msgid "Policy to evaluate the password expiration" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:421 +#: src/config/SSSDConfig/__init__.py.in:422 msgid "Which attributes shall be used to evaluate if an account is expired" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:422 +#: src/config/SSSDConfig/__init__.py.in:423 msgid "Which rules should be used to evaluate access control" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:425 +#: src/config/SSSDConfig/__init__.py.in:426 msgid "URI of an LDAP server where password changes are allowed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:426 +#: src/config/SSSDConfig/__init__.py.in:427 msgid "URI of a backup LDAP server where password changes are allowed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:427 +#: src/config/SSSDConfig/__init__.py.in:428 msgid "DNS service name for LDAP password change server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:428 +#: src/config/SSSDConfig/__init__.py.in:429 msgid "" "Whether to update the ldap_user_shadow_last_change attribute after a " "password change" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:431 +#: src/config/SSSDConfig/__init__.py.in:432 msgid "Base DN for sudo rules lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:432 +#: src/config/SSSDConfig/__init__.py.in:433 msgid "Automatic full refresh period" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:433 +#: src/config/SSSDConfig/__init__.py.in:434 msgid "Automatic smart refresh period" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:434 +#: src/config/SSSDConfig/__init__.py.in:435 msgid "Whether to filter rules by hostname, IP addresses and network" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:435 +#: src/config/SSSDConfig/__init__.py.in:436 msgid "" "Hostnames and/or fully qualified domain names of this machine to filter sudo " "rules" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:436 +#: src/config/SSSDConfig/__init__.py.in:437 msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:437 +#: src/config/SSSDConfig/__init__.py.in:438 msgid "Whether to include rules that contains netgroup in host attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:438 +#: src/config/SSSDConfig/__init__.py.in:439 msgid "" "Whether to include rules that contains regular expression in host attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:439 +#: src/config/SSSDConfig/__init__.py.in:440 msgid "Object class for sudo rules" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:440 +#: src/config/SSSDConfig/__init__.py.in:441 msgid "Sudo rule name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:441 +#: src/config/SSSDConfig/__init__.py.in:442 msgid "Sudo rule command attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:442 +#: src/config/SSSDConfig/__init__.py.in:443 msgid "Sudo rule host attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:443 +#: src/config/SSSDConfig/__init__.py.in:444 msgid "Sudo rule user attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:444 +#: src/config/SSSDConfig/__init__.py.in:445 msgid "Sudo rule option attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:445 +#: src/config/SSSDConfig/__init__.py.in:446 msgid "Sudo rule runas attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:446 +#: src/config/SSSDConfig/__init__.py.in:447 msgid "Sudo rule runasuser attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:447 +#: src/config/SSSDConfig/__init__.py.in:448 msgid "Sudo rule runasgroup attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:448 +#: src/config/SSSDConfig/__init__.py.in:449 msgid "Sudo rule notbefore attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:449 +#: src/config/SSSDConfig/__init__.py.in:450 msgid "Sudo rule notafter attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:450 +#: src/config/SSSDConfig/__init__.py.in:451 msgid "Sudo rule order attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:453 +#: src/config/SSSDConfig/__init__.py.in:454 msgid "Object class for automounter maps" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:454 +#: src/config/SSSDConfig/__init__.py.in:455 msgid "Automounter map name attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:455 +#: src/config/SSSDConfig/__init__.py.in:456 msgid "Object class for automounter map entries" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:456 +#: src/config/SSSDConfig/__init__.py.in:457 msgid "Automounter map entry key attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:457 +#: src/config/SSSDConfig/__init__.py.in:458 msgid "Automounter map entry value attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:458 +#: src/config/SSSDConfig/__init__.py.in:459 msgid "Base DN for automounter map lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:461 +#: src/config/SSSDConfig/__init__.py.in:462 msgid "Comma separated list of allowed users" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:462 +#: src/config/SSSDConfig/__init__.py.in:463 msgid "Comma separated list of prohibited users" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:465 +#: src/config/SSSDConfig/__init__.py.in:466 msgid "Default shell, /bin/bash" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:466 +#: src/config/SSSDConfig/__init__.py.in:467 msgid "Base for home directories" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:469 +#: src/config/SSSDConfig/__init__.py.in:470 msgid "The number of preforked proxy children." msgstr "" -#: src/config/SSSDConfig/__init__.py.in:472 +#: src/config/SSSDConfig/__init__.py.in:473 msgid "The name of the NSS library to use" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:473 +#: src/config/SSSDConfig/__init__.py.in:474 msgid "Whether to look up canonical group name from cache if possible" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:476 +#: src/config/SSSDConfig/__init__.py.in:477 msgid "PAM stack to use" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:479 +#: src/config/SSSDConfig/__init__.py.in:480 msgid "Path of passwd file sources." msgstr "" -#: src/config/SSSDConfig/__init__.py.in:480 +#: src/config/SSSDConfig/__init__.py.in:481 msgid "Path of group file sources." msgstr "" -#: src/monitor/monitor.c:2347 +#: src/monitor/monitor.c:2332 msgid "Become a daemon (default)" msgstr "" -#: src/monitor/monitor.c:2349 +#: src/monitor/monitor.c:2334 msgid "Run interactive (not a daemon)" msgstr "" -#: src/monitor/monitor.c:2352 +#: src/monitor/monitor.c:2337 msgid "Disable netlink interface" msgstr "" -#: src/monitor/monitor.c:2354 src/tools/sssctl/sssctl_logs.c:311 +#: src/monitor/monitor.c:2339 src/tools/sssctl/sssctl_logs.c:311 msgid "Specify a non-default config file" msgstr "" -#: src/monitor/monitor.c:2356 +#: src/monitor/monitor.c:2341 msgid "Refresh the configuration database, then exit" msgstr "" -#: src/monitor/monitor.c:2359 +#: src/monitor/monitor.c:2344 msgid "Similar to --genconf, but only refreshes the given section" msgstr "" -#: src/monitor/monitor.c:2362 +#: src/monitor/monitor.c:2347 msgid "Print version number and exit" msgstr "" -#: src/monitor/monitor.c:2538 +#: src/monitor/monitor.c:2523 msgid "SSSD is already running\n" msgstr "" -#: src/providers/krb5/krb5_child.c:3219 src/providers/ldap/ldap_child.c:605 +#: src/providers/krb5/krb5_child.c:3232 src/providers/ldap/ldap_child.c:605 msgid "Debug level" msgstr "" -#: src/providers/krb5/krb5_child.c:3221 src/providers/ldap/ldap_child.c:607 +#: src/providers/krb5/krb5_child.c:3234 src/providers/ldap/ldap_child.c:607 msgid "Add debug timestamps" msgstr "" -#: src/providers/krb5/krb5_child.c:3223 src/providers/ldap/ldap_child.c:609 +#: src/providers/krb5/krb5_child.c:3236 src/providers/ldap/ldap_child.c:609 msgid "Show timestamps with microseconds" msgstr "" -#: src/providers/krb5/krb5_child.c:3225 src/providers/ldap/ldap_child.c:611 +#: src/providers/krb5/krb5_child.c:3238 src/providers/ldap/ldap_child.c:611 msgid "An open file descriptor for the debug logs" msgstr "" -#: src/providers/krb5/krb5_child.c:3228 src/providers/ldap/ldap_child.c:613 +#: src/providers/krb5/krb5_child.c:3241 src/providers/ldap/ldap_child.c:613 msgid "Send the debug output to stderr directly." msgstr "" -#: src/providers/krb5/krb5_child.c:3231 +#: src/providers/krb5/krb5_child.c:3244 msgid "The user to create FAST ccache as" msgstr "" -#: src/providers/krb5/krb5_child.c:3233 +#: src/providers/krb5/krb5_child.c:3246 msgid "The group to create FAST ccache as" msgstr "" -#: src/providers/krb5/krb5_child.c:3235 +#: src/providers/krb5/krb5_child.c:3248 msgid "Kerberos realm to use" msgstr "" -#: src/providers/krb5/krb5_child.c:3237 +#: src/providers/krb5/krb5_child.c:3250 msgid "Requested lifetime of the ticket" msgstr "" -#: src/providers/krb5/krb5_child.c:3239 +#: src/providers/krb5/krb5_child.c:3252 msgid "Requested renewable lifetime of the ticket" msgstr "" -#: src/providers/krb5/krb5_child.c:3241 +#: src/providers/krb5/krb5_child.c:3254 msgid "FAST options ('never', 'try', 'demand')" msgstr "" -#: src/providers/krb5/krb5_child.c:3244 +#: src/providers/krb5/krb5_child.c:3257 msgid "Specifies the server principal to use for FAST" msgstr "" -#: src/providers/krb5/krb5_child.c:3246 +#: src/providers/krb5/krb5_child.c:3259 msgid "Requests canonicalization of the principal name" msgstr "" -#: src/providers/krb5/krb5_child.c:3248 +#: src/providers/krb5/krb5_child.c:3261 msgid "Use custom version of krb5_get_init_creds_password" msgstr "" -#: src/providers/data_provider_be.c:630 +#: src/providers/data_provider_be.c:673 msgid "Domain of the information provider (mandatory)" msgstr "" -#: src/sss_client/common.c:1067 +#: src/sss_client/common.c:1079 msgid "Privileged socket has wrong ownership or permissions." msgstr "" -#: src/sss_client/common.c:1070 +#: src/sss_client/common.c:1082 msgid "Public socket has wrong ownership or permissions." msgstr "" -#: src/sss_client/common.c:1073 +#: src/sss_client/common.c:1085 msgid "Unexpected format of the server credential message." msgstr "" -#: src/sss_client/common.c:1076 +#: src/sss_client/common.c:1088 msgid "SSSD is not run by root." msgstr "" -#: src/sss_client/common.c:1081 +#: src/sss_client/common.c:1091 +msgid "SSSD socket does not exist." +msgstr "" + +#: src/sss_client/common.c:1094 +msgid "Cannot get stat of SSSD socket." +msgstr "" + +#: src/sss_client/common.c:1099 msgid "An error occurred, but no description can be found." msgstr "" -#: src/sss_client/common.c:1087 +#: src/sss_client/common.c:1105 msgid "Unexpected error while looking for an error description" msgstr "" @@ -1592,88 +1604,88 @@ msgstr "" msgid "Permission denied. " msgstr "" -#: src/sss_client/pam_sss.c:68 src/sss_client/pam_sss.c:774 -#: src/sss_client/pam_sss.c:785 +#: src/sss_client/pam_sss.c:68 src/sss_client/pam_sss.c:777 +#: src/sss_client/pam_sss.c:788 msgid "Server message: " msgstr "" -#: src/sss_client/pam_sss.c:292 +#: src/sss_client/pam_sss.c:295 msgid "Passwords do not match" msgstr "" -#: src/sss_client/pam_sss.c:480 +#: src/sss_client/pam_sss.c:483 msgid "Password reset by root is not supported." msgstr "" -#: src/sss_client/pam_sss.c:521 +#: src/sss_client/pam_sss.c:524 msgid "Authenticated with cached credentials" msgstr "" -#: src/sss_client/pam_sss.c:522 +#: src/sss_client/pam_sss.c:525 msgid ", your cached password will expire at: " msgstr "" -#: src/sss_client/pam_sss.c:552 +#: src/sss_client/pam_sss.c:555 #, c-format msgid "Your password has expired. You have %1$d grace login(s) remaining." msgstr "" -#: src/sss_client/pam_sss.c:598 +#: src/sss_client/pam_sss.c:601 #, c-format msgid "Your password will expire in %1$d %2$s." msgstr "" -#: src/sss_client/pam_sss.c:647 +#: src/sss_client/pam_sss.c:650 msgid "Authentication is denied until: " msgstr "" -#: src/sss_client/pam_sss.c:668 +#: src/sss_client/pam_sss.c:671 msgid "System is offline, password change not possible" msgstr "" -#: src/sss_client/pam_sss.c:683 +#: src/sss_client/pam_sss.c:686 msgid "" "After changing the OTP password, you need to log out and back in order to " "acquire a ticket" msgstr "" -#: src/sss_client/pam_sss.c:771 src/sss_client/pam_sss.c:784 +#: src/sss_client/pam_sss.c:774 src/sss_client/pam_sss.c:787 msgid "Password change failed. " msgstr "" -#: src/sss_client/pam_sss.c:1921 +#: src/sss_client/pam_sss.c:1977 msgid "New Password: " msgstr "" -#: src/sss_client/pam_sss.c:1922 +#: src/sss_client/pam_sss.c:1978 msgid "Reenter new Password: " msgstr "" -#: src/sss_client/pam_sss.c:2038 src/sss_client/pam_sss.c:2041 +#: src/sss_client/pam_sss.c:2139 src/sss_client/pam_sss.c:2142 msgid "First Factor: " msgstr "" -#: src/sss_client/pam_sss.c:2039 src/sss_client/pam_sss.c:2201 +#: src/sss_client/pam_sss.c:2140 src/sss_client/pam_sss.c:2303 msgid "Second Factor (optional): " msgstr "" -#: src/sss_client/pam_sss.c:2042 src/sss_client/pam_sss.c:2204 +#: src/sss_client/pam_sss.c:2143 src/sss_client/pam_sss.c:2306 msgid "Second Factor: " msgstr "" -#: src/sss_client/pam_sss.c:2057 +#: src/sss_client/pam_sss.c:2158 msgid "Password: " msgstr "" -#: src/sss_client/pam_sss.c:2200 src/sss_client/pam_sss.c:2203 +#: src/sss_client/pam_sss.c:2302 src/sss_client/pam_sss.c:2305 msgid "First Factor (Current Password): " msgstr "" -#: src/sss_client/pam_sss.c:2207 +#: src/sss_client/pam_sss.c:2309 msgid "Current Password: " msgstr "" -#: src/sss_client/pam_sss.c:2562 +#: src/sss_client/pam_sss.c:2664 msgid "Password expired. Change your password now." msgstr "" @@ -1682,7 +1694,7 @@ msgstr "" #: src/tools/sss_groupadd.c:41 src/tools/sss_groupdel.c:44 #: src/tools/sss_groupmod.c:42 src/tools/sss_groupshow.c:668 #: src/tools/sss_userdel.c:134 src/tools/sss_usermod.c:47 -#: src/tools/sss_cache.c:687 +#: src/tools/sss_cache.c:704 msgid "The debug level to run with" msgstr "" @@ -1695,7 +1707,7 @@ msgstr "" #: src/tools/sss_groupadd.c:59 src/tools/sss_groupdel.c:54 #: src/tools/sss_groupmod.c:66 src/tools/sss_groupshow.c:680 #: src/tools/sss_userdel.c:152 src/tools/sss_usermod.c:79 -#: src/tools/sss_cache.c:733 +#: src/tools/sss_cache.c:750 msgid "Error setting the locale\n" msgstr "" @@ -1731,6 +1743,11 @@ msgstr "" msgid "The path to the proxy command must be absolute\n" msgstr "" +#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:342 +#, c-format +msgid "sss_ssh_knownhostsproxy: Could not resolve hostname %s\n" +msgstr "" + #: src/tools/sss_useradd.c:49 src/tools/sss_usermod.c:48 msgid "The UID of the user" msgstr "" @@ -2129,102 +2146,102 @@ msgstr "" msgid "Transaction error. Could not modify user.\n" msgstr "" -#: src/tools/sss_cache.c:228 +#: src/tools/sss_cache.c:245 msgid "No cache object matched the specified search\n" msgstr "" -#: src/tools/sss_cache.c:519 +#: src/tools/sss_cache.c:536 #, c-format msgid "Couldn't invalidate %1$s\n" msgstr "" -#: src/tools/sss_cache.c:526 +#: src/tools/sss_cache.c:543 #, c-format msgid "Couldn't invalidate %1$s %2$s\n" msgstr "" -#: src/tools/sss_cache.c:689 +#: src/tools/sss_cache.c:706 msgid "Invalidate all cached entries" msgstr "" -#: src/tools/sss_cache.c:691 +#: src/tools/sss_cache.c:708 msgid "Invalidate particular user" msgstr "" -#: src/tools/sss_cache.c:693 +#: src/tools/sss_cache.c:710 msgid "Invalidate all users" msgstr "" -#: src/tools/sss_cache.c:695 +#: src/tools/sss_cache.c:712 msgid "Invalidate particular group" msgstr "" -#: src/tools/sss_cache.c:697 +#: src/tools/sss_cache.c:714 msgid "Invalidate all groups" msgstr "" -#: src/tools/sss_cache.c:699 +#: src/tools/sss_cache.c:716 msgid "Invalidate particular netgroup" msgstr "" -#: src/tools/sss_cache.c:701 +#: src/tools/sss_cache.c:718 msgid "Invalidate all netgroups" msgstr "" -#: src/tools/sss_cache.c:703 +#: src/tools/sss_cache.c:720 msgid "Invalidate particular service" msgstr "" -#: src/tools/sss_cache.c:705 +#: src/tools/sss_cache.c:722 msgid "Invalidate all services" msgstr "" -#: src/tools/sss_cache.c:708 +#: src/tools/sss_cache.c:725 msgid "Invalidate particular autofs map" msgstr "" -#: src/tools/sss_cache.c:710 +#: src/tools/sss_cache.c:727 msgid "Invalidate all autofs maps" msgstr "" -#: src/tools/sss_cache.c:714 +#: src/tools/sss_cache.c:731 msgid "Invalidate particular SSH host" msgstr "" -#: src/tools/sss_cache.c:716 +#: src/tools/sss_cache.c:733 msgid "Invalidate all SSH hosts" msgstr "" -#: src/tools/sss_cache.c:720 +#: src/tools/sss_cache.c:737 msgid "Invalidate particular sudo rule" msgstr "" -#: src/tools/sss_cache.c:722 +#: src/tools/sss_cache.c:739 msgid "Invalidate all cached sudo rules" msgstr "" -#: src/tools/sss_cache.c:725 +#: src/tools/sss_cache.c:742 msgid "Only invalidate entries from a particular domain" msgstr "" -#: src/tools/sss_cache.c:779 +#: src/tools/sss_cache.c:796 msgid "" "Unexpected argument(s) provided, options that invalidate a single object " "only accept a single provided argument.\n" msgstr "" -#: src/tools/sss_cache.c:789 +#: src/tools/sss_cache.c:806 msgid "Please select at least one object to invalidate\n" msgstr "" -#: src/tools/sss_cache.c:872 +#: src/tools/sss_cache.c:889 #, c-format msgid "" "Could not open domain %1$s. If the domain is a subdomain (trusted domain), " "use fully qualified name instead of --domain/-d parameter.\n" msgstr "" -#: src/tools/sss_cache.c:877 +#: src/tools/sss_cache.c:894 msgid "Could not open available domains\n" msgstr "" @@ -2773,18 +2790,18 @@ msgstr "" msgid " - no env -\n" msgstr "" -#: src/util/util.h:73 +#: src/util/util.h:74 msgid "The user ID to run the server as" msgstr "" -#: src/util/util.h:75 +#: src/util/util.h:76 msgid "The group ID to run the server as" msgstr "" -#: src/util/util.h:83 +#: src/util/util.h:84 msgid "Informs that the responder has been socket-activated" msgstr "" -#: src/util/util.h:85 +#: src/util/util.h:86 msgid "Informs that the responder has been dbus-activated" msgstr "" diff --git a/po/nl.po b/po/nl.po index 8d9b6b9bc56..d5d187e0d4b 100644 --- a/po/nl.po +++ b/po/nl.po @@ -13,7 +13,7 @@ msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n" -"POT-Creation-Date: 2019-02-27 19:55+0100\n" +"POT-Creation-Date: 2019-06-13 20:35+0200\n" "PO-Revision-Date: 2014-12-14 11:47+0000\n" "Last-Translator: Copied by Zanata \n" "Language-Team: Dutch (http://www.transifex.com/projects/p/sssd/language/" @@ -283,9 +283,8 @@ msgid "Allowed services for using smartcards" msgstr "" #: src/config/SSSDConfig/__init__.py.in:107 -#, fuzzy msgid "Additional timeout to wait for a card if requested" -msgstr "Tijd om te wachten op een zoekopdracht" +msgstr "" #: src/config/SSSDConfig/__init__.py.in:108 msgid "" @@ -721,7 +720,7 @@ msgid "Active Directory client hostname" msgstr "Active Directory cliënt hostnaam" #: src/config/SSSDConfig/__init__.py.in:236 -#: src/config/SSSDConfig/__init__.py.in:420 +#: src/config/SSSDConfig/__init__.py.in:421 msgid "LDAP filter to determine access privileges" msgstr "LDAP-filter om toegangsprivileges mee te bepalen" @@ -894,111 +893,116 @@ msgid "The Schema Type in use on the LDAP server, rfc2307" msgstr "Het schema type wat gebruikt wordt op de LDAP server, rfc2307" #: src/config/SSSDConfig/__init__.py.in:285 +#, fuzzy +msgid "Mode used to change user password" +msgstr "Wachtwoord verlopen. Verander nu uw wachtwoord." + +#: src/config/SSSDConfig/__init__.py.in:286 msgid "The default bind DN" msgstr "De standaard bind DN" -#: src/config/SSSDConfig/__init__.py.in:286 +#: src/config/SSSDConfig/__init__.py.in:287 msgid "The type of the authentication token of the default bind DN" msgstr "Het type authenticatietoken van de standaard bind DN" -#: src/config/SSSDConfig/__init__.py.in:287 +#: src/config/SSSDConfig/__init__.py.in:288 msgid "The authentication token of the default bind DN" msgstr "Het authenticatietoken van de standaard bind DN" -#: src/config/SSSDConfig/__init__.py.in:288 +#: src/config/SSSDConfig/__init__.py.in:289 msgid "Length of time to attempt connection" msgstr "Hoe lang pogen te verbinden" -#: src/config/SSSDConfig/__init__.py.in:289 +#: src/config/SSSDConfig/__init__.py.in:290 msgid "Length of time to attempt synchronous LDAP operations" msgstr "Hoe lang proberen synchroon LDAP te benaderen" -#: src/config/SSSDConfig/__init__.py.in:290 +#: src/config/SSSDConfig/__init__.py.in:291 msgid "Length of time between attempts to reconnect while offline" msgstr "" "Duur tussen pogingen om de verbinding opnieuw tot stand te brengen tijdens " "offline zijn" -#: src/config/SSSDConfig/__init__.py.in:291 +#: src/config/SSSDConfig/__init__.py.in:292 msgid "Use only the upper case for realm names" msgstr "Gebruik alleen hoofdletters voor gebiedsnamen" -#: src/config/SSSDConfig/__init__.py.in:292 +#: src/config/SSSDConfig/__init__.py.in:293 msgid "File that contains CA certificates" msgstr "Bestand dat de bekende CA-certificaten bevat" -#: src/config/SSSDConfig/__init__.py.in:293 +#: src/config/SSSDConfig/__init__.py.in:294 msgid "Path to CA certificate directory" msgstr "Pad naar de CA-certificatenmap" -#: src/config/SSSDConfig/__init__.py.in:294 +#: src/config/SSSDConfig/__init__.py.in:295 msgid "File that contains the client certificate" msgstr "Bestand dat het client certificaat bevat" -#: src/config/SSSDConfig/__init__.py.in:295 +#: src/config/SSSDConfig/__init__.py.in:296 msgid "File that contains the client key" msgstr "Bestand dat de client sleutel bevat" -#: src/config/SSSDConfig/__init__.py.in:296 +#: src/config/SSSDConfig/__init__.py.in:297 msgid "List of possible ciphers suites" msgstr "Lijst van mogelijke sleutel suites" -#: src/config/SSSDConfig/__init__.py.in:297 +#: src/config/SSSDConfig/__init__.py.in:298 msgid "Require TLS certificate verification" msgstr "Vereis verificatie van het TLS-certificaat" -#: src/config/SSSDConfig/__init__.py.in:298 +#: src/config/SSSDConfig/__init__.py.in:299 msgid "Specify the sasl mechanism to use" msgstr "Geef het SASL-mechanisme op wat gebruikt moet worden" -#: src/config/SSSDConfig/__init__.py.in:299 +#: src/config/SSSDConfig/__init__.py.in:300 msgid "Specify the sasl authorization id to use" msgstr "Geef het SASL-authorisatie-ID op wat gebruikt moet worden" -#: src/config/SSSDConfig/__init__.py.in:300 +#: src/config/SSSDConfig/__init__.py.in:301 msgid "Specify the sasl authorization realm to use" msgstr "Specificeer het te gebruiken sasl autorisatiegebied " -#: src/config/SSSDConfig/__init__.py.in:301 +#: src/config/SSSDConfig/__init__.py.in:302 msgid "Specify the minimal SSF for LDAP sasl authorization" msgstr "Specificeer de minimale SSF voor LDAP sasl autorisatie" -#: src/config/SSSDConfig/__init__.py.in:302 +#: src/config/SSSDConfig/__init__.py.in:303 msgid "Kerberos service keytab" msgstr "Kerberos service keytab" -#: src/config/SSSDConfig/__init__.py.in:303 +#: src/config/SSSDConfig/__init__.py.in:304 msgid "Use Kerberos auth for LDAP connection" msgstr "Gebruik Kerberos authenticatie voor LDAP-connectie" -#: src/config/SSSDConfig/__init__.py.in:304 +#: src/config/SSSDConfig/__init__.py.in:305 msgid "Follow LDAP referrals" msgstr "Volg LDAP-doorverwijzingen" -#: src/config/SSSDConfig/__init__.py.in:305 +#: src/config/SSSDConfig/__init__.py.in:306 msgid "Lifetime of TGT for LDAP connection" msgstr "Levensduur van TGT voor LDAP-connectie" -#: src/config/SSSDConfig/__init__.py.in:306 +#: src/config/SSSDConfig/__init__.py.in:307 msgid "How to dereference aliases" msgstr "Hoe moet de alias referentie verwijderd worden" -#: src/config/SSSDConfig/__init__.py.in:307 +#: src/config/SSSDConfig/__init__.py.in:308 msgid "Service name for DNS service lookups" msgstr "Service naam voor DNS service opzoeken" -#: src/config/SSSDConfig/__init__.py.in:308 +#: src/config/SSSDConfig/__init__.py.in:309 msgid "The number of records to retrieve in a single LDAP query" msgstr "" "Het aantal records dat opgehaald moet worden met een enkele LDAP bevraging" -#: src/config/SSSDConfig/__init__.py.in:309 +#: src/config/SSSDConfig/__init__.py.in:310 msgid "The number of members that must be missing to trigger a full deref" msgstr "" "Het aantal leden van moet ontbreken om een volledige de-referentie te " "veroorzaken" -#: src/config/SSSDConfig/__init__.py.in:310 +#: src/config/SSSDConfig/__init__.py.in:311 msgid "" "Whether the LDAP library should perform a reverse lookup to canonicalize the " "host name during a SASL bind" @@ -1006,382 +1010,382 @@ msgstr "" "Moet de LDAP bibliotheek omgekeerd opzoeken uitvoeren om de hostnaam te " "autoriseren tijdens een SASL binding" -#: src/config/SSSDConfig/__init__.py.in:312 +#: src/config/SSSDConfig/__init__.py.in:313 msgid "entryUSN attribute" msgstr "entryUSN attribuut" -#: src/config/SSSDConfig/__init__.py.in:313 +#: src/config/SSSDConfig/__init__.py.in:314 msgid "lastUSN attribute" msgstr "lastUSN attribuut" -#: src/config/SSSDConfig/__init__.py.in:315 +#: src/config/SSSDConfig/__init__.py.in:316 msgid "How long to retain a connection to the LDAP server before disconnecting" msgstr "" "Hoe lang een verbinding met de LDAP server gebouden moet blijven voordat het " "losgekoppeld wordt" -#: src/config/SSSDConfig/__init__.py.in:317 +#: src/config/SSSDConfig/__init__.py.in:318 msgid "Disable the LDAP paging control" msgstr "Het LDAP paging besturingselement uitschakelen" -#: src/config/SSSDConfig/__init__.py.in:318 +#: src/config/SSSDConfig/__init__.py.in:319 msgid "Disable Active Directory range retrieval" msgstr "Zet Active Directory bereik opvragen uit" -#: src/config/SSSDConfig/__init__.py.in:321 +#: src/config/SSSDConfig/__init__.py.in:322 msgid "Length of time to wait for a search request" msgstr "Tijd om te wachten op een zoekopdracht" -#: src/config/SSSDConfig/__init__.py.in:322 +#: src/config/SSSDConfig/__init__.py.in:323 msgid "Length of time to wait for a enumeration request" msgstr "Tijdsduur te wachten voor een opsommingsverzoek" -#: src/config/SSSDConfig/__init__.py.in:323 +#: src/config/SSSDConfig/__init__.py.in:324 msgid "Length of time between enumeration updates" msgstr "Tijd om te wachten tussen enumeratie-updates" -#: src/config/SSSDConfig/__init__.py.in:324 +#: src/config/SSSDConfig/__init__.py.in:325 msgid "Length of time between cache cleanups" msgstr "Tijdsduur tussen cache opschoningen" -#: src/config/SSSDConfig/__init__.py.in:325 +#: src/config/SSSDConfig/__init__.py.in:326 msgid "Require TLS for ID lookups" msgstr "Vereis TLS voor het opzoeken van ID's" -#: src/config/SSSDConfig/__init__.py.in:326 +#: src/config/SSSDConfig/__init__.py.in:327 msgid "Use ID-mapping of objectSID instead of pre-set IDs" msgstr "Gebruik ID-mapping van objectSID gebruiken in plaats van pre-set ID's" -#: src/config/SSSDConfig/__init__.py.in:327 +#: src/config/SSSDConfig/__init__.py.in:328 msgid "Base DN for user lookups" msgstr "Base DN voor het opzoeken van gebruikers" -#: src/config/SSSDConfig/__init__.py.in:328 +#: src/config/SSSDConfig/__init__.py.in:329 msgid "Scope of user lookups" msgstr "Scope voor het opzoeken van gebruikers" -#: src/config/SSSDConfig/__init__.py.in:329 +#: src/config/SSSDConfig/__init__.py.in:330 msgid "Filter for user lookups" msgstr "Filter voor het opzoeken van gebruikers" -#: src/config/SSSDConfig/__init__.py.in:330 +#: src/config/SSSDConfig/__init__.py.in:331 msgid "Objectclass for users" msgstr "Objectclass voor gebruikers" -#: src/config/SSSDConfig/__init__.py.in:331 +#: src/config/SSSDConfig/__init__.py.in:332 msgid "Username attribute" msgstr "Username-attribuut" -#: src/config/SSSDConfig/__init__.py.in:333 +#: src/config/SSSDConfig/__init__.py.in:334 msgid "UID attribute" msgstr "UID-attribuut" -#: src/config/SSSDConfig/__init__.py.in:334 +#: src/config/SSSDConfig/__init__.py.in:335 msgid "Primary GID attribute" msgstr "Primair GID-attribuut" -#: src/config/SSSDConfig/__init__.py.in:335 +#: src/config/SSSDConfig/__init__.py.in:336 msgid "GECOS attribute" msgstr "GECOS-attribuut" -#: src/config/SSSDConfig/__init__.py.in:336 +#: src/config/SSSDConfig/__init__.py.in:337 msgid "Home directory attribute" msgstr "Gebruikersmap-attribuut" -#: src/config/SSSDConfig/__init__.py.in:337 +#: src/config/SSSDConfig/__init__.py.in:338 msgid "Shell attribute" msgstr "Shell-attribuut" -#: src/config/SSSDConfig/__init__.py.in:338 +#: src/config/SSSDConfig/__init__.py.in:339 msgid "UUID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:339 -#: src/config/SSSDConfig/__init__.py.in:381 +#: src/config/SSSDConfig/__init__.py.in:340 +#: src/config/SSSDConfig/__init__.py.in:382 msgid "objectSID attribute" msgstr "objectSID attribuut" -#: src/config/SSSDConfig/__init__.py.in:340 +#: src/config/SSSDConfig/__init__.py.in:341 msgid "Active Directory primary group attribute for ID-mapping" msgstr "Active Directory primaire groep attribuut voor ID-mapping" -#: src/config/SSSDConfig/__init__.py.in:341 +#: src/config/SSSDConfig/__init__.py.in:342 msgid "User principal attribute (for Kerberos)" msgstr "Userprincipal-attribuut (voor Kerberos)" -#: src/config/SSSDConfig/__init__.py.in:342 +#: src/config/SSSDConfig/__init__.py.in:343 msgid "Full Name" msgstr "Volledige naam" -#: src/config/SSSDConfig/__init__.py.in:343 +#: src/config/SSSDConfig/__init__.py.in:344 msgid "memberOf attribute" msgstr "memberOf-attribuut" -#: src/config/SSSDConfig/__init__.py.in:344 +#: src/config/SSSDConfig/__init__.py.in:345 msgid "Modification time attribute" msgstr "Modification time-attribuut" -#: src/config/SSSDConfig/__init__.py.in:346 +#: src/config/SSSDConfig/__init__.py.in:347 msgid "shadowLastChange attribute" msgstr "shadowLastChange attribuut" -#: src/config/SSSDConfig/__init__.py.in:347 +#: src/config/SSSDConfig/__init__.py.in:348 msgid "shadowMin attribute" msgstr "shadowMin attribuut" -#: src/config/SSSDConfig/__init__.py.in:348 +#: src/config/SSSDConfig/__init__.py.in:349 msgid "shadowMax attribute" msgstr "shadowMax attribuut" -#: src/config/SSSDConfig/__init__.py.in:349 +#: src/config/SSSDConfig/__init__.py.in:350 msgid "shadowWarning attribute" msgstr "shadowWarning attribuut" -#: src/config/SSSDConfig/__init__.py.in:350 +#: src/config/SSSDConfig/__init__.py.in:351 msgid "shadowInactive attribute" msgstr "shadowInactive attribuut" -#: src/config/SSSDConfig/__init__.py.in:351 +#: src/config/SSSDConfig/__init__.py.in:352 msgid "shadowExpire attribute" msgstr "shadowExpire attribuut" -#: src/config/SSSDConfig/__init__.py.in:352 +#: src/config/SSSDConfig/__init__.py.in:353 msgid "shadowFlag attribute" msgstr "shadowFlag attribuut" -#: src/config/SSSDConfig/__init__.py.in:353 +#: src/config/SSSDConfig/__init__.py.in:354 msgid "Attribute listing authorized PAM services" msgstr "Attribuut voor tonen van geautoriseerde PAM services" -#: src/config/SSSDConfig/__init__.py.in:354 +#: src/config/SSSDConfig/__init__.py.in:355 msgid "Attribute listing authorized server hosts" msgstr "Attribuut dat geautoriseerde server hosts toont" -#: src/config/SSSDConfig/__init__.py.in:355 +#: src/config/SSSDConfig/__init__.py.in:356 msgid "Attribute listing authorized server rhosts" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:356 +#: src/config/SSSDConfig/__init__.py.in:357 msgid "krbLastPwdChange attribute" msgstr "krbLastPwdChange attribuut" -#: src/config/SSSDConfig/__init__.py.in:357 +#: src/config/SSSDConfig/__init__.py.in:358 msgid "krbPasswordExpiration attribute" msgstr "krbPasswordExpiration attribuut" -#: src/config/SSSDConfig/__init__.py.in:358 +#: src/config/SSSDConfig/__init__.py.in:359 msgid "Attribute indicating that server side password policies are active" msgstr "Attribuut welke aangeeft dat wachtwoordtactiek op de server actief is" -#: src/config/SSSDConfig/__init__.py.in:359 +#: src/config/SSSDConfig/__init__.py.in:360 msgid "accountExpires attribute of AD" msgstr "accountExpires attribuut van AD" -#: src/config/SSSDConfig/__init__.py.in:360 +#: src/config/SSSDConfig/__init__.py.in:361 msgid "userAccountControl attribute of AD" msgstr "userAccountControl attribuut van AD" -#: src/config/SSSDConfig/__init__.py.in:361 +#: src/config/SSSDConfig/__init__.py.in:362 msgid "nsAccountLock attribute" msgstr "nsAccountLock attribuut" -#: src/config/SSSDConfig/__init__.py.in:362 +#: src/config/SSSDConfig/__init__.py.in:363 msgid "loginDisabled attribute of NDS" msgstr "loginDisabled attribuut van NDS" -#: src/config/SSSDConfig/__init__.py.in:363 +#: src/config/SSSDConfig/__init__.py.in:364 msgid "loginExpirationTime attribute of NDS" msgstr "loginExpirationTime attribuut van NDS" -#: src/config/SSSDConfig/__init__.py.in:364 +#: src/config/SSSDConfig/__init__.py.in:365 msgid "loginAllowedTimeMap attribute of NDS" msgstr "loginAllowedTimeMap attribuut van NDS" -#: src/config/SSSDConfig/__init__.py.in:365 +#: src/config/SSSDConfig/__init__.py.in:366 msgid "SSH public key attribute" msgstr "SSH publieke sleutel attribuut" -#: src/config/SSSDConfig/__init__.py.in:366 +#: src/config/SSSDConfig/__init__.py.in:367 msgid "attribute listing allowed authentication types for a user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:367 +#: src/config/SSSDConfig/__init__.py.in:368 msgid "attribute containing the X509 certificate of the user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:368 +#: src/config/SSSDConfig/__init__.py.in:369 msgid "attribute containing the email address of the user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:370 +#: src/config/SSSDConfig/__init__.py.in:371 msgid "A list of extra attributes to download along with the user entry" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:372 +#: src/config/SSSDConfig/__init__.py.in:373 msgid "Base DN for group lookups" msgstr "Basis DN voor groep opzoeken" -#: src/config/SSSDConfig/__init__.py.in:375 +#: src/config/SSSDConfig/__init__.py.in:376 msgid "Objectclass for groups" msgstr "Objectklasse voor groepen" -#: src/config/SSSDConfig/__init__.py.in:376 +#: src/config/SSSDConfig/__init__.py.in:377 msgid "Group name" msgstr "Groepsnaam" -#: src/config/SSSDConfig/__init__.py.in:377 +#: src/config/SSSDConfig/__init__.py.in:378 msgid "Group password" msgstr "Groep wachtwoord" -#: src/config/SSSDConfig/__init__.py.in:378 +#: src/config/SSSDConfig/__init__.py.in:379 msgid "GID attribute" msgstr "GID attribuut" -#: src/config/SSSDConfig/__init__.py.in:379 +#: src/config/SSSDConfig/__init__.py.in:380 msgid "Group member attribute" msgstr "Groep deelnemer attribuut" -#: src/config/SSSDConfig/__init__.py.in:380 +#: src/config/SSSDConfig/__init__.py.in:381 msgid "Group UUID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:382 +#: src/config/SSSDConfig/__init__.py.in:383 msgid "Modification time attribute for groups" msgstr "Verandertijd attribuut voor groepen" -#: src/config/SSSDConfig/__init__.py.in:383 +#: src/config/SSSDConfig/__init__.py.in:384 msgid "Type of the group and other flags" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:384 +#: src/config/SSSDConfig/__init__.py.in:385 msgid "The LDAP group external member attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:386 +#: src/config/SSSDConfig/__init__.py.in:387 msgid "Maximum nesting level SSSD will follow" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:388 +#: src/config/SSSDConfig/__init__.py.in:389 msgid "Base DN for netgroup lookups" msgstr "Basis DN voor netgroep opzoeken" -#: src/config/SSSDConfig/__init__.py.in:389 +#: src/config/SSSDConfig/__init__.py.in:390 msgid "Objectclass for netgroups" msgstr "Objectklasse voor netgroepen" -#: src/config/SSSDConfig/__init__.py.in:390 +#: src/config/SSSDConfig/__init__.py.in:391 msgid "Netgroup name" msgstr "Netgroep naam" -#: src/config/SSSDConfig/__init__.py.in:391 +#: src/config/SSSDConfig/__init__.py.in:392 msgid "Netgroups members attribute" msgstr "Netgroep leden attribuut" -#: src/config/SSSDConfig/__init__.py.in:392 +#: src/config/SSSDConfig/__init__.py.in:393 msgid "Netgroup triple attribute" msgstr "Netgroep triple attibuut" -#: src/config/SSSDConfig/__init__.py.in:393 +#: src/config/SSSDConfig/__init__.py.in:394 msgid "Modification time attribute for netgroups" msgstr "Verandertijd attribuut voor netgroepen" -#: src/config/SSSDConfig/__init__.py.in:395 +#: src/config/SSSDConfig/__init__.py.in:396 msgid "Base DN for service lookups" msgstr "Basis DN voor service lookups" -#: src/config/SSSDConfig/__init__.py.in:396 +#: src/config/SSSDConfig/__init__.py.in:397 msgid "Objectclass for services" msgstr "Objectclass voor services" -#: src/config/SSSDConfig/__init__.py.in:397 +#: src/config/SSSDConfig/__init__.py.in:398 msgid "Service name attribute" msgstr "Service naam attribuut" -#: src/config/SSSDConfig/__init__.py.in:398 +#: src/config/SSSDConfig/__init__.py.in:399 msgid "Service port attribute" msgstr "Service port attribuut" -#: src/config/SSSDConfig/__init__.py.in:399 +#: src/config/SSSDConfig/__init__.py.in:400 msgid "Service protocol attribute" msgstr "Service protocol attribuut" -#: src/config/SSSDConfig/__init__.py.in:402 +#: src/config/SSSDConfig/__init__.py.in:403 msgid "Lower bound for ID-mapping" msgstr "Ondergrens voor ID-mapping" -#: src/config/SSSDConfig/__init__.py.in:403 +#: src/config/SSSDConfig/__init__.py.in:404 msgid "Upper bound for ID-mapping" msgstr "Bovengrens voor ID-mapping" -#: src/config/SSSDConfig/__init__.py.in:404 +#: src/config/SSSDConfig/__init__.py.in:405 msgid "Number of IDs for each slice when ID-mapping" msgstr "Aantal ID's voor elk segment bij ID-mapping" -#: src/config/SSSDConfig/__init__.py.in:405 +#: src/config/SSSDConfig/__init__.py.in:406 msgid "Use autorid-compatible algorithm for ID-mapping" msgstr "Gebruik autorid-compatibel algoritme voor ID-mapping" -#: src/config/SSSDConfig/__init__.py.in:406 +#: src/config/SSSDConfig/__init__.py.in:407 msgid "Name of the default domain for ID-mapping" msgstr "Naam van het standaard domein voor ID-mapping" -#: src/config/SSSDConfig/__init__.py.in:407 +#: src/config/SSSDConfig/__init__.py.in:408 msgid "SID of the default domain for ID-mapping" msgstr "SID van het standaard domein voor ID-mapping" -#: src/config/SSSDConfig/__init__.py.in:408 +#: src/config/SSSDConfig/__init__.py.in:409 msgid "Number of secondary slices" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:410 +#: src/config/SSSDConfig/__init__.py.in:411 msgid "Whether to use Token-Groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:411 +#: src/config/SSSDConfig/__init__.py.in:412 msgid "Set lower boundary for allowed IDs from the LDAP server" msgstr "Laagste grens instellen voor toegestane id's van de LDAP-server" -#: src/config/SSSDConfig/__init__.py.in:412 +#: src/config/SSSDConfig/__init__.py.in:413 msgid "Set upper boundary for allowed IDs from the LDAP server" msgstr "Hoogste grens instellen voor toegestane id's van de LDAP-server" -#: src/config/SSSDConfig/__init__.py.in:413 +#: src/config/SSSDConfig/__init__.py.in:414 msgid "DN for ppolicy queries" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:414 +#: src/config/SSSDConfig/__init__.py.in:415 msgid "How many maximum entries to fetch during a wildcard request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:417 +#: src/config/SSSDConfig/__init__.py.in:418 msgid "Policy to evaluate the password expiration" msgstr "Policy om wacthwoordverloop mee te evalueren" -#: src/config/SSSDConfig/__init__.py.in:421 +#: src/config/SSSDConfig/__init__.py.in:422 msgid "Which attributes shall be used to evaluate if an account is expired" msgstr "" "Welke attributen worden gebruikt voor evaluatie als het account verlopen is" -#: src/config/SSSDConfig/__init__.py.in:422 +#: src/config/SSSDConfig/__init__.py.in:423 msgid "Which rules should be used to evaluate access control" msgstr "" "Welke regels moeten gebruikt worden voor de evaluatie van toegangscontrole" -#: src/config/SSSDConfig/__init__.py.in:425 +#: src/config/SSSDConfig/__init__.py.in:426 msgid "URI of an LDAP server where password changes are allowed" msgstr "" "URI van een LDAP server waarop wachtwoord veranderingen toegestaan zijn" -#: src/config/SSSDConfig/__init__.py.in:426 +#: src/config/SSSDConfig/__init__.py.in:427 msgid "URI of a backup LDAP server where password changes are allowed" msgstr "" "URI van een back-up LDAP server waar wachtwoord veranderingen toegestaan zijn" -#: src/config/SSSDConfig/__init__.py.in:427 +#: src/config/SSSDConfig/__init__.py.in:428 msgid "DNS service name for LDAP password change server" msgstr "DNS service naam voor LDAP wachtwoord verander server" -#: src/config/SSSDConfig/__init__.py.in:428 +#: src/config/SSSDConfig/__init__.py.in:429 msgid "" "Whether to update the ldap_user_shadow_last_change attribute after a " "password change" @@ -1389,23 +1393,23 @@ msgstr "" "Moet het ldap_user_shadow_last_change attribuut vernieuwd worden na een " "wachtwoordwijziging" -#: src/config/SSSDConfig/__init__.py.in:431 +#: src/config/SSSDConfig/__init__.py.in:432 msgid "Base DN for sudo rules lookups" msgstr "Basis DN voor sudo regels lookups" -#: src/config/SSSDConfig/__init__.py.in:432 +#: src/config/SSSDConfig/__init__.py.in:433 msgid "Automatic full refresh period" msgstr "Automatische volledige ververs periode" -#: src/config/SSSDConfig/__init__.py.in:433 +#: src/config/SSSDConfig/__init__.py.in:434 msgid "Automatic smart refresh period" msgstr "Automatische slimme ververs periode" -#: src/config/SSSDConfig/__init__.py.in:434 +#: src/config/SSSDConfig/__init__.py.in:435 msgid "Whether to filter rules by hostname, IP addresses and network" msgstr "Moeten regels gefilterd worden volgens hostnaam, IP adres en netwerk" -#: src/config/SSSDConfig/__init__.py.in:435 +#: src/config/SSSDConfig/__init__.py.in:436 msgid "" "Hostnames and/or fully qualified domain names of this machine to filter sudo " "rules" @@ -1413,250 +1417,258 @@ msgstr "" "Hostnamen en/of volledig gekwalificeerde domeinnamen van deze machine voor " "het filteren van sudo regels" -#: src/config/SSSDConfig/__init__.py.in:436 +#: src/config/SSSDConfig/__init__.py.in:437 msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules" msgstr "" "IPv4 of IPv6 adressen of netwerk van deze machine voor het filteren van sudo " "regels" -#: src/config/SSSDConfig/__init__.py.in:437 +#: src/config/SSSDConfig/__init__.py.in:438 msgid "Whether to include rules that contains netgroup in host attribute" msgstr "" "Moeten regels toegevoegd worden die netgroep bevatten in host attribuut " -#: src/config/SSSDConfig/__init__.py.in:438 +#: src/config/SSSDConfig/__init__.py.in:439 msgid "" "Whether to include rules that contains regular expression in host attribute" msgstr "" "Moeten regels toegevoegd worden die regulaire expressie bevatten in host " "attribuut " -#: src/config/SSSDConfig/__init__.py.in:439 +#: src/config/SSSDConfig/__init__.py.in:440 msgid "Object class for sudo rules" msgstr "Objectklasse voor sudo regels" -#: src/config/SSSDConfig/__init__.py.in:440 +#: src/config/SSSDConfig/__init__.py.in:441 msgid "Sudo rule name" msgstr "Sudo regelnaam" -#: src/config/SSSDConfig/__init__.py.in:441 +#: src/config/SSSDConfig/__init__.py.in:442 msgid "Sudo rule command attribute" msgstr "Sudo regel opdracht attribuut" -#: src/config/SSSDConfig/__init__.py.in:442 +#: src/config/SSSDConfig/__init__.py.in:443 msgid "Sudo rule host attribute" msgstr "Sudo regel host attribuut" -#: src/config/SSSDConfig/__init__.py.in:443 +#: src/config/SSSDConfig/__init__.py.in:444 msgid "Sudo rule user attribute" msgstr "Sudo regel gebruiker attribuut" -#: src/config/SSSDConfig/__init__.py.in:444 +#: src/config/SSSDConfig/__init__.py.in:445 msgid "Sudo rule option attribute" msgstr "Sudo regel optie attribuut" -#: src/config/SSSDConfig/__init__.py.in:445 +#: src/config/SSSDConfig/__init__.py.in:446 msgid "Sudo rule runas attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:446 +#: src/config/SSSDConfig/__init__.py.in:447 msgid "Sudo rule runasuser attribute" msgstr "Sudo regel runasuser attribuut" -#: src/config/SSSDConfig/__init__.py.in:447 +#: src/config/SSSDConfig/__init__.py.in:448 msgid "Sudo rule runasgroup attribute" msgstr "Sudo regel runasgroup attribuut" -#: src/config/SSSDConfig/__init__.py.in:448 +#: src/config/SSSDConfig/__init__.py.in:449 msgid "Sudo rule notbefore attribute" msgstr "Sudo regel notbefore attribuut" -#: src/config/SSSDConfig/__init__.py.in:449 +#: src/config/SSSDConfig/__init__.py.in:450 msgid "Sudo rule notafter attribute" msgstr "Sudo regel notafter attribuut" -#: src/config/SSSDConfig/__init__.py.in:450 +#: src/config/SSSDConfig/__init__.py.in:451 msgid "Sudo rule order attribute" msgstr "Sudo regel volgorde attribuut" -#: src/config/SSSDConfig/__init__.py.in:453 +#: src/config/SSSDConfig/__init__.py.in:454 msgid "Object class for automounter maps" msgstr "Object class voor automounter maps" -#: src/config/SSSDConfig/__init__.py.in:454 +#: src/config/SSSDConfig/__init__.py.in:455 msgid "Automounter map name attribute" msgstr "Automounter map naam attribuut" -#: src/config/SSSDConfig/__init__.py.in:455 +#: src/config/SSSDConfig/__init__.py.in:456 msgid "Object class for automounter map entries" msgstr "Objectklasse voor automounter map ingaven" -#: src/config/SSSDConfig/__init__.py.in:456 +#: src/config/SSSDConfig/__init__.py.in:457 msgid "Automounter map entry key attribute" msgstr "Automounter map sleutel ingave attribuut" -#: src/config/SSSDConfig/__init__.py.in:457 +#: src/config/SSSDConfig/__init__.py.in:458 msgid "Automounter map entry value attribute" msgstr "Automounter map ingavewaarde attribuut" -#: src/config/SSSDConfig/__init__.py.in:458 +#: src/config/SSSDConfig/__init__.py.in:459 msgid "Base DN for automounter map lookups" msgstr "Basis DN voor automounter kaart opzoeken" -#: src/config/SSSDConfig/__init__.py.in:461 +#: src/config/SSSDConfig/__init__.py.in:462 msgid "Comma separated list of allowed users" msgstr "Kommagescheiden lijst van toegestane gebruikers" -#: src/config/SSSDConfig/__init__.py.in:462 +#: src/config/SSSDConfig/__init__.py.in:463 msgid "Comma separated list of prohibited users" msgstr "Kommagescheiden lijst van geweigerde gebruikers" -#: src/config/SSSDConfig/__init__.py.in:465 +#: src/config/SSSDConfig/__init__.py.in:466 msgid "Default shell, /bin/bash" msgstr "Standaard shell, /bin/bash" -#: src/config/SSSDConfig/__init__.py.in:466 +#: src/config/SSSDConfig/__init__.py.in:467 msgid "Base for home directories" msgstr "Basis voor gebruikersmappen" -#: src/config/SSSDConfig/__init__.py.in:469 +#: src/config/SSSDConfig/__init__.py.in:470 msgid "The number of preforked proxy children." msgstr "" -#: src/config/SSSDConfig/__init__.py.in:472 +#: src/config/SSSDConfig/__init__.py.in:473 msgid "The name of the NSS library to use" msgstr "De naam van de NSS-bibliotheek die gebruikt wordt" -#: src/config/SSSDConfig/__init__.py.in:473 +#: src/config/SSSDConfig/__init__.py.in:474 msgid "Whether to look up canonical group name from cache if possible" msgstr "Moet indien mogelijk canonieke groepsnaam in cache opgezocht worden " -#: src/config/SSSDConfig/__init__.py.in:476 +#: src/config/SSSDConfig/__init__.py.in:477 msgid "PAM stack to use" msgstr "PAM-stack die gebruikt wordt" -#: src/config/SSSDConfig/__init__.py.in:479 +#: src/config/SSSDConfig/__init__.py.in:480 msgid "Path of passwd file sources." msgstr "" -#: src/config/SSSDConfig/__init__.py.in:480 +#: src/config/SSSDConfig/__init__.py.in:481 msgid "Path of group file sources." msgstr "" -#: src/monitor/monitor.c:2347 +#: src/monitor/monitor.c:2332 msgid "Become a daemon (default)" msgstr "Start in de achtergrond (standaard)" -#: src/monitor/monitor.c:2349 +#: src/monitor/monitor.c:2334 msgid "Run interactive (not a daemon)" msgstr "Start interactief (standaard)" -#: src/monitor/monitor.c:2352 +#: src/monitor/monitor.c:2337 msgid "Disable netlink interface" msgstr "" -#: src/monitor/monitor.c:2354 src/tools/sssctl/sssctl_logs.c:311 +#: src/monitor/monitor.c:2339 src/tools/sssctl/sssctl_logs.c:311 msgid "Specify a non-default config file" msgstr "Geef een niet-standaard configuratiebestand op" -#: src/monitor/monitor.c:2356 +#: src/monitor/monitor.c:2341 msgid "Refresh the configuration database, then exit" msgstr "" -#: src/monitor/monitor.c:2359 +#: src/monitor/monitor.c:2344 msgid "Similar to --genconf, but only refreshes the given section" msgstr "" -#: src/monitor/monitor.c:2362 +#: src/monitor/monitor.c:2347 msgid "Print version number and exit" msgstr "Print versie nummer en sluit af" -#: src/monitor/monitor.c:2538 +#: src/monitor/monitor.c:2523 msgid "SSSD is already running\n" msgstr "" -#: src/providers/krb5/krb5_child.c:3219 src/providers/ldap/ldap_child.c:605 +#: src/providers/krb5/krb5_child.c:3232 src/providers/ldap/ldap_child.c:605 msgid "Debug level" msgstr "Debug niveau" -#: src/providers/krb5/krb5_child.c:3221 src/providers/ldap/ldap_child.c:607 +#: src/providers/krb5/krb5_child.c:3234 src/providers/ldap/ldap_child.c:607 msgid "Add debug timestamps" msgstr "Voeg tijdstempels toe aan debugberichten" -#: src/providers/krb5/krb5_child.c:3223 src/providers/ldap/ldap_child.c:609 +#: src/providers/krb5/krb5_child.c:3236 src/providers/ldap/ldap_child.c:609 msgid "Show timestamps with microseconds" msgstr "Toon tijdstempel met microseconden" -#: src/providers/krb5/krb5_child.c:3225 src/providers/ldap/ldap_child.c:611 +#: src/providers/krb5/krb5_child.c:3238 src/providers/ldap/ldap_child.c:611 msgid "An open file descriptor for the debug logs" msgstr "Een geopend bestand voor de debug logs" -#: src/providers/krb5/krb5_child.c:3228 src/providers/ldap/ldap_child.c:613 +#: src/providers/krb5/krb5_child.c:3241 src/providers/ldap/ldap_child.c:613 msgid "Send the debug output to stderr directly." msgstr "" -#: src/providers/krb5/krb5_child.c:3231 +#: src/providers/krb5/krb5_child.c:3244 msgid "The user to create FAST ccache as" msgstr "" -#: src/providers/krb5/krb5_child.c:3233 +#: src/providers/krb5/krb5_child.c:3246 msgid "The group to create FAST ccache as" msgstr "" -#: src/providers/krb5/krb5_child.c:3235 +#: src/providers/krb5/krb5_child.c:3248 msgid "Kerberos realm to use" msgstr "" -#: src/providers/krb5/krb5_child.c:3237 +#: src/providers/krb5/krb5_child.c:3250 msgid "Requested lifetime of the ticket" msgstr "" -#: src/providers/krb5/krb5_child.c:3239 +#: src/providers/krb5/krb5_child.c:3252 msgid "Requested renewable lifetime of the ticket" msgstr "" -#: src/providers/krb5/krb5_child.c:3241 +#: src/providers/krb5/krb5_child.c:3254 msgid "FAST options ('never', 'try', 'demand')" msgstr "" -#: src/providers/krb5/krb5_child.c:3244 +#: src/providers/krb5/krb5_child.c:3257 msgid "Specifies the server principal to use for FAST" msgstr "" -#: src/providers/krb5/krb5_child.c:3246 +#: src/providers/krb5/krb5_child.c:3259 msgid "Requests canonicalization of the principal name" msgstr "" -#: src/providers/krb5/krb5_child.c:3248 +#: src/providers/krb5/krb5_child.c:3261 msgid "Use custom version of krb5_get_init_creds_password" msgstr "" -#: src/providers/data_provider_be.c:630 +#: src/providers/data_provider_be.c:673 msgid "Domain of the information provider (mandatory)" msgstr "Domein voor de informatie provider (verplicht)" -#: src/sss_client/common.c:1067 +#: src/sss_client/common.c:1079 msgid "Privileged socket has wrong ownership or permissions." msgstr "Socket met privileges heeft verkeerde rechten of eigendom." -#: src/sss_client/common.c:1070 +#: src/sss_client/common.c:1082 msgid "Public socket has wrong ownership or permissions." msgstr "Publiek socket heeft verkeerde rechten of eigendom." -#: src/sss_client/common.c:1073 +#: src/sss_client/common.c:1085 msgid "Unexpected format of the server credential message." msgstr "Onverwacht formaat van het inloggegevensbericht van de server." -#: src/sss_client/common.c:1076 +#: src/sss_client/common.c:1088 msgid "SSSD is not run by root." msgstr "SSSD wordt niet door root gestart." -#: src/sss_client/common.c:1081 +#: src/sss_client/common.c:1091 +msgid "SSSD socket does not exist." +msgstr "" + +#: src/sss_client/common.c:1094 +msgid "Cannot get stat of SSSD socket." +msgstr "" + +#: src/sss_client/common.c:1099 msgid "An error occurred, but no description can be found." msgstr "" "Er is een fout opgetreden, maar er kan geen omschrijving gevonden worden." -#: src/sss_client/common.c:1087 +#: src/sss_client/common.c:1105 msgid "Unexpected error while looking for an error description" msgstr "Onverwachtte fout bij het opzoeken van een omschrijving" @@ -1664,89 +1676,89 @@ msgstr "Onverwachtte fout bij het opzoeken van een omschrijving" msgid "Permission denied. " msgstr "" -#: src/sss_client/pam_sss.c:68 src/sss_client/pam_sss.c:774 -#: src/sss_client/pam_sss.c:785 +#: src/sss_client/pam_sss.c:68 src/sss_client/pam_sss.c:777 +#: src/sss_client/pam_sss.c:788 msgid "Server message: " msgstr "Serverbericht:" -#: src/sss_client/pam_sss.c:292 +#: src/sss_client/pam_sss.c:295 msgid "Passwords do not match" msgstr "Wachtwoorden komen niet overeen" -#: src/sss_client/pam_sss.c:480 +#: src/sss_client/pam_sss.c:483 msgid "Password reset by root is not supported." msgstr "Wachtwoorden als root wijzigen wordt niet ondersteund." -#: src/sss_client/pam_sss.c:521 +#: src/sss_client/pam_sss.c:524 msgid "Authenticated with cached credentials" msgstr "Geauthenticeerd met gecachte inloggegevens." -#: src/sss_client/pam_sss.c:522 +#: src/sss_client/pam_sss.c:525 msgid ", your cached password will expire at: " msgstr ", uw wachtwoord verloopt op:" -#: src/sss_client/pam_sss.c:552 +#: src/sss_client/pam_sss.c:555 #, c-format msgid "Your password has expired. You have %1$d grace login(s) remaining." msgstr "" "Je wachtwoord is verlopen. Je hebt nog slechts %1$d login(s) beschikbaar." -#: src/sss_client/pam_sss.c:598 +#: src/sss_client/pam_sss.c:601 #, c-format msgid "Your password will expire in %1$d %2$s." msgstr "Je wachtwoord zal verlopen in %1$d %2$s." -#: src/sss_client/pam_sss.c:647 +#: src/sss_client/pam_sss.c:650 msgid "Authentication is denied until: " msgstr "Inloggen wordt geweigerd tot:" -#: src/sss_client/pam_sss.c:668 +#: src/sss_client/pam_sss.c:671 msgid "System is offline, password change not possible" msgstr "Systeem is offline, wachtwoord wijzigen niet mogelijk" -#: src/sss_client/pam_sss.c:683 +#: src/sss_client/pam_sss.c:686 msgid "" "After changing the OTP password, you need to log out and back in order to " "acquire a ticket" msgstr "" -#: src/sss_client/pam_sss.c:771 src/sss_client/pam_sss.c:784 +#: src/sss_client/pam_sss.c:774 src/sss_client/pam_sss.c:787 msgid "Password change failed. " msgstr "Wijzigen van wachtwoord mislukt." -#: src/sss_client/pam_sss.c:1921 +#: src/sss_client/pam_sss.c:1977 msgid "New Password: " msgstr "Nieuw Wachtwoord: " -#: src/sss_client/pam_sss.c:1922 +#: src/sss_client/pam_sss.c:1978 msgid "Reenter new Password: " msgstr "Voer nieuw wachtwoord nogmaals in: " -#: src/sss_client/pam_sss.c:2038 src/sss_client/pam_sss.c:2041 +#: src/sss_client/pam_sss.c:2139 src/sss_client/pam_sss.c:2142 msgid "First Factor: " msgstr "" -#: src/sss_client/pam_sss.c:2039 src/sss_client/pam_sss.c:2201 +#: src/sss_client/pam_sss.c:2140 src/sss_client/pam_sss.c:2303 msgid "Second Factor (optional): " msgstr "" -#: src/sss_client/pam_sss.c:2042 src/sss_client/pam_sss.c:2204 +#: src/sss_client/pam_sss.c:2143 src/sss_client/pam_sss.c:2306 msgid "Second Factor: " msgstr "" -#: src/sss_client/pam_sss.c:2057 +#: src/sss_client/pam_sss.c:2158 msgid "Password: " msgstr "Wachtwoord: " -#: src/sss_client/pam_sss.c:2200 src/sss_client/pam_sss.c:2203 +#: src/sss_client/pam_sss.c:2302 src/sss_client/pam_sss.c:2305 msgid "First Factor (Current Password): " msgstr "" -#: src/sss_client/pam_sss.c:2207 +#: src/sss_client/pam_sss.c:2309 msgid "Current Password: " msgstr "Huidig wachtwoord:" -#: src/sss_client/pam_sss.c:2562 +#: src/sss_client/pam_sss.c:2664 msgid "Password expired. Change your password now." msgstr "Wachtwoord verlopen. Verander nu uw wachtwoord." @@ -1755,7 +1767,7 @@ msgstr "Wachtwoord verlopen. Verander nu uw wachtwoord." #: src/tools/sss_groupadd.c:41 src/tools/sss_groupdel.c:44 #: src/tools/sss_groupmod.c:42 src/tools/sss_groupshow.c:668 #: src/tools/sss_userdel.c:134 src/tools/sss_usermod.c:47 -#: src/tools/sss_cache.c:687 +#: src/tools/sss_cache.c:704 msgid "The debug level to run with" msgstr "Het debugniveau waarmee gestart wordt" @@ -1768,7 +1780,7 @@ msgstr "Hrt te gebruiken SSSD domein" #: src/tools/sss_groupadd.c:59 src/tools/sss_groupdel.c:54 #: src/tools/sss_groupmod.c:66 src/tools/sss_groupshow.c:680 #: src/tools/sss_userdel.c:152 src/tools/sss_usermod.c:79 -#: src/tools/sss_cache.c:733 +#: src/tools/sss_cache.c:750 msgid "Error setting the locale\n" msgstr "Fout bij het zetten van de locale\n" @@ -1804,6 +1816,11 @@ msgstr "Host niet gespecificeerd\n" msgid "The path to the proxy command must be absolute\n" msgstr "Het pad naar het proxy commando moet absoluut zijn\n" +#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:342 +#, c-format +msgid "sss_ssh_knownhostsproxy: Could not resolve hostname %s\n" +msgstr "" + #: src/tools/sss_useradd.c:49 src/tools/sss_usermod.c:48 msgid "The UID of the user" msgstr "Het UID van de gebruiker" @@ -2234,96 +2251,96 @@ msgstr "" msgid "Transaction error. Could not modify user.\n" msgstr "Transactiefout. Kan de gebruiker niet aanpassen.\n" -#: src/tools/sss_cache.c:228 +#: src/tools/sss_cache.c:245 msgid "No cache object matched the specified search\n" msgstr "" "Geen enkel cache object komt overeen met de gespecificeerde zoekopdracht\n" -#: src/tools/sss_cache.c:519 +#: src/tools/sss_cache.c:536 #, c-format msgid "Couldn't invalidate %1$s\n" msgstr "" -#: src/tools/sss_cache.c:526 +#: src/tools/sss_cache.c:543 #, c-format msgid "Couldn't invalidate %1$s %2$s\n" msgstr "" -#: src/tools/sss_cache.c:689 +#: src/tools/sss_cache.c:706 msgid "Invalidate all cached entries" msgstr "" -#: src/tools/sss_cache.c:691 +#: src/tools/sss_cache.c:708 msgid "Invalidate particular user" msgstr "Maak bepaalde gebruiker ongeldig" -#: src/tools/sss_cache.c:693 +#: src/tools/sss_cache.c:710 msgid "Invalidate all users" msgstr "Maak alle gebruikers ongeldig" -#: src/tools/sss_cache.c:695 +#: src/tools/sss_cache.c:712 msgid "Invalidate particular group" msgstr "Maak bepaalde groep ongeldig" -#: src/tools/sss_cache.c:697 +#: src/tools/sss_cache.c:714 msgid "Invalidate all groups" msgstr "Maak alle groepen ongeldig" -#: src/tools/sss_cache.c:699 +#: src/tools/sss_cache.c:716 msgid "Invalidate particular netgroup" msgstr "Maak bepaalde netgroep ongeldig" -#: src/tools/sss_cache.c:701 +#: src/tools/sss_cache.c:718 msgid "Invalidate all netgroups" msgstr "Maak alle netgroepen ongeldig" -#: src/tools/sss_cache.c:703 +#: src/tools/sss_cache.c:720 msgid "Invalidate particular service" msgstr "Maak bepaalde service ongeldig " -#: src/tools/sss_cache.c:705 +#: src/tools/sss_cache.c:722 msgid "Invalidate all services" msgstr "Maak alle services ongeldig" -#: src/tools/sss_cache.c:708 +#: src/tools/sss_cache.c:725 msgid "Invalidate particular autofs map" msgstr "Maak bepaalde autofs map ongeldig" -#: src/tools/sss_cache.c:710 +#: src/tools/sss_cache.c:727 msgid "Invalidate all autofs maps" msgstr "Maak alle autofs mappen ongeldig" -#: src/tools/sss_cache.c:714 +#: src/tools/sss_cache.c:731 msgid "Invalidate particular SSH host" msgstr "" -#: src/tools/sss_cache.c:716 +#: src/tools/sss_cache.c:733 msgid "Invalidate all SSH hosts" msgstr "" -#: src/tools/sss_cache.c:720 +#: src/tools/sss_cache.c:737 msgid "Invalidate particular sudo rule" msgstr "" -#: src/tools/sss_cache.c:722 +#: src/tools/sss_cache.c:739 msgid "Invalidate all cached sudo rules" msgstr "" -#: src/tools/sss_cache.c:725 +#: src/tools/sss_cache.c:742 msgid "Only invalidate entries from a particular domain" msgstr "Maak alleen ingangen van een bepaald domein ongeldig" -#: src/tools/sss_cache.c:779 +#: src/tools/sss_cache.c:796 msgid "" "Unexpected argument(s) provided, options that invalidate a single object " "only accept a single provided argument.\n" msgstr "" -#: src/tools/sss_cache.c:789 +#: src/tools/sss_cache.c:806 msgid "Please select at least one object to invalidate\n" msgstr "Selecteer tenminste een object om ongeldig te maken\n" -#: src/tools/sss_cache.c:872 +#: src/tools/sss_cache.c:889 #, c-format msgid "" "Could not open domain %1$s. If the domain is a subdomain (trusted domain), " @@ -2333,7 +2350,7 @@ msgstr "" "is, gebruik dan de volledig gekwalificeerde naam in plaats van --domain/-d " "parameter.\n" -#: src/tools/sss_cache.c:877 +#: src/tools/sss_cache.c:894 msgid "Could not open available domains\n" msgstr "Kon beschikbare domeinen niet openen\n" @@ -2882,27 +2899,18 @@ msgstr "" msgid " - no env -\n" msgstr "" -#: src/util/util.h:73 +#: src/util/util.h:74 msgid "The user ID to run the server as" msgstr "" -#: src/util/util.h:75 +#: src/util/util.h:76 msgid "The group ID to run the server as" msgstr "" -#: src/util/util.h:83 +#: src/util/util.h:84 msgid "Informs that the responder has been socket-activated" msgstr "" -#: src/util/util.h:85 +#: src/util/util.h:86 msgid "Informs that the responder has been dbus-activated" msgstr "" - -#~ msgid "Store password hashes" -#~ msgstr "Sla vingerafdrukken van wachtwoorden op" - -#~ msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for group lookups" -#~ msgstr "Gebruik LDAP_MATCHING_RULE_IN_CHAIN voor groep opzoeken" - -#~ msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for initgroup lookups" -#~ msgstr "Gebruik LDAP_MATCHING_RULE_IN_CHAIN voor initgroep opzoeken" diff --git a/po/pl.po b/po/pl.po index e791f163f5f..33302410d1b 100644 --- a/po/pl.po +++ b/po/pl.po @@ -9,12 +9,13 @@ # Piotr Drąg , 2016. #zanata # Piotr Drąg , 2017. #zanata # Piotr Drąg , 2018. #zanata +# Piotr Drąg , 2019. #zanata msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n" -"POT-Creation-Date: 2019-02-27 19:55+0100\n" -"PO-Revision-Date: 2018-06-09 01:44+0000\n" +"POT-Creation-Date: 2019-06-13 20:35+0200\n" +"PO-Revision-Date: 2019-03-01 06:40+0000\n" "Last-Translator: Piotr Drąg \n" "Language-Team: Polish (http://www.transifex.com/projects/p/sssd/language/" "pl/)\n" @@ -284,17 +285,18 @@ msgstr "Które usługi PAM mają zezwolenie na kontakt z domenami aplikacji" #: src/config/SSSDConfig/__init__.py.in:106 msgid "Allowed services for using smartcards" -msgstr "" +msgstr "Usługi mogące używać kart smardcard" #: src/config/SSSDConfig/__init__.py.in:107 -#, fuzzy msgid "Additional timeout to wait for a card if requested" -msgstr "Czas oczekiwania na żądanie wyszukiwania" +msgstr "Dodatkowy czas oczekiwania na kartę, jeśli zażądano" #: src/config/SSSDConfig/__init__.py.in:108 msgid "" "PKCS#11 URI to restrict the selection of devices for Smartcard authentication" msgstr "" +"Adres URI PKCS#11 do ograniczenia wyboru urządzeń dla uwierzytelniania za " +"pomocą kart smartcard" #: src/config/SSSDConfig/__init__.py.in:111 msgid "Whether to evaluate the time-based attributes in sudo rules" @@ -742,7 +744,7 @@ msgid "Active Directory client hostname" msgstr "Nazwa komputera klienta Active Directory" #: src/config/SSSDConfig/__init__.py.in:236 -#: src/config/SSSDConfig/__init__.py.in:420 +#: src/config/SSSDConfig/__init__.py.in:421 msgid "LDAP filter to determine access privileges" msgstr "Filtr LDAP do określenia uprawnień dostępu" @@ -929,106 +931,111 @@ msgid "The Schema Type in use on the LDAP server, rfc2307" msgstr "Typ Schema do użycia na serwerze LDAP, RFC2307" #: src/config/SSSDConfig/__init__.py.in:285 +#, fuzzy +msgid "Mode used to change user password" +msgstr "Hasło wygasło. Proszę je zmienić teraz." + +#: src/config/SSSDConfig/__init__.py.in:286 msgid "The default bind DN" msgstr "Domyślne DN dowiązania" -#: src/config/SSSDConfig/__init__.py.in:286 +#: src/config/SSSDConfig/__init__.py.in:287 msgid "The type of the authentication token of the default bind DN" msgstr "Typ tokenu uwierzytelniania domyślnego DN dowiązania" -#: src/config/SSSDConfig/__init__.py.in:287 +#: src/config/SSSDConfig/__init__.py.in:288 msgid "The authentication token of the default bind DN" msgstr "Token uwierzytelniania domyślnego DN dowiązania" -#: src/config/SSSDConfig/__init__.py.in:288 +#: src/config/SSSDConfig/__init__.py.in:289 msgid "Length of time to attempt connection" msgstr "Czas do próby połączenia" -#: src/config/SSSDConfig/__init__.py.in:289 +#: src/config/SSSDConfig/__init__.py.in:290 msgid "Length of time to attempt synchronous LDAP operations" msgstr "Czas do próby synchronicznych działań LDAP" -#: src/config/SSSDConfig/__init__.py.in:290 +#: src/config/SSSDConfig/__init__.py.in:291 msgid "Length of time between attempts to reconnect while offline" msgstr "Czas między próbami ponownego połączenia w trybie offline" -#: src/config/SSSDConfig/__init__.py.in:291 +#: src/config/SSSDConfig/__init__.py.in:292 msgid "Use only the upper case for realm names" msgstr "Użycie tylko wielkich znaków w nazwach obszarów" -#: src/config/SSSDConfig/__init__.py.in:292 +#: src/config/SSSDConfig/__init__.py.in:293 msgid "File that contains CA certificates" msgstr "Plik zawierający certyfikaty CA" -#: src/config/SSSDConfig/__init__.py.in:293 +#: src/config/SSSDConfig/__init__.py.in:294 msgid "Path to CA certificate directory" msgstr "Ścieżka do katalogu certyfikatów CA" -#: src/config/SSSDConfig/__init__.py.in:294 +#: src/config/SSSDConfig/__init__.py.in:295 msgid "File that contains the client certificate" msgstr "Plik zawierający certyfikat klienta" -#: src/config/SSSDConfig/__init__.py.in:295 +#: src/config/SSSDConfig/__init__.py.in:296 msgid "File that contains the client key" msgstr "Plik zawierający klucz klienta" -#: src/config/SSSDConfig/__init__.py.in:296 +#: src/config/SSSDConfig/__init__.py.in:297 msgid "List of possible ciphers suites" msgstr "Lista możliwych zestawów szyfrów" -#: src/config/SSSDConfig/__init__.py.in:297 +#: src/config/SSSDConfig/__init__.py.in:298 msgid "Require TLS certificate verification" msgstr "Wymaga sprawdzenia certyfikatu TLS" -#: src/config/SSSDConfig/__init__.py.in:298 +#: src/config/SSSDConfig/__init__.py.in:299 msgid "Specify the sasl mechanism to use" msgstr "Podaje używany mechanizm SASL" -#: src/config/SSSDConfig/__init__.py.in:299 +#: src/config/SSSDConfig/__init__.py.in:300 msgid "Specify the sasl authorization id to use" msgstr "Podaje używany identyfikator upoważnienia SASL" -#: src/config/SSSDConfig/__init__.py.in:300 +#: src/config/SSSDConfig/__init__.py.in:301 msgid "Specify the sasl authorization realm to use" msgstr "Podaje obszar upoważnienia SASL do użycia" -#: src/config/SSSDConfig/__init__.py.in:301 +#: src/config/SSSDConfig/__init__.py.in:302 msgid "Specify the minimal SSF for LDAP sasl authorization" msgstr "Podaje minimalne SSF dla upoważnienia sasl LDAP" -#: src/config/SSSDConfig/__init__.py.in:302 +#: src/config/SSSDConfig/__init__.py.in:303 msgid "Kerberos service keytab" msgstr "Tablica kluczy usługi Kerberos" -#: src/config/SSSDConfig/__init__.py.in:303 +#: src/config/SSSDConfig/__init__.py.in:304 msgid "Use Kerberos auth for LDAP connection" msgstr "Używa uwierzytelniania Kerberos dla połączenia LDAP" -#: src/config/SSSDConfig/__init__.py.in:304 +#: src/config/SSSDConfig/__init__.py.in:305 msgid "Follow LDAP referrals" msgstr "Podąża za odsyłaniami LDAP" -#: src/config/SSSDConfig/__init__.py.in:305 +#: src/config/SSSDConfig/__init__.py.in:306 msgid "Lifetime of TGT for LDAP connection" msgstr "Czas trwania TGT dla połączenia LDAP" -#: src/config/SSSDConfig/__init__.py.in:306 +#: src/config/SSSDConfig/__init__.py.in:307 msgid "How to dereference aliases" msgstr "Jak wskazywać aliasy" -#: src/config/SSSDConfig/__init__.py.in:307 +#: src/config/SSSDConfig/__init__.py.in:308 msgid "Service name for DNS service lookups" msgstr "Nazwa usługi do wyszukiwań usługi DNS" -#: src/config/SSSDConfig/__init__.py.in:308 +#: src/config/SSSDConfig/__init__.py.in:309 msgid "The number of records to retrieve in a single LDAP query" msgstr "Liczba wpisów do pobrania w jednym zapytaniu LDAP" -#: src/config/SSSDConfig/__init__.py.in:309 +#: src/config/SSSDConfig/__init__.py.in:310 msgid "The number of members that must be missing to trigger a full deref" msgstr "Suma liczb, których musi brakować, aby wywołać pełne „deref”" -#: src/config/SSSDConfig/__init__.py.in:310 +#: src/config/SSSDConfig/__init__.py.in:311 msgid "" "Whether the LDAP library should perform a reverse lookup to canonicalize the " "host name during a SASL bind" @@ -1036,381 +1043,381 @@ msgstr "" "Określa, czy biblioteka LDAP powinna wykonywać odwrotne wyszukanie, aby " "ujednolicić nazwę komputera podczas dowiązania SASL" -#: src/config/SSSDConfig/__init__.py.in:312 +#: src/config/SSSDConfig/__init__.py.in:313 msgid "entryUSN attribute" msgstr "Atrybut entryUSN" -#: src/config/SSSDConfig/__init__.py.in:313 +#: src/config/SSSDConfig/__init__.py.in:314 msgid "lastUSN attribute" msgstr "Atrybut lastUSN" -#: src/config/SSSDConfig/__init__.py.in:315 +#: src/config/SSSDConfig/__init__.py.in:316 msgid "How long to retain a connection to the LDAP server before disconnecting" msgstr "Jak długo utrzymywać połączenie z serwerem LDAP przed rozłączeniem" -#: src/config/SSSDConfig/__init__.py.in:317 +#: src/config/SSSDConfig/__init__.py.in:318 msgid "Disable the LDAP paging control" msgstr "Wyłącza kontrolę stronicowania LDAP" -#: src/config/SSSDConfig/__init__.py.in:318 +#: src/config/SSSDConfig/__init__.py.in:319 msgid "Disable Active Directory range retrieval" msgstr "Wyłącza pobieranie zakresu Active Directory" -#: src/config/SSSDConfig/__init__.py.in:321 +#: src/config/SSSDConfig/__init__.py.in:322 msgid "Length of time to wait for a search request" msgstr "Czas oczekiwania na żądanie wyszukiwania" -#: src/config/SSSDConfig/__init__.py.in:322 +#: src/config/SSSDConfig/__init__.py.in:323 msgid "Length of time to wait for a enumeration request" msgstr "Czas oczekiwania na żądanie wyliczenia" -#: src/config/SSSDConfig/__init__.py.in:323 +#: src/config/SSSDConfig/__init__.py.in:324 msgid "Length of time between enumeration updates" msgstr "Czas między aktualizacjami wyliczania" -#: src/config/SSSDConfig/__init__.py.in:324 +#: src/config/SSSDConfig/__init__.py.in:325 msgid "Length of time between cache cleanups" msgstr "Czas między czyszczeniem pamięci podręcznej" -#: src/config/SSSDConfig/__init__.py.in:325 +#: src/config/SSSDConfig/__init__.py.in:326 msgid "Require TLS for ID lookups" msgstr "Wymaga TLS dla wyszukiwania identyfikatorów" -#: src/config/SSSDConfig/__init__.py.in:326 +#: src/config/SSSDConfig/__init__.py.in:327 msgid "Use ID-mapping of objectSID instead of pre-set IDs" msgstr "" "Używa mapowania identyfikatorów objectSID zamiast uprzednio ustawionych " "identyfikatorów" -#: src/config/SSSDConfig/__init__.py.in:327 +#: src/config/SSSDConfig/__init__.py.in:328 msgid "Base DN for user lookups" msgstr "Podstawowe DN dla wyszukiwania użytkowników" -#: src/config/SSSDConfig/__init__.py.in:328 +#: src/config/SSSDConfig/__init__.py.in:329 msgid "Scope of user lookups" msgstr "Zakres wyszukiwania użytkowników" -#: src/config/SSSDConfig/__init__.py.in:329 +#: src/config/SSSDConfig/__init__.py.in:330 msgid "Filter for user lookups" msgstr "Filtruje wyszukiwania użytkowników" -#: src/config/SSSDConfig/__init__.py.in:330 +#: src/config/SSSDConfig/__init__.py.in:331 msgid "Objectclass for users" msgstr "Klasa obiektów dla użytkowników" -#: src/config/SSSDConfig/__init__.py.in:331 +#: src/config/SSSDConfig/__init__.py.in:332 msgid "Username attribute" msgstr "Atrybut nazwy użytkownika" -#: src/config/SSSDConfig/__init__.py.in:333 +#: src/config/SSSDConfig/__init__.py.in:334 msgid "UID attribute" msgstr "Atrybut UID" -#: src/config/SSSDConfig/__init__.py.in:334 +#: src/config/SSSDConfig/__init__.py.in:335 msgid "Primary GID attribute" msgstr "Pierwszy atrybut GID" -#: src/config/SSSDConfig/__init__.py.in:335 +#: src/config/SSSDConfig/__init__.py.in:336 msgid "GECOS attribute" msgstr "Atrybut GECOS" -#: src/config/SSSDConfig/__init__.py.in:336 +#: src/config/SSSDConfig/__init__.py.in:337 msgid "Home directory attribute" msgstr "Atrybut katalogu domowego" -#: src/config/SSSDConfig/__init__.py.in:337 +#: src/config/SSSDConfig/__init__.py.in:338 msgid "Shell attribute" msgstr "Atrybut powłoki" -#: src/config/SSSDConfig/__init__.py.in:338 +#: src/config/SSSDConfig/__init__.py.in:339 msgid "UUID attribute" msgstr "Atrybut UUID" -#: src/config/SSSDConfig/__init__.py.in:339 -#: src/config/SSSDConfig/__init__.py.in:381 +#: src/config/SSSDConfig/__init__.py.in:340 +#: src/config/SSSDConfig/__init__.py.in:382 msgid "objectSID attribute" msgstr "Atrybut objectSID" -#: src/config/SSSDConfig/__init__.py.in:340 +#: src/config/SSSDConfig/__init__.py.in:341 msgid "Active Directory primary group attribute for ID-mapping" msgstr "Atrybut głównej grupy Active Directory dla mapowania identyfikatorów" -#: src/config/SSSDConfig/__init__.py.in:341 +#: src/config/SSSDConfig/__init__.py.in:342 msgid "User principal attribute (for Kerberos)" msgstr "Atrybut głównego użytkownika (dla Kerberos)" -#: src/config/SSSDConfig/__init__.py.in:342 +#: src/config/SSSDConfig/__init__.py.in:343 msgid "Full Name" msgstr "Imię i nazwisko" -#: src/config/SSSDConfig/__init__.py.in:343 +#: src/config/SSSDConfig/__init__.py.in:344 msgid "memberOf attribute" msgstr "Atrybut memberOf" -#: src/config/SSSDConfig/__init__.py.in:344 +#: src/config/SSSDConfig/__init__.py.in:345 msgid "Modification time attribute" msgstr "Atrybut czasu modyfikacji" -#: src/config/SSSDConfig/__init__.py.in:346 +#: src/config/SSSDConfig/__init__.py.in:347 msgid "shadowLastChange attribute" msgstr "Atrybut shadowLastChange" -#: src/config/SSSDConfig/__init__.py.in:347 +#: src/config/SSSDConfig/__init__.py.in:348 msgid "shadowMin attribute" msgstr "Atrybut shadowMin" -#: src/config/SSSDConfig/__init__.py.in:348 +#: src/config/SSSDConfig/__init__.py.in:349 msgid "shadowMax attribute" msgstr "Atrybut shadowMax" -#: src/config/SSSDConfig/__init__.py.in:349 +#: src/config/SSSDConfig/__init__.py.in:350 msgid "shadowWarning attribute" msgstr "Atrybut shadowWarning" -#: src/config/SSSDConfig/__init__.py.in:350 +#: src/config/SSSDConfig/__init__.py.in:351 msgid "shadowInactive attribute" msgstr "Atrybut shadowInactive" -#: src/config/SSSDConfig/__init__.py.in:351 +#: src/config/SSSDConfig/__init__.py.in:352 msgid "shadowExpire attribute" msgstr "Atrybut shadowExpire" -#: src/config/SSSDConfig/__init__.py.in:352 +#: src/config/SSSDConfig/__init__.py.in:353 msgid "shadowFlag attribute" msgstr "Atrybut shadowFlag" -#: src/config/SSSDConfig/__init__.py.in:353 +#: src/config/SSSDConfig/__init__.py.in:354 msgid "Attribute listing authorized PAM services" msgstr "Atrybut zawierający listę upoważnionych usług PAM" -#: src/config/SSSDConfig/__init__.py.in:354 +#: src/config/SSSDConfig/__init__.py.in:355 msgid "Attribute listing authorized server hosts" msgstr "Atrybut zawierający listę upoważnionych komputerów serwerowych" -#: src/config/SSSDConfig/__init__.py.in:355 +#: src/config/SSSDConfig/__init__.py.in:356 msgid "Attribute listing authorized server rhosts" msgstr "Atrybut zawierający listę upoważnionych rhosts serwera" -#: src/config/SSSDConfig/__init__.py.in:356 +#: src/config/SSSDConfig/__init__.py.in:357 msgid "krbLastPwdChange attribute" msgstr "Atrybut krbLastPwdChange" -#: src/config/SSSDConfig/__init__.py.in:357 +#: src/config/SSSDConfig/__init__.py.in:358 msgid "krbPasswordExpiration attribute" msgstr "Atrybut krbPasswordExpiration" -#: src/config/SSSDConfig/__init__.py.in:358 +#: src/config/SSSDConfig/__init__.py.in:359 msgid "Attribute indicating that server side password policies are active" msgstr "Atrybut wskazujący, czy polityki haseł po stronie serwera są aktywne" -#: src/config/SSSDConfig/__init__.py.in:359 +#: src/config/SSSDConfig/__init__.py.in:360 msgid "accountExpires attribute of AD" msgstr "Atrybut accountExpires AD" -#: src/config/SSSDConfig/__init__.py.in:360 +#: src/config/SSSDConfig/__init__.py.in:361 msgid "userAccountControl attribute of AD" msgstr "Atrybut userAccountControl AD" -#: src/config/SSSDConfig/__init__.py.in:361 +#: src/config/SSSDConfig/__init__.py.in:362 msgid "nsAccountLock attribute" msgstr "Atrybut nsAccountLock" -#: src/config/SSSDConfig/__init__.py.in:362 +#: src/config/SSSDConfig/__init__.py.in:363 msgid "loginDisabled attribute of NDS" msgstr "Atrybut loginDisabled NDS" -#: src/config/SSSDConfig/__init__.py.in:363 +#: src/config/SSSDConfig/__init__.py.in:364 msgid "loginExpirationTime attribute of NDS" msgstr "Atrybut loginExpirationTime NDS" -#: src/config/SSSDConfig/__init__.py.in:364 +#: src/config/SSSDConfig/__init__.py.in:365 msgid "loginAllowedTimeMap attribute of NDS" msgstr "Atrybut loginAllowedTimeMap NDS" -#: src/config/SSSDConfig/__init__.py.in:365 +#: src/config/SSSDConfig/__init__.py.in:366 msgid "SSH public key attribute" msgstr "Atrybut klucza publicznego SSH" -#: src/config/SSSDConfig/__init__.py.in:366 +#: src/config/SSSDConfig/__init__.py.in:367 msgid "attribute listing allowed authentication types for a user" msgstr "" "atrybut zawierający listę dozwolonych typów uwierzytelniania dla użytkownika" -#: src/config/SSSDConfig/__init__.py.in:367 +#: src/config/SSSDConfig/__init__.py.in:368 msgid "attribute containing the X509 certificate of the user" msgstr "atrybut zawierający certyfikat X509 użytkownika" -#: src/config/SSSDConfig/__init__.py.in:368 +#: src/config/SSSDConfig/__init__.py.in:369 msgid "attribute containing the email address of the user" msgstr "atrybut zawierający adres e-mail użytkownika" -#: src/config/SSSDConfig/__init__.py.in:370 +#: src/config/SSSDConfig/__init__.py.in:371 msgid "A list of extra attributes to download along with the user entry" msgstr "Lista dodatkowych atrybutów do pobrania razem z wpisem użytkownika" -#: src/config/SSSDConfig/__init__.py.in:372 +#: src/config/SSSDConfig/__init__.py.in:373 msgid "Base DN for group lookups" msgstr "Podstawowe DN dla wyszukiwania grup" -#: src/config/SSSDConfig/__init__.py.in:375 +#: src/config/SSSDConfig/__init__.py.in:376 msgid "Objectclass for groups" msgstr "Klasa obiektów dla grup" -#: src/config/SSSDConfig/__init__.py.in:376 +#: src/config/SSSDConfig/__init__.py.in:377 msgid "Group name" msgstr "Nazwa grupy" -#: src/config/SSSDConfig/__init__.py.in:377 +#: src/config/SSSDConfig/__init__.py.in:378 msgid "Group password" msgstr "Hasło grupy" -#: src/config/SSSDConfig/__init__.py.in:378 +#: src/config/SSSDConfig/__init__.py.in:379 msgid "GID attribute" msgstr "Atrybut GID" -#: src/config/SSSDConfig/__init__.py.in:379 +#: src/config/SSSDConfig/__init__.py.in:380 msgid "Group member attribute" msgstr "Atrybut elementu grupy" -#: src/config/SSSDConfig/__init__.py.in:380 +#: src/config/SSSDConfig/__init__.py.in:381 msgid "Group UUID attribute" msgstr "Atrybut UUID grupy" -#: src/config/SSSDConfig/__init__.py.in:382 +#: src/config/SSSDConfig/__init__.py.in:383 msgid "Modification time attribute for groups" msgstr "Atrybut czasu modyfikacji grup" -#: src/config/SSSDConfig/__init__.py.in:383 +#: src/config/SSSDConfig/__init__.py.in:384 msgid "Type of the group and other flags" msgstr "Typ grupy i inne flagi" -#: src/config/SSSDConfig/__init__.py.in:384 +#: src/config/SSSDConfig/__init__.py.in:385 msgid "The LDAP group external member attribute" msgstr "Atrybut zewnętrznego członka grupy LDAP" -#: src/config/SSSDConfig/__init__.py.in:386 +#: src/config/SSSDConfig/__init__.py.in:387 msgid "Maximum nesting level SSSD will follow" msgstr "Maksymalny poziom zagnieżdżenia, jaki usługa SSSD będzie używała" -#: src/config/SSSDConfig/__init__.py.in:388 +#: src/config/SSSDConfig/__init__.py.in:389 msgid "Base DN for netgroup lookups" msgstr "Podstawowe DN dla wyszukiwania grupy sieciowej" -#: src/config/SSSDConfig/__init__.py.in:389 +#: src/config/SSSDConfig/__init__.py.in:390 msgid "Objectclass for netgroups" msgstr "Klasa obiektów dla grup sieciowych" -#: src/config/SSSDConfig/__init__.py.in:390 +#: src/config/SSSDConfig/__init__.py.in:391 msgid "Netgroup name" msgstr "Nazwa grupy sieciowej" -#: src/config/SSSDConfig/__init__.py.in:391 +#: src/config/SSSDConfig/__init__.py.in:392 msgid "Netgroups members attribute" msgstr "Atrybut elementów grupy sieciowej" -#: src/config/SSSDConfig/__init__.py.in:392 +#: src/config/SSSDConfig/__init__.py.in:393 msgid "Netgroup triple attribute" msgstr "Potrójny atrybut grupy sieciowej" -#: src/config/SSSDConfig/__init__.py.in:393 +#: src/config/SSSDConfig/__init__.py.in:394 msgid "Modification time attribute for netgroups" msgstr "Atrybut czasu modyfikacji grup sieciowych" -#: src/config/SSSDConfig/__init__.py.in:395 +#: src/config/SSSDConfig/__init__.py.in:396 msgid "Base DN for service lookups" msgstr "Podstawowe DN do wyszukiwania usług" -#: src/config/SSSDConfig/__init__.py.in:396 +#: src/config/SSSDConfig/__init__.py.in:397 msgid "Objectclass for services" msgstr "Klasa obiektów dla usług" -#: src/config/SSSDConfig/__init__.py.in:397 +#: src/config/SSSDConfig/__init__.py.in:398 msgid "Service name attribute" msgstr "Atrybut nazwy usługi" -#: src/config/SSSDConfig/__init__.py.in:398 +#: src/config/SSSDConfig/__init__.py.in:399 msgid "Service port attribute" msgstr "Atrybut portu usługi" -#: src/config/SSSDConfig/__init__.py.in:399 +#: src/config/SSSDConfig/__init__.py.in:400 msgid "Service protocol attribute" msgstr "Atrybut protokołu usługi" -#: src/config/SSSDConfig/__init__.py.in:402 +#: src/config/SSSDConfig/__init__.py.in:403 msgid "Lower bound for ID-mapping" msgstr "Niższa granica dla mapowania identyfikatorów" -#: src/config/SSSDConfig/__init__.py.in:403 +#: src/config/SSSDConfig/__init__.py.in:404 msgid "Upper bound for ID-mapping" msgstr "Wyższa granica dla mapowania identyfikatorów" -#: src/config/SSSDConfig/__init__.py.in:404 +#: src/config/SSSDConfig/__init__.py.in:405 msgid "Number of IDs for each slice when ID-mapping" msgstr "" "Liczba identyfikatorów dla każdego fragmentu podczas mapowania " "identyfikatorów" -#: src/config/SSSDConfig/__init__.py.in:405 +#: src/config/SSSDConfig/__init__.py.in:406 msgid "Use autorid-compatible algorithm for ID-mapping" msgstr "Używa algorytmu zgodnego z autorid do mapowania identyfikatorów" -#: src/config/SSSDConfig/__init__.py.in:406 +#: src/config/SSSDConfig/__init__.py.in:407 msgid "Name of the default domain for ID-mapping" msgstr "Nazwa domyślnej domeny dla mapowania identyfikatorów" -#: src/config/SSSDConfig/__init__.py.in:407 +#: src/config/SSSDConfig/__init__.py.in:408 msgid "SID of the default domain for ID-mapping" msgstr "SID domyślnej domeny dla mapowania identyfikatorów" -#: src/config/SSSDConfig/__init__.py.in:408 +#: src/config/SSSDConfig/__init__.py.in:409 msgid "Number of secondary slices" msgstr "Liczba drugorzędnych fragmentów" -#: src/config/SSSDConfig/__init__.py.in:410 +#: src/config/SSSDConfig/__init__.py.in:411 msgid "Whether to use Token-Groups" msgstr "Czy używać Token-Groups" -#: src/config/SSSDConfig/__init__.py.in:411 +#: src/config/SSSDConfig/__init__.py.in:412 msgid "Set lower boundary for allowed IDs from the LDAP server" msgstr "Ustawia dolną granicę dla dozwolonych identyfikatorów z serwera LDAP" -#: src/config/SSSDConfig/__init__.py.in:412 +#: src/config/SSSDConfig/__init__.py.in:413 msgid "Set upper boundary for allowed IDs from the LDAP server" msgstr "Ustawia górną granicę dla dozwolonych identyfikatorów z serwera LDAP" -#: src/config/SSSDConfig/__init__.py.in:413 +#: src/config/SSSDConfig/__init__.py.in:414 msgid "DN for ppolicy queries" msgstr "DN dla zapytań polityki" -#: src/config/SSSDConfig/__init__.py.in:414 +#: src/config/SSSDConfig/__init__.py.in:415 msgid "How many maximum entries to fetch during a wildcard request" msgstr "Ile maksymalnie wpisów pobierać podczas żądania z wieloznacznikiem" -#: src/config/SSSDConfig/__init__.py.in:417 +#: src/config/SSSDConfig/__init__.py.in:418 msgid "Policy to evaluate the password expiration" msgstr "Polityka do oszacowania wygaszenia hasła" -#: src/config/SSSDConfig/__init__.py.in:421 +#: src/config/SSSDConfig/__init__.py.in:422 msgid "Which attributes shall be used to evaluate if an account is expired" msgstr "Które atrybuty powinny być używane do sprawdzenia, czy konto wygasło" -#: src/config/SSSDConfig/__init__.py.in:422 +#: src/config/SSSDConfig/__init__.py.in:423 msgid "Which rules should be used to evaluate access control" msgstr "Które reguły powinny być używane do sprawdzania kontroli dostępu" -#: src/config/SSSDConfig/__init__.py.in:425 +#: src/config/SSSDConfig/__init__.py.in:426 msgid "URI of an LDAP server where password changes are allowed" msgstr "Adres URI serwera LDAP, gdzie zmiany hasła są dozwolone" -#: src/config/SSSDConfig/__init__.py.in:426 +#: src/config/SSSDConfig/__init__.py.in:427 msgid "URI of a backup LDAP server where password changes are allowed" msgstr "Adres URI zapasowego serwera LDAP, gdzie zmiany hasła są dozwolone" -#: src/config/SSSDConfig/__init__.py.in:427 +#: src/config/SSSDConfig/__init__.py.in:428 msgid "DNS service name for LDAP password change server" msgstr "Nazwa usługi DNS serwera zmiany hasła LDAP" -#: src/config/SSSDConfig/__init__.py.in:428 +#: src/config/SSSDConfig/__init__.py.in:429 msgid "" "Whether to update the ldap_user_shadow_last_change attribute after a " "password change" @@ -1418,24 +1425,24 @@ msgstr "" "Określa, czy zaktualizować atrybut ldap_user_shadow_last_change po zmianie " "hasła" -#: src/config/SSSDConfig/__init__.py.in:431 +#: src/config/SSSDConfig/__init__.py.in:432 msgid "Base DN for sudo rules lookups" msgstr "Podstawowe DN dla wyszukiwań reguł sudo" -#: src/config/SSSDConfig/__init__.py.in:432 +#: src/config/SSSDConfig/__init__.py.in:433 msgid "Automatic full refresh period" msgstr "Okres między automatycznymi pełnymi odświeżeniami" -#: src/config/SSSDConfig/__init__.py.in:433 +#: src/config/SSSDConfig/__init__.py.in:434 msgid "Automatic smart refresh period" msgstr "Okres między automatycznymi inteligentnymi odświeżeniami" -#: src/config/SSSDConfig/__init__.py.in:434 +#: src/config/SSSDConfig/__init__.py.in:435 msgid "Whether to filter rules by hostname, IP addresses and network" msgstr "" "Określa, czy filtrować reguły według nazwy komputera, adresów IP i sieci" -#: src/config/SSSDConfig/__init__.py.in:435 +#: src/config/SSSDConfig/__init__.py.in:436 msgid "" "Hostnames and/or fully qualified domain names of this machine to filter sudo " "rules" @@ -1443,251 +1450,259 @@ msgstr "" "Nazwy komputerów lub w pełni kwalifikowane nazwy domen tego komputera do " "filtrowania reguł sudo" -#: src/config/SSSDConfig/__init__.py.in:436 +#: src/config/SSSDConfig/__init__.py.in:437 msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules" msgstr "" "Adresy lub sieci IPv4 lub IPv6 tego komputera do filtrowania reguł sudo" -#: src/config/SSSDConfig/__init__.py.in:437 +#: src/config/SSSDConfig/__init__.py.in:438 msgid "Whether to include rules that contains netgroup in host attribute" msgstr "" "Określa, czy zawierać reguły zawierające grupy sieciowe w atrybucie komputera" -#: src/config/SSSDConfig/__init__.py.in:438 +#: src/config/SSSDConfig/__init__.py.in:439 msgid "" "Whether to include rules that contains regular expression in host attribute" msgstr "" "Określa, czy zawierać reguły zawierające wyrażenia regularne w atrybucie " "komputera" -#: src/config/SSSDConfig/__init__.py.in:439 +#: src/config/SSSDConfig/__init__.py.in:440 msgid "Object class for sudo rules" msgstr "Klasa obiektów dla reguł sudo" -#: src/config/SSSDConfig/__init__.py.in:440 +#: src/config/SSSDConfig/__init__.py.in:441 msgid "Sudo rule name" msgstr "Nazwa reguły sudo" -#: src/config/SSSDConfig/__init__.py.in:441 +#: src/config/SSSDConfig/__init__.py.in:442 msgid "Sudo rule command attribute" msgstr "Atrybut polecenia reguły sudo" -#: src/config/SSSDConfig/__init__.py.in:442 +#: src/config/SSSDConfig/__init__.py.in:443 msgid "Sudo rule host attribute" msgstr "Atrybut komputera reguły sudo" -#: src/config/SSSDConfig/__init__.py.in:443 +#: src/config/SSSDConfig/__init__.py.in:444 msgid "Sudo rule user attribute" msgstr "Atrybut użytkownika reguły sudo" -#: src/config/SSSDConfig/__init__.py.in:444 +#: src/config/SSSDConfig/__init__.py.in:445 msgid "Sudo rule option attribute" msgstr "Atrybut opcji reguły sudo" -#: src/config/SSSDConfig/__init__.py.in:445 +#: src/config/SSSDConfig/__init__.py.in:446 msgid "Sudo rule runas attribute" msgstr "Atrybut runas reguły sudo" -#: src/config/SSSDConfig/__init__.py.in:446 +#: src/config/SSSDConfig/__init__.py.in:447 msgid "Sudo rule runasuser attribute" msgstr "Atrybut runasuser reguły sudo" -#: src/config/SSSDConfig/__init__.py.in:447 +#: src/config/SSSDConfig/__init__.py.in:448 msgid "Sudo rule runasgroup attribute" msgstr "Atrybut runasgroup reguły sudo" -#: src/config/SSSDConfig/__init__.py.in:448 +#: src/config/SSSDConfig/__init__.py.in:449 msgid "Sudo rule notbefore attribute" msgstr "Atrybut notbefore reguły sudo" -#: src/config/SSSDConfig/__init__.py.in:449 +#: src/config/SSSDConfig/__init__.py.in:450 msgid "Sudo rule notafter attribute" msgstr "Atrybut notafter reguły sudo" -#: src/config/SSSDConfig/__init__.py.in:450 +#: src/config/SSSDConfig/__init__.py.in:451 msgid "Sudo rule order attribute" msgstr "Atrybut kolejności reguły sudo" -#: src/config/SSSDConfig/__init__.py.in:453 +#: src/config/SSSDConfig/__init__.py.in:454 msgid "Object class for automounter maps" msgstr "Klasa obiektów dla map automountera" -#: src/config/SSSDConfig/__init__.py.in:454 +#: src/config/SSSDConfig/__init__.py.in:455 msgid "Automounter map name attribute" msgstr "Atrybut nazwy mapy automountera" -#: src/config/SSSDConfig/__init__.py.in:455 +#: src/config/SSSDConfig/__init__.py.in:456 msgid "Object class for automounter map entries" msgstr "Klasa obiektów dla wpisów map automountera" -#: src/config/SSSDConfig/__init__.py.in:456 +#: src/config/SSSDConfig/__init__.py.in:457 msgid "Automounter map entry key attribute" msgstr "Atrybut klucza wpisu mapy automountera" -#: src/config/SSSDConfig/__init__.py.in:457 +#: src/config/SSSDConfig/__init__.py.in:458 msgid "Automounter map entry value attribute" msgstr "Atrybut wartości wpisu mapy automountera" -#: src/config/SSSDConfig/__init__.py.in:458 +#: src/config/SSSDConfig/__init__.py.in:459 msgid "Base DN for automounter map lookups" msgstr "Podstawowe DN dla wyszukiwań map automountera" -#: src/config/SSSDConfig/__init__.py.in:461 +#: src/config/SSSDConfig/__init__.py.in:462 msgid "Comma separated list of allowed users" msgstr "Lista dozwolonych użytkowników oddzielonych przecinkami" -#: src/config/SSSDConfig/__init__.py.in:462 +#: src/config/SSSDConfig/__init__.py.in:463 msgid "Comma separated list of prohibited users" msgstr "Lista zabronionych użytkowników oddzielonych przecinkami" -#: src/config/SSSDConfig/__init__.py.in:465 +#: src/config/SSSDConfig/__init__.py.in:466 msgid "Default shell, /bin/bash" msgstr "Domyślna powłoka, /bin/bash" -#: src/config/SSSDConfig/__init__.py.in:466 +#: src/config/SSSDConfig/__init__.py.in:467 msgid "Base for home directories" msgstr "Podstawa katalogów domowych" -#: src/config/SSSDConfig/__init__.py.in:469 +#: src/config/SSSDConfig/__init__.py.in:470 msgid "The number of preforked proxy children." msgstr "Liczba elementów potomnych pośrednika przed rozwidleniem." -#: src/config/SSSDConfig/__init__.py.in:472 +#: src/config/SSSDConfig/__init__.py.in:473 msgid "The name of the NSS library to use" msgstr "Nazwa używanej biblioteki NSS" -#: src/config/SSSDConfig/__init__.py.in:473 +#: src/config/SSSDConfig/__init__.py.in:474 msgid "Whether to look up canonical group name from cache if possible" msgstr "" "Określa, czy wyszukiwać kanoniczną nazwę grupy w pamięci podręcznej, jeśli " "to możliwe" -#: src/config/SSSDConfig/__init__.py.in:476 +#: src/config/SSSDConfig/__init__.py.in:477 msgid "PAM stack to use" msgstr "Używany stos PAM" -#: src/config/SSSDConfig/__init__.py.in:479 +#: src/config/SSSDConfig/__init__.py.in:480 msgid "Path of passwd file sources." msgstr "Ścieżka źródeł pliku „passwd”." -#: src/config/SSSDConfig/__init__.py.in:480 +#: src/config/SSSDConfig/__init__.py.in:481 msgid "Path of group file sources." msgstr "Ścieżka źródeł pliku „group”." -#: src/monitor/monitor.c:2347 +#: src/monitor/monitor.c:2332 msgid "Become a daemon (default)" msgstr "Uruchamia jako usługa (domyślnie)" -#: src/monitor/monitor.c:2349 +#: src/monitor/monitor.c:2334 msgid "Run interactive (not a daemon)" msgstr "Uruchamia interaktywnie (nie jako usługa)" -#: src/monitor/monitor.c:2352 +#: src/monitor/monitor.c:2337 msgid "Disable netlink interface" msgstr "Wyłącza interfejs netlink" -#: src/monitor/monitor.c:2354 src/tools/sssctl/sssctl_logs.c:311 +#: src/monitor/monitor.c:2339 src/tools/sssctl/sssctl_logs.c:311 msgid "Specify a non-default config file" msgstr "Podaje niedomyślny plik konfiguracji" -#: src/monitor/monitor.c:2356 +#: src/monitor/monitor.c:2341 msgid "Refresh the configuration database, then exit" msgstr "Odświeża bazę danych konfiguracji, a następnie kończy działanie" -#: src/monitor/monitor.c:2359 +#: src/monitor/monitor.c:2344 msgid "Similar to --genconf, but only refreshes the given section" -msgstr "" +msgstr "Podobne do --genconf, ale odświeża tylko podaną sekcję" -#: src/monitor/monitor.c:2362 +#: src/monitor/monitor.c:2347 msgid "Print version number and exit" msgstr "Wyświetla numer wersji i kończy działanie" -#: src/monitor/monitor.c:2538 +#: src/monitor/monitor.c:2523 msgid "SSSD is already running\n" msgstr "Usługa SSSD jest już uruchomiona\n" -#: src/providers/krb5/krb5_child.c:3219 src/providers/ldap/ldap_child.c:605 +#: src/providers/krb5/krb5_child.c:3232 src/providers/ldap/ldap_child.c:605 msgid "Debug level" msgstr "Poziom debugowania" -#: src/providers/krb5/krb5_child.c:3221 src/providers/ldap/ldap_child.c:607 +#: src/providers/krb5/krb5_child.c:3234 src/providers/ldap/ldap_child.c:607 msgid "Add debug timestamps" msgstr "Dodaje czasy debugowania" -#: src/providers/krb5/krb5_child.c:3223 src/providers/ldap/ldap_child.c:609 +#: src/providers/krb5/krb5_child.c:3236 src/providers/ldap/ldap_child.c:609 msgid "Show timestamps with microseconds" msgstr "Wyświetlanie dat z mikrosekundami" -#: src/providers/krb5/krb5_child.c:3225 src/providers/ldap/ldap_child.c:611 +#: src/providers/krb5/krb5_child.c:3238 src/providers/ldap/ldap_child.c:611 msgid "An open file descriptor for the debug logs" msgstr "Otwiera deskryptor pliku dla dzienników debugowania" -#: src/providers/krb5/krb5_child.c:3228 src/providers/ldap/ldap_child.c:613 +#: src/providers/krb5/krb5_child.c:3241 src/providers/ldap/ldap_child.c:613 msgid "Send the debug output to stderr directly." msgstr "" "Wysyła wyjście debugowania bezpośrednio do standardowego wyjścia błędów." -#: src/providers/krb5/krb5_child.c:3231 +#: src/providers/krb5/krb5_child.c:3244 msgid "The user to create FAST ccache as" msgstr "Użytkownik, jako który utworzyć ccache FAST" -#: src/providers/krb5/krb5_child.c:3233 +#: src/providers/krb5/krb5_child.c:3246 msgid "The group to create FAST ccache as" msgstr "Grupa, jako którą utworzyć ccache FAST" -#: src/providers/krb5/krb5_child.c:3235 +#: src/providers/krb5/krb5_child.c:3248 msgid "Kerberos realm to use" msgstr "Używany obszar Kerberosa" -#: src/providers/krb5/krb5_child.c:3237 +#: src/providers/krb5/krb5_child.c:3250 msgid "Requested lifetime of the ticket" msgstr "Żądany czas trwania biletu" -#: src/providers/krb5/krb5_child.c:3239 +#: src/providers/krb5/krb5_child.c:3252 msgid "Requested renewable lifetime of the ticket" msgstr "Żądany odnawialny czas trwania biletu" -#: src/providers/krb5/krb5_child.c:3241 +#: src/providers/krb5/krb5_child.c:3254 msgid "FAST options ('never', 'try', 'demand')" msgstr "Opcje FAST („never”, „try”, „demand”)" -#: src/providers/krb5/krb5_child.c:3244 +#: src/providers/krb5/krb5_child.c:3257 msgid "Specifies the server principal to use for FAST" msgstr "Podaje naczelnika serwera używanego dla FAST" -#: src/providers/krb5/krb5_child.c:3246 +#: src/providers/krb5/krb5_child.c:3259 msgid "Requests canonicalization of the principal name" msgstr "Żąda ujednolicenie nazwy naczelnika" -#: src/providers/krb5/krb5_child.c:3248 +#: src/providers/krb5/krb5_child.c:3261 msgid "Use custom version of krb5_get_init_creds_password" msgstr "Użycie niestandardowej wersji krb5_get_init_creds_password" -#: src/providers/data_provider_be.c:630 +#: src/providers/data_provider_be.c:673 msgid "Domain of the information provider (mandatory)" msgstr "Domena dostawcy informacji (wymagane)" -#: src/sss_client/common.c:1067 +#: src/sss_client/common.c:1079 msgid "Privileged socket has wrong ownership or permissions." msgstr "Uprawnione gniazdo ma błędnego właściciela lub uprawnienia." -#: src/sss_client/common.c:1070 +#: src/sss_client/common.c:1082 msgid "Public socket has wrong ownership or permissions." msgstr "Publiczne gniazdo ma błędnego właściciela lub uprawnienia" -#: src/sss_client/common.c:1073 +#: src/sss_client/common.c:1085 msgid "Unexpected format of the server credential message." msgstr "Nieoczekiwany format komunikatu uwierzytelniającego serwera." -#: src/sss_client/common.c:1076 +#: src/sss_client/common.c:1088 msgid "SSSD is not run by root." msgstr "SSSD nie zostało uruchomione w trybie roota." -#: src/sss_client/common.c:1081 +#: src/sss_client/common.c:1091 +msgid "SSSD socket does not exist." +msgstr "" + +#: src/sss_client/common.c:1094 +msgid "Cannot get stat of SSSD socket." +msgstr "" + +#: src/sss_client/common.c:1099 msgid "An error occurred, but no description can be found." msgstr "Wystąpił błąd, ale nie odnaleziono jego opisu." -#: src/sss_client/common.c:1087 +#: src/sss_client/common.c:1105 msgid "Unexpected error while looking for an error description" msgstr "Nieoczekiwany błąd podczas wyszukiwania opisu błędu" @@ -1695,46 +1710,46 @@ msgstr "Nieoczekiwany błąd podczas wyszukiwania opisu błędu" msgid "Permission denied. " msgstr "Odmowa uprawnienia." -#: src/sss_client/pam_sss.c:68 src/sss_client/pam_sss.c:774 -#: src/sss_client/pam_sss.c:785 +#: src/sss_client/pam_sss.c:68 src/sss_client/pam_sss.c:777 +#: src/sss_client/pam_sss.c:788 msgid "Server message: " msgstr "Komunikat serwera: " -#: src/sss_client/pam_sss.c:292 +#: src/sss_client/pam_sss.c:295 msgid "Passwords do not match" msgstr "Hasła się nie zgadzają" -#: src/sss_client/pam_sss.c:480 +#: src/sss_client/pam_sss.c:483 msgid "Password reset by root is not supported." msgstr "Przywrócenie hasła przez użytkownika root nie jest obsługiwane." -#: src/sss_client/pam_sss.c:521 +#: src/sss_client/pam_sss.c:524 msgid "Authenticated with cached credentials" msgstr "Uwierzytelniono za pomocą danych z pamięci podręcznej" -#: src/sss_client/pam_sss.c:522 +#: src/sss_client/pam_sss.c:525 msgid ", your cached password will expire at: " msgstr ", hasło w pamięci podręcznej wygaśnie za: " -#: src/sss_client/pam_sss.c:552 +#: src/sss_client/pam_sss.c:555 #, c-format msgid "Your password has expired. You have %1$d grace login(s) remaining." msgstr "Hasło wygasło. Pozostało %1$d możliwych logowań." -#: src/sss_client/pam_sss.c:598 +#: src/sss_client/pam_sss.c:601 #, c-format msgid "Your password will expire in %1$d %2$s." msgstr "Hasło wygaśnie za %1$d %2$s." -#: src/sss_client/pam_sss.c:647 +#: src/sss_client/pam_sss.c:650 msgid "Authentication is denied until: " msgstr "Uwierzytelnianie jest zabronione do: " -#: src/sss_client/pam_sss.c:668 +#: src/sss_client/pam_sss.c:671 msgid "System is offline, password change not possible" msgstr "System jest w trybie offline, zmiana hasła nie jest możliwa" -#: src/sss_client/pam_sss.c:683 +#: src/sss_client/pam_sss.c:686 msgid "" "After changing the OTP password, you need to log out and back in order to " "acquire a ticket" @@ -1742,43 +1757,43 @@ msgstr "" "Po zmianie hasła OTP należy się wylogować i zalogować ponownie, aby uzyskać " "bilet" -#: src/sss_client/pam_sss.c:771 src/sss_client/pam_sss.c:784 +#: src/sss_client/pam_sss.c:774 src/sss_client/pam_sss.c:787 msgid "Password change failed. " msgstr "Zmiana hasła się nie powiodła. " -#: src/sss_client/pam_sss.c:1921 +#: src/sss_client/pam_sss.c:1977 msgid "New Password: " msgstr "Nowe hasło: " -#: src/sss_client/pam_sss.c:1922 +#: src/sss_client/pam_sss.c:1978 msgid "Reenter new Password: " msgstr "Proszę ponownie podać nowe hasło: " -#: src/sss_client/pam_sss.c:2038 src/sss_client/pam_sss.c:2041 +#: src/sss_client/pam_sss.c:2139 src/sss_client/pam_sss.c:2142 msgid "First Factor: " msgstr "Pierwszy czynnik: " -#: src/sss_client/pam_sss.c:2039 src/sss_client/pam_sss.c:2201 +#: src/sss_client/pam_sss.c:2140 src/sss_client/pam_sss.c:2303 msgid "Second Factor (optional): " msgstr "Drugi czynnik (opcjonalnie): " -#: src/sss_client/pam_sss.c:2042 src/sss_client/pam_sss.c:2204 +#: src/sss_client/pam_sss.c:2143 src/sss_client/pam_sss.c:2306 msgid "Second Factor: " msgstr "Drugi czynnik: " -#: src/sss_client/pam_sss.c:2057 +#: src/sss_client/pam_sss.c:2158 msgid "Password: " msgstr "Hasło: " -#: src/sss_client/pam_sss.c:2200 src/sss_client/pam_sss.c:2203 +#: src/sss_client/pam_sss.c:2302 src/sss_client/pam_sss.c:2305 msgid "First Factor (Current Password): " msgstr "Pierwszy czynnik (obecne hasło): " -#: src/sss_client/pam_sss.c:2207 +#: src/sss_client/pam_sss.c:2309 msgid "Current Password: " msgstr "Bieżące hasło: " -#: src/sss_client/pam_sss.c:2562 +#: src/sss_client/pam_sss.c:2664 msgid "Password expired. Change your password now." msgstr "Hasło wygasło. Proszę je zmienić teraz." @@ -1787,7 +1802,7 @@ msgstr "Hasło wygasło. Proszę je zmienić teraz." #: src/tools/sss_groupadd.c:41 src/tools/sss_groupdel.c:44 #: src/tools/sss_groupmod.c:42 src/tools/sss_groupshow.c:668 #: src/tools/sss_userdel.c:134 src/tools/sss_usermod.c:47 -#: src/tools/sss_cache.c:687 +#: src/tools/sss_cache.c:704 msgid "The debug level to run with" msgstr "Poziom debugowania, z jakim uruchomić" @@ -1800,7 +1815,7 @@ msgstr "Używana domena SSSD" #: src/tools/sss_groupadd.c:59 src/tools/sss_groupdel.c:54 #: src/tools/sss_groupmod.c:66 src/tools/sss_groupshow.c:680 #: src/tools/sss_userdel.c:152 src/tools/sss_usermod.c:79 -#: src/tools/sss_cache.c:733 +#: src/tools/sss_cache.c:750 msgid "Error setting the locale\n" msgstr "Błąd podczas ustawiania lokalizacji\n" @@ -1822,7 +1837,7 @@ msgstr "Port do użycia do połączenia z komputerem" #: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:210 msgid "Print the host ssh public keys" -msgstr "" +msgstr "Wyświetla publiczne klucze SSH komputera" #: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:252 msgid "Invalid port\n" @@ -1836,6 +1851,11 @@ msgstr "Nie podano komputera\n" msgid "The path to the proxy command must be absolute\n" msgstr "Ścieżka do polecenia pośrednika musi być bezwzględna\n" +#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:342 +#, c-format +msgid "sss_ssh_knownhostsproxy: Could not resolve hostname %s\n" +msgstr "" + #: src/tools/sss_useradd.c:49 src/tools/sss_usermod.c:48 msgid "The UID of the user" msgstr "UID użytkownika" @@ -2269,85 +2289,85 @@ msgstr "" msgid "Transaction error. Could not modify user.\n" msgstr "Błąd transakcji. Nie można zmodyfikować użytkownika.\n" -#: src/tools/sss_cache.c:228 +#: src/tools/sss_cache.c:245 msgid "No cache object matched the specified search\n" msgstr "Żaden obiekt pamięci podręcznej nie pasuje do podanego wyszukiwania\n" -#: src/tools/sss_cache.c:519 +#: src/tools/sss_cache.c:536 #, c-format msgid "Couldn't invalidate %1$s\n" msgstr "Nie można unieważnić %1$s\n" -#: src/tools/sss_cache.c:526 +#: src/tools/sss_cache.c:543 #, c-format msgid "Couldn't invalidate %1$s %2$s\n" msgstr "Nie można unieważnić %1$s %2$s\n" -#: src/tools/sss_cache.c:689 +#: src/tools/sss_cache.c:706 msgid "Invalidate all cached entries" msgstr "Unieważnia wszystkie wpisy w pamięci podręcznej" -#: src/tools/sss_cache.c:691 +#: src/tools/sss_cache.c:708 msgid "Invalidate particular user" msgstr "Unieważnia podanego użytkownika" -#: src/tools/sss_cache.c:693 +#: src/tools/sss_cache.c:710 msgid "Invalidate all users" msgstr "Unieważnia wszystkich użytkowników" -#: src/tools/sss_cache.c:695 +#: src/tools/sss_cache.c:712 msgid "Invalidate particular group" msgstr "Unieważnia podaną grupę" -#: src/tools/sss_cache.c:697 +#: src/tools/sss_cache.c:714 msgid "Invalidate all groups" msgstr "Unieważnia wszystkie grupy" -#: src/tools/sss_cache.c:699 +#: src/tools/sss_cache.c:716 msgid "Invalidate particular netgroup" msgstr "Unieważnia podaną grupę sieciową" -#: src/tools/sss_cache.c:701 +#: src/tools/sss_cache.c:718 msgid "Invalidate all netgroups" msgstr "Unieważnia wszystkie grupy sieciowe" -#: src/tools/sss_cache.c:703 +#: src/tools/sss_cache.c:720 msgid "Invalidate particular service" msgstr "Unieważnia podaną usługę" -#: src/tools/sss_cache.c:705 +#: src/tools/sss_cache.c:722 msgid "Invalidate all services" msgstr "Unieważnia wszystkie usługi" -#: src/tools/sss_cache.c:708 +#: src/tools/sss_cache.c:725 msgid "Invalidate particular autofs map" msgstr "Unieważnia podaną mapę autofs" -#: src/tools/sss_cache.c:710 +#: src/tools/sss_cache.c:727 msgid "Invalidate all autofs maps" msgstr "Unieważnia wszystkie mapy autofs" -#: src/tools/sss_cache.c:714 +#: src/tools/sss_cache.c:731 msgid "Invalidate particular SSH host" msgstr "Unieważnia konkretny komputer SSH" -#: src/tools/sss_cache.c:716 +#: src/tools/sss_cache.c:733 msgid "Invalidate all SSH hosts" msgstr "Unieważnia wszystkie komputery SSH" -#: src/tools/sss_cache.c:720 +#: src/tools/sss_cache.c:737 msgid "Invalidate particular sudo rule" msgstr "Unieważnia podaną regułę sudo" -#: src/tools/sss_cache.c:722 +#: src/tools/sss_cache.c:739 msgid "Invalidate all cached sudo rules" msgstr "Unieważnia wszystkie reguły sudo w pamięci podręcznej" -#: src/tools/sss_cache.c:725 +#: src/tools/sss_cache.c:742 msgid "Only invalidate entries from a particular domain" msgstr "Unieważnia wpisy tylko z podanej domeny" -#: src/tools/sss_cache.c:779 +#: src/tools/sss_cache.c:796 msgid "" "Unexpected argument(s) provided, options that invalidate a single object " "only accept a single provided argument.\n" @@ -2355,11 +2375,11 @@ msgstr "" "Podano nieoczekiwane parametry, opcje unieważniające jeden obiekt przyjmują " "tylko jeden podany parametr.\n" -#: src/tools/sss_cache.c:789 +#: src/tools/sss_cache.c:806 msgid "Please select at least one object to invalidate\n" msgstr "Proszę wybrać co najmniej jeden obiekt do unieważnienia\n" -#: src/tools/sss_cache.c:872 +#: src/tools/sss_cache.c:889 #, c-format msgid "" "Could not open domain %1$s. If the domain is a subdomain (trusted domain), " @@ -2369,7 +2389,7 @@ msgstr "" "domeną), należy użyć w pełni kwalifikowanej nazwy zamiast parametru --" "domain/-d.\n" -#: src/tools/sss_cache.c:877 +#: src/tools/sss_cache.c:894 msgid "Could not open available domains\n" msgstr "Nie można otworzyć dostępnych domen\n" @@ -2609,9 +2629,9 @@ msgstr "Wyświetla listę domen, w tym główny i zaufany typ domeny" #: src/tools/sssctl/sssctl_domains.c:105 src/tools/sssctl/sssctl_domains.c:354 #: src/tools/sssctl/sssctl_user_checks.c:95 -#, fuzzy, c-format +#, c-format msgid "Unable to connect to system bus!\n" -msgstr "Nie można połączyć z InfoPipe" +msgstr "Nie można połączyć się z magistralą systemową.\n" #: src/tools/sssctl/sssctl_domains.c:167 #, c-format @@ -2954,42 +2974,18 @@ msgstr "Środowisko PAM:\n" msgid " - no env -\n" msgstr " — brak środowiska —\n" -#: src/util/util.h:73 +#: src/util/util.h:74 msgid "The user ID to run the server as" msgstr "Identyfikator użytkownika, jako który uruchomić serwer" -#: src/util/util.h:75 +#: src/util/util.h:76 msgid "The group ID to run the server as" msgstr "Identyfikator grupy, jako którą uruchomić serwer" -#: src/util/util.h:83 +#: src/util/util.h:84 msgid "Informs that the responder has been socket-activated" msgstr "Informuje, że program odpowiadający został aktywowany gniazdem" -#: src/util/util.h:85 +#: src/util/util.h:86 msgid "Informs that the responder has been dbus-activated" msgstr "Informuje, że program odpowiadający został aktywowany magistralą D-Bus" - -#~ msgid "Store password hashes" -#~ msgstr "Przechowuje mieszanie haseł" - -#~ msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for group lookups" -#~ msgstr "Użycie LDAP_MATCHING_RULE_IN_CHAIN do wyszukiwania grup" - -#~ msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for initgroup lookups" -#~ msgstr "" -#~ "Użycie LDAP_MATCHING_RULE_IN_CHAIN do wyszukiwania grup inicjacyjnych" - -#~ msgid "" -#~ "Check that SSSD is running and the InfoPipe responder is enabled. Make " -#~ "sure 'ifp' is listed in the 'services' option in sssd.conf.\n" -#~ msgstr "" -#~ "Proszę sprawdzić, czy usługa SSSD jest uruchomiona i program " -#~ "odpowiadający InfoPipe jest włączony. Należy się upewnić, że „ifp” jest " -#~ "w opcji „services” pliku sssd.conf.\n" - -#~ msgid "Unable to get user object" -#~ msgstr "Nie można uzyskać obiektu użytkownika" - -#~ msgid "Unable to get user name attr" -#~ msgstr "Nie można uzyskać atrybutu nazwy użytkownika" diff --git a/po/pt.po b/po/pt.po index 1c85c994c14..50a395e8c30 100644 --- a/po/pt.po +++ b/po/pt.po @@ -7,7 +7,7 @@ msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n" -"POT-Creation-Date: 2019-02-27 19:55+0100\n" +"POT-Creation-Date: 2019-06-13 20:35+0200\n" "PO-Revision-Date: 2014-12-14 11:47+0000\n" "Last-Translator: Copied by Zanata \n" "Language-Team: Portuguese (http://www.transifex.com/projects/p/sssd/language/" @@ -265,9 +265,8 @@ msgid "Allowed services for using smartcards" msgstr "" #: src/config/SSSDConfig/__init__.py.in:107 -#, fuzzy msgid "Additional timeout to wait for a card if requested" -msgstr "Tempo de espera por um pedido de pesquisa" +msgstr "" #: src/config/SSSDConfig/__init__.py.in:108 msgid "" @@ -684,7 +683,7 @@ msgid "Active Directory client hostname" msgstr "" #: src/config/SSSDConfig/__init__.py.in:236 -#: src/config/SSSDConfig/__init__.py.in:420 +#: src/config/SSSDConfig/__init__.py.in:421 msgid "LDAP filter to determine access privileges" msgstr "" @@ -856,746 +855,759 @@ msgid "The Schema Type in use on the LDAP server, rfc2307" msgstr "O tipo de Schema em utilização no servidor LDAP, rfc2307" #: src/config/SSSDConfig/__init__.py.in:285 +#, fuzzy +msgid "Mode used to change user password" +msgstr "A senha expirou. Altere a sua senha agora." + +#: src/config/SSSDConfig/__init__.py.in:286 msgid "The default bind DN" msgstr "O DN por omissão para a ligação" -#: src/config/SSSDConfig/__init__.py.in:286 +#: src/config/SSSDConfig/__init__.py.in:287 msgid "The type of the authentication token of the default bind DN" msgstr "O tipo de token de autenticação do bind DN por omissão" -#: src/config/SSSDConfig/__init__.py.in:287 +#: src/config/SSSDConfig/__init__.py.in:288 msgid "The authentication token of the default bind DN" msgstr "O token de autenticação do bind DN por omissão" -#: src/config/SSSDConfig/__init__.py.in:288 +#: src/config/SSSDConfig/__init__.py.in:289 msgid "Length of time to attempt connection" msgstr "Período de tempo para tentar ligação" -#: src/config/SSSDConfig/__init__.py.in:289 +#: src/config/SSSDConfig/__init__.py.in:290 msgid "Length of time to attempt synchronous LDAP operations" msgstr "Tempo de espera para tentar operações LDAP síncronas" -#: src/config/SSSDConfig/__init__.py.in:290 +#: src/config/SSSDConfig/__init__.py.in:291 msgid "Length of time between attempts to reconnect while offline" msgstr "Tempo de espera entre tentativas para re-conectar quando desligado" -#: src/config/SSSDConfig/__init__.py.in:291 +#: src/config/SSSDConfig/__init__.py.in:292 msgid "Use only the upper case for realm names" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:292 +#: src/config/SSSDConfig/__init__.py.in:293 msgid "File that contains CA certificates" msgstr "Ficheiro que contêm os certificados CA" -#: src/config/SSSDConfig/__init__.py.in:293 +#: src/config/SSSDConfig/__init__.py.in:294 msgid "Path to CA certificate directory" msgstr "Caminho para o directório do certificado CA" -#: src/config/SSSDConfig/__init__.py.in:294 +#: src/config/SSSDConfig/__init__.py.in:295 msgid "File that contains the client certificate" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:295 +#: src/config/SSSDConfig/__init__.py.in:296 msgid "File that contains the client key" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:296 +#: src/config/SSSDConfig/__init__.py.in:297 msgid "List of possible ciphers suites" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:297 +#: src/config/SSSDConfig/__init__.py.in:298 msgid "Require TLS certificate verification" msgstr "Obriga a verificação de certificados TLS" -#: src/config/SSSDConfig/__init__.py.in:298 +#: src/config/SSSDConfig/__init__.py.in:299 msgid "Specify the sasl mechanism to use" msgstr "Especificar mecanismo sasl a utilizar" -#: src/config/SSSDConfig/__init__.py.in:299 +#: src/config/SSSDConfig/__init__.py.in:300 msgid "Specify the sasl authorization id to use" msgstr "Especifique o id sasl para utilizar na autorização" -#: src/config/SSSDConfig/__init__.py.in:300 +#: src/config/SSSDConfig/__init__.py.in:301 msgid "Specify the sasl authorization realm to use" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:301 +#: src/config/SSSDConfig/__init__.py.in:302 msgid "Specify the minimal SSF for LDAP sasl authorization" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:302 +#: src/config/SSSDConfig/__init__.py.in:303 msgid "Kerberos service keytab" msgstr "Separador chave do serviço Kerberos" -#: src/config/SSSDConfig/__init__.py.in:303 +#: src/config/SSSDConfig/__init__.py.in:304 msgid "Use Kerberos auth for LDAP connection" msgstr "Utilizar autenticação Kerberos para ligações LDAP" -#: src/config/SSSDConfig/__init__.py.in:304 +#: src/config/SSSDConfig/__init__.py.in:305 msgid "Follow LDAP referrals" msgstr "Seguir os referrals LDAP" -#: src/config/SSSDConfig/__init__.py.in:305 +#: src/config/SSSDConfig/__init__.py.in:306 msgid "Lifetime of TGT for LDAP connection" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:306 +#: src/config/SSSDConfig/__init__.py.in:307 msgid "How to dereference aliases" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:307 +#: src/config/SSSDConfig/__init__.py.in:308 msgid "Service name for DNS service lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:308 +#: src/config/SSSDConfig/__init__.py.in:309 msgid "The number of records to retrieve in a single LDAP query" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:309 +#: src/config/SSSDConfig/__init__.py.in:310 msgid "The number of members that must be missing to trigger a full deref" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:310 +#: src/config/SSSDConfig/__init__.py.in:311 msgid "" "Whether the LDAP library should perform a reverse lookup to canonicalize the " "host name during a SASL bind" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:312 +#: src/config/SSSDConfig/__init__.py.in:313 msgid "entryUSN attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:313 +#: src/config/SSSDConfig/__init__.py.in:314 msgid "lastUSN attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:315 +#: src/config/SSSDConfig/__init__.py.in:316 msgid "How long to retain a connection to the LDAP server before disconnecting" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:317 +#: src/config/SSSDConfig/__init__.py.in:318 msgid "Disable the LDAP paging control" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:318 +#: src/config/SSSDConfig/__init__.py.in:319 msgid "Disable Active Directory range retrieval" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:321 +#: src/config/SSSDConfig/__init__.py.in:322 msgid "Length of time to wait for a search request" msgstr "Tempo de espera por um pedido de pesquisa" -#: src/config/SSSDConfig/__init__.py.in:322 +#: src/config/SSSDConfig/__init__.py.in:323 msgid "Length of time to wait for a enumeration request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:323 +#: src/config/SSSDConfig/__init__.py.in:324 msgid "Length of time between enumeration updates" msgstr "Período de tempo entre enumeração de actualizações" -#: src/config/SSSDConfig/__init__.py.in:324 +#: src/config/SSSDConfig/__init__.py.in:325 msgid "Length of time between cache cleanups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:325 +#: src/config/SSSDConfig/__init__.py.in:326 msgid "Require TLS for ID lookups" msgstr "Requer TLS para consultas de ID" -#: src/config/SSSDConfig/__init__.py.in:326 +#: src/config/SSSDConfig/__init__.py.in:327 msgid "Use ID-mapping of objectSID instead of pre-set IDs" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:327 +#: src/config/SSSDConfig/__init__.py.in:328 msgid "Base DN for user lookups" msgstr "DN base para pesquisa de utilizadores" -#: src/config/SSSDConfig/__init__.py.in:328 +#: src/config/SSSDConfig/__init__.py.in:329 msgid "Scope of user lookups" msgstr "Âmbito das pesquisas do utilizador" -#: src/config/SSSDConfig/__init__.py.in:329 +#: src/config/SSSDConfig/__init__.py.in:330 msgid "Filter for user lookups" msgstr "Filtro para as pesquisas do utilizador" -#: src/config/SSSDConfig/__init__.py.in:330 +#: src/config/SSSDConfig/__init__.py.in:331 msgid "Objectclass for users" msgstr "Objectclass para utilizadores" -#: src/config/SSSDConfig/__init__.py.in:331 +#: src/config/SSSDConfig/__init__.py.in:332 msgid "Username attribute" msgstr "Atributo do nome do utilizador" -#: src/config/SSSDConfig/__init__.py.in:333 +#: src/config/SSSDConfig/__init__.py.in:334 msgid "UID attribute" msgstr "Atributo UID" -#: src/config/SSSDConfig/__init__.py.in:334 +#: src/config/SSSDConfig/__init__.py.in:335 msgid "Primary GID attribute" msgstr "Atributo GID primário" -#: src/config/SSSDConfig/__init__.py.in:335 +#: src/config/SSSDConfig/__init__.py.in:336 msgid "GECOS attribute" msgstr "Atributo GECOS" -#: src/config/SSSDConfig/__init__.py.in:336 +#: src/config/SSSDConfig/__init__.py.in:337 msgid "Home directory attribute" msgstr "Atributo da pasta pessoal" -#: src/config/SSSDConfig/__init__.py.in:337 +#: src/config/SSSDConfig/__init__.py.in:338 msgid "Shell attribute" msgstr "Atributo da Shell" -#: src/config/SSSDConfig/__init__.py.in:338 +#: src/config/SSSDConfig/__init__.py.in:339 msgid "UUID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:339 -#: src/config/SSSDConfig/__init__.py.in:381 +#: src/config/SSSDConfig/__init__.py.in:340 +#: src/config/SSSDConfig/__init__.py.in:382 msgid "objectSID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:340 +#: src/config/SSSDConfig/__init__.py.in:341 msgid "Active Directory primary group attribute for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:341 +#: src/config/SSSDConfig/__init__.py.in:342 msgid "User principal attribute (for Kerberos)" msgstr "Atributo principal do utilizador (para Kerberos)" -#: src/config/SSSDConfig/__init__.py.in:342 +#: src/config/SSSDConfig/__init__.py.in:343 msgid "Full Name" msgstr "Nome Completo" -#: src/config/SSSDConfig/__init__.py.in:343 +#: src/config/SSSDConfig/__init__.py.in:344 msgid "memberOf attribute" msgstr "Atributo memberOf" -#: src/config/SSSDConfig/__init__.py.in:344 +#: src/config/SSSDConfig/__init__.py.in:345 msgid "Modification time attribute" msgstr "Atributo da alteração da data" -#: src/config/SSSDConfig/__init__.py.in:346 +#: src/config/SSSDConfig/__init__.py.in:347 msgid "shadowLastChange attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:347 +#: src/config/SSSDConfig/__init__.py.in:348 msgid "shadowMin attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:348 +#: src/config/SSSDConfig/__init__.py.in:349 msgid "shadowMax attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:349 +#: src/config/SSSDConfig/__init__.py.in:350 msgid "shadowWarning attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:350 +#: src/config/SSSDConfig/__init__.py.in:351 msgid "shadowInactive attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:351 +#: src/config/SSSDConfig/__init__.py.in:352 msgid "shadowExpire attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:352 +#: src/config/SSSDConfig/__init__.py.in:353 msgid "shadowFlag attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:353 +#: src/config/SSSDConfig/__init__.py.in:354 msgid "Attribute listing authorized PAM services" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:354 +#: src/config/SSSDConfig/__init__.py.in:355 msgid "Attribute listing authorized server hosts" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:355 +#: src/config/SSSDConfig/__init__.py.in:356 msgid "Attribute listing authorized server rhosts" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:356 +#: src/config/SSSDConfig/__init__.py.in:357 msgid "krbLastPwdChange attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:357 +#: src/config/SSSDConfig/__init__.py.in:358 msgid "krbPasswordExpiration attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:358 +#: src/config/SSSDConfig/__init__.py.in:359 msgid "Attribute indicating that server side password policies are active" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:359 +#: src/config/SSSDConfig/__init__.py.in:360 msgid "accountExpires attribute of AD" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:360 +#: src/config/SSSDConfig/__init__.py.in:361 msgid "userAccountControl attribute of AD" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:361 +#: src/config/SSSDConfig/__init__.py.in:362 msgid "nsAccountLock attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:362 +#: src/config/SSSDConfig/__init__.py.in:363 msgid "loginDisabled attribute of NDS" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:363 +#: src/config/SSSDConfig/__init__.py.in:364 msgid "loginExpirationTime attribute of NDS" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:364 +#: src/config/SSSDConfig/__init__.py.in:365 msgid "loginAllowedTimeMap attribute of NDS" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:365 +#: src/config/SSSDConfig/__init__.py.in:366 msgid "SSH public key attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:366 +#: src/config/SSSDConfig/__init__.py.in:367 msgid "attribute listing allowed authentication types for a user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:367 +#: src/config/SSSDConfig/__init__.py.in:368 msgid "attribute containing the X509 certificate of the user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:368 +#: src/config/SSSDConfig/__init__.py.in:369 msgid "attribute containing the email address of the user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:370 +#: src/config/SSSDConfig/__init__.py.in:371 msgid "A list of extra attributes to download along with the user entry" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:372 +#: src/config/SSSDConfig/__init__.py.in:373 msgid "Base DN for group lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:375 +#: src/config/SSSDConfig/__init__.py.in:376 msgid "Objectclass for groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:376 +#: src/config/SSSDConfig/__init__.py.in:377 msgid "Group name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:377 +#: src/config/SSSDConfig/__init__.py.in:378 msgid "Group password" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:378 +#: src/config/SSSDConfig/__init__.py.in:379 msgid "GID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:379 +#: src/config/SSSDConfig/__init__.py.in:380 msgid "Group member attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:380 +#: src/config/SSSDConfig/__init__.py.in:381 msgid "Group UUID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:382 +#: src/config/SSSDConfig/__init__.py.in:383 msgid "Modification time attribute for groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:383 +#: src/config/SSSDConfig/__init__.py.in:384 msgid "Type of the group and other flags" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:384 +#: src/config/SSSDConfig/__init__.py.in:385 msgid "The LDAP group external member attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:386 +#: src/config/SSSDConfig/__init__.py.in:387 msgid "Maximum nesting level SSSD will follow" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:388 +#: src/config/SSSDConfig/__init__.py.in:389 msgid "Base DN for netgroup lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:389 +#: src/config/SSSDConfig/__init__.py.in:390 msgid "Objectclass for netgroups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:390 +#: src/config/SSSDConfig/__init__.py.in:391 msgid "Netgroup name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:391 +#: src/config/SSSDConfig/__init__.py.in:392 msgid "Netgroups members attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:392 +#: src/config/SSSDConfig/__init__.py.in:393 msgid "Netgroup triple attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:393 +#: src/config/SSSDConfig/__init__.py.in:394 msgid "Modification time attribute for netgroups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:395 +#: src/config/SSSDConfig/__init__.py.in:396 msgid "Base DN for service lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:396 +#: src/config/SSSDConfig/__init__.py.in:397 msgid "Objectclass for services" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:397 +#: src/config/SSSDConfig/__init__.py.in:398 msgid "Service name attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:398 +#: src/config/SSSDConfig/__init__.py.in:399 msgid "Service port attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:399 +#: src/config/SSSDConfig/__init__.py.in:400 msgid "Service protocol attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:402 +#: src/config/SSSDConfig/__init__.py.in:403 msgid "Lower bound for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:403 +#: src/config/SSSDConfig/__init__.py.in:404 msgid "Upper bound for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:404 +#: src/config/SSSDConfig/__init__.py.in:405 msgid "Number of IDs for each slice when ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:405 +#: src/config/SSSDConfig/__init__.py.in:406 msgid "Use autorid-compatible algorithm for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:406 +#: src/config/SSSDConfig/__init__.py.in:407 msgid "Name of the default domain for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:407 +#: src/config/SSSDConfig/__init__.py.in:408 msgid "SID of the default domain for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:408 +#: src/config/SSSDConfig/__init__.py.in:409 msgid "Number of secondary slices" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:410 +#: src/config/SSSDConfig/__init__.py.in:411 msgid "Whether to use Token-Groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:411 +#: src/config/SSSDConfig/__init__.py.in:412 msgid "Set lower boundary for allowed IDs from the LDAP server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:412 +#: src/config/SSSDConfig/__init__.py.in:413 msgid "Set upper boundary for allowed IDs from the LDAP server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:413 +#: src/config/SSSDConfig/__init__.py.in:414 msgid "DN for ppolicy queries" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:414 +#: src/config/SSSDConfig/__init__.py.in:415 msgid "How many maximum entries to fetch during a wildcard request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:417 +#: src/config/SSSDConfig/__init__.py.in:418 msgid "Policy to evaluate the password expiration" msgstr "Politica para avaliar a expiração da senha" -#: src/config/SSSDConfig/__init__.py.in:421 +#: src/config/SSSDConfig/__init__.py.in:422 msgid "Which attributes shall be used to evaluate if an account is expired" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:422 +#: src/config/SSSDConfig/__init__.py.in:423 msgid "Which rules should be used to evaluate access control" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:425 +#: src/config/SSSDConfig/__init__.py.in:426 msgid "URI of an LDAP server where password changes are allowed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:426 +#: src/config/SSSDConfig/__init__.py.in:427 msgid "URI of a backup LDAP server where password changes are allowed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:427 +#: src/config/SSSDConfig/__init__.py.in:428 msgid "DNS service name for LDAP password change server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:428 +#: src/config/SSSDConfig/__init__.py.in:429 msgid "" "Whether to update the ldap_user_shadow_last_change attribute after a " "password change" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:431 +#: src/config/SSSDConfig/__init__.py.in:432 msgid "Base DN for sudo rules lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:432 +#: src/config/SSSDConfig/__init__.py.in:433 msgid "Automatic full refresh period" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:433 +#: src/config/SSSDConfig/__init__.py.in:434 msgid "Automatic smart refresh period" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:434 +#: src/config/SSSDConfig/__init__.py.in:435 msgid "Whether to filter rules by hostname, IP addresses and network" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:435 +#: src/config/SSSDConfig/__init__.py.in:436 msgid "" "Hostnames and/or fully qualified domain names of this machine to filter sudo " "rules" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:436 +#: src/config/SSSDConfig/__init__.py.in:437 msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:437 +#: src/config/SSSDConfig/__init__.py.in:438 msgid "Whether to include rules that contains netgroup in host attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:438 +#: src/config/SSSDConfig/__init__.py.in:439 msgid "" "Whether to include rules that contains regular expression in host attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:439 +#: src/config/SSSDConfig/__init__.py.in:440 msgid "Object class for sudo rules" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:440 +#: src/config/SSSDConfig/__init__.py.in:441 msgid "Sudo rule name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:441 +#: src/config/SSSDConfig/__init__.py.in:442 msgid "Sudo rule command attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:442 +#: src/config/SSSDConfig/__init__.py.in:443 msgid "Sudo rule host attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:443 +#: src/config/SSSDConfig/__init__.py.in:444 msgid "Sudo rule user attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:444 +#: src/config/SSSDConfig/__init__.py.in:445 msgid "Sudo rule option attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:445 +#: src/config/SSSDConfig/__init__.py.in:446 msgid "Sudo rule runas attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:446 +#: src/config/SSSDConfig/__init__.py.in:447 msgid "Sudo rule runasuser attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:447 +#: src/config/SSSDConfig/__init__.py.in:448 msgid "Sudo rule runasgroup attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:448 +#: src/config/SSSDConfig/__init__.py.in:449 msgid "Sudo rule notbefore attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:449 +#: src/config/SSSDConfig/__init__.py.in:450 msgid "Sudo rule notafter attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:450 +#: src/config/SSSDConfig/__init__.py.in:451 msgid "Sudo rule order attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:453 +#: src/config/SSSDConfig/__init__.py.in:454 msgid "Object class for automounter maps" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:454 +#: src/config/SSSDConfig/__init__.py.in:455 msgid "Automounter map name attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:455 +#: src/config/SSSDConfig/__init__.py.in:456 msgid "Object class for automounter map entries" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:456 +#: src/config/SSSDConfig/__init__.py.in:457 msgid "Automounter map entry key attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:457 +#: src/config/SSSDConfig/__init__.py.in:458 msgid "Automounter map entry value attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:458 +#: src/config/SSSDConfig/__init__.py.in:459 msgid "Base DN for automounter map lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:461 +#: src/config/SSSDConfig/__init__.py.in:462 msgid "Comma separated list of allowed users" msgstr "Lista de utilizadores autorizados separados por vírgulas" -#: src/config/SSSDConfig/__init__.py.in:462 +#: src/config/SSSDConfig/__init__.py.in:463 msgid "Comma separated list of prohibited users" msgstr "Lista de utilizadores não autorizados separados por vírgulas" -#: src/config/SSSDConfig/__init__.py.in:465 +#: src/config/SSSDConfig/__init__.py.in:466 msgid "Default shell, /bin/bash" msgstr "Shell pré-definida, /bin/bash" -#: src/config/SSSDConfig/__init__.py.in:466 +#: src/config/SSSDConfig/__init__.py.in:467 msgid "Base for home directories" msgstr "Directório base para as pastas pessoais" -#: src/config/SSSDConfig/__init__.py.in:469 +#: src/config/SSSDConfig/__init__.py.in:470 msgid "The number of preforked proxy children." msgstr "" -#: src/config/SSSDConfig/__init__.py.in:472 +#: src/config/SSSDConfig/__init__.py.in:473 msgid "The name of the NSS library to use" msgstr "O nome da biblioteca NSS a utilizar" -#: src/config/SSSDConfig/__init__.py.in:473 +#: src/config/SSSDConfig/__init__.py.in:474 msgid "Whether to look up canonical group name from cache if possible" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:476 +#: src/config/SSSDConfig/__init__.py.in:477 msgid "PAM stack to use" msgstr "Stack PAM a utilizar" -#: src/config/SSSDConfig/__init__.py.in:479 +#: src/config/SSSDConfig/__init__.py.in:480 msgid "Path of passwd file sources." msgstr "" -#: src/config/SSSDConfig/__init__.py.in:480 +#: src/config/SSSDConfig/__init__.py.in:481 msgid "Path of group file sources." msgstr "" -#: src/monitor/monitor.c:2347 +#: src/monitor/monitor.c:2332 msgid "Become a daemon (default)" msgstr "Tornar-se num serviço (omissão)" -#: src/monitor/monitor.c:2349 +#: src/monitor/monitor.c:2334 msgid "Run interactive (not a daemon)" msgstr "Executar interactivamente (não como serviço)" -#: src/monitor/monitor.c:2352 +#: src/monitor/monitor.c:2337 msgid "Disable netlink interface" msgstr "" -#: src/monitor/monitor.c:2354 src/tools/sssctl/sssctl_logs.c:311 +#: src/monitor/monitor.c:2339 src/tools/sssctl/sssctl_logs.c:311 msgid "Specify a non-default config file" msgstr "Especificar um ficheiro de configuração não standard" -#: src/monitor/monitor.c:2356 +#: src/monitor/monitor.c:2341 msgid "Refresh the configuration database, then exit" msgstr "" -#: src/monitor/monitor.c:2359 +#: src/monitor/monitor.c:2344 msgid "Similar to --genconf, but only refreshes the given section" msgstr "" -#: src/monitor/monitor.c:2362 +#: src/monitor/monitor.c:2347 msgid "Print version number and exit" msgstr "" -#: src/monitor/monitor.c:2538 +#: src/monitor/monitor.c:2523 msgid "SSSD is already running\n" msgstr "" -#: src/providers/krb5/krb5_child.c:3219 src/providers/ldap/ldap_child.c:605 +#: src/providers/krb5/krb5_child.c:3232 src/providers/ldap/ldap_child.c:605 msgid "Debug level" msgstr "Nível de depuração" -#: src/providers/krb5/krb5_child.c:3221 src/providers/ldap/ldap_child.c:607 +#: src/providers/krb5/krb5_child.c:3234 src/providers/ldap/ldap_child.c:607 msgid "Add debug timestamps" msgstr "Adicionar tempos na depuração" -#: src/providers/krb5/krb5_child.c:3223 src/providers/ldap/ldap_child.c:609 +#: src/providers/krb5/krb5_child.c:3236 src/providers/ldap/ldap_child.c:609 msgid "Show timestamps with microseconds" msgstr "" -#: src/providers/krb5/krb5_child.c:3225 src/providers/ldap/ldap_child.c:611 +#: src/providers/krb5/krb5_child.c:3238 src/providers/ldap/ldap_child.c:611 msgid "An open file descriptor for the debug logs" msgstr "Um descritor de ficheiro aberto para os registos de depuração" -#: src/providers/krb5/krb5_child.c:3228 src/providers/ldap/ldap_child.c:613 +#: src/providers/krb5/krb5_child.c:3241 src/providers/ldap/ldap_child.c:613 msgid "Send the debug output to stderr directly." msgstr "" -#: src/providers/krb5/krb5_child.c:3231 +#: src/providers/krb5/krb5_child.c:3244 msgid "The user to create FAST ccache as" msgstr "" -#: src/providers/krb5/krb5_child.c:3233 +#: src/providers/krb5/krb5_child.c:3246 msgid "The group to create FAST ccache as" msgstr "" -#: src/providers/krb5/krb5_child.c:3235 +#: src/providers/krb5/krb5_child.c:3248 msgid "Kerberos realm to use" msgstr "" -#: src/providers/krb5/krb5_child.c:3237 +#: src/providers/krb5/krb5_child.c:3250 msgid "Requested lifetime of the ticket" msgstr "" -#: src/providers/krb5/krb5_child.c:3239 +#: src/providers/krb5/krb5_child.c:3252 msgid "Requested renewable lifetime of the ticket" msgstr "" -#: src/providers/krb5/krb5_child.c:3241 +#: src/providers/krb5/krb5_child.c:3254 msgid "FAST options ('never', 'try', 'demand')" msgstr "" -#: src/providers/krb5/krb5_child.c:3244 +#: src/providers/krb5/krb5_child.c:3257 msgid "Specifies the server principal to use for FAST" msgstr "" -#: src/providers/krb5/krb5_child.c:3246 +#: src/providers/krb5/krb5_child.c:3259 msgid "Requests canonicalization of the principal name" msgstr "" -#: src/providers/krb5/krb5_child.c:3248 +#: src/providers/krb5/krb5_child.c:3261 msgid "Use custom version of krb5_get_init_creds_password" msgstr "" -#: src/providers/data_provider_be.c:630 +#: src/providers/data_provider_be.c:673 msgid "Domain of the information provider (mandatory)" msgstr "Domínio do fornecedor de informação (obrigatório)" -#: src/sss_client/common.c:1067 +#: src/sss_client/common.c:1079 msgid "Privileged socket has wrong ownership or permissions." msgstr "" -#: src/sss_client/common.c:1070 +#: src/sss_client/common.c:1082 msgid "Public socket has wrong ownership or permissions." msgstr "" -#: src/sss_client/common.c:1073 +#: src/sss_client/common.c:1085 msgid "Unexpected format of the server credential message." msgstr "" -#: src/sss_client/common.c:1076 +#: src/sss_client/common.c:1088 msgid "SSSD is not run by root." msgstr "" -#: src/sss_client/common.c:1081 +#: src/sss_client/common.c:1091 +msgid "SSSD socket does not exist." +msgstr "" + +#: src/sss_client/common.c:1094 +msgid "Cannot get stat of SSSD socket." +msgstr "" + +#: src/sss_client/common.c:1099 msgid "An error occurred, but no description can be found." msgstr "" -#: src/sss_client/common.c:1087 +#: src/sss_client/common.c:1105 msgid "Unexpected error while looking for an error description" msgstr "" @@ -1603,88 +1615,88 @@ msgstr "" msgid "Permission denied. " msgstr "" -#: src/sss_client/pam_sss.c:68 src/sss_client/pam_sss.c:774 -#: src/sss_client/pam_sss.c:785 +#: src/sss_client/pam_sss.c:68 src/sss_client/pam_sss.c:777 +#: src/sss_client/pam_sss.c:788 msgid "Server message: " msgstr "Mensagem do Servidor: " -#: src/sss_client/pam_sss.c:292 +#: src/sss_client/pam_sss.c:295 msgid "Passwords do not match" msgstr "Senhas não coincidem" -#: src/sss_client/pam_sss.c:480 +#: src/sss_client/pam_sss.c:483 msgid "Password reset by root is not supported." msgstr "" -#: src/sss_client/pam_sss.c:521 +#: src/sss_client/pam_sss.c:524 msgid "Authenticated with cached credentials" msgstr "" -#: src/sss_client/pam_sss.c:522 +#: src/sss_client/pam_sss.c:525 msgid ", your cached password will expire at: " msgstr ", a sua senha guardada em cache irá expirar em: " -#: src/sss_client/pam_sss.c:552 +#: src/sss_client/pam_sss.c:555 #, c-format msgid "Your password has expired. You have %1$d grace login(s) remaining." msgstr "" -#: src/sss_client/pam_sss.c:598 +#: src/sss_client/pam_sss.c:601 #, c-format msgid "Your password will expire in %1$d %2$s." msgstr "" -#: src/sss_client/pam_sss.c:647 +#: src/sss_client/pam_sss.c:650 msgid "Authentication is denied until: " msgstr "" -#: src/sss_client/pam_sss.c:668 +#: src/sss_client/pam_sss.c:671 msgid "System is offline, password change not possible" msgstr "O sistema está offline, a mudança de senha não é possível" -#: src/sss_client/pam_sss.c:683 +#: src/sss_client/pam_sss.c:686 msgid "" "After changing the OTP password, you need to log out and back in order to " "acquire a ticket" msgstr "" -#: src/sss_client/pam_sss.c:771 src/sss_client/pam_sss.c:784 +#: src/sss_client/pam_sss.c:774 src/sss_client/pam_sss.c:787 msgid "Password change failed. " msgstr "Alteração da senha falhou." -#: src/sss_client/pam_sss.c:1921 +#: src/sss_client/pam_sss.c:1977 msgid "New Password: " msgstr "Nova Senha: " -#: src/sss_client/pam_sss.c:1922 +#: src/sss_client/pam_sss.c:1978 msgid "Reenter new Password: " msgstr "Digite a senha novamente: " -#: src/sss_client/pam_sss.c:2038 src/sss_client/pam_sss.c:2041 +#: src/sss_client/pam_sss.c:2139 src/sss_client/pam_sss.c:2142 msgid "First Factor: " msgstr "" -#: src/sss_client/pam_sss.c:2039 src/sss_client/pam_sss.c:2201 +#: src/sss_client/pam_sss.c:2140 src/sss_client/pam_sss.c:2303 msgid "Second Factor (optional): " msgstr "" -#: src/sss_client/pam_sss.c:2042 src/sss_client/pam_sss.c:2204 +#: src/sss_client/pam_sss.c:2143 src/sss_client/pam_sss.c:2306 msgid "Second Factor: " msgstr "" -#: src/sss_client/pam_sss.c:2057 +#: src/sss_client/pam_sss.c:2158 msgid "Password: " msgstr "Senha: " -#: src/sss_client/pam_sss.c:2200 src/sss_client/pam_sss.c:2203 +#: src/sss_client/pam_sss.c:2302 src/sss_client/pam_sss.c:2305 msgid "First Factor (Current Password): " msgstr "" -#: src/sss_client/pam_sss.c:2207 +#: src/sss_client/pam_sss.c:2309 msgid "Current Password: " msgstr "Senha actual: " -#: src/sss_client/pam_sss.c:2562 +#: src/sss_client/pam_sss.c:2664 msgid "Password expired. Change your password now." msgstr "A senha expirou. Altere a sua senha agora." @@ -1693,7 +1705,7 @@ msgstr "A senha expirou. Altere a sua senha agora." #: src/tools/sss_groupadd.c:41 src/tools/sss_groupdel.c:44 #: src/tools/sss_groupmod.c:42 src/tools/sss_groupshow.c:668 #: src/tools/sss_userdel.c:134 src/tools/sss_usermod.c:47 -#: src/tools/sss_cache.c:687 +#: src/tools/sss_cache.c:704 msgid "The debug level to run with" msgstr "O nível de depuração a utilizar durante a execução" @@ -1706,7 +1718,7 @@ msgstr "" #: src/tools/sss_groupadd.c:59 src/tools/sss_groupdel.c:54 #: src/tools/sss_groupmod.c:66 src/tools/sss_groupshow.c:680 #: src/tools/sss_userdel.c:152 src/tools/sss_usermod.c:79 -#: src/tools/sss_cache.c:733 +#: src/tools/sss_cache.c:750 msgid "Error setting the locale\n" msgstr "Erro ao definir a configuração regional\n" @@ -1742,6 +1754,11 @@ msgstr "" msgid "The path to the proxy command must be absolute\n" msgstr "" +#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:342 +#, c-format +msgid "sss_ssh_knownhostsproxy: Could not resolve hostname %s\n" +msgstr "" + #: src/tools/sss_useradd.c:49 src/tools/sss_usermod.c:48 msgid "The UID of the user" msgstr "O UID do utilizador" @@ -2158,102 +2175,102 @@ msgstr "Incapaz de modificar utilizador - utilizador já é membro de grupos?\n" msgid "Transaction error. Could not modify user.\n" msgstr "Erro na transacção. Não foi possível modificar o utilizador.\n" -#: src/tools/sss_cache.c:228 +#: src/tools/sss_cache.c:245 msgid "No cache object matched the specified search\n" msgstr "" -#: src/tools/sss_cache.c:519 +#: src/tools/sss_cache.c:536 #, c-format msgid "Couldn't invalidate %1$s\n" msgstr "" -#: src/tools/sss_cache.c:526 +#: src/tools/sss_cache.c:543 #, c-format msgid "Couldn't invalidate %1$s %2$s\n" msgstr "" -#: src/tools/sss_cache.c:689 +#: src/tools/sss_cache.c:706 msgid "Invalidate all cached entries" msgstr "" -#: src/tools/sss_cache.c:691 +#: src/tools/sss_cache.c:708 msgid "Invalidate particular user" msgstr "" -#: src/tools/sss_cache.c:693 +#: src/tools/sss_cache.c:710 msgid "Invalidate all users" msgstr "" -#: src/tools/sss_cache.c:695 +#: src/tools/sss_cache.c:712 msgid "Invalidate particular group" msgstr "" -#: src/tools/sss_cache.c:697 +#: src/tools/sss_cache.c:714 msgid "Invalidate all groups" msgstr "" -#: src/tools/sss_cache.c:699 +#: src/tools/sss_cache.c:716 msgid "Invalidate particular netgroup" msgstr "" -#: src/tools/sss_cache.c:701 +#: src/tools/sss_cache.c:718 msgid "Invalidate all netgroups" msgstr "" -#: src/tools/sss_cache.c:703 +#: src/tools/sss_cache.c:720 msgid "Invalidate particular service" msgstr "" -#: src/tools/sss_cache.c:705 +#: src/tools/sss_cache.c:722 msgid "Invalidate all services" msgstr "" -#: src/tools/sss_cache.c:708 +#: src/tools/sss_cache.c:725 msgid "Invalidate particular autofs map" msgstr "" -#: src/tools/sss_cache.c:710 +#: src/tools/sss_cache.c:727 msgid "Invalidate all autofs maps" msgstr "" -#: src/tools/sss_cache.c:714 +#: src/tools/sss_cache.c:731 msgid "Invalidate particular SSH host" msgstr "" -#: src/tools/sss_cache.c:716 +#: src/tools/sss_cache.c:733 msgid "Invalidate all SSH hosts" msgstr "" -#: src/tools/sss_cache.c:720 +#: src/tools/sss_cache.c:737 msgid "Invalidate particular sudo rule" msgstr "" -#: src/tools/sss_cache.c:722 +#: src/tools/sss_cache.c:739 msgid "Invalidate all cached sudo rules" msgstr "" -#: src/tools/sss_cache.c:725 +#: src/tools/sss_cache.c:742 msgid "Only invalidate entries from a particular domain" msgstr "" -#: src/tools/sss_cache.c:779 +#: src/tools/sss_cache.c:796 msgid "" "Unexpected argument(s) provided, options that invalidate a single object " "only accept a single provided argument.\n" msgstr "" -#: src/tools/sss_cache.c:789 +#: src/tools/sss_cache.c:806 msgid "Please select at least one object to invalidate\n" msgstr "" -#: src/tools/sss_cache.c:872 +#: src/tools/sss_cache.c:889 #, c-format msgid "" "Could not open domain %1$s. If the domain is a subdomain (trusted domain), " "use fully qualified name instead of --domain/-d parameter.\n" msgstr "" -#: src/tools/sss_cache.c:877 +#: src/tools/sss_cache.c:894 msgid "Could not open available domains\n" msgstr "" @@ -2802,21 +2819,18 @@ msgstr "" msgid " - no env -\n" msgstr "" -#: src/util/util.h:73 +#: src/util/util.h:74 msgid "The user ID to run the server as" msgstr "" -#: src/util/util.h:75 +#: src/util/util.h:76 msgid "The group ID to run the server as" msgstr "" -#: src/util/util.h:83 +#: src/util/util.h:84 msgid "Informs that the responder has been socket-activated" msgstr "" -#: src/util/util.h:85 +#: src/util/util.h:86 msgid "Informs that the responder has been dbus-activated" msgstr "" - -#~ msgid "Store password hashes" -#~ msgstr "Guardar hashes da senha" diff --git a/po/pt_BR.po b/po/pt_BR.po index 7730acf2880..ab0d7dae0c2 100644 --- a/po/pt_BR.po +++ b/po/pt_BR.po @@ -3,7 +3,7 @@ msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n" -"POT-Creation-Date: 2019-02-27 19:55+0100\n" +"POT-Creation-Date: 2019-06-13 20:35+0200\n" "PO-Revision-Date: 2015-10-27 08:15+0000\n" "Last-Translator: Marco Aurélio Krause \n" "Language-Team: Portuguese (Brazil)\n" @@ -669,7 +669,7 @@ msgid "Active Directory client hostname" msgstr "" #: src/config/SSSDConfig/__init__.py.in:236 -#: src/config/SSSDConfig/__init__.py.in:420 +#: src/config/SSSDConfig/__init__.py.in:421 msgid "LDAP filter to determine access privileges" msgstr "" @@ -839,746 +839,758 @@ msgid "The Schema Type in use on the LDAP server, rfc2307" msgstr "" #: src/config/SSSDConfig/__init__.py.in:285 -msgid "The default bind DN" +msgid "Mode used to change user password" msgstr "" #: src/config/SSSDConfig/__init__.py.in:286 -msgid "The type of the authentication token of the default bind DN" +msgid "The default bind DN" msgstr "" #: src/config/SSSDConfig/__init__.py.in:287 -msgid "The authentication token of the default bind DN" +msgid "The type of the authentication token of the default bind DN" msgstr "" #: src/config/SSSDConfig/__init__.py.in:288 -msgid "Length of time to attempt connection" +msgid "The authentication token of the default bind DN" msgstr "" #: src/config/SSSDConfig/__init__.py.in:289 -msgid "Length of time to attempt synchronous LDAP operations" +msgid "Length of time to attempt connection" msgstr "" #: src/config/SSSDConfig/__init__.py.in:290 -msgid "Length of time between attempts to reconnect while offline" +msgid "Length of time to attempt synchronous LDAP operations" msgstr "" #: src/config/SSSDConfig/__init__.py.in:291 -msgid "Use only the upper case for realm names" +msgid "Length of time between attempts to reconnect while offline" msgstr "" #: src/config/SSSDConfig/__init__.py.in:292 -msgid "File that contains CA certificates" +msgid "Use only the upper case for realm names" msgstr "" #: src/config/SSSDConfig/__init__.py.in:293 -msgid "Path to CA certificate directory" +msgid "File that contains CA certificates" msgstr "" #: src/config/SSSDConfig/__init__.py.in:294 -msgid "File that contains the client certificate" +msgid "Path to CA certificate directory" msgstr "" #: src/config/SSSDConfig/__init__.py.in:295 -msgid "File that contains the client key" +msgid "File that contains the client certificate" msgstr "" #: src/config/SSSDConfig/__init__.py.in:296 -msgid "List of possible ciphers suites" +msgid "File that contains the client key" msgstr "" #: src/config/SSSDConfig/__init__.py.in:297 -msgid "Require TLS certificate verification" +msgid "List of possible ciphers suites" msgstr "" #: src/config/SSSDConfig/__init__.py.in:298 -msgid "Specify the sasl mechanism to use" +msgid "Require TLS certificate verification" msgstr "" #: src/config/SSSDConfig/__init__.py.in:299 -msgid "Specify the sasl authorization id to use" +msgid "Specify the sasl mechanism to use" msgstr "" #: src/config/SSSDConfig/__init__.py.in:300 -msgid "Specify the sasl authorization realm to use" +msgid "Specify the sasl authorization id to use" msgstr "" #: src/config/SSSDConfig/__init__.py.in:301 -msgid "Specify the minimal SSF for LDAP sasl authorization" +msgid "Specify the sasl authorization realm to use" msgstr "" #: src/config/SSSDConfig/__init__.py.in:302 -msgid "Kerberos service keytab" +msgid "Specify the minimal SSF for LDAP sasl authorization" msgstr "" #: src/config/SSSDConfig/__init__.py.in:303 -msgid "Use Kerberos auth for LDAP connection" +msgid "Kerberos service keytab" msgstr "" #: src/config/SSSDConfig/__init__.py.in:304 -msgid "Follow LDAP referrals" +msgid "Use Kerberos auth for LDAP connection" msgstr "" #: src/config/SSSDConfig/__init__.py.in:305 -msgid "Lifetime of TGT for LDAP connection" +msgid "Follow LDAP referrals" msgstr "" #: src/config/SSSDConfig/__init__.py.in:306 -msgid "How to dereference aliases" +msgid "Lifetime of TGT for LDAP connection" msgstr "" #: src/config/SSSDConfig/__init__.py.in:307 -msgid "Service name for DNS service lookups" +msgid "How to dereference aliases" msgstr "" #: src/config/SSSDConfig/__init__.py.in:308 -msgid "The number of records to retrieve in a single LDAP query" +msgid "Service name for DNS service lookups" msgstr "" #: src/config/SSSDConfig/__init__.py.in:309 -msgid "The number of members that must be missing to trigger a full deref" +msgid "The number of records to retrieve in a single LDAP query" msgstr "" #: src/config/SSSDConfig/__init__.py.in:310 +msgid "The number of members that must be missing to trigger a full deref" +msgstr "" + +#: src/config/SSSDConfig/__init__.py.in:311 msgid "" "Whether the LDAP library should perform a reverse lookup to canonicalize the " "host name during a SASL bind" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:312 +#: src/config/SSSDConfig/__init__.py.in:313 msgid "entryUSN attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:313 +#: src/config/SSSDConfig/__init__.py.in:314 msgid "lastUSN attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:315 +#: src/config/SSSDConfig/__init__.py.in:316 msgid "How long to retain a connection to the LDAP server before disconnecting" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:317 +#: src/config/SSSDConfig/__init__.py.in:318 msgid "Disable the LDAP paging control" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:318 +#: src/config/SSSDConfig/__init__.py.in:319 msgid "Disable Active Directory range retrieval" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:321 +#: src/config/SSSDConfig/__init__.py.in:322 msgid "Length of time to wait for a search request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:322 +#: src/config/SSSDConfig/__init__.py.in:323 msgid "Length of time to wait for a enumeration request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:323 +#: src/config/SSSDConfig/__init__.py.in:324 msgid "Length of time between enumeration updates" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:324 +#: src/config/SSSDConfig/__init__.py.in:325 msgid "Length of time between cache cleanups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:325 +#: src/config/SSSDConfig/__init__.py.in:326 msgid "Require TLS for ID lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:326 +#: src/config/SSSDConfig/__init__.py.in:327 msgid "Use ID-mapping of objectSID instead of pre-set IDs" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:327 +#: src/config/SSSDConfig/__init__.py.in:328 msgid "Base DN for user lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:328 +#: src/config/SSSDConfig/__init__.py.in:329 msgid "Scope of user lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:329 +#: src/config/SSSDConfig/__init__.py.in:330 msgid "Filter for user lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:330 +#: src/config/SSSDConfig/__init__.py.in:331 msgid "Objectclass for users" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:331 +#: src/config/SSSDConfig/__init__.py.in:332 msgid "Username attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:333 +#: src/config/SSSDConfig/__init__.py.in:334 msgid "UID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:334 +#: src/config/SSSDConfig/__init__.py.in:335 msgid "Primary GID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:335 +#: src/config/SSSDConfig/__init__.py.in:336 msgid "GECOS attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:336 +#: src/config/SSSDConfig/__init__.py.in:337 msgid "Home directory attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:337 +#: src/config/SSSDConfig/__init__.py.in:338 msgid "Shell attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:338 +#: src/config/SSSDConfig/__init__.py.in:339 msgid "UUID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:339 -#: src/config/SSSDConfig/__init__.py.in:381 +#: src/config/SSSDConfig/__init__.py.in:340 +#: src/config/SSSDConfig/__init__.py.in:382 msgid "objectSID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:340 +#: src/config/SSSDConfig/__init__.py.in:341 msgid "Active Directory primary group attribute for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:341 +#: src/config/SSSDConfig/__init__.py.in:342 msgid "User principal attribute (for Kerberos)" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:342 +#: src/config/SSSDConfig/__init__.py.in:343 msgid "Full Name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:343 +#: src/config/SSSDConfig/__init__.py.in:344 msgid "memberOf attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:344 +#: src/config/SSSDConfig/__init__.py.in:345 msgid "Modification time attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:346 +#: src/config/SSSDConfig/__init__.py.in:347 msgid "shadowLastChange attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:347 +#: src/config/SSSDConfig/__init__.py.in:348 msgid "shadowMin attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:348 +#: src/config/SSSDConfig/__init__.py.in:349 msgid "shadowMax attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:349 +#: src/config/SSSDConfig/__init__.py.in:350 msgid "shadowWarning attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:350 +#: src/config/SSSDConfig/__init__.py.in:351 msgid "shadowInactive attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:351 +#: src/config/SSSDConfig/__init__.py.in:352 msgid "shadowExpire attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:352 +#: src/config/SSSDConfig/__init__.py.in:353 msgid "shadowFlag attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:353 +#: src/config/SSSDConfig/__init__.py.in:354 msgid "Attribute listing authorized PAM services" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:354 +#: src/config/SSSDConfig/__init__.py.in:355 msgid "Attribute listing authorized server hosts" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:355 +#: src/config/SSSDConfig/__init__.py.in:356 msgid "Attribute listing authorized server rhosts" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:356 +#: src/config/SSSDConfig/__init__.py.in:357 msgid "krbLastPwdChange attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:357 +#: src/config/SSSDConfig/__init__.py.in:358 msgid "krbPasswordExpiration attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:358 +#: src/config/SSSDConfig/__init__.py.in:359 msgid "Attribute indicating that server side password policies are active" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:359 +#: src/config/SSSDConfig/__init__.py.in:360 msgid "accountExpires attribute of AD" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:360 +#: src/config/SSSDConfig/__init__.py.in:361 msgid "userAccountControl attribute of AD" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:361 +#: src/config/SSSDConfig/__init__.py.in:362 msgid "nsAccountLock attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:362 +#: src/config/SSSDConfig/__init__.py.in:363 msgid "loginDisabled attribute of NDS" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:363 +#: src/config/SSSDConfig/__init__.py.in:364 msgid "loginExpirationTime attribute of NDS" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:364 +#: src/config/SSSDConfig/__init__.py.in:365 msgid "loginAllowedTimeMap attribute of NDS" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:365 +#: src/config/SSSDConfig/__init__.py.in:366 msgid "SSH public key attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:366 +#: src/config/SSSDConfig/__init__.py.in:367 msgid "attribute listing allowed authentication types for a user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:367 +#: src/config/SSSDConfig/__init__.py.in:368 msgid "attribute containing the X509 certificate of the user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:368 +#: src/config/SSSDConfig/__init__.py.in:369 msgid "attribute containing the email address of the user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:370 +#: src/config/SSSDConfig/__init__.py.in:371 msgid "A list of extra attributes to download along with the user entry" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:372 +#: src/config/SSSDConfig/__init__.py.in:373 msgid "Base DN for group lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:375 +#: src/config/SSSDConfig/__init__.py.in:376 msgid "Objectclass for groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:376 +#: src/config/SSSDConfig/__init__.py.in:377 msgid "Group name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:377 +#: src/config/SSSDConfig/__init__.py.in:378 msgid "Group password" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:378 +#: src/config/SSSDConfig/__init__.py.in:379 msgid "GID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:379 +#: src/config/SSSDConfig/__init__.py.in:380 msgid "Group member attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:380 +#: src/config/SSSDConfig/__init__.py.in:381 msgid "Group UUID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:382 +#: src/config/SSSDConfig/__init__.py.in:383 msgid "Modification time attribute for groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:383 +#: src/config/SSSDConfig/__init__.py.in:384 msgid "Type of the group and other flags" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:384 +#: src/config/SSSDConfig/__init__.py.in:385 msgid "The LDAP group external member attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:386 +#: src/config/SSSDConfig/__init__.py.in:387 msgid "Maximum nesting level SSSD will follow" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:388 +#: src/config/SSSDConfig/__init__.py.in:389 msgid "Base DN for netgroup lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:389 +#: src/config/SSSDConfig/__init__.py.in:390 msgid "Objectclass for netgroups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:390 +#: src/config/SSSDConfig/__init__.py.in:391 msgid "Netgroup name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:391 +#: src/config/SSSDConfig/__init__.py.in:392 msgid "Netgroups members attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:392 +#: src/config/SSSDConfig/__init__.py.in:393 msgid "Netgroup triple attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:393 +#: src/config/SSSDConfig/__init__.py.in:394 msgid "Modification time attribute for netgroups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:395 +#: src/config/SSSDConfig/__init__.py.in:396 msgid "Base DN for service lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:396 +#: src/config/SSSDConfig/__init__.py.in:397 msgid "Objectclass for services" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:397 +#: src/config/SSSDConfig/__init__.py.in:398 msgid "Service name attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:398 +#: src/config/SSSDConfig/__init__.py.in:399 msgid "Service port attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:399 +#: src/config/SSSDConfig/__init__.py.in:400 msgid "Service protocol attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:402 +#: src/config/SSSDConfig/__init__.py.in:403 msgid "Lower bound for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:403 +#: src/config/SSSDConfig/__init__.py.in:404 msgid "Upper bound for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:404 +#: src/config/SSSDConfig/__init__.py.in:405 msgid "Number of IDs for each slice when ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:405 +#: src/config/SSSDConfig/__init__.py.in:406 msgid "Use autorid-compatible algorithm for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:406 +#: src/config/SSSDConfig/__init__.py.in:407 msgid "Name of the default domain for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:407 +#: src/config/SSSDConfig/__init__.py.in:408 msgid "SID of the default domain for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:408 +#: src/config/SSSDConfig/__init__.py.in:409 msgid "Number of secondary slices" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:410 +#: src/config/SSSDConfig/__init__.py.in:411 msgid "Whether to use Token-Groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:411 +#: src/config/SSSDConfig/__init__.py.in:412 msgid "Set lower boundary for allowed IDs from the LDAP server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:412 +#: src/config/SSSDConfig/__init__.py.in:413 msgid "Set upper boundary for allowed IDs from the LDAP server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:413 +#: src/config/SSSDConfig/__init__.py.in:414 msgid "DN for ppolicy queries" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:414 +#: src/config/SSSDConfig/__init__.py.in:415 msgid "How many maximum entries to fetch during a wildcard request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:417 +#: src/config/SSSDConfig/__init__.py.in:418 msgid "Policy to evaluate the password expiration" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:421 +#: src/config/SSSDConfig/__init__.py.in:422 msgid "Which attributes shall be used to evaluate if an account is expired" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:422 +#: src/config/SSSDConfig/__init__.py.in:423 msgid "Which rules should be used to evaluate access control" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:425 +#: src/config/SSSDConfig/__init__.py.in:426 msgid "URI of an LDAP server where password changes are allowed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:426 +#: src/config/SSSDConfig/__init__.py.in:427 msgid "URI of a backup LDAP server where password changes are allowed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:427 +#: src/config/SSSDConfig/__init__.py.in:428 msgid "DNS service name for LDAP password change server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:428 +#: src/config/SSSDConfig/__init__.py.in:429 msgid "" "Whether to update the ldap_user_shadow_last_change attribute after a " "password change" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:431 +#: src/config/SSSDConfig/__init__.py.in:432 msgid "Base DN for sudo rules lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:432 +#: src/config/SSSDConfig/__init__.py.in:433 msgid "Automatic full refresh period" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:433 +#: src/config/SSSDConfig/__init__.py.in:434 msgid "Automatic smart refresh period" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:434 +#: src/config/SSSDConfig/__init__.py.in:435 msgid "Whether to filter rules by hostname, IP addresses and network" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:435 +#: src/config/SSSDConfig/__init__.py.in:436 msgid "" "Hostnames and/or fully qualified domain names of this machine to filter sudo " "rules" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:436 +#: src/config/SSSDConfig/__init__.py.in:437 msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:437 +#: src/config/SSSDConfig/__init__.py.in:438 msgid "Whether to include rules that contains netgroup in host attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:438 +#: src/config/SSSDConfig/__init__.py.in:439 msgid "" "Whether to include rules that contains regular expression in host attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:439 +#: src/config/SSSDConfig/__init__.py.in:440 msgid "Object class for sudo rules" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:440 +#: src/config/SSSDConfig/__init__.py.in:441 msgid "Sudo rule name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:441 +#: src/config/SSSDConfig/__init__.py.in:442 msgid "Sudo rule command attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:442 +#: src/config/SSSDConfig/__init__.py.in:443 msgid "Sudo rule host attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:443 +#: src/config/SSSDConfig/__init__.py.in:444 msgid "Sudo rule user attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:444 +#: src/config/SSSDConfig/__init__.py.in:445 msgid "Sudo rule option attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:445 +#: src/config/SSSDConfig/__init__.py.in:446 msgid "Sudo rule runas attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:446 +#: src/config/SSSDConfig/__init__.py.in:447 msgid "Sudo rule runasuser attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:447 +#: src/config/SSSDConfig/__init__.py.in:448 msgid "Sudo rule runasgroup attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:448 +#: src/config/SSSDConfig/__init__.py.in:449 msgid "Sudo rule notbefore attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:449 +#: src/config/SSSDConfig/__init__.py.in:450 msgid "Sudo rule notafter attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:450 +#: src/config/SSSDConfig/__init__.py.in:451 msgid "Sudo rule order attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:453 +#: src/config/SSSDConfig/__init__.py.in:454 msgid "Object class for automounter maps" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:454 +#: src/config/SSSDConfig/__init__.py.in:455 msgid "Automounter map name attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:455 +#: src/config/SSSDConfig/__init__.py.in:456 msgid "Object class for automounter map entries" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:456 +#: src/config/SSSDConfig/__init__.py.in:457 msgid "Automounter map entry key attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:457 +#: src/config/SSSDConfig/__init__.py.in:458 msgid "Automounter map entry value attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:458 +#: src/config/SSSDConfig/__init__.py.in:459 msgid "Base DN for automounter map lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:461 +#: src/config/SSSDConfig/__init__.py.in:462 msgid "Comma separated list of allowed users" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:462 +#: src/config/SSSDConfig/__init__.py.in:463 msgid "Comma separated list of prohibited users" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:465 +#: src/config/SSSDConfig/__init__.py.in:466 msgid "Default shell, /bin/bash" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:466 +#: src/config/SSSDConfig/__init__.py.in:467 msgid "Base for home directories" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:469 +#: src/config/SSSDConfig/__init__.py.in:470 msgid "The number of preforked proxy children." msgstr "" -#: src/config/SSSDConfig/__init__.py.in:472 +#: src/config/SSSDConfig/__init__.py.in:473 msgid "The name of the NSS library to use" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:473 +#: src/config/SSSDConfig/__init__.py.in:474 msgid "Whether to look up canonical group name from cache if possible" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:476 +#: src/config/SSSDConfig/__init__.py.in:477 msgid "PAM stack to use" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:479 +#: src/config/SSSDConfig/__init__.py.in:480 msgid "Path of passwd file sources." msgstr "" -#: src/config/SSSDConfig/__init__.py.in:480 +#: src/config/SSSDConfig/__init__.py.in:481 msgid "Path of group file sources." msgstr "" -#: src/monitor/monitor.c:2347 +#: src/monitor/monitor.c:2332 msgid "Become a daemon (default)" msgstr "" -#: src/monitor/monitor.c:2349 +#: src/monitor/monitor.c:2334 msgid "Run interactive (not a daemon)" msgstr "" -#: src/monitor/monitor.c:2352 +#: src/monitor/monitor.c:2337 msgid "Disable netlink interface" msgstr "" -#: src/monitor/monitor.c:2354 src/tools/sssctl/sssctl_logs.c:311 +#: src/monitor/monitor.c:2339 src/tools/sssctl/sssctl_logs.c:311 msgid "Specify a non-default config file" msgstr "" -#: src/monitor/monitor.c:2356 +#: src/monitor/monitor.c:2341 msgid "Refresh the configuration database, then exit" msgstr "" -#: src/monitor/monitor.c:2359 +#: src/monitor/monitor.c:2344 msgid "Similar to --genconf, but only refreshes the given section" msgstr "" -#: src/monitor/monitor.c:2362 +#: src/monitor/monitor.c:2347 msgid "Print version number and exit" msgstr "" -#: src/monitor/monitor.c:2538 +#: src/monitor/monitor.c:2523 msgid "SSSD is already running\n" msgstr "" -#: src/providers/krb5/krb5_child.c:3219 src/providers/ldap/ldap_child.c:605 +#: src/providers/krb5/krb5_child.c:3232 src/providers/ldap/ldap_child.c:605 msgid "Debug level" msgstr "" -#: src/providers/krb5/krb5_child.c:3221 src/providers/ldap/ldap_child.c:607 +#: src/providers/krb5/krb5_child.c:3234 src/providers/ldap/ldap_child.c:607 msgid "Add debug timestamps" msgstr "" -#: src/providers/krb5/krb5_child.c:3223 src/providers/ldap/ldap_child.c:609 +#: src/providers/krb5/krb5_child.c:3236 src/providers/ldap/ldap_child.c:609 msgid "Show timestamps with microseconds" msgstr "" -#: src/providers/krb5/krb5_child.c:3225 src/providers/ldap/ldap_child.c:611 +#: src/providers/krb5/krb5_child.c:3238 src/providers/ldap/ldap_child.c:611 msgid "An open file descriptor for the debug logs" msgstr "" -#: src/providers/krb5/krb5_child.c:3228 src/providers/ldap/ldap_child.c:613 +#: src/providers/krb5/krb5_child.c:3241 src/providers/ldap/ldap_child.c:613 msgid "Send the debug output to stderr directly." msgstr "" -#: src/providers/krb5/krb5_child.c:3231 +#: src/providers/krb5/krb5_child.c:3244 msgid "The user to create FAST ccache as" msgstr "" -#: src/providers/krb5/krb5_child.c:3233 +#: src/providers/krb5/krb5_child.c:3246 msgid "The group to create FAST ccache as" msgstr "" -#: src/providers/krb5/krb5_child.c:3235 +#: src/providers/krb5/krb5_child.c:3248 msgid "Kerberos realm to use" msgstr "" -#: src/providers/krb5/krb5_child.c:3237 +#: src/providers/krb5/krb5_child.c:3250 msgid "Requested lifetime of the ticket" msgstr "" -#: src/providers/krb5/krb5_child.c:3239 +#: src/providers/krb5/krb5_child.c:3252 msgid "Requested renewable lifetime of the ticket" msgstr "" -#: src/providers/krb5/krb5_child.c:3241 +#: src/providers/krb5/krb5_child.c:3254 msgid "FAST options ('never', 'try', 'demand')" msgstr "" -#: src/providers/krb5/krb5_child.c:3244 +#: src/providers/krb5/krb5_child.c:3257 msgid "Specifies the server principal to use for FAST" msgstr "" -#: src/providers/krb5/krb5_child.c:3246 +#: src/providers/krb5/krb5_child.c:3259 msgid "Requests canonicalization of the principal name" msgstr "" -#: src/providers/krb5/krb5_child.c:3248 +#: src/providers/krb5/krb5_child.c:3261 msgid "Use custom version of krb5_get_init_creds_password" msgstr "" -#: src/providers/data_provider_be.c:630 +#: src/providers/data_provider_be.c:673 msgid "Domain of the information provider (mandatory)" msgstr "" -#: src/sss_client/common.c:1067 +#: src/sss_client/common.c:1079 msgid "Privileged socket has wrong ownership or permissions." msgstr "" -#: src/sss_client/common.c:1070 +#: src/sss_client/common.c:1082 msgid "Public socket has wrong ownership or permissions." msgstr "" -#: src/sss_client/common.c:1073 +#: src/sss_client/common.c:1085 msgid "Unexpected format of the server credential message." msgstr "" -#: src/sss_client/common.c:1076 +#: src/sss_client/common.c:1088 msgid "SSSD is not run by root." msgstr "" -#: src/sss_client/common.c:1081 +#: src/sss_client/common.c:1091 +msgid "SSSD socket does not exist." +msgstr "" + +#: src/sss_client/common.c:1094 +msgid "Cannot get stat of SSSD socket." +msgstr "" + +#: src/sss_client/common.c:1099 msgid "An error occurred, but no description can be found." msgstr "" -#: src/sss_client/common.c:1087 +#: src/sss_client/common.c:1105 msgid "Unexpected error while looking for an error description" msgstr "" @@ -1586,88 +1598,88 @@ msgstr "" msgid "Permission denied. " msgstr "" -#: src/sss_client/pam_sss.c:68 src/sss_client/pam_sss.c:774 -#: src/sss_client/pam_sss.c:785 +#: src/sss_client/pam_sss.c:68 src/sss_client/pam_sss.c:777 +#: src/sss_client/pam_sss.c:788 msgid "Server message: " msgstr "" -#: src/sss_client/pam_sss.c:292 +#: src/sss_client/pam_sss.c:295 msgid "Passwords do not match" msgstr "" -#: src/sss_client/pam_sss.c:480 +#: src/sss_client/pam_sss.c:483 msgid "Password reset by root is not supported." msgstr "" -#: src/sss_client/pam_sss.c:521 +#: src/sss_client/pam_sss.c:524 msgid "Authenticated with cached credentials" msgstr "" -#: src/sss_client/pam_sss.c:522 +#: src/sss_client/pam_sss.c:525 msgid ", your cached password will expire at: " msgstr "" -#: src/sss_client/pam_sss.c:552 +#: src/sss_client/pam_sss.c:555 #, c-format msgid "Your password has expired. You have %1$d grace login(s) remaining." msgstr "" -#: src/sss_client/pam_sss.c:598 +#: src/sss_client/pam_sss.c:601 #, c-format msgid "Your password will expire in %1$d %2$s." msgstr "" -#: src/sss_client/pam_sss.c:647 +#: src/sss_client/pam_sss.c:650 msgid "Authentication is denied until: " msgstr "" -#: src/sss_client/pam_sss.c:668 +#: src/sss_client/pam_sss.c:671 msgid "System is offline, password change not possible" msgstr "" -#: src/sss_client/pam_sss.c:683 +#: src/sss_client/pam_sss.c:686 msgid "" "After changing the OTP password, you need to log out and back in order to " "acquire a ticket" msgstr "" -#: src/sss_client/pam_sss.c:771 src/sss_client/pam_sss.c:784 +#: src/sss_client/pam_sss.c:774 src/sss_client/pam_sss.c:787 msgid "Password change failed. " msgstr "" -#: src/sss_client/pam_sss.c:1921 +#: src/sss_client/pam_sss.c:1977 msgid "New Password: " msgstr "" -#: src/sss_client/pam_sss.c:1922 +#: src/sss_client/pam_sss.c:1978 msgid "Reenter new Password: " msgstr "" -#: src/sss_client/pam_sss.c:2038 src/sss_client/pam_sss.c:2041 +#: src/sss_client/pam_sss.c:2139 src/sss_client/pam_sss.c:2142 msgid "First Factor: " msgstr "" -#: src/sss_client/pam_sss.c:2039 src/sss_client/pam_sss.c:2201 +#: src/sss_client/pam_sss.c:2140 src/sss_client/pam_sss.c:2303 msgid "Second Factor (optional): " msgstr "" -#: src/sss_client/pam_sss.c:2042 src/sss_client/pam_sss.c:2204 +#: src/sss_client/pam_sss.c:2143 src/sss_client/pam_sss.c:2306 msgid "Second Factor: " msgstr "" -#: src/sss_client/pam_sss.c:2057 +#: src/sss_client/pam_sss.c:2158 msgid "Password: " msgstr "" -#: src/sss_client/pam_sss.c:2200 src/sss_client/pam_sss.c:2203 +#: src/sss_client/pam_sss.c:2302 src/sss_client/pam_sss.c:2305 msgid "First Factor (Current Password): " msgstr "" -#: src/sss_client/pam_sss.c:2207 +#: src/sss_client/pam_sss.c:2309 msgid "Current Password: " msgstr "" -#: src/sss_client/pam_sss.c:2562 +#: src/sss_client/pam_sss.c:2664 msgid "Password expired. Change your password now." msgstr "" @@ -1676,7 +1688,7 @@ msgstr "" #: src/tools/sss_groupadd.c:41 src/tools/sss_groupdel.c:44 #: src/tools/sss_groupmod.c:42 src/tools/sss_groupshow.c:668 #: src/tools/sss_userdel.c:134 src/tools/sss_usermod.c:47 -#: src/tools/sss_cache.c:687 +#: src/tools/sss_cache.c:704 msgid "The debug level to run with" msgstr "" @@ -1689,7 +1701,7 @@ msgstr "" #: src/tools/sss_groupadd.c:59 src/tools/sss_groupdel.c:54 #: src/tools/sss_groupmod.c:66 src/tools/sss_groupshow.c:680 #: src/tools/sss_userdel.c:152 src/tools/sss_usermod.c:79 -#: src/tools/sss_cache.c:733 +#: src/tools/sss_cache.c:750 msgid "Error setting the locale\n" msgstr "" @@ -1725,6 +1737,11 @@ msgstr "" msgid "The path to the proxy command must be absolute\n" msgstr "" +#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:342 +#, c-format +msgid "sss_ssh_knownhostsproxy: Could not resolve hostname %s\n" +msgstr "" + #: src/tools/sss_useradd.c:49 src/tools/sss_usermod.c:48 msgid "The UID of the user" msgstr "" @@ -2123,102 +2140,102 @@ msgstr "" msgid "Transaction error. Could not modify user.\n" msgstr "" -#: src/tools/sss_cache.c:228 +#: src/tools/sss_cache.c:245 msgid "No cache object matched the specified search\n" msgstr "" -#: src/tools/sss_cache.c:519 +#: src/tools/sss_cache.c:536 #, c-format msgid "Couldn't invalidate %1$s\n" msgstr "" -#: src/tools/sss_cache.c:526 +#: src/tools/sss_cache.c:543 #, c-format msgid "Couldn't invalidate %1$s %2$s\n" msgstr "" -#: src/tools/sss_cache.c:689 +#: src/tools/sss_cache.c:706 msgid "Invalidate all cached entries" msgstr "" -#: src/tools/sss_cache.c:691 +#: src/tools/sss_cache.c:708 msgid "Invalidate particular user" msgstr "" -#: src/tools/sss_cache.c:693 +#: src/tools/sss_cache.c:710 msgid "Invalidate all users" msgstr "" -#: src/tools/sss_cache.c:695 +#: src/tools/sss_cache.c:712 msgid "Invalidate particular group" msgstr "" -#: src/tools/sss_cache.c:697 +#: src/tools/sss_cache.c:714 msgid "Invalidate all groups" msgstr "" -#: src/tools/sss_cache.c:699 +#: src/tools/sss_cache.c:716 msgid "Invalidate particular netgroup" msgstr "" -#: src/tools/sss_cache.c:701 +#: src/tools/sss_cache.c:718 msgid "Invalidate all netgroups" msgstr "" -#: src/tools/sss_cache.c:703 +#: src/tools/sss_cache.c:720 msgid "Invalidate particular service" msgstr "" -#: src/tools/sss_cache.c:705 +#: src/tools/sss_cache.c:722 msgid "Invalidate all services" msgstr "" -#: src/tools/sss_cache.c:708 +#: src/tools/sss_cache.c:725 msgid "Invalidate particular autofs map" msgstr "" -#: src/tools/sss_cache.c:710 +#: src/tools/sss_cache.c:727 msgid "Invalidate all autofs maps" msgstr "" -#: src/tools/sss_cache.c:714 +#: src/tools/sss_cache.c:731 msgid "Invalidate particular SSH host" msgstr "" -#: src/tools/sss_cache.c:716 +#: src/tools/sss_cache.c:733 msgid "Invalidate all SSH hosts" msgstr "" -#: src/tools/sss_cache.c:720 +#: src/tools/sss_cache.c:737 msgid "Invalidate particular sudo rule" msgstr "" -#: src/tools/sss_cache.c:722 +#: src/tools/sss_cache.c:739 msgid "Invalidate all cached sudo rules" msgstr "" -#: src/tools/sss_cache.c:725 +#: src/tools/sss_cache.c:742 msgid "Only invalidate entries from a particular domain" msgstr "" -#: src/tools/sss_cache.c:779 +#: src/tools/sss_cache.c:796 msgid "" "Unexpected argument(s) provided, options that invalidate a single object " "only accept a single provided argument.\n" msgstr "" -#: src/tools/sss_cache.c:789 +#: src/tools/sss_cache.c:806 msgid "Please select at least one object to invalidate\n" msgstr "" -#: src/tools/sss_cache.c:872 +#: src/tools/sss_cache.c:889 #, c-format msgid "" "Could not open domain %1$s. If the domain is a subdomain (trusted domain), " "use fully qualified name instead of --domain/-d parameter.\n" msgstr "" -#: src/tools/sss_cache.c:877 +#: src/tools/sss_cache.c:894 msgid "Could not open available domains\n" msgstr "" @@ -2767,18 +2784,18 @@ msgstr "" msgid " - no env -\n" msgstr "" -#: src/util/util.h:73 +#: src/util/util.h:74 msgid "The user ID to run the server as" msgstr "" -#: src/util/util.h:75 +#: src/util/util.h:76 msgid "The group ID to run the server as" msgstr "" -#: src/util/util.h:83 +#: src/util/util.h:84 msgid "Informs that the responder has been socket-activated" msgstr "" -#: src/util/util.h:85 +#: src/util/util.h:86 msgid "Informs that the responder has been dbus-activated" msgstr "" diff --git a/po/ru.po b/po/ru.po index 3bba1b4301d..64341415707 100644 --- a/po/ru.po +++ b/po/ru.po @@ -9,7 +9,7 @@ msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n" -"POT-Creation-Date: 2019-02-27 19:55+0100\n" +"POT-Creation-Date: 2019-06-13 20:35+0200\n" "PO-Revision-Date: 2016-02-23 10:04+0000\n" "Last-Translator: Oleksii Levan \n" "Language-Team: Russian (http://www.transifex.com/projects/p/sssd/language/" @@ -282,9 +282,8 @@ msgid "Allowed services for using smartcards" msgstr "" #: src/config/SSSDConfig/__init__.py.in:107 -#, fuzzy msgid "Additional timeout to wait for a card if requested" -msgstr "Временной интервал, в течение которого ожидать поискового запроса" +msgstr "" #: src/config/SSSDConfig/__init__.py.in:108 msgid "" @@ -701,7 +700,7 @@ msgid "Active Directory client hostname" msgstr "" #: src/config/SSSDConfig/__init__.py.in:236 -#: src/config/SSSDConfig/__init__.py.in:420 +#: src/config/SSSDConfig/__init__.py.in:421 msgid "LDAP filter to determine access privileges" msgstr "Фильтр LDAP для определения прав доступа" @@ -872,750 +871,763 @@ msgid "The Schema Type in use on the LDAP server, rfc2307" msgstr "Тип схемы, используемой на LDAP-сервере, rfc2307" #: src/config/SSSDConfig/__init__.py.in:285 +#, fuzzy +msgid "Mode used to change user password" +msgstr "Срок действия пароля истёк. Необходимо сейчас изменить ваш пароль." + +#: src/config/SSSDConfig/__init__.py.in:286 msgid "The default bind DN" msgstr "Bind DN по умолчанию" -#: src/config/SSSDConfig/__init__.py.in:286 +#: src/config/SSSDConfig/__init__.py.in:287 msgid "The type of the authentication token of the default bind DN" msgstr "Тип маркера проверки подлинности для bind DN по умолчанию" -#: src/config/SSSDConfig/__init__.py.in:287 +#: src/config/SSSDConfig/__init__.py.in:288 msgid "The authentication token of the default bind DN" msgstr "Маркер проверки подлинности для bind DN по умолчанию" -#: src/config/SSSDConfig/__init__.py.in:288 +#: src/config/SSSDConfig/__init__.py.in:289 msgid "Length of time to attempt connection" msgstr "Временной интервал для попытки соединения" -#: src/config/SSSDConfig/__init__.py.in:289 +#: src/config/SSSDConfig/__init__.py.in:290 msgid "Length of time to attempt synchronous LDAP operations" msgstr "Временной интервал для попытки синхронизации операций LDAP" -#: src/config/SSSDConfig/__init__.py.in:290 +#: src/config/SSSDConfig/__init__.py.in:291 msgid "Length of time between attempts to reconnect while offline" msgstr "" "Временной интервал между попытками возобновления соединения в автономного " "режиме" -#: src/config/SSSDConfig/__init__.py.in:291 +#: src/config/SSSDConfig/__init__.py.in:292 msgid "Use only the upper case for realm names" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:292 +#: src/config/SSSDConfig/__init__.py.in:293 msgid "File that contains CA certificates" msgstr "Файл содержащий сертификаты CA" -#: src/config/SSSDConfig/__init__.py.in:293 +#: src/config/SSSDConfig/__init__.py.in:294 msgid "Path to CA certificate directory" msgstr "Путь к каталогу с сертификатами CA" -#: src/config/SSSDConfig/__init__.py.in:294 +#: src/config/SSSDConfig/__init__.py.in:295 msgid "File that contains the client certificate" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:295 +#: src/config/SSSDConfig/__init__.py.in:296 msgid "File that contains the client key" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:296 +#: src/config/SSSDConfig/__init__.py.in:297 msgid "List of possible ciphers suites" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:297 +#: src/config/SSSDConfig/__init__.py.in:298 msgid "Require TLS certificate verification" msgstr "Требуется проверка сертификата TLS" -#: src/config/SSSDConfig/__init__.py.in:298 +#: src/config/SSSDConfig/__init__.py.in:299 msgid "Specify the sasl mechanism to use" msgstr "Укажите механизм sasl" -#: src/config/SSSDConfig/__init__.py.in:299 +#: src/config/SSSDConfig/__init__.py.in:300 msgid "Specify the sasl authorization id to use" msgstr "Укажите идентификатор авторизации sasl" -#: src/config/SSSDConfig/__init__.py.in:300 +#: src/config/SSSDConfig/__init__.py.in:301 msgid "Specify the sasl authorization realm to use" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:301 +#: src/config/SSSDConfig/__init__.py.in:302 msgid "Specify the minimal SSF for LDAP sasl authorization" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:302 +#: src/config/SSSDConfig/__init__.py.in:303 msgid "Kerberos service keytab" msgstr "Keytab-файл службы Kerberos" -#: src/config/SSSDConfig/__init__.py.in:303 +#: src/config/SSSDConfig/__init__.py.in:304 msgid "Use Kerberos auth for LDAP connection" msgstr "Использовать проверку подлинности Kerberos для LDAP-соединения" -#: src/config/SSSDConfig/__init__.py.in:304 +#: src/config/SSSDConfig/__init__.py.in:305 msgid "Follow LDAP referrals" msgstr "Следовать ссылкам LDAP" -#: src/config/SSSDConfig/__init__.py.in:305 +#: src/config/SSSDConfig/__init__.py.in:306 msgid "Lifetime of TGT for LDAP connection" msgstr "Время жизни TGT для LDAP-соединений" -#: src/config/SSSDConfig/__init__.py.in:306 +#: src/config/SSSDConfig/__init__.py.in:307 msgid "How to dereference aliases" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:307 +#: src/config/SSSDConfig/__init__.py.in:308 msgid "Service name for DNS service lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:308 +#: src/config/SSSDConfig/__init__.py.in:309 msgid "The number of records to retrieve in a single LDAP query" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:309 +#: src/config/SSSDConfig/__init__.py.in:310 msgid "The number of members that must be missing to trigger a full deref" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:310 +#: src/config/SSSDConfig/__init__.py.in:311 msgid "" "Whether the LDAP library should perform a reverse lookup to canonicalize the " "host name during a SASL bind" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:312 +#: src/config/SSSDConfig/__init__.py.in:313 msgid "entryUSN attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:313 +#: src/config/SSSDConfig/__init__.py.in:314 msgid "lastUSN attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:315 +#: src/config/SSSDConfig/__init__.py.in:316 msgid "How long to retain a connection to the LDAP server before disconnecting" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:317 +#: src/config/SSSDConfig/__init__.py.in:318 msgid "Disable the LDAP paging control" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:318 +#: src/config/SSSDConfig/__init__.py.in:319 msgid "Disable Active Directory range retrieval" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:321 +#: src/config/SSSDConfig/__init__.py.in:322 msgid "Length of time to wait for a search request" msgstr "Временной интервал, в течение которого ожидать поискового запроса" -#: src/config/SSSDConfig/__init__.py.in:322 +#: src/config/SSSDConfig/__init__.py.in:323 msgid "Length of time to wait for a enumeration request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:323 +#: src/config/SSSDConfig/__init__.py.in:324 msgid "Length of time between enumeration updates" msgstr "Временной интервал между обновлениями перечисления" -#: src/config/SSSDConfig/__init__.py.in:324 +#: src/config/SSSDConfig/__init__.py.in:325 msgid "Length of time between cache cleanups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:325 +#: src/config/SSSDConfig/__init__.py.in:326 msgid "Require TLS for ID lookups" msgstr "Требовать TLS для запросов ID" -#: src/config/SSSDConfig/__init__.py.in:326 +#: src/config/SSSDConfig/__init__.py.in:327 msgid "Use ID-mapping of objectSID instead of pre-set IDs" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:327 +#: src/config/SSSDConfig/__init__.py.in:328 msgid "Base DN for user lookups" msgstr "Base DN для поиска" -#: src/config/SSSDConfig/__init__.py.in:328 +#: src/config/SSSDConfig/__init__.py.in:329 msgid "Scope of user lookups" msgstr "Глубина поиска" -#: src/config/SSSDConfig/__init__.py.in:329 +#: src/config/SSSDConfig/__init__.py.in:330 msgid "Filter for user lookups" msgstr "Фильтр поиска" -#: src/config/SSSDConfig/__init__.py.in:330 +#: src/config/SSSDConfig/__init__.py.in:331 msgid "Objectclass for users" msgstr "Objectclass для пользователей" -#: src/config/SSSDConfig/__init__.py.in:331 +#: src/config/SSSDConfig/__init__.py.in:332 msgid "Username attribute" msgstr "Атрибут «username»" -#: src/config/SSSDConfig/__init__.py.in:333 +#: src/config/SSSDConfig/__init__.py.in:334 msgid "UID attribute" msgstr "Атрибут «UID»" -#: src/config/SSSDConfig/__init__.py.in:334 +#: src/config/SSSDConfig/__init__.py.in:335 msgid "Primary GID attribute" msgstr "Атрибут «primary GID»" -#: src/config/SSSDConfig/__init__.py.in:335 +#: src/config/SSSDConfig/__init__.py.in:336 msgid "GECOS attribute" msgstr "Атрибут «GECOS»" -#: src/config/SSSDConfig/__init__.py.in:336 +#: src/config/SSSDConfig/__init__.py.in:337 msgid "Home directory attribute" msgstr "Атрибут домашнего каталога" -#: src/config/SSSDConfig/__init__.py.in:337 +#: src/config/SSSDConfig/__init__.py.in:338 msgid "Shell attribute" msgstr "Атрибут оболочки" -#: src/config/SSSDConfig/__init__.py.in:338 +#: src/config/SSSDConfig/__init__.py.in:339 msgid "UUID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:339 -#: src/config/SSSDConfig/__init__.py.in:381 +#: src/config/SSSDConfig/__init__.py.in:340 +#: src/config/SSSDConfig/__init__.py.in:382 msgid "objectSID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:340 +#: src/config/SSSDConfig/__init__.py.in:341 msgid "Active Directory primary group attribute for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:341 +#: src/config/SSSDConfig/__init__.py.in:342 msgid "User principal attribute (for Kerberos)" msgstr "Атрибут участника-пользователя (для Kerberos)" -#: src/config/SSSDConfig/__init__.py.in:342 +#: src/config/SSSDConfig/__init__.py.in:343 msgid "Full Name" msgstr "Полное имя" -#: src/config/SSSDConfig/__init__.py.in:343 +#: src/config/SSSDConfig/__init__.py.in:344 msgid "memberOf attribute" msgstr "Атрибут memberOf" -#: src/config/SSSDConfig/__init__.py.in:344 +#: src/config/SSSDConfig/__init__.py.in:345 msgid "Modification time attribute" msgstr "Атрибут времени изменения" -#: src/config/SSSDConfig/__init__.py.in:346 +#: src/config/SSSDConfig/__init__.py.in:347 msgid "shadowLastChange attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:347 +#: src/config/SSSDConfig/__init__.py.in:348 msgid "shadowMin attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:348 +#: src/config/SSSDConfig/__init__.py.in:349 msgid "shadowMax attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:349 +#: src/config/SSSDConfig/__init__.py.in:350 msgid "shadowWarning attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:350 +#: src/config/SSSDConfig/__init__.py.in:351 msgid "shadowInactive attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:351 +#: src/config/SSSDConfig/__init__.py.in:352 msgid "shadowExpire attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:352 +#: src/config/SSSDConfig/__init__.py.in:353 msgid "shadowFlag attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:353 +#: src/config/SSSDConfig/__init__.py.in:354 msgid "Attribute listing authorized PAM services" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:354 +#: src/config/SSSDConfig/__init__.py.in:355 msgid "Attribute listing authorized server hosts" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:355 +#: src/config/SSSDConfig/__init__.py.in:356 msgid "Attribute listing authorized server rhosts" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:356 +#: src/config/SSSDConfig/__init__.py.in:357 msgid "krbLastPwdChange attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:357 +#: src/config/SSSDConfig/__init__.py.in:358 msgid "krbPasswordExpiration attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:358 +#: src/config/SSSDConfig/__init__.py.in:359 msgid "Attribute indicating that server side password policies are active" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:359 +#: src/config/SSSDConfig/__init__.py.in:360 msgid "accountExpires attribute of AD" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:360 +#: src/config/SSSDConfig/__init__.py.in:361 msgid "userAccountControl attribute of AD" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:361 +#: src/config/SSSDConfig/__init__.py.in:362 msgid "nsAccountLock attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:362 +#: src/config/SSSDConfig/__init__.py.in:363 msgid "loginDisabled attribute of NDS" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:363 +#: src/config/SSSDConfig/__init__.py.in:364 msgid "loginExpirationTime attribute of NDS" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:364 +#: src/config/SSSDConfig/__init__.py.in:365 msgid "loginAllowedTimeMap attribute of NDS" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:365 +#: src/config/SSSDConfig/__init__.py.in:366 msgid "SSH public key attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:366 +#: src/config/SSSDConfig/__init__.py.in:367 msgid "attribute listing allowed authentication types for a user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:367 +#: src/config/SSSDConfig/__init__.py.in:368 msgid "attribute containing the X509 certificate of the user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:368 +#: src/config/SSSDConfig/__init__.py.in:369 msgid "attribute containing the email address of the user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:370 +#: src/config/SSSDConfig/__init__.py.in:371 msgid "A list of extra attributes to download along with the user entry" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:372 +#: src/config/SSSDConfig/__init__.py.in:373 msgid "Base DN for group lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:375 +#: src/config/SSSDConfig/__init__.py.in:376 msgid "Objectclass for groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:376 +#: src/config/SSSDConfig/__init__.py.in:377 msgid "Group name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:377 +#: src/config/SSSDConfig/__init__.py.in:378 msgid "Group password" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:378 +#: src/config/SSSDConfig/__init__.py.in:379 msgid "GID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:379 +#: src/config/SSSDConfig/__init__.py.in:380 msgid "Group member attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:380 +#: src/config/SSSDConfig/__init__.py.in:381 msgid "Group UUID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:382 +#: src/config/SSSDConfig/__init__.py.in:383 msgid "Modification time attribute for groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:383 +#: src/config/SSSDConfig/__init__.py.in:384 msgid "Type of the group and other flags" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:384 +#: src/config/SSSDConfig/__init__.py.in:385 msgid "The LDAP group external member attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:386 +#: src/config/SSSDConfig/__init__.py.in:387 msgid "Maximum nesting level SSSD will follow" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:388 +#: src/config/SSSDConfig/__init__.py.in:389 msgid "Base DN for netgroup lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:389 +#: src/config/SSSDConfig/__init__.py.in:390 msgid "Objectclass for netgroups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:390 +#: src/config/SSSDConfig/__init__.py.in:391 msgid "Netgroup name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:391 +#: src/config/SSSDConfig/__init__.py.in:392 msgid "Netgroups members attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:392 +#: src/config/SSSDConfig/__init__.py.in:393 msgid "Netgroup triple attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:393 +#: src/config/SSSDConfig/__init__.py.in:394 msgid "Modification time attribute for netgroups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:395 +#: src/config/SSSDConfig/__init__.py.in:396 msgid "Base DN for service lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:396 +#: src/config/SSSDConfig/__init__.py.in:397 msgid "Objectclass for services" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:397 +#: src/config/SSSDConfig/__init__.py.in:398 msgid "Service name attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:398 +#: src/config/SSSDConfig/__init__.py.in:399 msgid "Service port attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:399 +#: src/config/SSSDConfig/__init__.py.in:400 msgid "Service protocol attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:402 +#: src/config/SSSDConfig/__init__.py.in:403 msgid "Lower bound for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:403 +#: src/config/SSSDConfig/__init__.py.in:404 msgid "Upper bound for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:404 +#: src/config/SSSDConfig/__init__.py.in:405 msgid "Number of IDs for each slice when ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:405 +#: src/config/SSSDConfig/__init__.py.in:406 msgid "Use autorid-compatible algorithm for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:406 +#: src/config/SSSDConfig/__init__.py.in:407 msgid "Name of the default domain for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:407 +#: src/config/SSSDConfig/__init__.py.in:408 msgid "SID of the default domain for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:408 +#: src/config/SSSDConfig/__init__.py.in:409 msgid "Number of secondary slices" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:410 +#: src/config/SSSDConfig/__init__.py.in:411 msgid "Whether to use Token-Groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:411 +#: src/config/SSSDConfig/__init__.py.in:412 msgid "Set lower boundary for allowed IDs from the LDAP server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:412 +#: src/config/SSSDConfig/__init__.py.in:413 msgid "Set upper boundary for allowed IDs from the LDAP server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:413 +#: src/config/SSSDConfig/__init__.py.in:414 msgid "DN for ppolicy queries" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:414 +#: src/config/SSSDConfig/__init__.py.in:415 msgid "How many maximum entries to fetch during a wildcard request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:417 +#: src/config/SSSDConfig/__init__.py.in:418 msgid "Policy to evaluate the password expiration" msgstr "Политика вычисления окончания срока действия пароля" -#: src/config/SSSDConfig/__init__.py.in:421 +#: src/config/SSSDConfig/__init__.py.in:422 msgid "Which attributes shall be used to evaluate if an account is expired" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:422 +#: src/config/SSSDConfig/__init__.py.in:423 msgid "Which rules should be used to evaluate access control" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:425 +#: src/config/SSSDConfig/__init__.py.in:426 msgid "URI of an LDAP server where password changes are allowed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:426 +#: src/config/SSSDConfig/__init__.py.in:427 msgid "URI of a backup LDAP server where password changes are allowed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:427 +#: src/config/SSSDConfig/__init__.py.in:428 msgid "DNS service name for LDAP password change server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:428 +#: src/config/SSSDConfig/__init__.py.in:429 msgid "" "Whether to update the ldap_user_shadow_last_change attribute after a " "password change" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:431 +#: src/config/SSSDConfig/__init__.py.in:432 msgid "Base DN for sudo rules lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:432 +#: src/config/SSSDConfig/__init__.py.in:433 msgid "Automatic full refresh period" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:433 +#: src/config/SSSDConfig/__init__.py.in:434 msgid "Automatic smart refresh period" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:434 +#: src/config/SSSDConfig/__init__.py.in:435 msgid "Whether to filter rules by hostname, IP addresses and network" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:435 +#: src/config/SSSDConfig/__init__.py.in:436 msgid "" "Hostnames and/or fully qualified domain names of this machine to filter sudo " "rules" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:436 +#: src/config/SSSDConfig/__init__.py.in:437 msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:437 +#: src/config/SSSDConfig/__init__.py.in:438 msgid "Whether to include rules that contains netgroup in host attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:438 +#: src/config/SSSDConfig/__init__.py.in:439 msgid "" "Whether to include rules that contains regular expression in host attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:439 +#: src/config/SSSDConfig/__init__.py.in:440 msgid "Object class for sudo rules" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:440 +#: src/config/SSSDConfig/__init__.py.in:441 msgid "Sudo rule name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:441 +#: src/config/SSSDConfig/__init__.py.in:442 msgid "Sudo rule command attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:442 +#: src/config/SSSDConfig/__init__.py.in:443 msgid "Sudo rule host attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:443 +#: src/config/SSSDConfig/__init__.py.in:444 msgid "Sudo rule user attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:444 +#: src/config/SSSDConfig/__init__.py.in:445 msgid "Sudo rule option attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:445 +#: src/config/SSSDConfig/__init__.py.in:446 msgid "Sudo rule runas attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:446 +#: src/config/SSSDConfig/__init__.py.in:447 msgid "Sudo rule runasuser attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:447 +#: src/config/SSSDConfig/__init__.py.in:448 msgid "Sudo rule runasgroup attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:448 +#: src/config/SSSDConfig/__init__.py.in:449 msgid "Sudo rule notbefore attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:449 +#: src/config/SSSDConfig/__init__.py.in:450 msgid "Sudo rule notafter attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:450 +#: src/config/SSSDConfig/__init__.py.in:451 msgid "Sudo rule order attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:453 +#: src/config/SSSDConfig/__init__.py.in:454 msgid "Object class for automounter maps" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:454 +#: src/config/SSSDConfig/__init__.py.in:455 msgid "Automounter map name attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:455 +#: src/config/SSSDConfig/__init__.py.in:456 msgid "Object class for automounter map entries" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:456 +#: src/config/SSSDConfig/__init__.py.in:457 msgid "Automounter map entry key attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:457 +#: src/config/SSSDConfig/__init__.py.in:458 msgid "Automounter map entry value attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:458 +#: src/config/SSSDConfig/__init__.py.in:459 msgid "Base DN for automounter map lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:461 +#: src/config/SSSDConfig/__init__.py.in:462 msgid "Comma separated list of allowed users" msgstr "Разделённый запятыми список разрешённых пользователей" -#: src/config/SSSDConfig/__init__.py.in:462 +#: src/config/SSSDConfig/__init__.py.in:463 msgid "Comma separated list of prohibited users" msgstr "Разделённый запятыми список запрещённых пользователей" -#: src/config/SSSDConfig/__init__.py.in:465 +#: src/config/SSSDConfig/__init__.py.in:466 msgid "Default shell, /bin/bash" msgstr "Оболочка по умолчанию, /bin/bash" -#: src/config/SSSDConfig/__init__.py.in:466 +#: src/config/SSSDConfig/__init__.py.in:467 msgid "Base for home directories" msgstr "Место для домашних каталогов" -#: src/config/SSSDConfig/__init__.py.in:469 +#: src/config/SSSDConfig/__init__.py.in:470 msgid "The number of preforked proxy children." msgstr "" -#: src/config/SSSDConfig/__init__.py.in:472 +#: src/config/SSSDConfig/__init__.py.in:473 msgid "The name of the NSS library to use" msgstr "Имя используемой библиотеки NSS" -#: src/config/SSSDConfig/__init__.py.in:473 +#: src/config/SSSDConfig/__init__.py.in:474 msgid "Whether to look up canonical group name from cache if possible" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:476 +#: src/config/SSSDConfig/__init__.py.in:477 msgid "PAM stack to use" msgstr "Используемый стек PAM" -#: src/config/SSSDConfig/__init__.py.in:479 +#: src/config/SSSDConfig/__init__.py.in:480 msgid "Path of passwd file sources." msgstr "" -#: src/config/SSSDConfig/__init__.py.in:480 +#: src/config/SSSDConfig/__init__.py.in:481 msgid "Path of group file sources." msgstr "" -#: src/monitor/monitor.c:2347 +#: src/monitor/monitor.c:2332 msgid "Become a daemon (default)" msgstr "Запускаться в качестве службы (по умолчанию)" -#: src/monitor/monitor.c:2349 +#: src/monitor/monitor.c:2334 msgid "Run interactive (not a daemon)" msgstr "Запускаться интерактивно (не службой)" -#: src/monitor/monitor.c:2352 +#: src/monitor/monitor.c:2337 msgid "Disable netlink interface" msgstr "" -#: src/monitor/monitor.c:2354 src/tools/sssctl/sssctl_logs.c:311 +#: src/monitor/monitor.c:2339 src/tools/sssctl/sssctl_logs.c:311 msgid "Specify a non-default config file" msgstr "Указать файл конфигурации" -#: src/monitor/monitor.c:2356 +#: src/monitor/monitor.c:2341 msgid "Refresh the configuration database, then exit" msgstr "" -#: src/monitor/monitor.c:2359 +#: src/monitor/monitor.c:2344 msgid "Similar to --genconf, but only refreshes the given section" msgstr "" -#: src/monitor/monitor.c:2362 +#: src/monitor/monitor.c:2347 msgid "Print version number and exit" msgstr "" -#: src/monitor/monitor.c:2538 +#: src/monitor/monitor.c:2523 msgid "SSSD is already running\n" msgstr "" -#: src/providers/krb5/krb5_child.c:3219 src/providers/ldap/ldap_child.c:605 +#: src/providers/krb5/krb5_child.c:3232 src/providers/ldap/ldap_child.c:605 msgid "Debug level" msgstr "Уровень отладки" -#: src/providers/krb5/krb5_child.c:3221 src/providers/ldap/ldap_child.c:607 +#: src/providers/krb5/krb5_child.c:3234 src/providers/ldap/ldap_child.c:607 msgid "Add debug timestamps" msgstr "Добавить отладочные отметки времени" -#: src/providers/krb5/krb5_child.c:3223 src/providers/ldap/ldap_child.c:609 +#: src/providers/krb5/krb5_child.c:3236 src/providers/ldap/ldap_child.c:609 msgid "Show timestamps with microseconds" msgstr "" -#: src/providers/krb5/krb5_child.c:3225 src/providers/ldap/ldap_child.c:611 +#: src/providers/krb5/krb5_child.c:3238 src/providers/ldap/ldap_child.c:611 msgid "An open file descriptor for the debug logs" msgstr "Открытый дескриптор файла для журналов отладки" -#: src/providers/krb5/krb5_child.c:3228 src/providers/ldap/ldap_child.c:613 +#: src/providers/krb5/krb5_child.c:3241 src/providers/ldap/ldap_child.c:613 msgid "Send the debug output to stderr directly." msgstr "" -#: src/providers/krb5/krb5_child.c:3231 +#: src/providers/krb5/krb5_child.c:3244 msgid "The user to create FAST ccache as" msgstr "" -#: src/providers/krb5/krb5_child.c:3233 +#: src/providers/krb5/krb5_child.c:3246 msgid "The group to create FAST ccache as" msgstr "" -#: src/providers/krb5/krb5_child.c:3235 +#: src/providers/krb5/krb5_child.c:3248 msgid "Kerberos realm to use" msgstr "" -#: src/providers/krb5/krb5_child.c:3237 +#: src/providers/krb5/krb5_child.c:3250 msgid "Requested lifetime of the ticket" msgstr "" -#: src/providers/krb5/krb5_child.c:3239 +#: src/providers/krb5/krb5_child.c:3252 msgid "Requested renewable lifetime of the ticket" msgstr "" -#: src/providers/krb5/krb5_child.c:3241 +#: src/providers/krb5/krb5_child.c:3254 msgid "FAST options ('never', 'try', 'demand')" msgstr "" -#: src/providers/krb5/krb5_child.c:3244 +#: src/providers/krb5/krb5_child.c:3257 msgid "Specifies the server principal to use for FAST" msgstr "" -#: src/providers/krb5/krb5_child.c:3246 +#: src/providers/krb5/krb5_child.c:3259 msgid "Requests canonicalization of the principal name" msgstr "" -#: src/providers/krb5/krb5_child.c:3248 +#: src/providers/krb5/krb5_child.c:3261 msgid "Use custom version of krb5_get_init_creds_password" msgstr "" -#: src/providers/data_provider_be.c:630 +#: src/providers/data_provider_be.c:673 msgid "Domain of the information provider (mandatory)" msgstr "Домен поставщика информации (обязательный)" -#: src/sss_client/common.c:1067 +#: src/sss_client/common.c:1079 msgid "Privileged socket has wrong ownership or permissions." msgstr "" "Для привилегированного сокета установлен неверный владелец или права доступа." -#: src/sss_client/common.c:1070 +#: src/sss_client/common.c:1082 msgid "Public socket has wrong ownership or permissions." msgstr "" "Для общедоступного сокета установлен неверный владелец или права доступа." -#: src/sss_client/common.c:1073 +#: src/sss_client/common.c:1085 msgid "Unexpected format of the server credential message." msgstr "" -#: src/sss_client/common.c:1076 +#: src/sss_client/common.c:1088 msgid "SSSD is not run by root." msgstr "" -#: src/sss_client/common.c:1081 +#: src/sss_client/common.c:1091 +msgid "SSSD socket does not exist." +msgstr "" + +#: src/sss_client/common.c:1094 +msgid "Cannot get stat of SSSD socket." +msgstr "" + +#: src/sss_client/common.c:1099 msgid "An error occurred, but no description can be found." msgstr "" -#: src/sss_client/common.c:1087 +#: src/sss_client/common.c:1105 msgid "Unexpected error while looking for an error description" msgstr "" @@ -1623,88 +1635,88 @@ msgstr "" msgid "Permission denied. " msgstr "" -#: src/sss_client/pam_sss.c:68 src/sss_client/pam_sss.c:774 -#: src/sss_client/pam_sss.c:785 +#: src/sss_client/pam_sss.c:68 src/sss_client/pam_sss.c:777 +#: src/sss_client/pam_sss.c:788 msgid "Server message: " msgstr "Сообщение сервера:" -#: src/sss_client/pam_sss.c:292 +#: src/sss_client/pam_sss.c:295 msgid "Passwords do not match" msgstr "Пароли не совпадают" -#: src/sss_client/pam_sss.c:480 +#: src/sss_client/pam_sss.c:483 msgid "Password reset by root is not supported." msgstr "" -#: src/sss_client/pam_sss.c:521 +#: src/sss_client/pam_sss.c:524 msgid "Authenticated with cached credentials" msgstr "" -#: src/sss_client/pam_sss.c:522 +#: src/sss_client/pam_sss.c:525 msgid ", your cached password will expire at: " msgstr ", срок действия вашего кэшированного пароль истечёт:" -#: src/sss_client/pam_sss.c:552 +#: src/sss_client/pam_sss.c:555 #, c-format msgid "Your password has expired. You have %1$d grace login(s) remaining." msgstr "" -#: src/sss_client/pam_sss.c:598 +#: src/sss_client/pam_sss.c:601 #, c-format msgid "Your password will expire in %1$d %2$s." msgstr "" -#: src/sss_client/pam_sss.c:647 +#: src/sss_client/pam_sss.c:650 msgid "Authentication is denied until: " msgstr "" -#: src/sss_client/pam_sss.c:668 +#: src/sss_client/pam_sss.c:671 msgid "System is offline, password change not possible" msgstr "Система находится в автономном режиме, невозможно сменить пароль" -#: src/sss_client/pam_sss.c:683 +#: src/sss_client/pam_sss.c:686 msgid "" "After changing the OTP password, you need to log out and back in order to " "acquire a ticket" msgstr "" -#: src/sss_client/pam_sss.c:771 src/sss_client/pam_sss.c:784 +#: src/sss_client/pam_sss.c:774 src/sss_client/pam_sss.c:787 msgid "Password change failed. " msgstr "Не удалось сменить пароль." -#: src/sss_client/pam_sss.c:1921 +#: src/sss_client/pam_sss.c:1977 msgid "New Password: " msgstr "Новый пароль:" -#: src/sss_client/pam_sss.c:1922 +#: src/sss_client/pam_sss.c:1978 msgid "Reenter new Password: " msgstr "Введите новый пароль ещё раз:" -#: src/sss_client/pam_sss.c:2038 src/sss_client/pam_sss.c:2041 +#: src/sss_client/pam_sss.c:2139 src/sss_client/pam_sss.c:2142 msgid "First Factor: " msgstr "" -#: src/sss_client/pam_sss.c:2039 src/sss_client/pam_sss.c:2201 +#: src/sss_client/pam_sss.c:2140 src/sss_client/pam_sss.c:2303 msgid "Second Factor (optional): " msgstr "" -#: src/sss_client/pam_sss.c:2042 src/sss_client/pam_sss.c:2204 +#: src/sss_client/pam_sss.c:2143 src/sss_client/pam_sss.c:2306 msgid "Second Factor: " msgstr "" -#: src/sss_client/pam_sss.c:2057 +#: src/sss_client/pam_sss.c:2158 msgid "Password: " msgstr "Пароль:" -#: src/sss_client/pam_sss.c:2200 src/sss_client/pam_sss.c:2203 +#: src/sss_client/pam_sss.c:2302 src/sss_client/pam_sss.c:2305 msgid "First Factor (Current Password): " msgstr "" -#: src/sss_client/pam_sss.c:2207 +#: src/sss_client/pam_sss.c:2309 msgid "Current Password: " msgstr "Текущий пароль:" -#: src/sss_client/pam_sss.c:2562 +#: src/sss_client/pam_sss.c:2664 msgid "Password expired. Change your password now." msgstr "Срок действия пароля истёк. Необходимо сейчас изменить ваш пароль." @@ -1713,7 +1725,7 @@ msgstr "Срок действия пароля истёк. Необходимо #: src/tools/sss_groupadd.c:41 src/tools/sss_groupdel.c:44 #: src/tools/sss_groupmod.c:42 src/tools/sss_groupshow.c:668 #: src/tools/sss_userdel.c:134 src/tools/sss_usermod.c:47 -#: src/tools/sss_cache.c:687 +#: src/tools/sss_cache.c:704 msgid "The debug level to run with" msgstr "Уровень отладки для запуска" @@ -1726,7 +1738,7 @@ msgstr "" #: src/tools/sss_groupadd.c:59 src/tools/sss_groupdel.c:54 #: src/tools/sss_groupmod.c:66 src/tools/sss_groupshow.c:680 #: src/tools/sss_userdel.c:152 src/tools/sss_usermod.c:79 -#: src/tools/sss_cache.c:733 +#: src/tools/sss_cache.c:750 msgid "Error setting the locale\n" msgstr "" @@ -1762,6 +1774,11 @@ msgstr "" msgid "The path to the proxy command must be absolute\n" msgstr "" +#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:342 +#, c-format +msgid "sss_ssh_knownhostsproxy: Could not resolve hostname %s\n" +msgstr "" + #: src/tools/sss_useradd.c:49 src/tools/sss_usermod.c:48 msgid "The UID of the user" msgstr "UID пользователя" @@ -2175,102 +2192,102 @@ msgstr "Не удалось изменить пользователя — он msgid "Transaction error. Could not modify user.\n" msgstr "Ошибка в транзакции. Не удалось изменить пользователя.\n" -#: src/tools/sss_cache.c:228 +#: src/tools/sss_cache.c:245 msgid "No cache object matched the specified search\n" msgstr "" -#: src/tools/sss_cache.c:519 +#: src/tools/sss_cache.c:536 #, c-format msgid "Couldn't invalidate %1$s\n" msgstr "" -#: src/tools/sss_cache.c:526 +#: src/tools/sss_cache.c:543 #, c-format msgid "Couldn't invalidate %1$s %2$s\n" msgstr "" -#: src/tools/sss_cache.c:689 +#: src/tools/sss_cache.c:706 msgid "Invalidate all cached entries" msgstr "" -#: src/tools/sss_cache.c:691 +#: src/tools/sss_cache.c:708 msgid "Invalidate particular user" msgstr "" -#: src/tools/sss_cache.c:693 +#: src/tools/sss_cache.c:710 msgid "Invalidate all users" msgstr "" -#: src/tools/sss_cache.c:695 +#: src/tools/sss_cache.c:712 msgid "Invalidate particular group" msgstr "" -#: src/tools/sss_cache.c:697 +#: src/tools/sss_cache.c:714 msgid "Invalidate all groups" msgstr "" -#: src/tools/sss_cache.c:699 +#: src/tools/sss_cache.c:716 msgid "Invalidate particular netgroup" msgstr "" -#: src/tools/sss_cache.c:701 +#: src/tools/sss_cache.c:718 msgid "Invalidate all netgroups" msgstr "" -#: src/tools/sss_cache.c:703 +#: src/tools/sss_cache.c:720 msgid "Invalidate particular service" msgstr "" -#: src/tools/sss_cache.c:705 +#: src/tools/sss_cache.c:722 msgid "Invalidate all services" msgstr "" -#: src/tools/sss_cache.c:708 +#: src/tools/sss_cache.c:725 msgid "Invalidate particular autofs map" msgstr "" -#: src/tools/sss_cache.c:710 +#: src/tools/sss_cache.c:727 msgid "Invalidate all autofs maps" msgstr "" -#: src/tools/sss_cache.c:714 +#: src/tools/sss_cache.c:731 msgid "Invalidate particular SSH host" msgstr "" -#: src/tools/sss_cache.c:716 +#: src/tools/sss_cache.c:733 msgid "Invalidate all SSH hosts" msgstr "" -#: src/tools/sss_cache.c:720 +#: src/tools/sss_cache.c:737 msgid "Invalidate particular sudo rule" msgstr "" -#: src/tools/sss_cache.c:722 +#: src/tools/sss_cache.c:739 msgid "Invalidate all cached sudo rules" msgstr "" -#: src/tools/sss_cache.c:725 +#: src/tools/sss_cache.c:742 msgid "Only invalidate entries from a particular domain" msgstr "" -#: src/tools/sss_cache.c:779 +#: src/tools/sss_cache.c:796 msgid "" "Unexpected argument(s) provided, options that invalidate a single object " "only accept a single provided argument.\n" msgstr "" -#: src/tools/sss_cache.c:789 +#: src/tools/sss_cache.c:806 msgid "Please select at least one object to invalidate\n" msgstr "" -#: src/tools/sss_cache.c:872 +#: src/tools/sss_cache.c:889 #, c-format msgid "" "Could not open domain %1$s. If the domain is a subdomain (trusted domain), " "use fully qualified name instead of --domain/-d parameter.\n" msgstr "" -#: src/tools/sss_cache.c:877 +#: src/tools/sss_cache.c:894 msgid "Could not open available domains\n" msgstr "" @@ -2819,21 +2836,18 @@ msgstr "" msgid " - no env -\n" msgstr "" -#: src/util/util.h:73 +#: src/util/util.h:74 msgid "The user ID to run the server as" msgstr "ID пользователя, под которым запускать сервер" -#: src/util/util.h:75 +#: src/util/util.h:76 msgid "The group ID to run the server as" msgstr "ID группы, под которым запускать сервер" -#: src/util/util.h:83 +#: src/util/util.h:84 msgid "Informs that the responder has been socket-activated" msgstr "" -#: src/util/util.h:85 +#: src/util/util.h:86 msgid "Informs that the responder has been dbus-activated" msgstr "" - -#~ msgid "Store password hashes" -#~ msgstr "Хранить хеши паролей" diff --git a/po/sssd.pot b/po/sssd.pot index 5ff18b5e286..c33451370fe 100644 --- a/po/sssd.pot +++ b/po/sssd.pot @@ -8,7 +8,7 @@ msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n" -"POT-Creation-Date: 2019-02-27 19:55+0100\n" +"POT-Creation-Date: 2019-06-13 20:35+0200\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" "Last-Translator: FULL NAME \n" "Language-Team: LANGUAGE \n" @@ -672,7 +672,7 @@ msgid "Active Directory client hostname" msgstr "" #: src/config/SSSDConfig/__init__.py.in:236 -#: src/config/SSSDConfig/__init__.py.in:420 +#: src/config/SSSDConfig/__init__.py.in:421 msgid "LDAP filter to determine access privileges" msgstr "" @@ -842,746 +842,758 @@ msgid "The Schema Type in use on the LDAP server, rfc2307" msgstr "" #: src/config/SSSDConfig/__init__.py.in:285 -msgid "The default bind DN" +msgid "Mode used to change user password" msgstr "" #: src/config/SSSDConfig/__init__.py.in:286 -msgid "The type of the authentication token of the default bind DN" +msgid "The default bind DN" msgstr "" #: src/config/SSSDConfig/__init__.py.in:287 -msgid "The authentication token of the default bind DN" +msgid "The type of the authentication token of the default bind DN" msgstr "" #: src/config/SSSDConfig/__init__.py.in:288 -msgid "Length of time to attempt connection" +msgid "The authentication token of the default bind DN" msgstr "" #: src/config/SSSDConfig/__init__.py.in:289 -msgid "Length of time to attempt synchronous LDAP operations" +msgid "Length of time to attempt connection" msgstr "" #: src/config/SSSDConfig/__init__.py.in:290 -msgid "Length of time between attempts to reconnect while offline" +msgid "Length of time to attempt synchronous LDAP operations" msgstr "" #: src/config/SSSDConfig/__init__.py.in:291 -msgid "Use only the upper case for realm names" +msgid "Length of time between attempts to reconnect while offline" msgstr "" #: src/config/SSSDConfig/__init__.py.in:292 -msgid "File that contains CA certificates" +msgid "Use only the upper case for realm names" msgstr "" #: src/config/SSSDConfig/__init__.py.in:293 -msgid "Path to CA certificate directory" +msgid "File that contains CA certificates" msgstr "" #: src/config/SSSDConfig/__init__.py.in:294 -msgid "File that contains the client certificate" +msgid "Path to CA certificate directory" msgstr "" #: src/config/SSSDConfig/__init__.py.in:295 -msgid "File that contains the client key" +msgid "File that contains the client certificate" msgstr "" #: src/config/SSSDConfig/__init__.py.in:296 -msgid "List of possible ciphers suites" +msgid "File that contains the client key" msgstr "" #: src/config/SSSDConfig/__init__.py.in:297 -msgid "Require TLS certificate verification" +msgid "List of possible ciphers suites" msgstr "" #: src/config/SSSDConfig/__init__.py.in:298 -msgid "Specify the sasl mechanism to use" +msgid "Require TLS certificate verification" msgstr "" #: src/config/SSSDConfig/__init__.py.in:299 -msgid "Specify the sasl authorization id to use" +msgid "Specify the sasl mechanism to use" msgstr "" #: src/config/SSSDConfig/__init__.py.in:300 -msgid "Specify the sasl authorization realm to use" +msgid "Specify the sasl authorization id to use" msgstr "" #: src/config/SSSDConfig/__init__.py.in:301 -msgid "Specify the minimal SSF for LDAP sasl authorization" +msgid "Specify the sasl authorization realm to use" msgstr "" #: src/config/SSSDConfig/__init__.py.in:302 -msgid "Kerberos service keytab" +msgid "Specify the minimal SSF for LDAP sasl authorization" msgstr "" #: src/config/SSSDConfig/__init__.py.in:303 -msgid "Use Kerberos auth for LDAP connection" +msgid "Kerberos service keytab" msgstr "" #: src/config/SSSDConfig/__init__.py.in:304 -msgid "Follow LDAP referrals" +msgid "Use Kerberos auth for LDAP connection" msgstr "" #: src/config/SSSDConfig/__init__.py.in:305 -msgid "Lifetime of TGT for LDAP connection" +msgid "Follow LDAP referrals" msgstr "" #: src/config/SSSDConfig/__init__.py.in:306 -msgid "How to dereference aliases" +msgid "Lifetime of TGT for LDAP connection" msgstr "" #: src/config/SSSDConfig/__init__.py.in:307 -msgid "Service name for DNS service lookups" +msgid "How to dereference aliases" msgstr "" #: src/config/SSSDConfig/__init__.py.in:308 -msgid "The number of records to retrieve in a single LDAP query" +msgid "Service name for DNS service lookups" msgstr "" #: src/config/SSSDConfig/__init__.py.in:309 -msgid "The number of members that must be missing to trigger a full deref" +msgid "The number of records to retrieve in a single LDAP query" msgstr "" #: src/config/SSSDConfig/__init__.py.in:310 +msgid "The number of members that must be missing to trigger a full deref" +msgstr "" + +#: src/config/SSSDConfig/__init__.py.in:311 msgid "" "Whether the LDAP library should perform a reverse lookup to canonicalize the " "host name during a SASL bind" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:312 +#: src/config/SSSDConfig/__init__.py.in:313 msgid "entryUSN attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:313 +#: src/config/SSSDConfig/__init__.py.in:314 msgid "lastUSN attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:315 +#: src/config/SSSDConfig/__init__.py.in:316 msgid "How long to retain a connection to the LDAP server before disconnecting" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:317 +#: src/config/SSSDConfig/__init__.py.in:318 msgid "Disable the LDAP paging control" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:318 +#: src/config/SSSDConfig/__init__.py.in:319 msgid "Disable Active Directory range retrieval" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:321 +#: src/config/SSSDConfig/__init__.py.in:322 msgid "Length of time to wait for a search request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:322 +#: src/config/SSSDConfig/__init__.py.in:323 msgid "Length of time to wait for a enumeration request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:323 +#: src/config/SSSDConfig/__init__.py.in:324 msgid "Length of time between enumeration updates" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:324 +#: src/config/SSSDConfig/__init__.py.in:325 msgid "Length of time between cache cleanups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:325 +#: src/config/SSSDConfig/__init__.py.in:326 msgid "Require TLS for ID lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:326 +#: src/config/SSSDConfig/__init__.py.in:327 msgid "Use ID-mapping of objectSID instead of pre-set IDs" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:327 +#: src/config/SSSDConfig/__init__.py.in:328 msgid "Base DN for user lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:328 +#: src/config/SSSDConfig/__init__.py.in:329 msgid "Scope of user lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:329 +#: src/config/SSSDConfig/__init__.py.in:330 msgid "Filter for user lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:330 +#: src/config/SSSDConfig/__init__.py.in:331 msgid "Objectclass for users" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:331 +#: src/config/SSSDConfig/__init__.py.in:332 msgid "Username attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:333 +#: src/config/SSSDConfig/__init__.py.in:334 msgid "UID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:334 +#: src/config/SSSDConfig/__init__.py.in:335 msgid "Primary GID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:335 +#: src/config/SSSDConfig/__init__.py.in:336 msgid "GECOS attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:336 +#: src/config/SSSDConfig/__init__.py.in:337 msgid "Home directory attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:337 +#: src/config/SSSDConfig/__init__.py.in:338 msgid "Shell attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:338 +#: src/config/SSSDConfig/__init__.py.in:339 msgid "UUID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:339 -#: src/config/SSSDConfig/__init__.py.in:381 +#: src/config/SSSDConfig/__init__.py.in:340 +#: src/config/SSSDConfig/__init__.py.in:382 msgid "objectSID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:340 +#: src/config/SSSDConfig/__init__.py.in:341 msgid "Active Directory primary group attribute for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:341 +#: src/config/SSSDConfig/__init__.py.in:342 msgid "User principal attribute (for Kerberos)" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:342 +#: src/config/SSSDConfig/__init__.py.in:343 msgid "Full Name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:343 +#: src/config/SSSDConfig/__init__.py.in:344 msgid "memberOf attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:344 +#: src/config/SSSDConfig/__init__.py.in:345 msgid "Modification time attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:346 +#: src/config/SSSDConfig/__init__.py.in:347 msgid "shadowLastChange attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:347 +#: src/config/SSSDConfig/__init__.py.in:348 msgid "shadowMin attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:348 +#: src/config/SSSDConfig/__init__.py.in:349 msgid "shadowMax attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:349 +#: src/config/SSSDConfig/__init__.py.in:350 msgid "shadowWarning attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:350 +#: src/config/SSSDConfig/__init__.py.in:351 msgid "shadowInactive attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:351 +#: src/config/SSSDConfig/__init__.py.in:352 msgid "shadowExpire attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:352 +#: src/config/SSSDConfig/__init__.py.in:353 msgid "shadowFlag attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:353 +#: src/config/SSSDConfig/__init__.py.in:354 msgid "Attribute listing authorized PAM services" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:354 +#: src/config/SSSDConfig/__init__.py.in:355 msgid "Attribute listing authorized server hosts" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:355 +#: src/config/SSSDConfig/__init__.py.in:356 msgid "Attribute listing authorized server rhosts" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:356 +#: src/config/SSSDConfig/__init__.py.in:357 msgid "krbLastPwdChange attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:357 +#: src/config/SSSDConfig/__init__.py.in:358 msgid "krbPasswordExpiration attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:358 +#: src/config/SSSDConfig/__init__.py.in:359 msgid "Attribute indicating that server side password policies are active" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:359 +#: src/config/SSSDConfig/__init__.py.in:360 msgid "accountExpires attribute of AD" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:360 +#: src/config/SSSDConfig/__init__.py.in:361 msgid "userAccountControl attribute of AD" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:361 +#: src/config/SSSDConfig/__init__.py.in:362 msgid "nsAccountLock attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:362 +#: src/config/SSSDConfig/__init__.py.in:363 msgid "loginDisabled attribute of NDS" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:363 +#: src/config/SSSDConfig/__init__.py.in:364 msgid "loginExpirationTime attribute of NDS" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:364 +#: src/config/SSSDConfig/__init__.py.in:365 msgid "loginAllowedTimeMap attribute of NDS" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:365 +#: src/config/SSSDConfig/__init__.py.in:366 msgid "SSH public key attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:366 +#: src/config/SSSDConfig/__init__.py.in:367 msgid "attribute listing allowed authentication types for a user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:367 +#: src/config/SSSDConfig/__init__.py.in:368 msgid "attribute containing the X509 certificate of the user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:368 +#: src/config/SSSDConfig/__init__.py.in:369 msgid "attribute containing the email address of the user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:370 +#: src/config/SSSDConfig/__init__.py.in:371 msgid "A list of extra attributes to download along with the user entry" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:372 +#: src/config/SSSDConfig/__init__.py.in:373 msgid "Base DN for group lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:375 +#: src/config/SSSDConfig/__init__.py.in:376 msgid "Objectclass for groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:376 +#: src/config/SSSDConfig/__init__.py.in:377 msgid "Group name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:377 +#: src/config/SSSDConfig/__init__.py.in:378 msgid "Group password" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:378 +#: src/config/SSSDConfig/__init__.py.in:379 msgid "GID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:379 +#: src/config/SSSDConfig/__init__.py.in:380 msgid "Group member attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:380 +#: src/config/SSSDConfig/__init__.py.in:381 msgid "Group UUID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:382 +#: src/config/SSSDConfig/__init__.py.in:383 msgid "Modification time attribute for groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:383 +#: src/config/SSSDConfig/__init__.py.in:384 msgid "Type of the group and other flags" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:384 +#: src/config/SSSDConfig/__init__.py.in:385 msgid "The LDAP group external member attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:386 +#: src/config/SSSDConfig/__init__.py.in:387 msgid "Maximum nesting level SSSD will follow" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:388 +#: src/config/SSSDConfig/__init__.py.in:389 msgid "Base DN for netgroup lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:389 +#: src/config/SSSDConfig/__init__.py.in:390 msgid "Objectclass for netgroups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:390 +#: src/config/SSSDConfig/__init__.py.in:391 msgid "Netgroup name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:391 +#: src/config/SSSDConfig/__init__.py.in:392 msgid "Netgroups members attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:392 +#: src/config/SSSDConfig/__init__.py.in:393 msgid "Netgroup triple attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:393 +#: src/config/SSSDConfig/__init__.py.in:394 msgid "Modification time attribute for netgroups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:395 +#: src/config/SSSDConfig/__init__.py.in:396 msgid "Base DN for service lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:396 +#: src/config/SSSDConfig/__init__.py.in:397 msgid "Objectclass for services" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:397 +#: src/config/SSSDConfig/__init__.py.in:398 msgid "Service name attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:398 +#: src/config/SSSDConfig/__init__.py.in:399 msgid "Service port attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:399 +#: src/config/SSSDConfig/__init__.py.in:400 msgid "Service protocol attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:402 +#: src/config/SSSDConfig/__init__.py.in:403 msgid "Lower bound for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:403 +#: src/config/SSSDConfig/__init__.py.in:404 msgid "Upper bound for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:404 +#: src/config/SSSDConfig/__init__.py.in:405 msgid "Number of IDs for each slice when ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:405 +#: src/config/SSSDConfig/__init__.py.in:406 msgid "Use autorid-compatible algorithm for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:406 +#: src/config/SSSDConfig/__init__.py.in:407 msgid "Name of the default domain for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:407 +#: src/config/SSSDConfig/__init__.py.in:408 msgid "SID of the default domain for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:408 +#: src/config/SSSDConfig/__init__.py.in:409 msgid "Number of secondary slices" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:410 +#: src/config/SSSDConfig/__init__.py.in:411 msgid "Whether to use Token-Groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:411 +#: src/config/SSSDConfig/__init__.py.in:412 msgid "Set lower boundary for allowed IDs from the LDAP server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:412 +#: src/config/SSSDConfig/__init__.py.in:413 msgid "Set upper boundary for allowed IDs from the LDAP server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:413 +#: src/config/SSSDConfig/__init__.py.in:414 msgid "DN for ppolicy queries" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:414 +#: src/config/SSSDConfig/__init__.py.in:415 msgid "How many maximum entries to fetch during a wildcard request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:417 +#: src/config/SSSDConfig/__init__.py.in:418 msgid "Policy to evaluate the password expiration" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:421 +#: src/config/SSSDConfig/__init__.py.in:422 msgid "Which attributes shall be used to evaluate if an account is expired" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:422 +#: src/config/SSSDConfig/__init__.py.in:423 msgid "Which rules should be used to evaluate access control" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:425 +#: src/config/SSSDConfig/__init__.py.in:426 msgid "URI of an LDAP server where password changes are allowed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:426 +#: src/config/SSSDConfig/__init__.py.in:427 msgid "URI of a backup LDAP server where password changes are allowed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:427 +#: src/config/SSSDConfig/__init__.py.in:428 msgid "DNS service name for LDAP password change server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:428 +#: src/config/SSSDConfig/__init__.py.in:429 msgid "" "Whether to update the ldap_user_shadow_last_change attribute after a " "password change" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:431 +#: src/config/SSSDConfig/__init__.py.in:432 msgid "Base DN for sudo rules lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:432 +#: src/config/SSSDConfig/__init__.py.in:433 msgid "Automatic full refresh period" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:433 +#: src/config/SSSDConfig/__init__.py.in:434 msgid "Automatic smart refresh period" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:434 +#: src/config/SSSDConfig/__init__.py.in:435 msgid "Whether to filter rules by hostname, IP addresses and network" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:435 +#: src/config/SSSDConfig/__init__.py.in:436 msgid "" "Hostnames and/or fully qualified domain names of this machine to filter sudo " "rules" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:436 +#: src/config/SSSDConfig/__init__.py.in:437 msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:437 +#: src/config/SSSDConfig/__init__.py.in:438 msgid "Whether to include rules that contains netgroup in host attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:438 +#: src/config/SSSDConfig/__init__.py.in:439 msgid "" "Whether to include rules that contains regular expression in host attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:439 +#: src/config/SSSDConfig/__init__.py.in:440 msgid "Object class for sudo rules" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:440 +#: src/config/SSSDConfig/__init__.py.in:441 msgid "Sudo rule name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:441 +#: src/config/SSSDConfig/__init__.py.in:442 msgid "Sudo rule command attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:442 +#: src/config/SSSDConfig/__init__.py.in:443 msgid "Sudo rule host attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:443 +#: src/config/SSSDConfig/__init__.py.in:444 msgid "Sudo rule user attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:444 +#: src/config/SSSDConfig/__init__.py.in:445 msgid "Sudo rule option attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:445 +#: src/config/SSSDConfig/__init__.py.in:446 msgid "Sudo rule runas attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:446 +#: src/config/SSSDConfig/__init__.py.in:447 msgid "Sudo rule runasuser attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:447 +#: src/config/SSSDConfig/__init__.py.in:448 msgid "Sudo rule runasgroup attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:448 +#: src/config/SSSDConfig/__init__.py.in:449 msgid "Sudo rule notbefore attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:449 +#: src/config/SSSDConfig/__init__.py.in:450 msgid "Sudo rule notafter attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:450 +#: src/config/SSSDConfig/__init__.py.in:451 msgid "Sudo rule order attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:453 +#: src/config/SSSDConfig/__init__.py.in:454 msgid "Object class for automounter maps" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:454 +#: src/config/SSSDConfig/__init__.py.in:455 msgid "Automounter map name attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:455 +#: src/config/SSSDConfig/__init__.py.in:456 msgid "Object class for automounter map entries" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:456 +#: src/config/SSSDConfig/__init__.py.in:457 msgid "Automounter map entry key attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:457 +#: src/config/SSSDConfig/__init__.py.in:458 msgid "Automounter map entry value attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:458 +#: src/config/SSSDConfig/__init__.py.in:459 msgid "Base DN for automounter map lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:461 +#: src/config/SSSDConfig/__init__.py.in:462 msgid "Comma separated list of allowed users" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:462 +#: src/config/SSSDConfig/__init__.py.in:463 msgid "Comma separated list of prohibited users" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:465 +#: src/config/SSSDConfig/__init__.py.in:466 msgid "Default shell, /bin/bash" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:466 +#: src/config/SSSDConfig/__init__.py.in:467 msgid "Base for home directories" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:469 +#: src/config/SSSDConfig/__init__.py.in:470 msgid "The number of preforked proxy children." msgstr "" -#: src/config/SSSDConfig/__init__.py.in:472 +#: src/config/SSSDConfig/__init__.py.in:473 msgid "The name of the NSS library to use" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:473 +#: src/config/SSSDConfig/__init__.py.in:474 msgid "Whether to look up canonical group name from cache if possible" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:476 +#: src/config/SSSDConfig/__init__.py.in:477 msgid "PAM stack to use" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:479 +#: src/config/SSSDConfig/__init__.py.in:480 msgid "Path of passwd file sources." msgstr "" -#: src/config/SSSDConfig/__init__.py.in:480 +#: src/config/SSSDConfig/__init__.py.in:481 msgid "Path of group file sources." msgstr "" -#: src/monitor/monitor.c:2347 +#: src/monitor/monitor.c:2332 msgid "Become a daemon (default)" msgstr "" -#: src/monitor/monitor.c:2349 +#: src/monitor/monitor.c:2334 msgid "Run interactive (not a daemon)" msgstr "" -#: src/monitor/monitor.c:2352 +#: src/monitor/monitor.c:2337 msgid "Disable netlink interface" msgstr "" -#: src/monitor/monitor.c:2354 src/tools/sssctl/sssctl_logs.c:311 +#: src/monitor/monitor.c:2339 src/tools/sssctl/sssctl_logs.c:311 msgid "Specify a non-default config file" msgstr "" -#: src/monitor/monitor.c:2356 +#: src/monitor/monitor.c:2341 msgid "Refresh the configuration database, then exit" msgstr "" -#: src/monitor/monitor.c:2359 +#: src/monitor/monitor.c:2344 msgid "Similar to --genconf, but only refreshes the given section" msgstr "" -#: src/monitor/monitor.c:2362 +#: src/monitor/monitor.c:2347 msgid "Print version number and exit" msgstr "" -#: src/monitor/monitor.c:2538 +#: src/monitor/monitor.c:2523 msgid "SSSD is already running\n" msgstr "" -#: src/providers/krb5/krb5_child.c:3219 src/providers/ldap/ldap_child.c:605 +#: src/providers/krb5/krb5_child.c:3232 src/providers/ldap/ldap_child.c:605 msgid "Debug level" msgstr "" -#: src/providers/krb5/krb5_child.c:3221 src/providers/ldap/ldap_child.c:607 +#: src/providers/krb5/krb5_child.c:3234 src/providers/ldap/ldap_child.c:607 msgid "Add debug timestamps" msgstr "" -#: src/providers/krb5/krb5_child.c:3223 src/providers/ldap/ldap_child.c:609 +#: src/providers/krb5/krb5_child.c:3236 src/providers/ldap/ldap_child.c:609 msgid "Show timestamps with microseconds" msgstr "" -#: src/providers/krb5/krb5_child.c:3225 src/providers/ldap/ldap_child.c:611 +#: src/providers/krb5/krb5_child.c:3238 src/providers/ldap/ldap_child.c:611 msgid "An open file descriptor for the debug logs" msgstr "" -#: src/providers/krb5/krb5_child.c:3228 src/providers/ldap/ldap_child.c:613 +#: src/providers/krb5/krb5_child.c:3241 src/providers/ldap/ldap_child.c:613 msgid "Send the debug output to stderr directly." msgstr "" -#: src/providers/krb5/krb5_child.c:3231 +#: src/providers/krb5/krb5_child.c:3244 msgid "The user to create FAST ccache as" msgstr "" -#: src/providers/krb5/krb5_child.c:3233 +#: src/providers/krb5/krb5_child.c:3246 msgid "The group to create FAST ccache as" msgstr "" -#: src/providers/krb5/krb5_child.c:3235 +#: src/providers/krb5/krb5_child.c:3248 msgid "Kerberos realm to use" msgstr "" -#: src/providers/krb5/krb5_child.c:3237 +#: src/providers/krb5/krb5_child.c:3250 msgid "Requested lifetime of the ticket" msgstr "" -#: src/providers/krb5/krb5_child.c:3239 +#: src/providers/krb5/krb5_child.c:3252 msgid "Requested renewable lifetime of the ticket" msgstr "" -#: src/providers/krb5/krb5_child.c:3241 +#: src/providers/krb5/krb5_child.c:3254 msgid "FAST options ('never', 'try', 'demand')" msgstr "" -#: src/providers/krb5/krb5_child.c:3244 +#: src/providers/krb5/krb5_child.c:3257 msgid "Specifies the server principal to use for FAST" msgstr "" -#: src/providers/krb5/krb5_child.c:3246 +#: src/providers/krb5/krb5_child.c:3259 msgid "Requests canonicalization of the principal name" msgstr "" -#: src/providers/krb5/krb5_child.c:3248 +#: src/providers/krb5/krb5_child.c:3261 msgid "Use custom version of krb5_get_init_creds_password" msgstr "" -#: src/providers/data_provider_be.c:630 +#: src/providers/data_provider_be.c:673 msgid "Domain of the information provider (mandatory)" msgstr "" -#: src/sss_client/common.c:1067 +#: src/sss_client/common.c:1079 msgid "Privileged socket has wrong ownership or permissions." msgstr "" -#: src/sss_client/common.c:1070 +#: src/sss_client/common.c:1082 msgid "Public socket has wrong ownership or permissions." msgstr "" -#: src/sss_client/common.c:1073 +#: src/sss_client/common.c:1085 msgid "Unexpected format of the server credential message." msgstr "" -#: src/sss_client/common.c:1076 +#: src/sss_client/common.c:1088 msgid "SSSD is not run by root." msgstr "" -#: src/sss_client/common.c:1081 +#: src/sss_client/common.c:1091 +msgid "SSSD socket does not exist." +msgstr "" + +#: src/sss_client/common.c:1094 +msgid "Cannot get stat of SSSD socket." +msgstr "" + +#: src/sss_client/common.c:1099 msgid "An error occurred, but no description can be found." msgstr "" -#: src/sss_client/common.c:1087 +#: src/sss_client/common.c:1105 msgid "Unexpected error while looking for an error description" msgstr "" @@ -1589,88 +1601,88 @@ msgstr "" msgid "Permission denied. " msgstr "" -#: src/sss_client/pam_sss.c:68 src/sss_client/pam_sss.c:774 -#: src/sss_client/pam_sss.c:785 +#: src/sss_client/pam_sss.c:68 src/sss_client/pam_sss.c:777 +#: src/sss_client/pam_sss.c:788 msgid "Server message: " msgstr "" -#: src/sss_client/pam_sss.c:292 +#: src/sss_client/pam_sss.c:295 msgid "Passwords do not match" msgstr "" -#: src/sss_client/pam_sss.c:480 +#: src/sss_client/pam_sss.c:483 msgid "Password reset by root is not supported." msgstr "" -#: src/sss_client/pam_sss.c:521 +#: src/sss_client/pam_sss.c:524 msgid "Authenticated with cached credentials" msgstr "" -#: src/sss_client/pam_sss.c:522 +#: src/sss_client/pam_sss.c:525 msgid ", your cached password will expire at: " msgstr "" -#: src/sss_client/pam_sss.c:552 +#: src/sss_client/pam_sss.c:555 #, c-format msgid "Your password has expired. You have %1$d grace login(s) remaining." msgstr "" -#: src/sss_client/pam_sss.c:598 +#: src/sss_client/pam_sss.c:601 #, c-format msgid "Your password will expire in %1$d %2$s." msgstr "" -#: src/sss_client/pam_sss.c:647 +#: src/sss_client/pam_sss.c:650 msgid "Authentication is denied until: " msgstr "" -#: src/sss_client/pam_sss.c:668 +#: src/sss_client/pam_sss.c:671 msgid "System is offline, password change not possible" msgstr "" -#: src/sss_client/pam_sss.c:683 +#: src/sss_client/pam_sss.c:686 msgid "" "After changing the OTP password, you need to log out and back in order to " "acquire a ticket" msgstr "" -#: src/sss_client/pam_sss.c:771 src/sss_client/pam_sss.c:784 +#: src/sss_client/pam_sss.c:774 src/sss_client/pam_sss.c:787 msgid "Password change failed. " msgstr "" -#: src/sss_client/pam_sss.c:1921 +#: src/sss_client/pam_sss.c:1977 msgid "New Password: " msgstr "" -#: src/sss_client/pam_sss.c:1922 +#: src/sss_client/pam_sss.c:1978 msgid "Reenter new Password: " msgstr "" -#: src/sss_client/pam_sss.c:2038 src/sss_client/pam_sss.c:2041 +#: src/sss_client/pam_sss.c:2139 src/sss_client/pam_sss.c:2142 msgid "First Factor: " msgstr "" -#: src/sss_client/pam_sss.c:2039 src/sss_client/pam_sss.c:2201 +#: src/sss_client/pam_sss.c:2140 src/sss_client/pam_sss.c:2303 msgid "Second Factor (optional): " msgstr "" -#: src/sss_client/pam_sss.c:2042 src/sss_client/pam_sss.c:2204 +#: src/sss_client/pam_sss.c:2143 src/sss_client/pam_sss.c:2306 msgid "Second Factor: " msgstr "" -#: src/sss_client/pam_sss.c:2057 +#: src/sss_client/pam_sss.c:2158 msgid "Password: " msgstr "" -#: src/sss_client/pam_sss.c:2200 src/sss_client/pam_sss.c:2203 +#: src/sss_client/pam_sss.c:2302 src/sss_client/pam_sss.c:2305 msgid "First Factor (Current Password): " msgstr "" -#: src/sss_client/pam_sss.c:2207 +#: src/sss_client/pam_sss.c:2309 msgid "Current Password: " msgstr "" -#: src/sss_client/pam_sss.c:2562 +#: src/sss_client/pam_sss.c:2664 msgid "Password expired. Change your password now." msgstr "" @@ -1679,7 +1691,7 @@ msgstr "" #: src/tools/sss_groupadd.c:41 src/tools/sss_groupdel.c:44 #: src/tools/sss_groupmod.c:42 src/tools/sss_groupshow.c:668 #: src/tools/sss_userdel.c:134 src/tools/sss_usermod.c:47 -#: src/tools/sss_cache.c:687 +#: src/tools/sss_cache.c:704 msgid "The debug level to run with" msgstr "" @@ -1692,7 +1704,7 @@ msgstr "" #: src/tools/sss_groupadd.c:59 src/tools/sss_groupdel.c:54 #: src/tools/sss_groupmod.c:66 src/tools/sss_groupshow.c:680 #: src/tools/sss_userdel.c:152 src/tools/sss_usermod.c:79 -#: src/tools/sss_cache.c:733 +#: src/tools/sss_cache.c:750 msgid "Error setting the locale\n" msgstr "" @@ -1728,6 +1740,11 @@ msgstr "" msgid "The path to the proxy command must be absolute\n" msgstr "" +#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:342 +#, c-format +msgid "sss_ssh_knownhostsproxy: Could not resolve hostname %s\n" +msgstr "" + #: src/tools/sss_useradd.c:49 src/tools/sss_usermod.c:48 msgid "The UID of the user" msgstr "" @@ -2126,102 +2143,102 @@ msgstr "" msgid "Transaction error. Could not modify user.\n" msgstr "" -#: src/tools/sss_cache.c:228 +#: src/tools/sss_cache.c:245 msgid "No cache object matched the specified search\n" msgstr "" -#: src/tools/sss_cache.c:519 +#: src/tools/sss_cache.c:536 #, c-format msgid "Couldn't invalidate %1$s\n" msgstr "" -#: src/tools/sss_cache.c:526 +#: src/tools/sss_cache.c:543 #, c-format msgid "Couldn't invalidate %1$s %2$s\n" msgstr "" -#: src/tools/sss_cache.c:689 +#: src/tools/sss_cache.c:706 msgid "Invalidate all cached entries" msgstr "" -#: src/tools/sss_cache.c:691 +#: src/tools/sss_cache.c:708 msgid "Invalidate particular user" msgstr "" -#: src/tools/sss_cache.c:693 +#: src/tools/sss_cache.c:710 msgid "Invalidate all users" msgstr "" -#: src/tools/sss_cache.c:695 +#: src/tools/sss_cache.c:712 msgid "Invalidate particular group" msgstr "" -#: src/tools/sss_cache.c:697 +#: src/tools/sss_cache.c:714 msgid "Invalidate all groups" msgstr "" -#: src/tools/sss_cache.c:699 +#: src/tools/sss_cache.c:716 msgid "Invalidate particular netgroup" msgstr "" -#: src/tools/sss_cache.c:701 +#: src/tools/sss_cache.c:718 msgid "Invalidate all netgroups" msgstr "" -#: src/tools/sss_cache.c:703 +#: src/tools/sss_cache.c:720 msgid "Invalidate particular service" msgstr "" -#: src/tools/sss_cache.c:705 +#: src/tools/sss_cache.c:722 msgid "Invalidate all services" msgstr "" -#: src/tools/sss_cache.c:708 +#: src/tools/sss_cache.c:725 msgid "Invalidate particular autofs map" msgstr "" -#: src/tools/sss_cache.c:710 +#: src/tools/sss_cache.c:727 msgid "Invalidate all autofs maps" msgstr "" -#: src/tools/sss_cache.c:714 +#: src/tools/sss_cache.c:731 msgid "Invalidate particular SSH host" msgstr "" -#: src/tools/sss_cache.c:716 +#: src/tools/sss_cache.c:733 msgid "Invalidate all SSH hosts" msgstr "" -#: src/tools/sss_cache.c:720 +#: src/tools/sss_cache.c:737 msgid "Invalidate particular sudo rule" msgstr "" -#: src/tools/sss_cache.c:722 +#: src/tools/sss_cache.c:739 msgid "Invalidate all cached sudo rules" msgstr "" -#: src/tools/sss_cache.c:725 +#: src/tools/sss_cache.c:742 msgid "Only invalidate entries from a particular domain" msgstr "" -#: src/tools/sss_cache.c:779 +#: src/tools/sss_cache.c:796 msgid "" "Unexpected argument(s) provided, options that invalidate a single object " "only accept a single provided argument.\n" msgstr "" -#: src/tools/sss_cache.c:789 +#: src/tools/sss_cache.c:806 msgid "Please select at least one object to invalidate\n" msgstr "" -#: src/tools/sss_cache.c:872 +#: src/tools/sss_cache.c:889 #, c-format msgid "" "Could not open domain %1$s. If the domain is a subdomain (trusted domain), " "use fully qualified name instead of --domain/-d parameter.\n" msgstr "" -#: src/tools/sss_cache.c:877 +#: src/tools/sss_cache.c:894 msgid "Could not open available domains\n" msgstr "" @@ -2770,18 +2787,18 @@ msgstr "" msgid " - no env -\n" msgstr "" -#: src/util/util.h:73 +#: src/util/util.h:74 msgid "The user ID to run the server as" msgstr "" -#: src/util/util.h:75 +#: src/util/util.h:76 msgid "The group ID to run the server as" msgstr "" -#: src/util/util.h:83 +#: src/util/util.h:84 msgid "Informs that the responder has been socket-activated" msgstr "" -#: src/util/util.h:85 +#: src/util/util.h:86 msgid "Informs that the responder has been dbus-activated" msgstr "" diff --git a/po/sv.po b/po/sv.po index 83c109c6afd..a4226c44108 100644 --- a/po/sv.po +++ b/po/sv.po @@ -10,7 +10,7 @@ msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n" -"POT-Creation-Date: 2019-02-27 19:55+0100\n" +"POT-Creation-Date: 2019-06-13 20:35+0200\n" "PO-Revision-Date: 2018-06-25 02:36+0000\n" "Last-Translator: Göran Uddeborg \n" "Language-Team: Swedish (http://www.transifex.com/projects/p/sssd/language/" @@ -274,9 +274,8 @@ msgid "Allowed services for using smartcards" msgstr "" #: src/config/SSSDConfig/__init__.py.in:107 -#, fuzzy msgid "Additional timeout to wait for a card if requested" -msgstr "Tidslängd att vänta på en sökbegäran" +msgstr "" #: src/config/SSSDConfig/__init__.py.in:108 msgid "" @@ -717,7 +716,7 @@ msgid "Active Directory client hostname" msgstr "Active Directory-klientvärdnamn" #: src/config/SSSDConfig/__init__.py.in:236 -#: src/config/SSSDConfig/__init__.py.in:420 +#: src/config/SSSDConfig/__init__.py.in:421 msgid "LDAP filter to determine access privileges" msgstr "LDAP-filter för att bestämma åtkomstprivilegier" @@ -899,107 +898,112 @@ msgid "The Schema Type in use on the LDAP server, rfc2307" msgstr "Schematypen som används i LDAP-servern, rfc2307" #: src/config/SSSDConfig/__init__.py.in:285 +#, fuzzy +msgid "Mode used to change user password" +msgstr "Lösenordet har gått ut. Ändra ditt lösenord nu." + +#: src/config/SSSDConfig/__init__.py.in:286 msgid "The default bind DN" msgstr "Standard bindnings-DN" -#: src/config/SSSDConfig/__init__.py.in:286 +#: src/config/SSSDConfig/__init__.py.in:287 msgid "The type of the authentication token of the default bind DN" msgstr "Typen på autentiserings-token för standard bindnings-DN" -#: src/config/SSSDConfig/__init__.py.in:287 +#: src/config/SSSDConfig/__init__.py.in:288 msgid "The authentication token of the default bind DN" msgstr "Autentiserings-token för standard bindnings-DN" -#: src/config/SSSDConfig/__init__.py.in:288 +#: src/config/SSSDConfig/__init__.py.in:289 msgid "Length of time to attempt connection" msgstr "Tidslängd att försöka ansluta" -#: src/config/SSSDConfig/__init__.py.in:289 +#: src/config/SSSDConfig/__init__.py.in:290 msgid "Length of time to attempt synchronous LDAP operations" msgstr "Tidslängd att försöka synkrona LDAP-operationer" -#: src/config/SSSDConfig/__init__.py.in:290 +#: src/config/SSSDConfig/__init__.py.in:291 msgid "Length of time between attempts to reconnect while offline" msgstr "Tidslängd mellan försök att återansluta vid frånkoppling" -#: src/config/SSSDConfig/__init__.py.in:291 +#: src/config/SSSDConfig/__init__.py.in:292 msgid "Use only the upper case for realm names" msgstr "Använd endast versaler för namn på riken" -#: src/config/SSSDConfig/__init__.py.in:292 +#: src/config/SSSDConfig/__init__.py.in:293 msgid "File that contains CA certificates" msgstr "Fil som innehåller CA-certifikat" -#: src/config/SSSDConfig/__init__.py.in:293 +#: src/config/SSSDConfig/__init__.py.in:294 msgid "Path to CA certificate directory" msgstr "Sökväg till katalogen med CA-certifikat" -#: src/config/SSSDConfig/__init__.py.in:294 +#: src/config/SSSDConfig/__init__.py.in:295 msgid "File that contains the client certificate" msgstr "Fil som innehåller klientcertifikatet" -#: src/config/SSSDConfig/__init__.py.in:295 +#: src/config/SSSDConfig/__init__.py.in:296 msgid "File that contains the client key" msgstr "Fil som innehåller klientnyckeln" -#: src/config/SSSDConfig/__init__.py.in:296 +#: src/config/SSSDConfig/__init__.py.in:297 msgid "List of possible ciphers suites" msgstr "Lista över möjliga chiffersviter" -#: src/config/SSSDConfig/__init__.py.in:297 +#: src/config/SSSDConfig/__init__.py.in:298 msgid "Require TLS certificate verification" msgstr "Kräv TLS-certifikatverifiering" -#: src/config/SSSDConfig/__init__.py.in:298 +#: src/config/SSSDConfig/__init__.py.in:299 msgid "Specify the sasl mechanism to use" msgstr "Ange sasl-mekanismen att använda" -#: src/config/SSSDConfig/__init__.py.in:299 +#: src/config/SSSDConfig/__init__.py.in:300 msgid "Specify the sasl authorization id to use" msgstr "Ange sasl-auktorisering-id att använda" -#: src/config/SSSDConfig/__init__.py.in:300 +#: src/config/SSSDConfig/__init__.py.in:301 msgid "Specify the sasl authorization realm to use" msgstr "Ange sasl-auktoriseringsrike att använda" -#: src/config/SSSDConfig/__init__.py.in:301 +#: src/config/SSSDConfig/__init__.py.in:302 msgid "Specify the minimal SSF for LDAP sasl authorization" msgstr "Ange minsta SSF för LDAP-sasl-auktorisering" -#: src/config/SSSDConfig/__init__.py.in:302 +#: src/config/SSSDConfig/__init__.py.in:303 msgid "Kerberos service keytab" msgstr "Kerberostjänstens nyckeltabell" -#: src/config/SSSDConfig/__init__.py.in:303 +#: src/config/SSSDConfig/__init__.py.in:304 msgid "Use Kerberos auth for LDAP connection" msgstr "Använd Kerberosautentisering för LDAP-anslutningar" -#: src/config/SSSDConfig/__init__.py.in:304 +#: src/config/SSSDConfig/__init__.py.in:305 msgid "Follow LDAP referrals" msgstr "Följer LDAP-hänvisningar" -#: src/config/SSSDConfig/__init__.py.in:305 +#: src/config/SSSDConfig/__init__.py.in:306 msgid "Lifetime of TGT for LDAP connection" msgstr "Livslängd på TGT för LDAP-anslutning" -#: src/config/SSSDConfig/__init__.py.in:306 +#: src/config/SSSDConfig/__init__.py.in:307 msgid "How to dereference aliases" msgstr "Hur alias skall derefereras" -#: src/config/SSSDConfig/__init__.py.in:307 +#: src/config/SSSDConfig/__init__.py.in:308 msgid "Service name for DNS service lookups" msgstr "Tjänstenamn för uppslagning av DNS-tjänster" -#: src/config/SSSDConfig/__init__.py.in:308 +#: src/config/SSSDConfig/__init__.py.in:309 msgid "The number of records to retrieve in a single LDAP query" msgstr "Antalet poster som skall hämtas i en enda LDAP-fråga" -#: src/config/SSSDConfig/__init__.py.in:309 +#: src/config/SSSDConfig/__init__.py.in:310 msgid "The number of members that must be missing to trigger a full deref" msgstr "" "Antalet medlemmar som måste saknas för att orsaka en fullständig dereferering" -#: src/config/SSSDConfig/__init__.py.in:310 +#: src/config/SSSDConfig/__init__.py.in:311 msgid "" "Whether the LDAP library should perform a reverse lookup to canonicalize the " "host name during a SASL bind" @@ -1007,377 +1011,377 @@ msgstr "" "Huruvida LDAP-biblioteket skall utföra en omvänd uppslagning för att ta fram " "värdnamnets kanoniska form under en SASL-bindning" -#: src/config/SSSDConfig/__init__.py.in:312 +#: src/config/SSSDConfig/__init__.py.in:313 msgid "entryUSN attribute" msgstr "entryUSN-attribut" -#: src/config/SSSDConfig/__init__.py.in:313 +#: src/config/SSSDConfig/__init__.py.in:314 msgid "lastUSN attribute" msgstr "lastUSN-attribut" -#: src/config/SSSDConfig/__init__.py.in:315 +#: src/config/SSSDConfig/__init__.py.in:316 msgid "How long to retain a connection to the LDAP server before disconnecting" msgstr "" "Hur länge en anslutning till LDAP-servern skall behållas före den kopplas ner" -#: src/config/SSSDConfig/__init__.py.in:317 +#: src/config/SSSDConfig/__init__.py.in:318 msgid "Disable the LDAP paging control" msgstr "Avaktivera flödesstyrningen (paging) av LDAP" -#: src/config/SSSDConfig/__init__.py.in:318 +#: src/config/SSSDConfig/__init__.py.in:319 msgid "Disable Active Directory range retrieval" msgstr "Avaktivera Active Directorys intervallhämtande" -#: src/config/SSSDConfig/__init__.py.in:321 +#: src/config/SSSDConfig/__init__.py.in:322 msgid "Length of time to wait for a search request" msgstr "Tidslängd att vänta på en sökbegäran" -#: src/config/SSSDConfig/__init__.py.in:322 +#: src/config/SSSDConfig/__init__.py.in:323 msgid "Length of time to wait for a enumeration request" msgstr "Tidslängd att vänta på en uppräkningsbegäran" -#: src/config/SSSDConfig/__init__.py.in:323 +#: src/config/SSSDConfig/__init__.py.in:324 msgid "Length of time between enumeration updates" msgstr "Tidslängd mellan uppräkningsuppdateringar" -#: src/config/SSSDConfig/__init__.py.in:324 +#: src/config/SSSDConfig/__init__.py.in:325 msgid "Length of time between cache cleanups" msgstr "Tidslängd mellan cache-tömningar" -#: src/config/SSSDConfig/__init__.py.in:325 +#: src/config/SSSDConfig/__init__.py.in:326 msgid "Require TLS for ID lookups" msgstr "Kräv TLS för ID-uppslagningar" -#: src/config/SSSDConfig/__init__.py.in:326 +#: src/config/SSSDConfig/__init__.py.in:327 msgid "Use ID-mapping of objectSID instead of pre-set IDs" msgstr "Använd ID-översättning av objectSID istället för förhandssatta ID:n" -#: src/config/SSSDConfig/__init__.py.in:327 +#: src/config/SSSDConfig/__init__.py.in:328 msgid "Base DN for user lookups" msgstr "Bas-DN för användaruppslagningar" -#: src/config/SSSDConfig/__init__.py.in:328 +#: src/config/SSSDConfig/__init__.py.in:329 msgid "Scope of user lookups" msgstr "Omfång av användaruppslagningar" -#: src/config/SSSDConfig/__init__.py.in:329 +#: src/config/SSSDConfig/__init__.py.in:330 msgid "Filter for user lookups" msgstr "Filter för användaruppslagningar" -#: src/config/SSSDConfig/__init__.py.in:330 +#: src/config/SSSDConfig/__init__.py.in:331 msgid "Objectclass for users" msgstr "Objektklass för användare" -#: src/config/SSSDConfig/__init__.py.in:331 +#: src/config/SSSDConfig/__init__.py.in:332 msgid "Username attribute" msgstr "Användarnamnsattribut" -#: src/config/SSSDConfig/__init__.py.in:333 +#: src/config/SSSDConfig/__init__.py.in:334 msgid "UID attribute" msgstr "UID-attribut" -#: src/config/SSSDConfig/__init__.py.in:334 +#: src/config/SSSDConfig/__init__.py.in:335 msgid "Primary GID attribute" msgstr "Primärt GID-attribut" -#: src/config/SSSDConfig/__init__.py.in:335 +#: src/config/SSSDConfig/__init__.py.in:336 msgid "GECOS attribute" msgstr "GECOS-attribut" -#: src/config/SSSDConfig/__init__.py.in:336 +#: src/config/SSSDConfig/__init__.py.in:337 msgid "Home directory attribute" msgstr "Hemkatalogattribut" -#: src/config/SSSDConfig/__init__.py.in:337 +#: src/config/SSSDConfig/__init__.py.in:338 msgid "Shell attribute" msgstr "Skalattribut" -#: src/config/SSSDConfig/__init__.py.in:338 +#: src/config/SSSDConfig/__init__.py.in:339 msgid "UUID attribute" msgstr "UUID-attribut" -#: src/config/SSSDConfig/__init__.py.in:339 -#: src/config/SSSDConfig/__init__.py.in:381 +#: src/config/SSSDConfig/__init__.py.in:340 +#: src/config/SSSDConfig/__init__.py.in:382 msgid "objectSID attribute" msgstr "objectSID-attribut" -#: src/config/SSSDConfig/__init__.py.in:340 +#: src/config/SSSDConfig/__init__.py.in:341 msgid "Active Directory primary group attribute for ID-mapping" msgstr "Primärt gruppattribut i Active Directory för ID-mappning" -#: src/config/SSSDConfig/__init__.py.in:341 +#: src/config/SSSDConfig/__init__.py.in:342 msgid "User principal attribute (for Kerberos)" msgstr "Användarens huvudmansattribut (för Kerberos)" -#: src/config/SSSDConfig/__init__.py.in:342 +#: src/config/SSSDConfig/__init__.py.in:343 msgid "Full Name" msgstr "Fullständigt namn" -#: src/config/SSSDConfig/__init__.py.in:343 +#: src/config/SSSDConfig/__init__.py.in:344 msgid "memberOf attribute" msgstr "medlemAv-attribut" -#: src/config/SSSDConfig/__init__.py.in:344 +#: src/config/SSSDConfig/__init__.py.in:345 msgid "Modification time attribute" msgstr "Modifieringstidsattribut" -#: src/config/SSSDConfig/__init__.py.in:346 +#: src/config/SSSDConfig/__init__.py.in:347 msgid "shadowLastChange attribute" msgstr "attributet shadowLastChange" -#: src/config/SSSDConfig/__init__.py.in:347 +#: src/config/SSSDConfig/__init__.py.in:348 msgid "shadowMin attribute" msgstr "shadowMin-attribut" -#: src/config/SSSDConfig/__init__.py.in:348 +#: src/config/SSSDConfig/__init__.py.in:349 msgid "shadowMax attribute" msgstr "shadowMax-attribut" -#: src/config/SSSDConfig/__init__.py.in:349 +#: src/config/SSSDConfig/__init__.py.in:350 msgid "shadowWarning attribute" msgstr "shadowWarning-attribut" -#: src/config/SSSDConfig/__init__.py.in:350 +#: src/config/SSSDConfig/__init__.py.in:351 msgid "shadowInactive attribute" msgstr "shadowInactive-attribut" -#: src/config/SSSDConfig/__init__.py.in:351 +#: src/config/SSSDConfig/__init__.py.in:352 msgid "shadowExpire attribute" msgstr "shadowExpire-attribut" -#: src/config/SSSDConfig/__init__.py.in:352 +#: src/config/SSSDConfig/__init__.py.in:353 msgid "shadowFlag attribute" msgstr "shadowFlag-attribut" -#: src/config/SSSDConfig/__init__.py.in:353 +#: src/config/SSSDConfig/__init__.py.in:354 msgid "Attribute listing authorized PAM services" msgstr "Attribut för listning av auktoriserade PAM-tjänster" -#: src/config/SSSDConfig/__init__.py.in:354 +#: src/config/SSSDConfig/__init__.py.in:355 msgid "Attribute listing authorized server hosts" msgstr "Attribut för listning av auktoriserade servervärdar" -#: src/config/SSSDConfig/__init__.py.in:355 +#: src/config/SSSDConfig/__init__.py.in:356 msgid "Attribute listing authorized server rhosts" msgstr "Attribut för listning av auktoriserade server-rhosts" -#: src/config/SSSDConfig/__init__.py.in:356 +#: src/config/SSSDConfig/__init__.py.in:357 msgid "krbLastPwdChange attribute" msgstr "attributet krbLastPwdChange" -#: src/config/SSSDConfig/__init__.py.in:357 +#: src/config/SSSDConfig/__init__.py.in:358 msgid "krbPasswordExpiration attribute" msgstr "krbPasswordExpiration-attribut" -#: src/config/SSSDConfig/__init__.py.in:358 +#: src/config/SSSDConfig/__init__.py.in:359 msgid "Attribute indicating that server side password policies are active" msgstr "Attribut som indikerar att serversidans lösenordspolicyer är aktiva" -#: src/config/SSSDConfig/__init__.py.in:359 +#: src/config/SSSDConfig/__init__.py.in:360 msgid "accountExpires attribute of AD" msgstr "AD:s attribut accountExpires" -#: src/config/SSSDConfig/__init__.py.in:360 +#: src/config/SSSDConfig/__init__.py.in:361 msgid "userAccountControl attribute of AD" msgstr "AD:s attribut userAccountControl" -#: src/config/SSSDConfig/__init__.py.in:361 +#: src/config/SSSDConfig/__init__.py.in:362 msgid "nsAccountLock attribute" msgstr "attributet nsAccountLock" -#: src/config/SSSDConfig/__init__.py.in:362 +#: src/config/SSSDConfig/__init__.py.in:363 msgid "loginDisabled attribute of NDS" msgstr "NDS attribut loginDisabled" -#: src/config/SSSDConfig/__init__.py.in:363 +#: src/config/SSSDConfig/__init__.py.in:364 msgid "loginExpirationTime attribute of NDS" msgstr "NDS attribut loginExpirationTime" -#: src/config/SSSDConfig/__init__.py.in:364 +#: src/config/SSSDConfig/__init__.py.in:365 msgid "loginAllowedTimeMap attribute of NDS" msgstr "NDS attribut loginAllowedTimeMap" -#: src/config/SSSDConfig/__init__.py.in:365 +#: src/config/SSSDConfig/__init__.py.in:366 msgid "SSH public key attribute" msgstr "Attribut för publik SSH-nyckel" -#: src/config/SSSDConfig/__init__.py.in:366 +#: src/config/SSSDConfig/__init__.py.in:367 msgid "attribute listing allowed authentication types for a user" msgstr "attribut för listning av tillåtna autentiseringstyper för en användare" -#: src/config/SSSDConfig/__init__.py.in:367 +#: src/config/SSSDConfig/__init__.py.in:368 msgid "attribute containing the X509 certificate of the user" msgstr "attribut som innehåller användarens X509-certifikat" -#: src/config/SSSDConfig/__init__.py.in:368 +#: src/config/SSSDConfig/__init__.py.in:369 msgid "attribute containing the email address of the user" msgstr "attribut som innehåller e-postadresser till användaren" -#: src/config/SSSDConfig/__init__.py.in:370 +#: src/config/SSSDConfig/__init__.py.in:371 msgid "A list of extra attributes to download along with the user entry" msgstr "En lista över extra attribut att hämta tillsammans med användarposten" -#: src/config/SSSDConfig/__init__.py.in:372 +#: src/config/SSSDConfig/__init__.py.in:373 msgid "Base DN for group lookups" msgstr "Bas-DN för gruppuppslagningar" -#: src/config/SSSDConfig/__init__.py.in:375 +#: src/config/SSSDConfig/__init__.py.in:376 msgid "Objectclass for groups" msgstr "Objektklass för grupper" -#: src/config/SSSDConfig/__init__.py.in:376 +#: src/config/SSSDConfig/__init__.py.in:377 msgid "Group name" msgstr "Gruppnamn" -#: src/config/SSSDConfig/__init__.py.in:377 +#: src/config/SSSDConfig/__init__.py.in:378 msgid "Group password" msgstr "Grupplösenord" -#: src/config/SSSDConfig/__init__.py.in:378 +#: src/config/SSSDConfig/__init__.py.in:379 msgid "GID attribute" msgstr "GID-attribut" -#: src/config/SSSDConfig/__init__.py.in:379 +#: src/config/SSSDConfig/__init__.py.in:380 msgid "Group member attribute" msgstr "Gruppmedlemsattribut" -#: src/config/SSSDConfig/__init__.py.in:380 +#: src/config/SSSDConfig/__init__.py.in:381 msgid "Group UUID attribute" msgstr "Grupp-UUID-attribut" -#: src/config/SSSDConfig/__init__.py.in:382 +#: src/config/SSSDConfig/__init__.py.in:383 msgid "Modification time attribute for groups" msgstr "Modifieringstidsattribut för grupper" -#: src/config/SSSDConfig/__init__.py.in:383 +#: src/config/SSSDConfig/__init__.py.in:384 msgid "Type of the group and other flags" msgstr "Typen av grupp och andra flaggor" -#: src/config/SSSDConfig/__init__.py.in:384 +#: src/config/SSSDConfig/__init__.py.in:385 msgid "The LDAP group external member attribute" msgstr "LDAP-gruppens externa medlemsattribut" -#: src/config/SSSDConfig/__init__.py.in:386 +#: src/config/SSSDConfig/__init__.py.in:387 msgid "Maximum nesting level SSSD will follow" msgstr "Maximal nästlingsnivå SSSD kommer följa" -#: src/config/SSSDConfig/__init__.py.in:388 +#: src/config/SSSDConfig/__init__.py.in:389 msgid "Base DN for netgroup lookups" msgstr "Bas-DN för nätgruppuppslagningar" -#: src/config/SSSDConfig/__init__.py.in:389 +#: src/config/SSSDConfig/__init__.py.in:390 msgid "Objectclass for netgroups" msgstr "Objektklass för nätgrupper" -#: src/config/SSSDConfig/__init__.py.in:390 +#: src/config/SSSDConfig/__init__.py.in:391 msgid "Netgroup name" msgstr "Nätgruppnamn" -#: src/config/SSSDConfig/__init__.py.in:391 +#: src/config/SSSDConfig/__init__.py.in:392 msgid "Netgroups members attribute" msgstr "Attribut på nätgruppmedlemmar" -#: src/config/SSSDConfig/__init__.py.in:392 +#: src/config/SSSDConfig/__init__.py.in:393 msgid "Netgroup triple attribute" msgstr "Attribut på nätgruppstripplar" -#: src/config/SSSDConfig/__init__.py.in:393 +#: src/config/SSSDConfig/__init__.py.in:394 msgid "Modification time attribute for netgroups" msgstr "Modifieringstidsattribut för nätgrupper" -#: src/config/SSSDConfig/__init__.py.in:395 +#: src/config/SSSDConfig/__init__.py.in:396 msgid "Base DN for service lookups" msgstr "Bas-DN för tjänsteuppslagningar" -#: src/config/SSSDConfig/__init__.py.in:396 +#: src/config/SSSDConfig/__init__.py.in:397 msgid "Objectclass for services" msgstr "Objektklass för tjänster" -#: src/config/SSSDConfig/__init__.py.in:397 +#: src/config/SSSDConfig/__init__.py.in:398 msgid "Service name attribute" msgstr "Tjänstenamnsattribut" -#: src/config/SSSDConfig/__init__.py.in:398 +#: src/config/SSSDConfig/__init__.py.in:399 msgid "Service port attribute" msgstr "Tjänsteportsattribut" -#: src/config/SSSDConfig/__init__.py.in:399 +#: src/config/SSSDConfig/__init__.py.in:400 msgid "Service protocol attribute" msgstr "Tjänsteprotokollsattribut" -#: src/config/SSSDConfig/__init__.py.in:402 +#: src/config/SSSDConfig/__init__.py.in:403 msgid "Lower bound for ID-mapping" msgstr "Undre gräns för ID-mappning" -#: src/config/SSSDConfig/__init__.py.in:403 +#: src/config/SSSDConfig/__init__.py.in:404 msgid "Upper bound for ID-mapping" msgstr "Övre gräns för ID-mappning" -#: src/config/SSSDConfig/__init__.py.in:404 +#: src/config/SSSDConfig/__init__.py.in:405 msgid "Number of IDs for each slice when ID-mapping" msgstr "Antal ID:n till varje skiva vid ID-mappning" -#: src/config/SSSDConfig/__init__.py.in:405 +#: src/config/SSSDConfig/__init__.py.in:406 msgid "Use autorid-compatible algorithm for ID-mapping" msgstr "Använd en autorid-kompatibel algoritm för ID-mappning" -#: src/config/SSSDConfig/__init__.py.in:406 +#: src/config/SSSDConfig/__init__.py.in:407 msgid "Name of the default domain for ID-mapping" msgstr "Standarddomänens namn för ID-mappning" -#: src/config/SSSDConfig/__init__.py.in:407 +#: src/config/SSSDConfig/__init__.py.in:408 msgid "SID of the default domain for ID-mapping" msgstr "Standarddomänens SID för ID-mappning" -#: src/config/SSSDConfig/__init__.py.in:408 +#: src/config/SSSDConfig/__init__.py.in:409 msgid "Number of secondary slices" msgstr "Antal sekundära skivor" -#: src/config/SSSDConfig/__init__.py.in:410 +#: src/config/SSSDConfig/__init__.py.in:411 msgid "Whether to use Token-Groups" msgstr "Huruvida Token-Groups skall användas" -#: src/config/SSSDConfig/__init__.py.in:411 +#: src/config/SSSDConfig/__init__.py.in:412 msgid "Set lower boundary for allowed IDs from the LDAP server" msgstr "Sätt undre gräns för tillåtna ID:n från LDAP-servern" -#: src/config/SSSDConfig/__init__.py.in:412 +#: src/config/SSSDConfig/__init__.py.in:413 msgid "Set upper boundary for allowed IDs from the LDAP server" msgstr "Sätt övre gräns för tillåtna ID:n från LDAP-servern" -#: src/config/SSSDConfig/__init__.py.in:413 +#: src/config/SSSDConfig/__init__.py.in:414 msgid "DN for ppolicy queries" msgstr "DN för ppolicy-frågor" -#: src/config/SSSDConfig/__init__.py.in:414 +#: src/config/SSSDConfig/__init__.py.in:415 msgid "How many maximum entries to fetch during a wildcard request" msgstr "Hur många poster att maximalt hämta i en joker-begäran" -#: src/config/SSSDConfig/__init__.py.in:417 +#: src/config/SSSDConfig/__init__.py.in:418 msgid "Policy to evaluate the password expiration" msgstr "Policy för att utvärdera utgång av lösenord" -#: src/config/SSSDConfig/__init__.py.in:421 +#: src/config/SSSDConfig/__init__.py.in:422 msgid "Which attributes shall be used to evaluate if an account is expired" msgstr "Vilka attribut skall användas för att avgöra om ett konto gått ut" -#: src/config/SSSDConfig/__init__.py.in:422 +#: src/config/SSSDConfig/__init__.py.in:423 msgid "Which rules should be used to evaluate access control" msgstr "Vilka regler skall användas för att avgöra åtkomstkontroll" -#: src/config/SSSDConfig/__init__.py.in:425 +#: src/config/SSSDConfig/__init__.py.in:426 msgid "URI of an LDAP server where password changes are allowed" msgstr "URI till en LDAP-server där lösenordsändringar är tillåtna" -#: src/config/SSSDConfig/__init__.py.in:426 +#: src/config/SSSDConfig/__init__.py.in:427 msgid "URI of a backup LDAP server where password changes are allowed" msgstr "URI till en reserv-LDAP-server där lösenordsändringar är tillåtna" -#: src/config/SSSDConfig/__init__.py.in:427 +#: src/config/SSSDConfig/__init__.py.in:428 msgid "DNS service name for LDAP password change server" msgstr "DNS-tjänstenamn för LDAP-lösenordsändringsservern" -#: src/config/SSSDConfig/__init__.py.in:428 +#: src/config/SSSDConfig/__init__.py.in:429 msgid "" "Whether to update the ldap_user_shadow_last_change attribute after a " "password change" @@ -1385,24 +1389,24 @@ msgstr "" "Huruvida attributet ldap_user_shadow_last_change skall uppdateras efter en " "ändring av lösenord" -#: src/config/SSSDConfig/__init__.py.in:431 +#: src/config/SSSDConfig/__init__.py.in:432 msgid "Base DN for sudo rules lookups" msgstr "Bas-DN för regeluppslagningar" -#: src/config/SSSDConfig/__init__.py.in:432 +#: src/config/SSSDConfig/__init__.py.in:433 msgid "Automatic full refresh period" msgstr "Intervall mellan automatisk fullständig omläsning" -#: src/config/SSSDConfig/__init__.py.in:433 +#: src/config/SSSDConfig/__init__.py.in:434 msgid "Automatic smart refresh period" msgstr "Intervall mellan automatisk smart omläsning" -#: src/config/SSSDConfig/__init__.py.in:434 +#: src/config/SSSDConfig/__init__.py.in:435 msgid "Whether to filter rules by hostname, IP addresses and network" msgstr "" "Huruvida regler skall filtreras efter värdnamn, IP-adresser och nätverk" -#: src/config/SSSDConfig/__init__.py.in:435 +#: src/config/SSSDConfig/__init__.py.in:436 msgid "" "Hostnames and/or fully qualified domain names of this machine to filter sudo " "rules" @@ -1410,249 +1414,257 @@ msgstr "" "Värdnamn och/eller fullständigt kvalificerade domännamn på denna maskin för " "att filtrera sudo-regler" -#: src/config/SSSDConfig/__init__.py.in:436 +#: src/config/SSSDConfig/__init__.py.in:437 msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules" msgstr "" "IPv4- eller IPv6-adresser eller -nätverk för denna maskin för att filtrera " "sudo-regler" -#: src/config/SSSDConfig/__init__.py.in:437 +#: src/config/SSSDConfig/__init__.py.in:438 msgid "Whether to include rules that contains netgroup in host attribute" msgstr "" "Huruvida regler som innehåller nätgrupper i värdattribut skall inkluderas" -#: src/config/SSSDConfig/__init__.py.in:438 +#: src/config/SSSDConfig/__init__.py.in:439 msgid "" "Whether to include rules that contains regular expression in host attribute" msgstr "" "Huruvida regler som innehåller reguljära uttryck i värdattribut skall " "inkluderas" -#: src/config/SSSDConfig/__init__.py.in:439 +#: src/config/SSSDConfig/__init__.py.in:440 msgid "Object class for sudo rules" msgstr "Objektklass för sudo-regler" -#: src/config/SSSDConfig/__init__.py.in:440 +#: src/config/SSSDConfig/__init__.py.in:441 msgid "Sudo rule name" msgstr "Sudo-regelnamn" -#: src/config/SSSDConfig/__init__.py.in:441 +#: src/config/SSSDConfig/__init__.py.in:442 msgid "Sudo rule command attribute" msgstr "Attribut för sudo-regelkommandon" -#: src/config/SSSDConfig/__init__.py.in:442 +#: src/config/SSSDConfig/__init__.py.in:443 msgid "Sudo rule host attribute" msgstr "Attribut för sudo-regelvärd" -#: src/config/SSSDConfig/__init__.py.in:443 +#: src/config/SSSDConfig/__init__.py.in:444 msgid "Sudo rule user attribute" msgstr "Attribut för sudo-regelanvändare" -#: src/config/SSSDConfig/__init__.py.in:444 +#: src/config/SSSDConfig/__init__.py.in:445 msgid "Sudo rule option attribute" msgstr "Attribut för sudo-regelflaggor" -#: src/config/SSSDConfig/__init__.py.in:445 +#: src/config/SSSDConfig/__init__.py.in:446 msgid "Sudo rule runas attribute" msgstr "Sudo-regel-runas-attribut" -#: src/config/SSSDConfig/__init__.py.in:446 +#: src/config/SSSDConfig/__init__.py.in:447 msgid "Sudo rule runasuser attribute" msgstr "Attribut för sudo-runasuser" -#: src/config/SSSDConfig/__init__.py.in:447 +#: src/config/SSSDConfig/__init__.py.in:448 msgid "Sudo rule runasgroup attribute" msgstr "Attribut på runasgroup i sudo-regel" -#: src/config/SSSDConfig/__init__.py.in:448 +#: src/config/SSSDConfig/__init__.py.in:449 msgid "Sudo rule notbefore attribute" msgstr "Attribut för sudo-notbefore-regler" -#: src/config/SSSDConfig/__init__.py.in:449 +#: src/config/SSSDConfig/__init__.py.in:450 msgid "Sudo rule notafter attribute" msgstr "Attribut för sudo-notafter-regler" -#: src/config/SSSDConfig/__init__.py.in:450 +#: src/config/SSSDConfig/__init__.py.in:451 msgid "Sudo rule order attribute" msgstr "Attribut för sudo-order-regler" -#: src/config/SSSDConfig/__init__.py.in:453 +#: src/config/SSSDConfig/__init__.py.in:454 msgid "Object class for automounter maps" msgstr "Objektklass för avbildningar för automatmonterare" -#: src/config/SSSDConfig/__init__.py.in:454 +#: src/config/SSSDConfig/__init__.py.in:455 msgid "Automounter map name attribute" msgstr "Attribut för namn i avbildningar för automatmonterare" -#: src/config/SSSDConfig/__init__.py.in:455 +#: src/config/SSSDConfig/__init__.py.in:456 msgid "Object class for automounter map entries" msgstr "Objektklass för poster i avbildningar för automatmonterare" -#: src/config/SSSDConfig/__init__.py.in:456 +#: src/config/SSSDConfig/__init__.py.in:457 msgid "Automounter map entry key attribute" msgstr "Attribut för postnycklar i avbildningar för automatmonterare" -#: src/config/SSSDConfig/__init__.py.in:457 +#: src/config/SSSDConfig/__init__.py.in:458 msgid "Automounter map entry value attribute" msgstr "Attribut på postvärde i avbildning för automatmonteraren" -#: src/config/SSSDConfig/__init__.py.in:458 +#: src/config/SSSDConfig/__init__.py.in:459 msgid "Base DN for automounter map lookups" msgstr "Bas-DN för uppslagningar i avbildningar för automatmonterare" -#: src/config/SSSDConfig/__init__.py.in:461 +#: src/config/SSSDConfig/__init__.py.in:462 msgid "Comma separated list of allowed users" msgstr "Kommaseparerad lista över tillåtna användare" -#: src/config/SSSDConfig/__init__.py.in:462 +#: src/config/SSSDConfig/__init__.py.in:463 msgid "Comma separated list of prohibited users" msgstr "Kommaseparerad lista över förbjudna användare" -#: src/config/SSSDConfig/__init__.py.in:465 +#: src/config/SSSDConfig/__init__.py.in:466 msgid "Default shell, /bin/bash" msgstr "Standardskal, /bin/bash" -#: src/config/SSSDConfig/__init__.py.in:466 +#: src/config/SSSDConfig/__init__.py.in:467 msgid "Base for home directories" msgstr "Bas för hemkataloger" -#: src/config/SSSDConfig/__init__.py.in:469 +#: src/config/SSSDConfig/__init__.py.in:470 msgid "The number of preforked proxy children." msgstr "Antal ombudsbarn före grening" -#: src/config/SSSDConfig/__init__.py.in:472 +#: src/config/SSSDConfig/__init__.py.in:473 msgid "The name of the NSS library to use" msgstr "Namnet på NSS-biblioteket att använda" -#: src/config/SSSDConfig/__init__.py.in:473 +#: src/config/SSSDConfig/__init__.py.in:474 msgid "Whether to look up canonical group name from cache if possible" msgstr "Huruvida kanoniska gruppnamn skall slås upp från cachen om möjligt" -#: src/config/SSSDConfig/__init__.py.in:476 +#: src/config/SSSDConfig/__init__.py.in:477 msgid "PAM stack to use" msgstr "PAM-stack att använda" -#: src/config/SSSDConfig/__init__.py.in:479 +#: src/config/SSSDConfig/__init__.py.in:480 msgid "Path of passwd file sources." msgstr "Sökväg till lösenordsfilkällor." -#: src/config/SSSDConfig/__init__.py.in:480 +#: src/config/SSSDConfig/__init__.py.in:481 msgid "Path of group file sources." msgstr "Sökväg till gruppfilkällor." -#: src/monitor/monitor.c:2347 +#: src/monitor/monitor.c:2332 msgid "Become a daemon (default)" msgstr "Bli en demon (standard)" -#: src/monitor/monitor.c:2349 +#: src/monitor/monitor.c:2334 msgid "Run interactive (not a daemon)" msgstr "Kör interaktivt (inte en demon)" -#: src/monitor/monitor.c:2352 +#: src/monitor/monitor.c:2337 msgid "Disable netlink interface" msgstr "Avaktivera netlink-gränssnittet" -#: src/monitor/monitor.c:2354 src/tools/sssctl/sssctl_logs.c:311 +#: src/monitor/monitor.c:2339 src/tools/sssctl/sssctl_logs.c:311 msgid "Specify a non-default config file" msgstr "Ange en konfigurationsfil annan än standard" -#: src/monitor/monitor.c:2356 +#: src/monitor/monitor.c:2341 msgid "Refresh the configuration database, then exit" msgstr "Uppdatera konfigurationsdatabasen, avsluta sedan" -#: src/monitor/monitor.c:2359 +#: src/monitor/monitor.c:2344 msgid "Similar to --genconf, but only refreshes the given section" msgstr "" -#: src/monitor/monitor.c:2362 +#: src/monitor/monitor.c:2347 msgid "Print version number and exit" msgstr "Skriv ut versionsnumret och avsluta" -#: src/monitor/monitor.c:2538 +#: src/monitor/monitor.c:2523 msgid "SSSD is already running\n" msgstr "SSSD kör redan\n" -#: src/providers/krb5/krb5_child.c:3219 src/providers/ldap/ldap_child.c:605 +#: src/providers/krb5/krb5_child.c:3232 src/providers/ldap/ldap_child.c:605 msgid "Debug level" msgstr "Felsökningsnivå" -#: src/providers/krb5/krb5_child.c:3221 src/providers/ldap/ldap_child.c:607 +#: src/providers/krb5/krb5_child.c:3234 src/providers/ldap/ldap_child.c:607 msgid "Add debug timestamps" msgstr "Lägg till felsökningstidstämplar" -#: src/providers/krb5/krb5_child.c:3223 src/providers/ldap/ldap_child.c:609 +#: src/providers/krb5/krb5_child.c:3236 src/providers/ldap/ldap_child.c:609 msgid "Show timestamps with microseconds" msgstr "Visa tidsstämplar med mikrosekunder" -#: src/providers/krb5/krb5_child.c:3225 src/providers/ldap/ldap_child.c:611 +#: src/providers/krb5/krb5_child.c:3238 src/providers/ldap/ldap_child.c:611 msgid "An open file descriptor for the debug logs" msgstr "En öppen fildeskriptor för felsökningsloggarna" -#: src/providers/krb5/krb5_child.c:3228 src/providers/ldap/ldap_child.c:613 +#: src/providers/krb5/krb5_child.c:3241 src/providers/ldap/ldap_child.c:613 msgid "Send the debug output to stderr directly." msgstr "Skicka felsökningsutdata direkt till standard fel." -#: src/providers/krb5/krb5_child.c:3231 +#: src/providers/krb5/krb5_child.c:3244 msgid "The user to create FAST ccache as" msgstr "Användaren att skapa en FAST-ccache som" -#: src/providers/krb5/krb5_child.c:3233 +#: src/providers/krb5/krb5_child.c:3246 msgid "The group to create FAST ccache as" msgstr "Gruppen att skapa en FAST-ccache som" -#: src/providers/krb5/krb5_child.c:3235 +#: src/providers/krb5/krb5_child.c:3248 msgid "Kerberos realm to use" msgstr "Kerberosrike att använda" -#: src/providers/krb5/krb5_child.c:3237 +#: src/providers/krb5/krb5_child.c:3250 msgid "Requested lifetime of the ticket" msgstr "Begärd livslängd på biljetten" -#: src/providers/krb5/krb5_child.c:3239 +#: src/providers/krb5/krb5_child.c:3252 msgid "Requested renewable lifetime of the ticket" msgstr "Begärd förnybar livslängd på biljetten" -#: src/providers/krb5/krb5_child.c:3241 +#: src/providers/krb5/krb5_child.c:3254 msgid "FAST options ('never', 'try', 'demand')" msgstr "FAST-flaggor (”never”, ”try”, ”demand”)" -#: src/providers/krb5/krb5_child.c:3244 +#: src/providers/krb5/krb5_child.c:3257 msgid "Specifies the server principal to use for FAST" msgstr "Anger serverhuvudmannen att använda för FAST" -#: src/providers/krb5/krb5_child.c:3246 +#: src/providers/krb5/krb5_child.c:3259 msgid "Requests canonicalization of the principal name" msgstr "Begär kanonisering av huvudmannanamnet" -#: src/providers/krb5/krb5_child.c:3248 +#: src/providers/krb5/krb5_child.c:3261 msgid "Use custom version of krb5_get_init_creds_password" msgstr "Använd en anpassad version av krb5_get_init_creds_password" -#: src/providers/data_provider_be.c:630 +#: src/providers/data_provider_be.c:673 msgid "Domain of the information provider (mandatory)" msgstr "Domän för informationsleverantören (obligatoriskt)" -#: src/sss_client/common.c:1067 +#: src/sss_client/common.c:1079 msgid "Privileged socket has wrong ownership or permissions." msgstr "Privilegierat uttag (socket) har fel ägarskap eller rättigheter." -#: src/sss_client/common.c:1070 +#: src/sss_client/common.c:1082 msgid "Public socket has wrong ownership or permissions." msgstr "Publikt uttag (socket) har fel ägarskap eller rättigheter." -#: src/sss_client/common.c:1073 +#: src/sss_client/common.c:1085 msgid "Unexpected format of the server credential message." msgstr "Oväntat format på serverns kreditivmeddelande." -#: src/sss_client/common.c:1076 +#: src/sss_client/common.c:1088 msgid "SSSD is not run by root." msgstr "SSSD körs inte av root." -#: src/sss_client/common.c:1081 +#: src/sss_client/common.c:1091 +msgid "SSSD socket does not exist." +msgstr "" + +#: src/sss_client/common.c:1094 +msgid "Cannot get stat of SSSD socket." +msgstr "" + +#: src/sss_client/common.c:1099 msgid "An error occurred, but no description can be found." msgstr "Ett fel uppstod, men ingen beskrivning kan hittas." -#: src/sss_client/common.c:1087 +#: src/sss_client/common.c:1105 msgid "Unexpected error while looking for an error description" msgstr "Oväntat fel vid sökning efter ett felmeddelande" @@ -1660,46 +1672,46 @@ msgstr "Oväntat fel vid sökning efter ett felmeddelande" msgid "Permission denied. " msgstr "Åtkomst nekas. " -#: src/sss_client/pam_sss.c:68 src/sss_client/pam_sss.c:774 -#: src/sss_client/pam_sss.c:785 +#: src/sss_client/pam_sss.c:68 src/sss_client/pam_sss.c:777 +#: src/sss_client/pam_sss.c:788 msgid "Server message: " msgstr "Servermeddelande: " -#: src/sss_client/pam_sss.c:292 +#: src/sss_client/pam_sss.c:295 msgid "Passwords do not match" msgstr "Lösenorden stämmer inte överens" -#: src/sss_client/pam_sss.c:480 +#: src/sss_client/pam_sss.c:483 msgid "Password reset by root is not supported." msgstr "Återställning av lösenord av root stöds inte." -#: src/sss_client/pam_sss.c:521 +#: src/sss_client/pam_sss.c:524 msgid "Authenticated with cached credentials" msgstr "Autentiserad med cachade kreditiv" -#: src/sss_client/pam_sss.c:522 +#: src/sss_client/pam_sss.c:525 msgid ", your cached password will expire at: " msgstr ", ditt cache-lösenord kommer gå ut: " -#: src/sss_client/pam_sss.c:552 +#: src/sss_client/pam_sss.c:555 #, c-format msgid "Your password has expired. You have %1$d grace login(s) remaining." msgstr "Ditt lösenord har gått ut. Du har en frist på %1$d inloggningar kvar." -#: src/sss_client/pam_sss.c:598 +#: src/sss_client/pam_sss.c:601 #, c-format msgid "Your password will expire in %1$d %2$s." msgstr "Ditt lösenordet kommer gå ut om %1$d %2$s." -#: src/sss_client/pam_sss.c:647 +#: src/sss_client/pam_sss.c:650 msgid "Authentication is denied until: " msgstr "Autentisering nekas till: " -#: src/sss_client/pam_sss.c:668 +#: src/sss_client/pam_sss.c:671 msgid "System is offline, password change not possible" msgstr "Systemet är frånkopplat, ändring av lösenord är inte möjligt" -#: src/sss_client/pam_sss.c:683 +#: src/sss_client/pam_sss.c:686 msgid "" "After changing the OTP password, you need to log out and back in order to " "acquire a ticket" @@ -1707,43 +1719,43 @@ msgstr "" "Efter att ha ändrat OTP-lösenordet behöver du logga ut och tillbaka in för " "att få en biljett" -#: src/sss_client/pam_sss.c:771 src/sss_client/pam_sss.c:784 +#: src/sss_client/pam_sss.c:774 src/sss_client/pam_sss.c:787 msgid "Password change failed. " msgstr "Lösenordsändringen misslyckades. " -#: src/sss_client/pam_sss.c:1921 +#: src/sss_client/pam_sss.c:1977 msgid "New Password: " msgstr "Nytt lösenord: " -#: src/sss_client/pam_sss.c:1922 +#: src/sss_client/pam_sss.c:1978 msgid "Reenter new Password: " msgstr "Skriv det nya lösenordet igen: " -#: src/sss_client/pam_sss.c:2038 src/sss_client/pam_sss.c:2041 +#: src/sss_client/pam_sss.c:2139 src/sss_client/pam_sss.c:2142 msgid "First Factor: " msgstr "Första faktorn: " -#: src/sss_client/pam_sss.c:2039 src/sss_client/pam_sss.c:2201 +#: src/sss_client/pam_sss.c:2140 src/sss_client/pam_sss.c:2303 msgid "Second Factor (optional): " msgstr "Andra faktorn (frivillig): " -#: src/sss_client/pam_sss.c:2042 src/sss_client/pam_sss.c:2204 +#: src/sss_client/pam_sss.c:2143 src/sss_client/pam_sss.c:2306 msgid "Second Factor: " msgstr "Andra faktorn: " -#: src/sss_client/pam_sss.c:2057 +#: src/sss_client/pam_sss.c:2158 msgid "Password: " msgstr "Lösenord: " -#: src/sss_client/pam_sss.c:2200 src/sss_client/pam_sss.c:2203 +#: src/sss_client/pam_sss.c:2302 src/sss_client/pam_sss.c:2305 msgid "First Factor (Current Password): " msgstr "Första faktorn (nuvarande lösenord): " -#: src/sss_client/pam_sss.c:2207 +#: src/sss_client/pam_sss.c:2309 msgid "Current Password: " msgstr "Nuvarande lösenord: " -#: src/sss_client/pam_sss.c:2562 +#: src/sss_client/pam_sss.c:2664 msgid "Password expired. Change your password now." msgstr "Lösenordet har gått ut. Ändra ditt lösenord nu." @@ -1752,7 +1764,7 @@ msgstr "Lösenordet har gått ut. Ändra ditt lösenord nu." #: src/tools/sss_groupadd.c:41 src/tools/sss_groupdel.c:44 #: src/tools/sss_groupmod.c:42 src/tools/sss_groupshow.c:668 #: src/tools/sss_userdel.c:134 src/tools/sss_usermod.c:47 -#: src/tools/sss_cache.c:687 +#: src/tools/sss_cache.c:704 msgid "The debug level to run with" msgstr "Felsökningsnivån att köra med" @@ -1765,7 +1777,7 @@ msgstr "SSSD-domäner att använda" #: src/tools/sss_groupadd.c:59 src/tools/sss_groupdel.c:54 #: src/tools/sss_groupmod.c:66 src/tools/sss_groupshow.c:680 #: src/tools/sss_userdel.c:152 src/tools/sss_usermod.c:79 -#: src/tools/sss_cache.c:733 +#: src/tools/sss_cache.c:750 msgid "Error setting the locale\n" msgstr "Fel när lokalen sattes\n" @@ -1801,6 +1813,11 @@ msgstr "Värden inte angiven\n" msgid "The path to the proxy command must be absolute\n" msgstr "Sökvägen till proxy-kommandot måste vara absolut\n" +#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:342 +#, c-format +msgid "sss_ssh_knownhostsproxy: Could not resolve hostname %s\n" +msgstr "" + #: src/tools/sss_useradd.c:49 src/tools/sss_usermod.c:48 msgid "The UID of the user" msgstr "Användarens UID" @@ -2227,85 +2244,85 @@ msgstr "" msgid "Transaction error. Could not modify user.\n" msgstr "Transaktionsfel. Det gick inte att ändra användaren.\n" -#: src/tools/sss_cache.c:228 +#: src/tools/sss_cache.c:245 msgid "No cache object matched the specified search\n" msgstr "Inga cache-objekt matchade den angivna sökningen\n" -#: src/tools/sss_cache.c:519 +#: src/tools/sss_cache.c:536 #, c-format msgid "Couldn't invalidate %1$s\n" msgstr "Kunde inte invalidera %1$s\n" -#: src/tools/sss_cache.c:526 +#: src/tools/sss_cache.c:543 #, c-format msgid "Couldn't invalidate %1$s %2$s\n" msgstr "Kunde inte invalidera %1$s %2$s\n" -#: src/tools/sss_cache.c:689 +#: src/tools/sss_cache.c:706 msgid "Invalidate all cached entries" msgstr "Invalidera alla cachade poster" -#: src/tools/sss_cache.c:691 +#: src/tools/sss_cache.c:708 msgid "Invalidate particular user" msgstr "Invalidera en viss användare" -#: src/tools/sss_cache.c:693 +#: src/tools/sss_cache.c:710 msgid "Invalidate all users" msgstr "Invalidera alla användare" -#: src/tools/sss_cache.c:695 +#: src/tools/sss_cache.c:712 msgid "Invalidate particular group" msgstr "Invalidera en viss grupp" -#: src/tools/sss_cache.c:697 +#: src/tools/sss_cache.c:714 msgid "Invalidate all groups" msgstr "Invalidera alla grupper" -#: src/tools/sss_cache.c:699 +#: src/tools/sss_cache.c:716 msgid "Invalidate particular netgroup" msgstr "Invalidera en viss nätgrupp" -#: src/tools/sss_cache.c:701 +#: src/tools/sss_cache.c:718 msgid "Invalidate all netgroups" msgstr "Invalidera alla nätgrupper" -#: src/tools/sss_cache.c:703 +#: src/tools/sss_cache.c:720 msgid "Invalidate particular service" msgstr "Invalidera en viss tjänst" -#: src/tools/sss_cache.c:705 +#: src/tools/sss_cache.c:722 msgid "Invalidate all services" msgstr "Invalidera alla tjänster" -#: src/tools/sss_cache.c:708 +#: src/tools/sss_cache.c:725 msgid "Invalidate particular autofs map" msgstr "Invalidera en viss autofs-mapp" -#: src/tools/sss_cache.c:710 +#: src/tools/sss_cache.c:727 msgid "Invalidate all autofs maps" msgstr "Invalidera alla autofs-mappar" -#: src/tools/sss_cache.c:714 +#: src/tools/sss_cache.c:731 msgid "Invalidate particular SSH host" msgstr "Invalidera en viss SSH-värd" -#: src/tools/sss_cache.c:716 +#: src/tools/sss_cache.c:733 msgid "Invalidate all SSH hosts" msgstr "Invalidera alla SSH-värdar" -#: src/tools/sss_cache.c:720 +#: src/tools/sss_cache.c:737 msgid "Invalidate particular sudo rule" msgstr "Invalidera en viss sudo-regel" -#: src/tools/sss_cache.c:722 +#: src/tools/sss_cache.c:739 msgid "Invalidate all cached sudo rules" msgstr "Invalidera alla cachade sudo-regler" -#: src/tools/sss_cache.c:725 +#: src/tools/sss_cache.c:742 msgid "Only invalidate entries from a particular domain" msgstr "Invalidera endast poster från en viss domän" -#: src/tools/sss_cache.c:779 +#: src/tools/sss_cache.c:796 msgid "" "Unexpected argument(s) provided, options that invalidate a single object " "only accept a single provided argument.\n" @@ -2313,11 +2330,11 @@ msgstr "" "Oväntat argument angivet, flaggor som invaliderar ett ensamt objekt tar bara " "ett ensamt angivet argument.\n" -#: src/tools/sss_cache.c:789 +#: src/tools/sss_cache.c:806 msgid "Please select at least one object to invalidate\n" msgstr "Välj åtminstone ett objekt att invalidera\n" -#: src/tools/sss_cache.c:872 +#: src/tools/sss_cache.c:889 #, c-format msgid "" "Could not open domain %1$s. If the domain is a subdomain (trusted domain), " @@ -2326,7 +2343,7 @@ msgstr "" "Kunde inte öppna domänen %1$s. Om domänen är en underdomän (betrodd domän), " "använd fullt kvalificerat namn istället för parametrarna --domain/-d.\n" -#: src/tools/sss_cache.c:877 +#: src/tools/sss_cache.c:894 msgid "Could not open available domains\n" msgstr "Kunde inte öppna tillgängliga domäner\n" @@ -2567,9 +2584,9 @@ msgstr "Visa domänlistan inklusive primär eller betrodd domäntyp" #: src/tools/sssctl/sssctl_domains.c:105 src/tools/sssctl/sssctl_domains.c:354 #: src/tools/sssctl/sssctl_user_checks.c:95 -#, fuzzy, c-format +#, c-format msgid "Unable to connect to system bus!\n" -msgstr "Kan inte ansluta till InfoPipe" +msgstr "" #: src/tools/sssctl/sssctl_domains.c:167 #, c-format @@ -2912,40 +2929,18 @@ msgstr "PAM-miljö:\n" msgid " - no env -\n" msgstr " - ingen miljö -\n" -#: src/util/util.h:73 +#: src/util/util.h:74 msgid "The user ID to run the server as" msgstr "Användar-ID:t att köra servern som" -#: src/util/util.h:75 +#: src/util/util.h:76 msgid "The group ID to run the server as" msgstr "Grupp-ID:t att köra servern som" -#: src/util/util.h:83 +#: src/util/util.h:84 msgid "Informs that the responder has been socket-activated" msgstr "Informerar att respondenten har blivit uttagsaktiverad" -#: src/util/util.h:85 +#: src/util/util.h:86 msgid "Informs that the responder has been dbus-activated" msgstr "Informerar att respondenten har blivit dbus-aktiverad" - -#~ msgid "Store password hashes" -#~ msgstr "Lagra lösenords-kontrollsummor" - -#~ msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for group lookups" -#~ msgstr "Använd LDAP_MATCHING_RULE_IN_CHAIN för gruppuppslagningar" - -#~ msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for initgroup lookups" -#~ msgstr "Använd LDAP_MATCHING_RULE_IN_CHAIN för init-gruppuppslagningar" - -#~ msgid "" -#~ "Check that SSSD is running and the InfoPipe responder is enabled. Make " -#~ "sure 'ifp' is listed in the 'services' option in sssd.conf.\n" -#~ msgstr "" -#~ "Kontrollera att SSSD kör och InfoPipe-respondenten är aktiverad. Se till " -#~ "att ”ifp” listas i flaggan ”services” i sssd.conf.\n" - -#~ msgid "Unable to get user object" -#~ msgstr "Kan inte att användarobjektet" - -#~ msgid "Unable to get user name attr" -#~ msgstr "Kan inte hämta användarnamnsattribut" diff --git a/po/tg.po b/po/tg.po index 6cb32c0dda5..0dd5cf0b344 100644 --- a/po/tg.po +++ b/po/tg.po @@ -7,7 +7,7 @@ msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n" -"POT-Creation-Date: 2019-02-27 19:55+0100\n" +"POT-Creation-Date: 2019-06-13 20:35+0200\n" "PO-Revision-Date: 2014-12-14 11:48+0000\n" "Last-Translator: Copied by Zanata \n" "Language-Team: Tajik (http://www.transifex.com/projects/p/sssd/language/" @@ -674,7 +674,7 @@ msgid "Active Directory client hostname" msgstr "" #: src/config/SSSDConfig/__init__.py.in:236 -#: src/config/SSSDConfig/__init__.py.in:420 +#: src/config/SSSDConfig/__init__.py.in:421 msgid "LDAP filter to determine access privileges" msgstr "" @@ -844,746 +844,758 @@ msgid "The Schema Type in use on the LDAP server, rfc2307" msgstr "" #: src/config/SSSDConfig/__init__.py.in:285 -msgid "The default bind DN" +msgid "Mode used to change user password" msgstr "" #: src/config/SSSDConfig/__init__.py.in:286 -msgid "The type of the authentication token of the default bind DN" +msgid "The default bind DN" msgstr "" #: src/config/SSSDConfig/__init__.py.in:287 -msgid "The authentication token of the default bind DN" +msgid "The type of the authentication token of the default bind DN" msgstr "" #: src/config/SSSDConfig/__init__.py.in:288 -msgid "Length of time to attempt connection" +msgid "The authentication token of the default bind DN" msgstr "" #: src/config/SSSDConfig/__init__.py.in:289 -msgid "Length of time to attempt synchronous LDAP operations" +msgid "Length of time to attempt connection" msgstr "" #: src/config/SSSDConfig/__init__.py.in:290 -msgid "Length of time between attempts to reconnect while offline" +msgid "Length of time to attempt synchronous LDAP operations" msgstr "" #: src/config/SSSDConfig/__init__.py.in:291 -msgid "Use only the upper case for realm names" +msgid "Length of time between attempts to reconnect while offline" msgstr "" #: src/config/SSSDConfig/__init__.py.in:292 -msgid "File that contains CA certificates" +msgid "Use only the upper case for realm names" msgstr "" #: src/config/SSSDConfig/__init__.py.in:293 -msgid "Path to CA certificate directory" +msgid "File that contains CA certificates" msgstr "" #: src/config/SSSDConfig/__init__.py.in:294 -msgid "File that contains the client certificate" +msgid "Path to CA certificate directory" msgstr "" #: src/config/SSSDConfig/__init__.py.in:295 -msgid "File that contains the client key" +msgid "File that contains the client certificate" msgstr "" #: src/config/SSSDConfig/__init__.py.in:296 -msgid "List of possible ciphers suites" +msgid "File that contains the client key" msgstr "" #: src/config/SSSDConfig/__init__.py.in:297 -msgid "Require TLS certificate verification" +msgid "List of possible ciphers suites" msgstr "" #: src/config/SSSDConfig/__init__.py.in:298 -msgid "Specify the sasl mechanism to use" +msgid "Require TLS certificate verification" msgstr "" #: src/config/SSSDConfig/__init__.py.in:299 -msgid "Specify the sasl authorization id to use" +msgid "Specify the sasl mechanism to use" msgstr "" #: src/config/SSSDConfig/__init__.py.in:300 -msgid "Specify the sasl authorization realm to use" +msgid "Specify the sasl authorization id to use" msgstr "" #: src/config/SSSDConfig/__init__.py.in:301 -msgid "Specify the minimal SSF for LDAP sasl authorization" +msgid "Specify the sasl authorization realm to use" msgstr "" #: src/config/SSSDConfig/__init__.py.in:302 -msgid "Kerberos service keytab" +msgid "Specify the minimal SSF for LDAP sasl authorization" msgstr "" #: src/config/SSSDConfig/__init__.py.in:303 -msgid "Use Kerberos auth for LDAP connection" +msgid "Kerberos service keytab" msgstr "" #: src/config/SSSDConfig/__init__.py.in:304 -msgid "Follow LDAP referrals" +msgid "Use Kerberos auth for LDAP connection" msgstr "" #: src/config/SSSDConfig/__init__.py.in:305 -msgid "Lifetime of TGT for LDAP connection" +msgid "Follow LDAP referrals" msgstr "" #: src/config/SSSDConfig/__init__.py.in:306 -msgid "How to dereference aliases" +msgid "Lifetime of TGT for LDAP connection" msgstr "" #: src/config/SSSDConfig/__init__.py.in:307 -msgid "Service name for DNS service lookups" +msgid "How to dereference aliases" msgstr "" #: src/config/SSSDConfig/__init__.py.in:308 -msgid "The number of records to retrieve in a single LDAP query" +msgid "Service name for DNS service lookups" msgstr "" #: src/config/SSSDConfig/__init__.py.in:309 -msgid "The number of members that must be missing to trigger a full deref" +msgid "The number of records to retrieve in a single LDAP query" msgstr "" #: src/config/SSSDConfig/__init__.py.in:310 +msgid "The number of members that must be missing to trigger a full deref" +msgstr "" + +#: src/config/SSSDConfig/__init__.py.in:311 msgid "" "Whether the LDAP library should perform a reverse lookup to canonicalize the " "host name during a SASL bind" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:312 +#: src/config/SSSDConfig/__init__.py.in:313 msgid "entryUSN attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:313 +#: src/config/SSSDConfig/__init__.py.in:314 msgid "lastUSN attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:315 +#: src/config/SSSDConfig/__init__.py.in:316 msgid "How long to retain a connection to the LDAP server before disconnecting" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:317 +#: src/config/SSSDConfig/__init__.py.in:318 msgid "Disable the LDAP paging control" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:318 +#: src/config/SSSDConfig/__init__.py.in:319 msgid "Disable Active Directory range retrieval" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:321 +#: src/config/SSSDConfig/__init__.py.in:322 msgid "Length of time to wait for a search request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:322 +#: src/config/SSSDConfig/__init__.py.in:323 msgid "Length of time to wait for a enumeration request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:323 +#: src/config/SSSDConfig/__init__.py.in:324 msgid "Length of time between enumeration updates" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:324 +#: src/config/SSSDConfig/__init__.py.in:325 msgid "Length of time between cache cleanups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:325 +#: src/config/SSSDConfig/__init__.py.in:326 msgid "Require TLS for ID lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:326 +#: src/config/SSSDConfig/__init__.py.in:327 msgid "Use ID-mapping of objectSID instead of pre-set IDs" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:327 +#: src/config/SSSDConfig/__init__.py.in:328 msgid "Base DN for user lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:328 +#: src/config/SSSDConfig/__init__.py.in:329 msgid "Scope of user lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:329 +#: src/config/SSSDConfig/__init__.py.in:330 msgid "Filter for user lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:330 +#: src/config/SSSDConfig/__init__.py.in:331 msgid "Objectclass for users" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:331 +#: src/config/SSSDConfig/__init__.py.in:332 msgid "Username attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:333 +#: src/config/SSSDConfig/__init__.py.in:334 msgid "UID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:334 +#: src/config/SSSDConfig/__init__.py.in:335 msgid "Primary GID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:335 +#: src/config/SSSDConfig/__init__.py.in:336 msgid "GECOS attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:336 +#: src/config/SSSDConfig/__init__.py.in:337 msgid "Home directory attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:337 +#: src/config/SSSDConfig/__init__.py.in:338 msgid "Shell attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:338 +#: src/config/SSSDConfig/__init__.py.in:339 msgid "UUID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:339 -#: src/config/SSSDConfig/__init__.py.in:381 +#: src/config/SSSDConfig/__init__.py.in:340 +#: src/config/SSSDConfig/__init__.py.in:382 msgid "objectSID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:340 +#: src/config/SSSDConfig/__init__.py.in:341 msgid "Active Directory primary group attribute for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:341 +#: src/config/SSSDConfig/__init__.py.in:342 msgid "User principal attribute (for Kerberos)" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:342 +#: src/config/SSSDConfig/__init__.py.in:343 msgid "Full Name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:343 +#: src/config/SSSDConfig/__init__.py.in:344 msgid "memberOf attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:344 +#: src/config/SSSDConfig/__init__.py.in:345 msgid "Modification time attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:346 +#: src/config/SSSDConfig/__init__.py.in:347 msgid "shadowLastChange attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:347 +#: src/config/SSSDConfig/__init__.py.in:348 msgid "shadowMin attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:348 +#: src/config/SSSDConfig/__init__.py.in:349 msgid "shadowMax attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:349 +#: src/config/SSSDConfig/__init__.py.in:350 msgid "shadowWarning attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:350 +#: src/config/SSSDConfig/__init__.py.in:351 msgid "shadowInactive attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:351 +#: src/config/SSSDConfig/__init__.py.in:352 msgid "shadowExpire attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:352 +#: src/config/SSSDConfig/__init__.py.in:353 msgid "shadowFlag attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:353 +#: src/config/SSSDConfig/__init__.py.in:354 msgid "Attribute listing authorized PAM services" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:354 +#: src/config/SSSDConfig/__init__.py.in:355 msgid "Attribute listing authorized server hosts" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:355 +#: src/config/SSSDConfig/__init__.py.in:356 msgid "Attribute listing authorized server rhosts" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:356 +#: src/config/SSSDConfig/__init__.py.in:357 msgid "krbLastPwdChange attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:357 +#: src/config/SSSDConfig/__init__.py.in:358 msgid "krbPasswordExpiration attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:358 +#: src/config/SSSDConfig/__init__.py.in:359 msgid "Attribute indicating that server side password policies are active" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:359 +#: src/config/SSSDConfig/__init__.py.in:360 msgid "accountExpires attribute of AD" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:360 +#: src/config/SSSDConfig/__init__.py.in:361 msgid "userAccountControl attribute of AD" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:361 +#: src/config/SSSDConfig/__init__.py.in:362 msgid "nsAccountLock attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:362 +#: src/config/SSSDConfig/__init__.py.in:363 msgid "loginDisabled attribute of NDS" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:363 +#: src/config/SSSDConfig/__init__.py.in:364 msgid "loginExpirationTime attribute of NDS" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:364 +#: src/config/SSSDConfig/__init__.py.in:365 msgid "loginAllowedTimeMap attribute of NDS" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:365 +#: src/config/SSSDConfig/__init__.py.in:366 msgid "SSH public key attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:366 +#: src/config/SSSDConfig/__init__.py.in:367 msgid "attribute listing allowed authentication types for a user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:367 +#: src/config/SSSDConfig/__init__.py.in:368 msgid "attribute containing the X509 certificate of the user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:368 +#: src/config/SSSDConfig/__init__.py.in:369 msgid "attribute containing the email address of the user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:370 +#: src/config/SSSDConfig/__init__.py.in:371 msgid "A list of extra attributes to download along with the user entry" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:372 +#: src/config/SSSDConfig/__init__.py.in:373 msgid "Base DN for group lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:375 +#: src/config/SSSDConfig/__init__.py.in:376 msgid "Objectclass for groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:376 +#: src/config/SSSDConfig/__init__.py.in:377 msgid "Group name" msgstr "Номи гурӯҳ" -#: src/config/SSSDConfig/__init__.py.in:377 +#: src/config/SSSDConfig/__init__.py.in:378 msgid "Group password" msgstr "Пароли гурӯҳ" -#: src/config/SSSDConfig/__init__.py.in:378 +#: src/config/SSSDConfig/__init__.py.in:379 msgid "GID attribute" msgstr "Аттрибути GID" -#: src/config/SSSDConfig/__init__.py.in:379 +#: src/config/SSSDConfig/__init__.py.in:380 msgid "Group member attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:380 +#: src/config/SSSDConfig/__init__.py.in:381 msgid "Group UUID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:382 +#: src/config/SSSDConfig/__init__.py.in:383 msgid "Modification time attribute for groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:383 +#: src/config/SSSDConfig/__init__.py.in:384 msgid "Type of the group and other flags" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:384 +#: src/config/SSSDConfig/__init__.py.in:385 msgid "The LDAP group external member attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:386 +#: src/config/SSSDConfig/__init__.py.in:387 msgid "Maximum nesting level SSSD will follow" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:388 +#: src/config/SSSDConfig/__init__.py.in:389 msgid "Base DN for netgroup lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:389 +#: src/config/SSSDConfig/__init__.py.in:390 msgid "Objectclass for netgroups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:390 +#: src/config/SSSDConfig/__init__.py.in:391 msgid "Netgroup name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:391 +#: src/config/SSSDConfig/__init__.py.in:392 msgid "Netgroups members attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:392 +#: src/config/SSSDConfig/__init__.py.in:393 msgid "Netgroup triple attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:393 +#: src/config/SSSDConfig/__init__.py.in:394 msgid "Modification time attribute for netgroups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:395 +#: src/config/SSSDConfig/__init__.py.in:396 msgid "Base DN for service lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:396 +#: src/config/SSSDConfig/__init__.py.in:397 msgid "Objectclass for services" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:397 +#: src/config/SSSDConfig/__init__.py.in:398 msgid "Service name attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:398 +#: src/config/SSSDConfig/__init__.py.in:399 msgid "Service port attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:399 +#: src/config/SSSDConfig/__init__.py.in:400 msgid "Service protocol attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:402 +#: src/config/SSSDConfig/__init__.py.in:403 msgid "Lower bound for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:403 +#: src/config/SSSDConfig/__init__.py.in:404 msgid "Upper bound for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:404 +#: src/config/SSSDConfig/__init__.py.in:405 msgid "Number of IDs for each slice when ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:405 +#: src/config/SSSDConfig/__init__.py.in:406 msgid "Use autorid-compatible algorithm for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:406 +#: src/config/SSSDConfig/__init__.py.in:407 msgid "Name of the default domain for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:407 +#: src/config/SSSDConfig/__init__.py.in:408 msgid "SID of the default domain for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:408 +#: src/config/SSSDConfig/__init__.py.in:409 msgid "Number of secondary slices" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:410 +#: src/config/SSSDConfig/__init__.py.in:411 msgid "Whether to use Token-Groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:411 +#: src/config/SSSDConfig/__init__.py.in:412 msgid "Set lower boundary for allowed IDs from the LDAP server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:412 +#: src/config/SSSDConfig/__init__.py.in:413 msgid "Set upper boundary for allowed IDs from the LDAP server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:413 +#: src/config/SSSDConfig/__init__.py.in:414 msgid "DN for ppolicy queries" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:414 +#: src/config/SSSDConfig/__init__.py.in:415 msgid "How many maximum entries to fetch during a wildcard request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:417 +#: src/config/SSSDConfig/__init__.py.in:418 msgid "Policy to evaluate the password expiration" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:421 +#: src/config/SSSDConfig/__init__.py.in:422 msgid "Which attributes shall be used to evaluate if an account is expired" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:422 +#: src/config/SSSDConfig/__init__.py.in:423 msgid "Which rules should be used to evaluate access control" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:425 +#: src/config/SSSDConfig/__init__.py.in:426 msgid "URI of an LDAP server where password changes are allowed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:426 +#: src/config/SSSDConfig/__init__.py.in:427 msgid "URI of a backup LDAP server where password changes are allowed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:427 +#: src/config/SSSDConfig/__init__.py.in:428 msgid "DNS service name for LDAP password change server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:428 +#: src/config/SSSDConfig/__init__.py.in:429 msgid "" "Whether to update the ldap_user_shadow_last_change attribute after a " "password change" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:431 +#: src/config/SSSDConfig/__init__.py.in:432 msgid "Base DN for sudo rules lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:432 +#: src/config/SSSDConfig/__init__.py.in:433 msgid "Automatic full refresh period" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:433 +#: src/config/SSSDConfig/__init__.py.in:434 msgid "Automatic smart refresh period" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:434 +#: src/config/SSSDConfig/__init__.py.in:435 msgid "Whether to filter rules by hostname, IP addresses and network" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:435 +#: src/config/SSSDConfig/__init__.py.in:436 msgid "" "Hostnames and/or fully qualified domain names of this machine to filter sudo " "rules" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:436 +#: src/config/SSSDConfig/__init__.py.in:437 msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:437 +#: src/config/SSSDConfig/__init__.py.in:438 msgid "Whether to include rules that contains netgroup in host attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:438 +#: src/config/SSSDConfig/__init__.py.in:439 msgid "" "Whether to include rules that contains regular expression in host attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:439 +#: src/config/SSSDConfig/__init__.py.in:440 msgid "Object class for sudo rules" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:440 +#: src/config/SSSDConfig/__init__.py.in:441 msgid "Sudo rule name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:441 +#: src/config/SSSDConfig/__init__.py.in:442 msgid "Sudo rule command attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:442 +#: src/config/SSSDConfig/__init__.py.in:443 msgid "Sudo rule host attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:443 +#: src/config/SSSDConfig/__init__.py.in:444 msgid "Sudo rule user attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:444 +#: src/config/SSSDConfig/__init__.py.in:445 msgid "Sudo rule option attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:445 +#: src/config/SSSDConfig/__init__.py.in:446 msgid "Sudo rule runas attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:446 +#: src/config/SSSDConfig/__init__.py.in:447 msgid "Sudo rule runasuser attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:447 +#: src/config/SSSDConfig/__init__.py.in:448 msgid "Sudo rule runasgroup attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:448 +#: src/config/SSSDConfig/__init__.py.in:449 msgid "Sudo rule notbefore attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:449 +#: src/config/SSSDConfig/__init__.py.in:450 msgid "Sudo rule notafter attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:450 +#: src/config/SSSDConfig/__init__.py.in:451 msgid "Sudo rule order attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:453 +#: src/config/SSSDConfig/__init__.py.in:454 msgid "Object class for automounter maps" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:454 +#: src/config/SSSDConfig/__init__.py.in:455 msgid "Automounter map name attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:455 +#: src/config/SSSDConfig/__init__.py.in:456 msgid "Object class for automounter map entries" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:456 +#: src/config/SSSDConfig/__init__.py.in:457 msgid "Automounter map entry key attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:457 +#: src/config/SSSDConfig/__init__.py.in:458 msgid "Automounter map entry value attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:458 +#: src/config/SSSDConfig/__init__.py.in:459 msgid "Base DN for automounter map lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:461 +#: src/config/SSSDConfig/__init__.py.in:462 msgid "Comma separated list of allowed users" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:462 +#: src/config/SSSDConfig/__init__.py.in:463 msgid "Comma separated list of prohibited users" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:465 +#: src/config/SSSDConfig/__init__.py.in:466 msgid "Default shell, /bin/bash" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:466 +#: src/config/SSSDConfig/__init__.py.in:467 msgid "Base for home directories" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:469 +#: src/config/SSSDConfig/__init__.py.in:470 msgid "The number of preforked proxy children." msgstr "" -#: src/config/SSSDConfig/__init__.py.in:472 +#: src/config/SSSDConfig/__init__.py.in:473 msgid "The name of the NSS library to use" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:473 +#: src/config/SSSDConfig/__init__.py.in:474 msgid "Whether to look up canonical group name from cache if possible" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:476 +#: src/config/SSSDConfig/__init__.py.in:477 msgid "PAM stack to use" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:479 +#: src/config/SSSDConfig/__init__.py.in:480 msgid "Path of passwd file sources." msgstr "" -#: src/config/SSSDConfig/__init__.py.in:480 +#: src/config/SSSDConfig/__init__.py.in:481 msgid "Path of group file sources." msgstr "" -#: src/monitor/monitor.c:2347 +#: src/monitor/monitor.c:2332 msgid "Become a daemon (default)" msgstr "" -#: src/monitor/monitor.c:2349 +#: src/monitor/monitor.c:2334 msgid "Run interactive (not a daemon)" msgstr "" -#: src/monitor/monitor.c:2352 +#: src/monitor/monitor.c:2337 msgid "Disable netlink interface" msgstr "" -#: src/monitor/monitor.c:2354 src/tools/sssctl/sssctl_logs.c:311 +#: src/monitor/monitor.c:2339 src/tools/sssctl/sssctl_logs.c:311 msgid "Specify a non-default config file" msgstr "" -#: src/monitor/monitor.c:2356 +#: src/monitor/monitor.c:2341 msgid "Refresh the configuration database, then exit" msgstr "" -#: src/monitor/monitor.c:2359 +#: src/monitor/monitor.c:2344 msgid "Similar to --genconf, but only refreshes the given section" msgstr "" -#: src/monitor/monitor.c:2362 +#: src/monitor/monitor.c:2347 msgid "Print version number and exit" msgstr "" -#: src/monitor/monitor.c:2538 +#: src/monitor/monitor.c:2523 msgid "SSSD is already running\n" msgstr "" -#: src/providers/krb5/krb5_child.c:3219 src/providers/ldap/ldap_child.c:605 +#: src/providers/krb5/krb5_child.c:3232 src/providers/ldap/ldap_child.c:605 msgid "Debug level" msgstr "" -#: src/providers/krb5/krb5_child.c:3221 src/providers/ldap/ldap_child.c:607 +#: src/providers/krb5/krb5_child.c:3234 src/providers/ldap/ldap_child.c:607 msgid "Add debug timestamps" msgstr "" -#: src/providers/krb5/krb5_child.c:3223 src/providers/ldap/ldap_child.c:609 +#: src/providers/krb5/krb5_child.c:3236 src/providers/ldap/ldap_child.c:609 msgid "Show timestamps with microseconds" msgstr "" -#: src/providers/krb5/krb5_child.c:3225 src/providers/ldap/ldap_child.c:611 +#: src/providers/krb5/krb5_child.c:3238 src/providers/ldap/ldap_child.c:611 msgid "An open file descriptor for the debug logs" msgstr "" -#: src/providers/krb5/krb5_child.c:3228 src/providers/ldap/ldap_child.c:613 +#: src/providers/krb5/krb5_child.c:3241 src/providers/ldap/ldap_child.c:613 msgid "Send the debug output to stderr directly." msgstr "" -#: src/providers/krb5/krb5_child.c:3231 +#: src/providers/krb5/krb5_child.c:3244 msgid "The user to create FAST ccache as" msgstr "" -#: src/providers/krb5/krb5_child.c:3233 +#: src/providers/krb5/krb5_child.c:3246 msgid "The group to create FAST ccache as" msgstr "" -#: src/providers/krb5/krb5_child.c:3235 +#: src/providers/krb5/krb5_child.c:3248 msgid "Kerberos realm to use" msgstr "" -#: src/providers/krb5/krb5_child.c:3237 +#: src/providers/krb5/krb5_child.c:3250 msgid "Requested lifetime of the ticket" msgstr "" -#: src/providers/krb5/krb5_child.c:3239 +#: src/providers/krb5/krb5_child.c:3252 msgid "Requested renewable lifetime of the ticket" msgstr "" -#: src/providers/krb5/krb5_child.c:3241 +#: src/providers/krb5/krb5_child.c:3254 msgid "FAST options ('never', 'try', 'demand')" msgstr "" -#: src/providers/krb5/krb5_child.c:3244 +#: src/providers/krb5/krb5_child.c:3257 msgid "Specifies the server principal to use for FAST" msgstr "" -#: src/providers/krb5/krb5_child.c:3246 +#: src/providers/krb5/krb5_child.c:3259 msgid "Requests canonicalization of the principal name" msgstr "" -#: src/providers/krb5/krb5_child.c:3248 +#: src/providers/krb5/krb5_child.c:3261 msgid "Use custom version of krb5_get_init_creds_password" msgstr "" -#: src/providers/data_provider_be.c:630 +#: src/providers/data_provider_be.c:673 msgid "Domain of the information provider (mandatory)" msgstr "" -#: src/sss_client/common.c:1067 +#: src/sss_client/common.c:1079 msgid "Privileged socket has wrong ownership or permissions." msgstr "" -#: src/sss_client/common.c:1070 +#: src/sss_client/common.c:1082 msgid "Public socket has wrong ownership or permissions." msgstr "" -#: src/sss_client/common.c:1073 +#: src/sss_client/common.c:1085 msgid "Unexpected format of the server credential message." msgstr "" -#: src/sss_client/common.c:1076 +#: src/sss_client/common.c:1088 msgid "SSSD is not run by root." msgstr "" -#: src/sss_client/common.c:1081 +#: src/sss_client/common.c:1091 +msgid "SSSD socket does not exist." +msgstr "" + +#: src/sss_client/common.c:1094 +msgid "Cannot get stat of SSSD socket." +msgstr "" + +#: src/sss_client/common.c:1099 msgid "An error occurred, but no description can be found." msgstr "" -#: src/sss_client/common.c:1087 +#: src/sss_client/common.c:1105 msgid "Unexpected error while looking for an error description" msgstr "" @@ -1591,88 +1603,88 @@ msgstr "" msgid "Permission denied. " msgstr "" -#: src/sss_client/pam_sss.c:68 src/sss_client/pam_sss.c:774 -#: src/sss_client/pam_sss.c:785 +#: src/sss_client/pam_sss.c:68 src/sss_client/pam_sss.c:777 +#: src/sss_client/pam_sss.c:788 msgid "Server message: " msgstr "" -#: src/sss_client/pam_sss.c:292 +#: src/sss_client/pam_sss.c:295 msgid "Passwords do not match" msgstr "Паролҳо номувофиқанд" -#: src/sss_client/pam_sss.c:480 +#: src/sss_client/pam_sss.c:483 msgid "Password reset by root is not supported." msgstr "" -#: src/sss_client/pam_sss.c:521 +#: src/sss_client/pam_sss.c:524 msgid "Authenticated with cached credentials" msgstr "" -#: src/sss_client/pam_sss.c:522 +#: src/sss_client/pam_sss.c:525 msgid ", your cached password will expire at: " msgstr "" -#: src/sss_client/pam_sss.c:552 +#: src/sss_client/pam_sss.c:555 #, c-format msgid "Your password has expired. You have %1$d grace login(s) remaining." msgstr "" -#: src/sss_client/pam_sss.c:598 +#: src/sss_client/pam_sss.c:601 #, c-format msgid "Your password will expire in %1$d %2$s." msgstr "" -#: src/sss_client/pam_sss.c:647 +#: src/sss_client/pam_sss.c:650 msgid "Authentication is denied until: " msgstr "" -#: src/sss_client/pam_sss.c:668 +#: src/sss_client/pam_sss.c:671 msgid "System is offline, password change not possible" msgstr "" -#: src/sss_client/pam_sss.c:683 +#: src/sss_client/pam_sss.c:686 msgid "" "After changing the OTP password, you need to log out and back in order to " "acquire a ticket" msgstr "" -#: src/sss_client/pam_sss.c:771 src/sss_client/pam_sss.c:784 +#: src/sss_client/pam_sss.c:774 src/sss_client/pam_sss.c:787 msgid "Password change failed. " msgstr "" -#: src/sss_client/pam_sss.c:1921 +#: src/sss_client/pam_sss.c:1977 msgid "New Password: " msgstr "Пароли нав:" -#: src/sss_client/pam_sss.c:1922 +#: src/sss_client/pam_sss.c:1978 msgid "Reenter new Password: " msgstr "" -#: src/sss_client/pam_sss.c:2038 src/sss_client/pam_sss.c:2041 +#: src/sss_client/pam_sss.c:2139 src/sss_client/pam_sss.c:2142 msgid "First Factor: " msgstr "" -#: src/sss_client/pam_sss.c:2039 src/sss_client/pam_sss.c:2201 +#: src/sss_client/pam_sss.c:2140 src/sss_client/pam_sss.c:2303 msgid "Second Factor (optional): " msgstr "" -#: src/sss_client/pam_sss.c:2042 src/sss_client/pam_sss.c:2204 +#: src/sss_client/pam_sss.c:2143 src/sss_client/pam_sss.c:2306 msgid "Second Factor: " msgstr "" -#: src/sss_client/pam_sss.c:2057 +#: src/sss_client/pam_sss.c:2158 msgid "Password: " msgstr "Парол:" -#: src/sss_client/pam_sss.c:2200 src/sss_client/pam_sss.c:2203 +#: src/sss_client/pam_sss.c:2302 src/sss_client/pam_sss.c:2305 msgid "First Factor (Current Password): " msgstr "" -#: src/sss_client/pam_sss.c:2207 +#: src/sss_client/pam_sss.c:2309 msgid "Current Password: " msgstr "" -#: src/sss_client/pam_sss.c:2562 +#: src/sss_client/pam_sss.c:2664 msgid "Password expired. Change your password now." msgstr "" @@ -1681,7 +1693,7 @@ msgstr "" #: src/tools/sss_groupadd.c:41 src/tools/sss_groupdel.c:44 #: src/tools/sss_groupmod.c:42 src/tools/sss_groupshow.c:668 #: src/tools/sss_userdel.c:134 src/tools/sss_usermod.c:47 -#: src/tools/sss_cache.c:687 +#: src/tools/sss_cache.c:704 msgid "The debug level to run with" msgstr "" @@ -1694,7 +1706,7 @@ msgstr "" #: src/tools/sss_groupadd.c:59 src/tools/sss_groupdel.c:54 #: src/tools/sss_groupmod.c:66 src/tools/sss_groupshow.c:680 #: src/tools/sss_userdel.c:152 src/tools/sss_usermod.c:79 -#: src/tools/sss_cache.c:733 +#: src/tools/sss_cache.c:750 msgid "Error setting the locale\n" msgstr "" @@ -1730,6 +1742,11 @@ msgstr "" msgid "The path to the proxy command must be absolute\n" msgstr "" +#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:342 +#, c-format +msgid "sss_ssh_knownhostsproxy: Could not resolve hostname %s\n" +msgstr "" + #: src/tools/sss_useradd.c:49 src/tools/sss_usermod.c:48 msgid "The UID of the user" msgstr "" @@ -2128,102 +2145,102 @@ msgstr "" msgid "Transaction error. Could not modify user.\n" msgstr "" -#: src/tools/sss_cache.c:228 +#: src/tools/sss_cache.c:245 msgid "No cache object matched the specified search\n" msgstr "" -#: src/tools/sss_cache.c:519 +#: src/tools/sss_cache.c:536 #, c-format msgid "Couldn't invalidate %1$s\n" msgstr "" -#: src/tools/sss_cache.c:526 +#: src/tools/sss_cache.c:543 #, c-format msgid "Couldn't invalidate %1$s %2$s\n" msgstr "" -#: src/tools/sss_cache.c:689 +#: src/tools/sss_cache.c:706 msgid "Invalidate all cached entries" msgstr "" -#: src/tools/sss_cache.c:691 +#: src/tools/sss_cache.c:708 msgid "Invalidate particular user" msgstr "" -#: src/tools/sss_cache.c:693 +#: src/tools/sss_cache.c:710 msgid "Invalidate all users" msgstr "" -#: src/tools/sss_cache.c:695 +#: src/tools/sss_cache.c:712 msgid "Invalidate particular group" msgstr "" -#: src/tools/sss_cache.c:697 +#: src/tools/sss_cache.c:714 msgid "Invalidate all groups" msgstr "" -#: src/tools/sss_cache.c:699 +#: src/tools/sss_cache.c:716 msgid "Invalidate particular netgroup" msgstr "" -#: src/tools/sss_cache.c:701 +#: src/tools/sss_cache.c:718 msgid "Invalidate all netgroups" msgstr "" -#: src/tools/sss_cache.c:703 +#: src/tools/sss_cache.c:720 msgid "Invalidate particular service" msgstr "" -#: src/tools/sss_cache.c:705 +#: src/tools/sss_cache.c:722 msgid "Invalidate all services" msgstr "" -#: src/tools/sss_cache.c:708 +#: src/tools/sss_cache.c:725 msgid "Invalidate particular autofs map" msgstr "" -#: src/tools/sss_cache.c:710 +#: src/tools/sss_cache.c:727 msgid "Invalidate all autofs maps" msgstr "" -#: src/tools/sss_cache.c:714 +#: src/tools/sss_cache.c:731 msgid "Invalidate particular SSH host" msgstr "" -#: src/tools/sss_cache.c:716 +#: src/tools/sss_cache.c:733 msgid "Invalidate all SSH hosts" msgstr "" -#: src/tools/sss_cache.c:720 +#: src/tools/sss_cache.c:737 msgid "Invalidate particular sudo rule" msgstr "" -#: src/tools/sss_cache.c:722 +#: src/tools/sss_cache.c:739 msgid "Invalidate all cached sudo rules" msgstr "" -#: src/tools/sss_cache.c:725 +#: src/tools/sss_cache.c:742 msgid "Only invalidate entries from a particular domain" msgstr "" -#: src/tools/sss_cache.c:779 +#: src/tools/sss_cache.c:796 msgid "" "Unexpected argument(s) provided, options that invalidate a single object " "only accept a single provided argument.\n" msgstr "" -#: src/tools/sss_cache.c:789 +#: src/tools/sss_cache.c:806 msgid "Please select at least one object to invalidate\n" msgstr "" -#: src/tools/sss_cache.c:872 +#: src/tools/sss_cache.c:889 #, c-format msgid "" "Could not open domain %1$s. If the domain is a subdomain (trusted domain), " "use fully qualified name instead of --domain/-d parameter.\n" msgstr "" -#: src/tools/sss_cache.c:877 +#: src/tools/sss_cache.c:894 msgid "Could not open available domains\n" msgstr "" @@ -2772,18 +2789,18 @@ msgstr "" msgid " - no env -\n" msgstr "" -#: src/util/util.h:73 +#: src/util/util.h:74 msgid "The user ID to run the server as" msgstr "" -#: src/util/util.h:75 +#: src/util/util.h:76 msgid "The group ID to run the server as" msgstr "" -#: src/util/util.h:83 +#: src/util/util.h:84 msgid "Informs that the responder has been socket-activated" msgstr "" -#: src/util/util.h:85 +#: src/util/util.h:86 msgid "Informs that the responder has been dbus-activated" msgstr "" diff --git a/po/tr.po b/po/tr.po index df8eba8845d..760b21a15a9 100644 --- a/po/tr.po +++ b/po/tr.po @@ -8,7 +8,7 @@ msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n" -"POT-Creation-Date: 2019-02-27 19:55+0100\n" +"POT-Creation-Date: 2019-06-13 20:35+0200\n" "PO-Revision-Date: 2014-12-14 11:49+0000\n" "Last-Translator: Copied by Zanata \n" "Language-Team: Turkish (http://www.transifex.com/projects/p/sssd/language/" @@ -675,7 +675,7 @@ msgid "Active Directory client hostname" msgstr "" #: src/config/SSSDConfig/__init__.py.in:236 -#: src/config/SSSDConfig/__init__.py.in:420 +#: src/config/SSSDConfig/__init__.py.in:421 msgid "LDAP filter to determine access privileges" msgstr "" @@ -845,746 +845,758 @@ msgid "The Schema Type in use on the LDAP server, rfc2307" msgstr "" #: src/config/SSSDConfig/__init__.py.in:285 -msgid "The default bind DN" +msgid "Mode used to change user password" msgstr "" #: src/config/SSSDConfig/__init__.py.in:286 -msgid "The type of the authentication token of the default bind DN" +msgid "The default bind DN" msgstr "" #: src/config/SSSDConfig/__init__.py.in:287 -msgid "The authentication token of the default bind DN" +msgid "The type of the authentication token of the default bind DN" msgstr "" #: src/config/SSSDConfig/__init__.py.in:288 -msgid "Length of time to attempt connection" +msgid "The authentication token of the default bind DN" msgstr "" #: src/config/SSSDConfig/__init__.py.in:289 -msgid "Length of time to attempt synchronous LDAP operations" +msgid "Length of time to attempt connection" msgstr "" #: src/config/SSSDConfig/__init__.py.in:290 -msgid "Length of time between attempts to reconnect while offline" +msgid "Length of time to attempt synchronous LDAP operations" msgstr "" #: src/config/SSSDConfig/__init__.py.in:291 -msgid "Use only the upper case for realm names" +msgid "Length of time between attempts to reconnect while offline" msgstr "" #: src/config/SSSDConfig/__init__.py.in:292 -msgid "File that contains CA certificates" +msgid "Use only the upper case for realm names" msgstr "" #: src/config/SSSDConfig/__init__.py.in:293 -msgid "Path to CA certificate directory" +msgid "File that contains CA certificates" msgstr "" #: src/config/SSSDConfig/__init__.py.in:294 -msgid "File that contains the client certificate" +msgid "Path to CA certificate directory" msgstr "" #: src/config/SSSDConfig/__init__.py.in:295 -msgid "File that contains the client key" +msgid "File that contains the client certificate" msgstr "" #: src/config/SSSDConfig/__init__.py.in:296 -msgid "List of possible ciphers suites" +msgid "File that contains the client key" msgstr "" #: src/config/SSSDConfig/__init__.py.in:297 -msgid "Require TLS certificate verification" +msgid "List of possible ciphers suites" msgstr "" #: src/config/SSSDConfig/__init__.py.in:298 -msgid "Specify the sasl mechanism to use" +msgid "Require TLS certificate verification" msgstr "" #: src/config/SSSDConfig/__init__.py.in:299 -msgid "Specify the sasl authorization id to use" +msgid "Specify the sasl mechanism to use" msgstr "" #: src/config/SSSDConfig/__init__.py.in:300 -msgid "Specify the sasl authorization realm to use" +msgid "Specify the sasl authorization id to use" msgstr "" #: src/config/SSSDConfig/__init__.py.in:301 -msgid "Specify the minimal SSF for LDAP sasl authorization" +msgid "Specify the sasl authorization realm to use" msgstr "" #: src/config/SSSDConfig/__init__.py.in:302 -msgid "Kerberos service keytab" +msgid "Specify the minimal SSF for LDAP sasl authorization" msgstr "" #: src/config/SSSDConfig/__init__.py.in:303 -msgid "Use Kerberos auth for LDAP connection" +msgid "Kerberos service keytab" msgstr "" #: src/config/SSSDConfig/__init__.py.in:304 -msgid "Follow LDAP referrals" +msgid "Use Kerberos auth for LDAP connection" msgstr "" #: src/config/SSSDConfig/__init__.py.in:305 -msgid "Lifetime of TGT for LDAP connection" +msgid "Follow LDAP referrals" msgstr "" #: src/config/SSSDConfig/__init__.py.in:306 -msgid "How to dereference aliases" +msgid "Lifetime of TGT for LDAP connection" msgstr "" #: src/config/SSSDConfig/__init__.py.in:307 -msgid "Service name for DNS service lookups" +msgid "How to dereference aliases" msgstr "" #: src/config/SSSDConfig/__init__.py.in:308 -msgid "The number of records to retrieve in a single LDAP query" +msgid "Service name for DNS service lookups" msgstr "" #: src/config/SSSDConfig/__init__.py.in:309 -msgid "The number of members that must be missing to trigger a full deref" +msgid "The number of records to retrieve in a single LDAP query" msgstr "" #: src/config/SSSDConfig/__init__.py.in:310 +msgid "The number of members that must be missing to trigger a full deref" +msgstr "" + +#: src/config/SSSDConfig/__init__.py.in:311 msgid "" "Whether the LDAP library should perform a reverse lookup to canonicalize the " "host name during a SASL bind" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:312 +#: src/config/SSSDConfig/__init__.py.in:313 msgid "entryUSN attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:313 +#: src/config/SSSDConfig/__init__.py.in:314 msgid "lastUSN attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:315 +#: src/config/SSSDConfig/__init__.py.in:316 msgid "How long to retain a connection to the LDAP server before disconnecting" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:317 +#: src/config/SSSDConfig/__init__.py.in:318 msgid "Disable the LDAP paging control" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:318 +#: src/config/SSSDConfig/__init__.py.in:319 msgid "Disable Active Directory range retrieval" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:321 +#: src/config/SSSDConfig/__init__.py.in:322 msgid "Length of time to wait for a search request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:322 +#: src/config/SSSDConfig/__init__.py.in:323 msgid "Length of time to wait for a enumeration request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:323 +#: src/config/SSSDConfig/__init__.py.in:324 msgid "Length of time between enumeration updates" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:324 +#: src/config/SSSDConfig/__init__.py.in:325 msgid "Length of time between cache cleanups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:325 +#: src/config/SSSDConfig/__init__.py.in:326 msgid "Require TLS for ID lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:326 +#: src/config/SSSDConfig/__init__.py.in:327 msgid "Use ID-mapping of objectSID instead of pre-set IDs" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:327 +#: src/config/SSSDConfig/__init__.py.in:328 msgid "Base DN for user lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:328 +#: src/config/SSSDConfig/__init__.py.in:329 msgid "Scope of user lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:329 +#: src/config/SSSDConfig/__init__.py.in:330 msgid "Filter for user lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:330 +#: src/config/SSSDConfig/__init__.py.in:331 msgid "Objectclass for users" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:331 +#: src/config/SSSDConfig/__init__.py.in:332 msgid "Username attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:333 +#: src/config/SSSDConfig/__init__.py.in:334 msgid "UID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:334 +#: src/config/SSSDConfig/__init__.py.in:335 msgid "Primary GID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:335 +#: src/config/SSSDConfig/__init__.py.in:336 msgid "GECOS attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:336 +#: src/config/SSSDConfig/__init__.py.in:337 msgid "Home directory attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:337 +#: src/config/SSSDConfig/__init__.py.in:338 msgid "Shell attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:338 +#: src/config/SSSDConfig/__init__.py.in:339 msgid "UUID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:339 -#: src/config/SSSDConfig/__init__.py.in:381 +#: src/config/SSSDConfig/__init__.py.in:340 +#: src/config/SSSDConfig/__init__.py.in:382 msgid "objectSID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:340 +#: src/config/SSSDConfig/__init__.py.in:341 msgid "Active Directory primary group attribute for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:341 +#: src/config/SSSDConfig/__init__.py.in:342 msgid "User principal attribute (for Kerberos)" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:342 +#: src/config/SSSDConfig/__init__.py.in:343 msgid "Full Name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:343 +#: src/config/SSSDConfig/__init__.py.in:344 msgid "memberOf attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:344 +#: src/config/SSSDConfig/__init__.py.in:345 msgid "Modification time attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:346 +#: src/config/SSSDConfig/__init__.py.in:347 msgid "shadowLastChange attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:347 +#: src/config/SSSDConfig/__init__.py.in:348 msgid "shadowMin attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:348 +#: src/config/SSSDConfig/__init__.py.in:349 msgid "shadowMax attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:349 +#: src/config/SSSDConfig/__init__.py.in:350 msgid "shadowWarning attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:350 +#: src/config/SSSDConfig/__init__.py.in:351 msgid "shadowInactive attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:351 +#: src/config/SSSDConfig/__init__.py.in:352 msgid "shadowExpire attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:352 +#: src/config/SSSDConfig/__init__.py.in:353 msgid "shadowFlag attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:353 +#: src/config/SSSDConfig/__init__.py.in:354 msgid "Attribute listing authorized PAM services" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:354 +#: src/config/SSSDConfig/__init__.py.in:355 msgid "Attribute listing authorized server hosts" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:355 +#: src/config/SSSDConfig/__init__.py.in:356 msgid "Attribute listing authorized server rhosts" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:356 +#: src/config/SSSDConfig/__init__.py.in:357 msgid "krbLastPwdChange attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:357 +#: src/config/SSSDConfig/__init__.py.in:358 msgid "krbPasswordExpiration attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:358 +#: src/config/SSSDConfig/__init__.py.in:359 msgid "Attribute indicating that server side password policies are active" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:359 +#: src/config/SSSDConfig/__init__.py.in:360 msgid "accountExpires attribute of AD" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:360 +#: src/config/SSSDConfig/__init__.py.in:361 msgid "userAccountControl attribute of AD" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:361 +#: src/config/SSSDConfig/__init__.py.in:362 msgid "nsAccountLock attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:362 +#: src/config/SSSDConfig/__init__.py.in:363 msgid "loginDisabled attribute of NDS" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:363 +#: src/config/SSSDConfig/__init__.py.in:364 msgid "loginExpirationTime attribute of NDS" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:364 +#: src/config/SSSDConfig/__init__.py.in:365 msgid "loginAllowedTimeMap attribute of NDS" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:365 +#: src/config/SSSDConfig/__init__.py.in:366 msgid "SSH public key attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:366 +#: src/config/SSSDConfig/__init__.py.in:367 msgid "attribute listing allowed authentication types for a user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:367 +#: src/config/SSSDConfig/__init__.py.in:368 msgid "attribute containing the X509 certificate of the user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:368 +#: src/config/SSSDConfig/__init__.py.in:369 msgid "attribute containing the email address of the user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:370 +#: src/config/SSSDConfig/__init__.py.in:371 msgid "A list of extra attributes to download along with the user entry" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:372 +#: src/config/SSSDConfig/__init__.py.in:373 msgid "Base DN for group lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:375 +#: src/config/SSSDConfig/__init__.py.in:376 msgid "Objectclass for groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:376 +#: src/config/SSSDConfig/__init__.py.in:377 msgid "Group name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:377 +#: src/config/SSSDConfig/__init__.py.in:378 msgid "Group password" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:378 +#: src/config/SSSDConfig/__init__.py.in:379 msgid "GID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:379 +#: src/config/SSSDConfig/__init__.py.in:380 msgid "Group member attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:380 +#: src/config/SSSDConfig/__init__.py.in:381 msgid "Group UUID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:382 +#: src/config/SSSDConfig/__init__.py.in:383 msgid "Modification time attribute for groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:383 +#: src/config/SSSDConfig/__init__.py.in:384 msgid "Type of the group and other flags" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:384 +#: src/config/SSSDConfig/__init__.py.in:385 msgid "The LDAP group external member attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:386 +#: src/config/SSSDConfig/__init__.py.in:387 msgid "Maximum nesting level SSSD will follow" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:388 +#: src/config/SSSDConfig/__init__.py.in:389 msgid "Base DN for netgroup lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:389 +#: src/config/SSSDConfig/__init__.py.in:390 msgid "Objectclass for netgroups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:390 +#: src/config/SSSDConfig/__init__.py.in:391 msgid "Netgroup name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:391 +#: src/config/SSSDConfig/__init__.py.in:392 msgid "Netgroups members attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:392 +#: src/config/SSSDConfig/__init__.py.in:393 msgid "Netgroup triple attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:393 +#: src/config/SSSDConfig/__init__.py.in:394 msgid "Modification time attribute for netgroups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:395 +#: src/config/SSSDConfig/__init__.py.in:396 msgid "Base DN for service lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:396 +#: src/config/SSSDConfig/__init__.py.in:397 msgid "Objectclass for services" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:397 +#: src/config/SSSDConfig/__init__.py.in:398 msgid "Service name attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:398 +#: src/config/SSSDConfig/__init__.py.in:399 msgid "Service port attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:399 +#: src/config/SSSDConfig/__init__.py.in:400 msgid "Service protocol attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:402 +#: src/config/SSSDConfig/__init__.py.in:403 msgid "Lower bound for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:403 +#: src/config/SSSDConfig/__init__.py.in:404 msgid "Upper bound for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:404 +#: src/config/SSSDConfig/__init__.py.in:405 msgid "Number of IDs for each slice when ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:405 +#: src/config/SSSDConfig/__init__.py.in:406 msgid "Use autorid-compatible algorithm for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:406 +#: src/config/SSSDConfig/__init__.py.in:407 msgid "Name of the default domain for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:407 +#: src/config/SSSDConfig/__init__.py.in:408 msgid "SID of the default domain for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:408 +#: src/config/SSSDConfig/__init__.py.in:409 msgid "Number of secondary slices" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:410 +#: src/config/SSSDConfig/__init__.py.in:411 msgid "Whether to use Token-Groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:411 +#: src/config/SSSDConfig/__init__.py.in:412 msgid "Set lower boundary for allowed IDs from the LDAP server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:412 +#: src/config/SSSDConfig/__init__.py.in:413 msgid "Set upper boundary for allowed IDs from the LDAP server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:413 +#: src/config/SSSDConfig/__init__.py.in:414 msgid "DN for ppolicy queries" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:414 +#: src/config/SSSDConfig/__init__.py.in:415 msgid "How many maximum entries to fetch during a wildcard request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:417 +#: src/config/SSSDConfig/__init__.py.in:418 msgid "Policy to evaluate the password expiration" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:421 +#: src/config/SSSDConfig/__init__.py.in:422 msgid "Which attributes shall be used to evaluate if an account is expired" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:422 +#: src/config/SSSDConfig/__init__.py.in:423 msgid "Which rules should be used to evaluate access control" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:425 +#: src/config/SSSDConfig/__init__.py.in:426 msgid "URI of an LDAP server where password changes are allowed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:426 +#: src/config/SSSDConfig/__init__.py.in:427 msgid "URI of a backup LDAP server where password changes are allowed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:427 +#: src/config/SSSDConfig/__init__.py.in:428 msgid "DNS service name for LDAP password change server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:428 +#: src/config/SSSDConfig/__init__.py.in:429 msgid "" "Whether to update the ldap_user_shadow_last_change attribute after a " "password change" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:431 +#: src/config/SSSDConfig/__init__.py.in:432 msgid "Base DN for sudo rules lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:432 +#: src/config/SSSDConfig/__init__.py.in:433 msgid "Automatic full refresh period" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:433 +#: src/config/SSSDConfig/__init__.py.in:434 msgid "Automatic smart refresh period" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:434 +#: src/config/SSSDConfig/__init__.py.in:435 msgid "Whether to filter rules by hostname, IP addresses and network" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:435 +#: src/config/SSSDConfig/__init__.py.in:436 msgid "" "Hostnames and/or fully qualified domain names of this machine to filter sudo " "rules" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:436 +#: src/config/SSSDConfig/__init__.py.in:437 msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:437 +#: src/config/SSSDConfig/__init__.py.in:438 msgid "Whether to include rules that contains netgroup in host attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:438 +#: src/config/SSSDConfig/__init__.py.in:439 msgid "" "Whether to include rules that contains regular expression in host attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:439 +#: src/config/SSSDConfig/__init__.py.in:440 msgid "Object class for sudo rules" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:440 +#: src/config/SSSDConfig/__init__.py.in:441 msgid "Sudo rule name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:441 +#: src/config/SSSDConfig/__init__.py.in:442 msgid "Sudo rule command attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:442 +#: src/config/SSSDConfig/__init__.py.in:443 msgid "Sudo rule host attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:443 +#: src/config/SSSDConfig/__init__.py.in:444 msgid "Sudo rule user attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:444 +#: src/config/SSSDConfig/__init__.py.in:445 msgid "Sudo rule option attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:445 +#: src/config/SSSDConfig/__init__.py.in:446 msgid "Sudo rule runas attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:446 +#: src/config/SSSDConfig/__init__.py.in:447 msgid "Sudo rule runasuser attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:447 +#: src/config/SSSDConfig/__init__.py.in:448 msgid "Sudo rule runasgroup attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:448 +#: src/config/SSSDConfig/__init__.py.in:449 msgid "Sudo rule notbefore attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:449 +#: src/config/SSSDConfig/__init__.py.in:450 msgid "Sudo rule notafter attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:450 +#: src/config/SSSDConfig/__init__.py.in:451 msgid "Sudo rule order attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:453 +#: src/config/SSSDConfig/__init__.py.in:454 msgid "Object class for automounter maps" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:454 +#: src/config/SSSDConfig/__init__.py.in:455 msgid "Automounter map name attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:455 +#: src/config/SSSDConfig/__init__.py.in:456 msgid "Object class for automounter map entries" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:456 +#: src/config/SSSDConfig/__init__.py.in:457 msgid "Automounter map entry key attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:457 +#: src/config/SSSDConfig/__init__.py.in:458 msgid "Automounter map entry value attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:458 +#: src/config/SSSDConfig/__init__.py.in:459 msgid "Base DN for automounter map lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:461 +#: src/config/SSSDConfig/__init__.py.in:462 msgid "Comma separated list of allowed users" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:462 +#: src/config/SSSDConfig/__init__.py.in:463 msgid "Comma separated list of prohibited users" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:465 +#: src/config/SSSDConfig/__init__.py.in:466 msgid "Default shell, /bin/bash" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:466 +#: src/config/SSSDConfig/__init__.py.in:467 msgid "Base for home directories" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:469 +#: src/config/SSSDConfig/__init__.py.in:470 msgid "The number of preforked proxy children." msgstr "" -#: src/config/SSSDConfig/__init__.py.in:472 +#: src/config/SSSDConfig/__init__.py.in:473 msgid "The name of the NSS library to use" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:473 +#: src/config/SSSDConfig/__init__.py.in:474 msgid "Whether to look up canonical group name from cache if possible" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:476 +#: src/config/SSSDConfig/__init__.py.in:477 msgid "PAM stack to use" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:479 +#: src/config/SSSDConfig/__init__.py.in:480 msgid "Path of passwd file sources." msgstr "" -#: src/config/SSSDConfig/__init__.py.in:480 +#: src/config/SSSDConfig/__init__.py.in:481 msgid "Path of group file sources." msgstr "" -#: src/monitor/monitor.c:2347 +#: src/monitor/monitor.c:2332 msgid "Become a daemon (default)" msgstr "" -#: src/monitor/monitor.c:2349 +#: src/monitor/monitor.c:2334 msgid "Run interactive (not a daemon)" msgstr "" -#: src/monitor/monitor.c:2352 +#: src/monitor/monitor.c:2337 msgid "Disable netlink interface" msgstr "" -#: src/monitor/monitor.c:2354 src/tools/sssctl/sssctl_logs.c:311 +#: src/monitor/monitor.c:2339 src/tools/sssctl/sssctl_logs.c:311 msgid "Specify a non-default config file" msgstr "" -#: src/monitor/monitor.c:2356 +#: src/monitor/monitor.c:2341 msgid "Refresh the configuration database, then exit" msgstr "" -#: src/monitor/monitor.c:2359 +#: src/monitor/monitor.c:2344 msgid "Similar to --genconf, but only refreshes the given section" msgstr "" -#: src/monitor/monitor.c:2362 +#: src/monitor/monitor.c:2347 msgid "Print version number and exit" msgstr "" -#: src/monitor/monitor.c:2538 +#: src/monitor/monitor.c:2523 msgid "SSSD is already running\n" msgstr "" -#: src/providers/krb5/krb5_child.c:3219 src/providers/ldap/ldap_child.c:605 +#: src/providers/krb5/krb5_child.c:3232 src/providers/ldap/ldap_child.c:605 msgid "Debug level" msgstr "" -#: src/providers/krb5/krb5_child.c:3221 src/providers/ldap/ldap_child.c:607 +#: src/providers/krb5/krb5_child.c:3234 src/providers/ldap/ldap_child.c:607 msgid "Add debug timestamps" msgstr "" -#: src/providers/krb5/krb5_child.c:3223 src/providers/ldap/ldap_child.c:609 +#: src/providers/krb5/krb5_child.c:3236 src/providers/ldap/ldap_child.c:609 msgid "Show timestamps with microseconds" msgstr "" -#: src/providers/krb5/krb5_child.c:3225 src/providers/ldap/ldap_child.c:611 +#: src/providers/krb5/krb5_child.c:3238 src/providers/ldap/ldap_child.c:611 msgid "An open file descriptor for the debug logs" msgstr "" -#: src/providers/krb5/krb5_child.c:3228 src/providers/ldap/ldap_child.c:613 +#: src/providers/krb5/krb5_child.c:3241 src/providers/ldap/ldap_child.c:613 msgid "Send the debug output to stderr directly." msgstr "" -#: src/providers/krb5/krb5_child.c:3231 +#: src/providers/krb5/krb5_child.c:3244 msgid "The user to create FAST ccache as" msgstr "" -#: src/providers/krb5/krb5_child.c:3233 +#: src/providers/krb5/krb5_child.c:3246 msgid "The group to create FAST ccache as" msgstr "" -#: src/providers/krb5/krb5_child.c:3235 +#: src/providers/krb5/krb5_child.c:3248 msgid "Kerberos realm to use" msgstr "" -#: src/providers/krb5/krb5_child.c:3237 +#: src/providers/krb5/krb5_child.c:3250 msgid "Requested lifetime of the ticket" msgstr "" -#: src/providers/krb5/krb5_child.c:3239 +#: src/providers/krb5/krb5_child.c:3252 msgid "Requested renewable lifetime of the ticket" msgstr "" -#: src/providers/krb5/krb5_child.c:3241 +#: src/providers/krb5/krb5_child.c:3254 msgid "FAST options ('never', 'try', 'demand')" msgstr "" -#: src/providers/krb5/krb5_child.c:3244 +#: src/providers/krb5/krb5_child.c:3257 msgid "Specifies the server principal to use for FAST" msgstr "" -#: src/providers/krb5/krb5_child.c:3246 +#: src/providers/krb5/krb5_child.c:3259 msgid "Requests canonicalization of the principal name" msgstr "" -#: src/providers/krb5/krb5_child.c:3248 +#: src/providers/krb5/krb5_child.c:3261 msgid "Use custom version of krb5_get_init_creds_password" msgstr "" -#: src/providers/data_provider_be.c:630 +#: src/providers/data_provider_be.c:673 msgid "Domain of the information provider (mandatory)" msgstr "" -#: src/sss_client/common.c:1067 +#: src/sss_client/common.c:1079 msgid "Privileged socket has wrong ownership or permissions." msgstr "" -#: src/sss_client/common.c:1070 +#: src/sss_client/common.c:1082 msgid "Public socket has wrong ownership or permissions." msgstr "" -#: src/sss_client/common.c:1073 +#: src/sss_client/common.c:1085 msgid "Unexpected format of the server credential message." msgstr "" -#: src/sss_client/common.c:1076 +#: src/sss_client/common.c:1088 msgid "SSSD is not run by root." msgstr "" -#: src/sss_client/common.c:1081 +#: src/sss_client/common.c:1091 +msgid "SSSD socket does not exist." +msgstr "" + +#: src/sss_client/common.c:1094 +msgid "Cannot get stat of SSSD socket." +msgstr "" + +#: src/sss_client/common.c:1099 msgid "An error occurred, but no description can be found." msgstr "" -#: src/sss_client/common.c:1087 +#: src/sss_client/common.c:1105 msgid "Unexpected error while looking for an error description" msgstr "" @@ -1592,88 +1604,88 @@ msgstr "" msgid "Permission denied. " msgstr "" -#: src/sss_client/pam_sss.c:68 src/sss_client/pam_sss.c:774 -#: src/sss_client/pam_sss.c:785 +#: src/sss_client/pam_sss.c:68 src/sss_client/pam_sss.c:777 +#: src/sss_client/pam_sss.c:788 msgid "Server message: " msgstr "" -#: src/sss_client/pam_sss.c:292 +#: src/sss_client/pam_sss.c:295 msgid "Passwords do not match" msgstr "" -#: src/sss_client/pam_sss.c:480 +#: src/sss_client/pam_sss.c:483 msgid "Password reset by root is not supported." msgstr "" -#: src/sss_client/pam_sss.c:521 +#: src/sss_client/pam_sss.c:524 msgid "Authenticated with cached credentials" msgstr "" -#: src/sss_client/pam_sss.c:522 +#: src/sss_client/pam_sss.c:525 msgid ", your cached password will expire at: " msgstr "" -#: src/sss_client/pam_sss.c:552 +#: src/sss_client/pam_sss.c:555 #, c-format msgid "Your password has expired. You have %1$d grace login(s) remaining." msgstr "" -#: src/sss_client/pam_sss.c:598 +#: src/sss_client/pam_sss.c:601 #, c-format msgid "Your password will expire in %1$d %2$s." msgstr "" -#: src/sss_client/pam_sss.c:647 +#: src/sss_client/pam_sss.c:650 msgid "Authentication is denied until: " msgstr "" -#: src/sss_client/pam_sss.c:668 +#: src/sss_client/pam_sss.c:671 msgid "System is offline, password change not possible" msgstr "" -#: src/sss_client/pam_sss.c:683 +#: src/sss_client/pam_sss.c:686 msgid "" "After changing the OTP password, you need to log out and back in order to " "acquire a ticket" msgstr "" -#: src/sss_client/pam_sss.c:771 src/sss_client/pam_sss.c:784 +#: src/sss_client/pam_sss.c:774 src/sss_client/pam_sss.c:787 msgid "Password change failed. " msgstr "" -#: src/sss_client/pam_sss.c:1921 +#: src/sss_client/pam_sss.c:1977 msgid "New Password: " msgstr "" -#: src/sss_client/pam_sss.c:1922 +#: src/sss_client/pam_sss.c:1978 msgid "Reenter new Password: " msgstr "" -#: src/sss_client/pam_sss.c:2038 src/sss_client/pam_sss.c:2041 +#: src/sss_client/pam_sss.c:2139 src/sss_client/pam_sss.c:2142 msgid "First Factor: " msgstr "" -#: src/sss_client/pam_sss.c:2039 src/sss_client/pam_sss.c:2201 +#: src/sss_client/pam_sss.c:2140 src/sss_client/pam_sss.c:2303 msgid "Second Factor (optional): " msgstr "" -#: src/sss_client/pam_sss.c:2042 src/sss_client/pam_sss.c:2204 +#: src/sss_client/pam_sss.c:2143 src/sss_client/pam_sss.c:2306 msgid "Second Factor: " msgstr "" -#: src/sss_client/pam_sss.c:2057 +#: src/sss_client/pam_sss.c:2158 msgid "Password: " msgstr "" -#: src/sss_client/pam_sss.c:2200 src/sss_client/pam_sss.c:2203 +#: src/sss_client/pam_sss.c:2302 src/sss_client/pam_sss.c:2305 msgid "First Factor (Current Password): " msgstr "" -#: src/sss_client/pam_sss.c:2207 +#: src/sss_client/pam_sss.c:2309 msgid "Current Password: " msgstr "" -#: src/sss_client/pam_sss.c:2562 +#: src/sss_client/pam_sss.c:2664 msgid "Password expired. Change your password now." msgstr "" @@ -1682,7 +1694,7 @@ msgstr "" #: src/tools/sss_groupadd.c:41 src/tools/sss_groupdel.c:44 #: src/tools/sss_groupmod.c:42 src/tools/sss_groupshow.c:668 #: src/tools/sss_userdel.c:134 src/tools/sss_usermod.c:47 -#: src/tools/sss_cache.c:687 +#: src/tools/sss_cache.c:704 msgid "The debug level to run with" msgstr "" @@ -1695,7 +1707,7 @@ msgstr "" #: src/tools/sss_groupadd.c:59 src/tools/sss_groupdel.c:54 #: src/tools/sss_groupmod.c:66 src/tools/sss_groupshow.c:680 #: src/tools/sss_userdel.c:152 src/tools/sss_usermod.c:79 -#: src/tools/sss_cache.c:733 +#: src/tools/sss_cache.c:750 msgid "Error setting the locale\n" msgstr "" @@ -1731,6 +1743,11 @@ msgstr "" msgid "The path to the proxy command must be absolute\n" msgstr "" +#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:342 +#, c-format +msgid "sss_ssh_knownhostsproxy: Could not resolve hostname %s\n" +msgstr "" + #: src/tools/sss_useradd.c:49 src/tools/sss_usermod.c:48 msgid "The UID of the user" msgstr "" @@ -2129,102 +2146,102 @@ msgstr "" msgid "Transaction error. Could not modify user.\n" msgstr "" -#: src/tools/sss_cache.c:228 +#: src/tools/sss_cache.c:245 msgid "No cache object matched the specified search\n" msgstr "" -#: src/tools/sss_cache.c:519 +#: src/tools/sss_cache.c:536 #, c-format msgid "Couldn't invalidate %1$s\n" msgstr "" -#: src/tools/sss_cache.c:526 +#: src/tools/sss_cache.c:543 #, c-format msgid "Couldn't invalidate %1$s %2$s\n" msgstr "" -#: src/tools/sss_cache.c:689 +#: src/tools/sss_cache.c:706 msgid "Invalidate all cached entries" msgstr "" -#: src/tools/sss_cache.c:691 +#: src/tools/sss_cache.c:708 msgid "Invalidate particular user" msgstr "" -#: src/tools/sss_cache.c:693 +#: src/tools/sss_cache.c:710 msgid "Invalidate all users" msgstr "" -#: src/tools/sss_cache.c:695 +#: src/tools/sss_cache.c:712 msgid "Invalidate particular group" msgstr "" -#: src/tools/sss_cache.c:697 +#: src/tools/sss_cache.c:714 msgid "Invalidate all groups" msgstr "" -#: src/tools/sss_cache.c:699 +#: src/tools/sss_cache.c:716 msgid "Invalidate particular netgroup" msgstr "" -#: src/tools/sss_cache.c:701 +#: src/tools/sss_cache.c:718 msgid "Invalidate all netgroups" msgstr "" -#: src/tools/sss_cache.c:703 +#: src/tools/sss_cache.c:720 msgid "Invalidate particular service" msgstr "" -#: src/tools/sss_cache.c:705 +#: src/tools/sss_cache.c:722 msgid "Invalidate all services" msgstr "" -#: src/tools/sss_cache.c:708 +#: src/tools/sss_cache.c:725 msgid "Invalidate particular autofs map" msgstr "" -#: src/tools/sss_cache.c:710 +#: src/tools/sss_cache.c:727 msgid "Invalidate all autofs maps" msgstr "" -#: src/tools/sss_cache.c:714 +#: src/tools/sss_cache.c:731 msgid "Invalidate particular SSH host" msgstr "" -#: src/tools/sss_cache.c:716 +#: src/tools/sss_cache.c:733 msgid "Invalidate all SSH hosts" msgstr "" -#: src/tools/sss_cache.c:720 +#: src/tools/sss_cache.c:737 msgid "Invalidate particular sudo rule" msgstr "" -#: src/tools/sss_cache.c:722 +#: src/tools/sss_cache.c:739 msgid "Invalidate all cached sudo rules" msgstr "" -#: src/tools/sss_cache.c:725 +#: src/tools/sss_cache.c:742 msgid "Only invalidate entries from a particular domain" msgstr "" -#: src/tools/sss_cache.c:779 +#: src/tools/sss_cache.c:796 msgid "" "Unexpected argument(s) provided, options that invalidate a single object " "only accept a single provided argument.\n" msgstr "" -#: src/tools/sss_cache.c:789 +#: src/tools/sss_cache.c:806 msgid "Please select at least one object to invalidate\n" msgstr "" -#: src/tools/sss_cache.c:872 +#: src/tools/sss_cache.c:889 #, c-format msgid "" "Could not open domain %1$s. If the domain is a subdomain (trusted domain), " "use fully qualified name instead of --domain/-d parameter.\n" msgstr "" -#: src/tools/sss_cache.c:877 +#: src/tools/sss_cache.c:894 msgid "Could not open available domains\n" msgstr "" @@ -2773,18 +2790,18 @@ msgstr "" msgid " - no env -\n" msgstr "" -#: src/util/util.h:73 +#: src/util/util.h:74 msgid "The user ID to run the server as" msgstr "" -#: src/util/util.h:75 +#: src/util/util.h:76 msgid "The group ID to run the server as" msgstr "" -#: src/util/util.h:83 +#: src/util/util.h:84 msgid "Informs that the responder has been socket-activated" msgstr "" -#: src/util/util.h:85 +#: src/util/util.h:86 msgid "Informs that the responder has been dbus-activated" msgstr "" diff --git a/po/uk.po b/po/uk.po index 6ec7491dbb0..ef17f287cc6 100644 --- a/po/uk.po +++ b/po/uk.po @@ -9,12 +9,13 @@ # Yuri Chornoivan , 2015. #zanata # Yuri Chornoivan , 2017. #zanata # Yuri Chornoivan , 2018. #zanata +# Yuri Chornoivan , 2019. #zanata msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n" -"POT-Creation-Date: 2019-02-27 19:55+0100\n" -"PO-Revision-Date: 2018-06-09 11:35+0000\n" +"POT-Creation-Date: 2019-06-13 20:35+0200\n" +"PO-Revision-Date: 2019-03-03 07:23+0000\n" "Last-Translator: Yuri Chornoivan \n" "Language-Team: Ukrainian (http://www.transifex.com/projects/p/sssd/language/" "uk/)\n" @@ -293,17 +294,18 @@ msgstr "" #: src/config/SSSDConfig/__init__.py.in:106 msgid "Allowed services for using smartcards" -msgstr "" +msgstr "Дозволені служби для використання смарт-карток" #: src/config/SSSDConfig/__init__.py.in:107 -#, fuzzy msgid "Additional timeout to wait for a card if requested" -msgstr "Тривалість очікування на дані запиту пошуку" +msgstr "Додатковий час очікування на картку, якщо надійде запит" #: src/config/SSSDConfig/__init__.py.in:108 msgid "" "PKCS#11 URI to restrict the selection of devices for Smartcard authentication" msgstr "" +"Адреса PKCS#11 для обмеження переліку пристроїв для розпізнавання за смарт-" +"карткою" #: src/config/SSSDConfig/__init__.py.in:111 msgid "Whether to evaluate the time-based attributes in sudo rules" @@ -764,7 +766,7 @@ msgid "Active Directory client hostname" msgstr "Назва клієнтського вузла Active Directory" #: src/config/SSSDConfig/__init__.py.in:236 -#: src/config/SSSDConfig/__init__.py.in:420 +#: src/config/SSSDConfig/__init__.py.in:421 msgid "LDAP filter to determine access privileges" msgstr "Фільтр LDAP для визначення прав доступу" @@ -952,111 +954,116 @@ msgid "The Schema Type in use on the LDAP server, rfc2307" msgstr "Тип схеми, використаний на сервері LDAP, rfc2307" #: src/config/SSSDConfig/__init__.py.in:285 +#, fuzzy +msgid "Mode used to change user password" +msgstr "Строк дії пароля вичерпано. Змініть ваш пароль." + +#: src/config/SSSDConfig/__init__.py.in:286 msgid "The default bind DN" msgstr "Типова назва домену прив’язки" -#: src/config/SSSDConfig/__init__.py.in:286 +#: src/config/SSSDConfig/__init__.py.in:287 msgid "The type of the authentication token of the default bind DN" msgstr "Тип розпізнавання для типової назви сервера прив’язки" -#: src/config/SSSDConfig/__init__.py.in:287 +#: src/config/SSSDConfig/__init__.py.in:288 msgid "The authentication token of the default bind DN" msgstr "Лексема розпізнавання типової назви сервера прив’язки" -#: src/config/SSSDConfig/__init__.py.in:288 +#: src/config/SSSDConfig/__init__.py.in:289 msgid "Length of time to attempt connection" msgstr "Проміжок часу між спробами встановлення з’єднання" -#: src/config/SSSDConfig/__init__.py.in:289 +#: src/config/SSSDConfig/__init__.py.in:290 msgid "Length of time to attempt synchronous LDAP operations" msgstr "Проміжок часу між спробами виконання синхронних операцій LDAP" -#: src/config/SSSDConfig/__init__.py.in:290 +#: src/config/SSSDConfig/__init__.py.in:291 msgid "Length of time between attempts to reconnect while offline" msgstr "" "Проміжок часу між повторними спробами встановлення з’єднання у автономному " "режимі" -#: src/config/SSSDConfig/__init__.py.in:291 +#: src/config/SSSDConfig/__init__.py.in:292 msgid "Use only the upper case for realm names" msgstr "Використовувати для назв областей лише великі літери" -#: src/config/SSSDConfig/__init__.py.in:292 +#: src/config/SSSDConfig/__init__.py.in:293 msgid "File that contains CA certificates" msgstr "Файл, що містить сертифікати CA" -#: src/config/SSSDConfig/__init__.py.in:293 +#: src/config/SSSDConfig/__init__.py.in:294 msgid "Path to CA certificate directory" msgstr "Шлях до каталогу сертифікатів CA" -#: src/config/SSSDConfig/__init__.py.in:294 +#: src/config/SSSDConfig/__init__.py.in:295 msgid "File that contains the client certificate" msgstr "Файл, що містить клієнтський сертифікат" -#: src/config/SSSDConfig/__init__.py.in:295 +#: src/config/SSSDConfig/__init__.py.in:296 msgid "File that contains the client key" msgstr "Файл, що містить клієнтський ключ" -#: src/config/SSSDConfig/__init__.py.in:296 +#: src/config/SSSDConfig/__init__.py.in:297 msgid "List of possible ciphers suites" msgstr "Показати список можливих інструментів шифрування" -#: src/config/SSSDConfig/__init__.py.in:297 +#: src/config/SSSDConfig/__init__.py.in:298 msgid "Require TLS certificate verification" msgstr "Потрібна перевірка сертифіката TLS" -#: src/config/SSSDConfig/__init__.py.in:298 +#: src/config/SSSDConfig/__init__.py.in:299 msgid "Specify the sasl mechanism to use" msgstr "Вкажіть механізм SASL, який слід використовувати" -#: src/config/SSSDConfig/__init__.py.in:299 +#: src/config/SSSDConfig/__init__.py.in:300 msgid "Specify the sasl authorization id to use" msgstr "Вкажіть ідентифікатор уповноваження SASL, який слід використовувати" -#: src/config/SSSDConfig/__init__.py.in:300 +#: src/config/SSSDConfig/__init__.py.in:301 msgid "Specify the sasl authorization realm to use" msgstr "Вкажіть область уповноваження SASL, яку слід використовувати" -#: src/config/SSSDConfig/__init__.py.in:301 +#: src/config/SSSDConfig/__init__.py.in:302 msgid "Specify the minimal SSF for LDAP sasl authorization" msgstr "" "Вказати мінімальне значення SSF для розпізнавання на LDAP за допомогою sasl" -#: src/config/SSSDConfig/__init__.py.in:302 +#: src/config/SSSDConfig/__init__.py.in:303 msgid "Kerberos service keytab" msgstr "Таблиця ключів служби Kerberos" -#: src/config/SSSDConfig/__init__.py.in:303 +#: src/config/SSSDConfig/__init__.py.in:304 msgid "Use Kerberos auth for LDAP connection" msgstr "Розпізнавання Kerberos для з’єднання LDAP" -#: src/config/SSSDConfig/__init__.py.in:304 +#: src/config/SSSDConfig/__init__.py.in:305 msgid "Follow LDAP referrals" msgstr "Переходити за посиланнями LDAP" -#: src/config/SSSDConfig/__init__.py.in:305 +#: src/config/SSSDConfig/__init__.py.in:306 msgid "Lifetime of TGT for LDAP connection" msgstr "Строк дії TGT для з’єднання LDAP" -#: src/config/SSSDConfig/__init__.py.in:306 +#: src/config/SSSDConfig/__init__.py.in:307 msgid "How to dereference aliases" msgstr "Спосіб розіменування псевдонімів" -#: src/config/SSSDConfig/__init__.py.in:307 +#: src/config/SSSDConfig/__init__.py.in:308 msgid "Service name for DNS service lookups" msgstr "Назва служби для пошуків за допомогою служби DNS" -#: src/config/SSSDConfig/__init__.py.in:308 +#: src/config/SSSDConfig/__init__.py.in:309 msgid "The number of records to retrieve in a single LDAP query" msgstr "Кількість записів, які слід отримувати у відповідь на один запит LDAP" -#: src/config/SSSDConfig/__init__.py.in:309 +#: src/config/SSSDConfig/__init__.py.in:310 msgid "The number of members that must be missing to trigger a full deref" msgstr "" "Кількість учасників, яких має не вистачати для вмикання повного скасування " "посилань" -#: src/config/SSSDConfig/__init__.py.in:310 +#: src/config/SSSDConfig/__init__.py.in:311 msgid "" "Whether the LDAP library should perform a reverse lookup to canonicalize the " "host name during a SASL bind" @@ -1064,390 +1071,390 @@ msgstr "" "Визначає, чи має бібліотека LDAP виконувати зворотній пошук з метою " "переведення назв вузлів у канонічну форму під час прив’язки до SASL" -#: src/config/SSSDConfig/__init__.py.in:312 +#: src/config/SSSDConfig/__init__.py.in:313 msgid "entryUSN attribute" msgstr "Атрибут entryUSN" -#: src/config/SSSDConfig/__init__.py.in:313 +#: src/config/SSSDConfig/__init__.py.in:314 msgid "lastUSN attribute" msgstr "Атрибут lastUSN" -#: src/config/SSSDConfig/__init__.py.in:315 +#: src/config/SSSDConfig/__init__.py.in:316 msgid "How long to retain a connection to the LDAP server before disconnecting" msgstr "Тривалість підтримування з’єднання з сервером LDAP перед роз’єднанням" -#: src/config/SSSDConfig/__init__.py.in:317 +#: src/config/SSSDConfig/__init__.py.in:318 msgid "Disable the LDAP paging control" msgstr "Вимкнути контроль сторінок у LDAP" -#: src/config/SSSDConfig/__init__.py.in:318 +#: src/config/SSSDConfig/__init__.py.in:319 msgid "Disable Active Directory range retrieval" msgstr "Вимкнути отримання діапазонів Active Directory" -#: src/config/SSSDConfig/__init__.py.in:321 +#: src/config/SSSDConfig/__init__.py.in:322 msgid "Length of time to wait for a search request" msgstr "Тривалість очікування на дані запиту пошуку" -#: src/config/SSSDConfig/__init__.py.in:322 +#: src/config/SSSDConfig/__init__.py.in:323 msgid "Length of time to wait for a enumeration request" msgstr "Тривалість очікування на дані запиту щодо переліку" -#: src/config/SSSDConfig/__init__.py.in:323 +#: src/config/SSSDConfig/__init__.py.in:324 msgid "Length of time between enumeration updates" msgstr "Проміжок часу між оновленнями нумерації" -#: src/config/SSSDConfig/__init__.py.in:324 +#: src/config/SSSDConfig/__init__.py.in:325 msgid "Length of time between cache cleanups" msgstr "Проміжок часу між спорожненнями кешу" -#: src/config/SSSDConfig/__init__.py.in:325 +#: src/config/SSSDConfig/__init__.py.in:326 msgid "Require TLS for ID lookups" msgstr "Вимагати TLS для пошуків ідентифікаторів" -#: src/config/SSSDConfig/__init__.py.in:326 +#: src/config/SSSDConfig/__init__.py.in:327 msgid "Use ID-mapping of objectSID instead of pre-set IDs" msgstr "" "Використовувати відповідності ідентифікаторів objectSID замість попередньо " "встановлених ідентифікаторів" -#: src/config/SSSDConfig/__init__.py.in:327 +#: src/config/SSSDConfig/__init__.py.in:328 msgid "Base DN for user lookups" msgstr "Базова назва домену для пошуків користувачів" -#: src/config/SSSDConfig/__init__.py.in:328 +#: src/config/SSSDConfig/__init__.py.in:329 msgid "Scope of user lookups" msgstr "Діапазон пошуків користувачів" -#: src/config/SSSDConfig/__init__.py.in:329 +#: src/config/SSSDConfig/__init__.py.in:330 msgid "Filter for user lookups" msgstr "Фільтр пошуку користувачів" -#: src/config/SSSDConfig/__init__.py.in:330 +#: src/config/SSSDConfig/__init__.py.in:331 msgid "Objectclass for users" msgstr "Клас об’єктів для користувачів" -#: src/config/SSSDConfig/__init__.py.in:331 +#: src/config/SSSDConfig/__init__.py.in:332 msgid "Username attribute" msgstr "Атрибут імені користувача" -#: src/config/SSSDConfig/__init__.py.in:333 +#: src/config/SSSDConfig/__init__.py.in:334 msgid "UID attribute" msgstr "Атрибут UID" -#: src/config/SSSDConfig/__init__.py.in:334 +#: src/config/SSSDConfig/__init__.py.in:335 msgid "Primary GID attribute" msgstr "Головний атрибут GID" -#: src/config/SSSDConfig/__init__.py.in:335 +#: src/config/SSSDConfig/__init__.py.in:336 msgid "GECOS attribute" msgstr "Атрибут GECOS" -#: src/config/SSSDConfig/__init__.py.in:336 +#: src/config/SSSDConfig/__init__.py.in:337 msgid "Home directory attribute" msgstr "Атрибут домашнього каталогу" -#: src/config/SSSDConfig/__init__.py.in:337 +#: src/config/SSSDConfig/__init__.py.in:338 msgid "Shell attribute" msgstr "Атрибут оболонки" -#: src/config/SSSDConfig/__init__.py.in:338 +#: src/config/SSSDConfig/__init__.py.in:339 msgid "UUID attribute" msgstr "Атрибут UUID" -#: src/config/SSSDConfig/__init__.py.in:339 -#: src/config/SSSDConfig/__init__.py.in:381 +#: src/config/SSSDConfig/__init__.py.in:340 +#: src/config/SSSDConfig/__init__.py.in:382 msgid "objectSID attribute" msgstr "Атрибут objectSID" -#: src/config/SSSDConfig/__init__.py.in:340 +#: src/config/SSSDConfig/__init__.py.in:341 msgid "Active Directory primary group attribute for ID-mapping" msgstr "" "Атрибут основної групи Active Directory для встановлення відповідності " "ідентифікатора" -#: src/config/SSSDConfig/__init__.py.in:341 +#: src/config/SSSDConfig/__init__.py.in:342 msgid "User principal attribute (for Kerberos)" msgstr "Атрибут реєстраційного запису користувача (для Kerberos)" -#: src/config/SSSDConfig/__init__.py.in:342 +#: src/config/SSSDConfig/__init__.py.in:343 msgid "Full Name" msgstr "Повне ім'я" -#: src/config/SSSDConfig/__init__.py.in:343 +#: src/config/SSSDConfig/__init__.py.in:344 msgid "memberOf attribute" msgstr "Атрибут memberOf" -#: src/config/SSSDConfig/__init__.py.in:344 +#: src/config/SSSDConfig/__init__.py.in:345 msgid "Modification time attribute" msgstr "Атрибут часу зміни" -#: src/config/SSSDConfig/__init__.py.in:346 +#: src/config/SSSDConfig/__init__.py.in:347 msgid "shadowLastChange attribute" msgstr "Атрибут shadowLastChange" -#: src/config/SSSDConfig/__init__.py.in:347 +#: src/config/SSSDConfig/__init__.py.in:348 msgid "shadowMin attribute" msgstr "Атрибут shadowMin" -#: src/config/SSSDConfig/__init__.py.in:348 +#: src/config/SSSDConfig/__init__.py.in:349 msgid "shadowMax attribute" msgstr "Атрибут shadowMax" -#: src/config/SSSDConfig/__init__.py.in:349 +#: src/config/SSSDConfig/__init__.py.in:350 msgid "shadowWarning attribute" msgstr "Атрибут shadowWarning" -#: src/config/SSSDConfig/__init__.py.in:350 +#: src/config/SSSDConfig/__init__.py.in:351 msgid "shadowInactive attribute" msgstr "Атрибут shadowInactive" -#: src/config/SSSDConfig/__init__.py.in:351 +#: src/config/SSSDConfig/__init__.py.in:352 msgid "shadowExpire attribute" msgstr "Атрибут shadowExpire" -#: src/config/SSSDConfig/__init__.py.in:352 +#: src/config/SSSDConfig/__init__.py.in:353 msgid "shadowFlag attribute" msgstr "Атрибут shadowFlag" -#: src/config/SSSDConfig/__init__.py.in:353 +#: src/config/SSSDConfig/__init__.py.in:354 msgid "Attribute listing authorized PAM services" msgstr "Атрибути зі списком уповноважених служб PAM" -#: src/config/SSSDConfig/__init__.py.in:354 +#: src/config/SSSDConfig/__init__.py.in:355 msgid "Attribute listing authorized server hosts" msgstr "Атрибути зі списком уповноважених серверних вузлів" -#: src/config/SSSDConfig/__init__.py.in:355 +#: src/config/SSSDConfig/__init__.py.in:356 msgid "Attribute listing authorized server rhosts" msgstr "Атрибути зі списком уповноважених серверних r-вузлів" -#: src/config/SSSDConfig/__init__.py.in:356 +#: src/config/SSSDConfig/__init__.py.in:357 msgid "krbLastPwdChange attribute" msgstr "Атрибут krbLastPwdChange" -#: src/config/SSSDConfig/__init__.py.in:357 +#: src/config/SSSDConfig/__init__.py.in:358 msgid "krbPasswordExpiration attribute" msgstr "Атрибут krbPasswordExpiration" -#: src/config/SSSDConfig/__init__.py.in:358 +#: src/config/SSSDConfig/__init__.py.in:359 msgid "Attribute indicating that server side password policies are active" msgstr "" "Атрибут, що відповідає за активізацію правил обробки паролів на боці сервера" -#: src/config/SSSDConfig/__init__.py.in:359 +#: src/config/SSSDConfig/__init__.py.in:360 msgid "accountExpires attribute of AD" msgstr "Атрибут accountExpires AD" -#: src/config/SSSDConfig/__init__.py.in:360 +#: src/config/SSSDConfig/__init__.py.in:361 msgid "userAccountControl attribute of AD" msgstr "Атрибут userAccountControl AD" -#: src/config/SSSDConfig/__init__.py.in:361 +#: src/config/SSSDConfig/__init__.py.in:362 msgid "nsAccountLock attribute" msgstr "Атрибут nsAccountLock" -#: src/config/SSSDConfig/__init__.py.in:362 +#: src/config/SSSDConfig/__init__.py.in:363 msgid "loginDisabled attribute of NDS" msgstr "Атрибут loginDisabled NDS" -#: src/config/SSSDConfig/__init__.py.in:363 +#: src/config/SSSDConfig/__init__.py.in:364 msgid "loginExpirationTime attribute of NDS" msgstr "Атрибут loginExpirationTime NDS" -#: src/config/SSSDConfig/__init__.py.in:364 +#: src/config/SSSDConfig/__init__.py.in:365 msgid "loginAllowedTimeMap attribute of NDS" msgstr "Атрибут loginAllowedTimeMap NDS" -#: src/config/SSSDConfig/__init__.py.in:365 +#: src/config/SSSDConfig/__init__.py.in:366 msgid "SSH public key attribute" msgstr "Атрибут відкритого ключа SSH" -#: src/config/SSSDConfig/__init__.py.in:366 +#: src/config/SSSDConfig/__init__.py.in:367 msgid "attribute listing allowed authentication types for a user" msgstr "атрибут зі списком дозволених типів розпізнавання для користувача" -#: src/config/SSSDConfig/__init__.py.in:367 +#: src/config/SSSDConfig/__init__.py.in:368 msgid "attribute containing the X509 certificate of the user" msgstr "атрибут, що містить сертифікат X509 користувача" -#: src/config/SSSDConfig/__init__.py.in:368 +#: src/config/SSSDConfig/__init__.py.in:369 msgid "attribute containing the email address of the user" msgstr "атрибут, що містить адресу електронної пошти користувача" -#: src/config/SSSDConfig/__init__.py.in:370 +#: src/config/SSSDConfig/__init__.py.in:371 msgid "A list of extra attributes to download along with the user entry" msgstr "" "Список додаткових атрибутів, які слід отримувати разом із записом користувача" -#: src/config/SSSDConfig/__init__.py.in:372 +#: src/config/SSSDConfig/__init__.py.in:373 msgid "Base DN for group lookups" msgstr "Базова назва домену для пошуків груп" -#: src/config/SSSDConfig/__init__.py.in:375 +#: src/config/SSSDConfig/__init__.py.in:376 msgid "Objectclass for groups" msgstr "Клас об’єктів для груп" -#: src/config/SSSDConfig/__init__.py.in:376 +#: src/config/SSSDConfig/__init__.py.in:377 msgid "Group name" msgstr "Назва групи" -#: src/config/SSSDConfig/__init__.py.in:377 +#: src/config/SSSDConfig/__init__.py.in:378 msgid "Group password" msgstr "Пароль групи" -#: src/config/SSSDConfig/__init__.py.in:378 +#: src/config/SSSDConfig/__init__.py.in:379 msgid "GID attribute" msgstr "Атрибут GID" -#: src/config/SSSDConfig/__init__.py.in:379 +#: src/config/SSSDConfig/__init__.py.in:380 msgid "Group member attribute" msgstr "Атрибут членства у групі" -#: src/config/SSSDConfig/__init__.py.in:380 +#: src/config/SSSDConfig/__init__.py.in:381 msgid "Group UUID attribute" msgstr "Атрибут UUID групи" -#: src/config/SSSDConfig/__init__.py.in:382 +#: src/config/SSSDConfig/__init__.py.in:383 msgid "Modification time attribute for groups" msgstr "Атрибут часу зміни для груп" -#: src/config/SSSDConfig/__init__.py.in:383 +#: src/config/SSSDConfig/__init__.py.in:384 msgid "Type of the group and other flags" msgstr "Тип групи та інші прапорці" -#: src/config/SSSDConfig/__init__.py.in:384 +#: src/config/SSSDConfig/__init__.py.in:385 msgid "The LDAP group external member attribute" msgstr "Атрибут групи LDAP зовнішнього учасника" -#: src/config/SSSDConfig/__init__.py.in:386 +#: src/config/SSSDConfig/__init__.py.in:387 msgid "Maximum nesting level SSSD will follow" msgstr "Максимальний рівень вкладеності, який використовуватиме SSSD" -#: src/config/SSSDConfig/__init__.py.in:388 +#: src/config/SSSDConfig/__init__.py.in:389 msgid "Base DN for netgroup lookups" msgstr "Базова назва домену для пошуків груп у мережі" -#: src/config/SSSDConfig/__init__.py.in:389 +#: src/config/SSSDConfig/__init__.py.in:390 msgid "Objectclass for netgroups" msgstr "Клас об’єктів для груп у мережі" -#: src/config/SSSDConfig/__init__.py.in:390 +#: src/config/SSSDConfig/__init__.py.in:391 msgid "Netgroup name" msgstr "Назва мережевої групи" -#: src/config/SSSDConfig/__init__.py.in:391 +#: src/config/SSSDConfig/__init__.py.in:392 msgid "Netgroups members attribute" msgstr "Атрибут членства у групах у мережі" -#: src/config/SSSDConfig/__init__.py.in:392 +#: src/config/SSSDConfig/__init__.py.in:393 msgid "Netgroup triple attribute" msgstr "Атрибут трійки груп у мережі" -#: src/config/SSSDConfig/__init__.py.in:393 +#: src/config/SSSDConfig/__init__.py.in:394 msgid "Modification time attribute for netgroups" msgstr "Атрибут часу зміни для мережевих груп" -#: src/config/SSSDConfig/__init__.py.in:395 +#: src/config/SSSDConfig/__init__.py.in:396 msgid "Base DN for service lookups" msgstr "Базова сервер назв домену для пошуку служб" -#: src/config/SSSDConfig/__init__.py.in:396 +#: src/config/SSSDConfig/__init__.py.in:397 msgid "Objectclass for services" msgstr "Клас об’єктів для служб" -#: src/config/SSSDConfig/__init__.py.in:397 +#: src/config/SSSDConfig/__init__.py.in:398 msgid "Service name attribute" msgstr "Атрибут назви служби" -#: src/config/SSSDConfig/__init__.py.in:398 +#: src/config/SSSDConfig/__init__.py.in:399 msgid "Service port attribute" msgstr "Атрибут порту служби" -#: src/config/SSSDConfig/__init__.py.in:399 +#: src/config/SSSDConfig/__init__.py.in:400 msgid "Service protocol attribute" msgstr "Атрибут протоколу служби" -#: src/config/SSSDConfig/__init__.py.in:402 +#: src/config/SSSDConfig/__init__.py.in:403 msgid "Lower bound for ID-mapping" msgstr "Нижня межа встановлення відповідності ідентифікатора" -#: src/config/SSSDConfig/__init__.py.in:403 +#: src/config/SSSDConfig/__init__.py.in:404 msgid "Upper bound for ID-mapping" msgstr "Верхня межа встановлення відповідності ідентифікатора" -#: src/config/SSSDConfig/__init__.py.in:404 +#: src/config/SSSDConfig/__init__.py.in:405 msgid "Number of IDs for each slice when ID-mapping" msgstr "" "Кількість ідентифікаторів для кожного зрізу під час встановлення " "відповідності ідентифікаторів" -#: src/config/SSSDConfig/__init__.py.in:405 +#: src/config/SSSDConfig/__init__.py.in:406 msgid "Use autorid-compatible algorithm for ID-mapping" msgstr "" "Використовувати для встановлення відповідності ідентифікаторів алгоритм, " "сумісний з autorid" -#: src/config/SSSDConfig/__init__.py.in:406 +#: src/config/SSSDConfig/__init__.py.in:407 msgid "Name of the default domain for ID-mapping" msgstr "Назва типового домену для встановлення відповідності ідентифікаторів" -#: src/config/SSSDConfig/__init__.py.in:407 +#: src/config/SSSDConfig/__init__.py.in:408 msgid "SID of the default domain for ID-mapping" msgstr "SID типового домену для встановлення відповідності ідентифікаторів" -#: src/config/SSSDConfig/__init__.py.in:408 +#: src/config/SSSDConfig/__init__.py.in:409 msgid "Number of secondary slices" msgstr "Кількість вторинних зрізів" -#: src/config/SSSDConfig/__init__.py.in:410 +#: src/config/SSSDConfig/__init__.py.in:411 msgid "Whether to use Token-Groups" msgstr "Визначає, чи слід використовувати крупи реєстраційних записів" -#: src/config/SSSDConfig/__init__.py.in:411 +#: src/config/SSSDConfig/__init__.py.in:412 msgid "Set lower boundary for allowed IDs from the LDAP server" msgstr "Встановити нижню межу для дозволених ідентифікаторів із сервера LDAP" -#: src/config/SSSDConfig/__init__.py.in:412 +#: src/config/SSSDConfig/__init__.py.in:413 msgid "Set upper boundary for allowed IDs from the LDAP server" msgstr "Встановити верхню межу для дозволених ідентифікаторів із сервера LDAP" -#: src/config/SSSDConfig/__init__.py.in:413 +#: src/config/SSSDConfig/__init__.py.in:414 msgid "DN for ppolicy queries" msgstr "DN для запитів щодо ppolicy" -#: src/config/SSSDConfig/__init__.py.in:414 +#: src/config/SSSDConfig/__init__.py.in:415 msgid "How many maximum entries to fetch during a wildcard request" msgstr "" "Максимальна кількість записів для отримання під час обробки запитів із " "замінниками" -#: src/config/SSSDConfig/__init__.py.in:417 +#: src/config/SSSDConfig/__init__.py.in:418 msgid "Policy to evaluate the password expiration" msgstr "Правила оцінки завершення строку дії пароля" -#: src/config/SSSDConfig/__init__.py.in:421 +#: src/config/SSSDConfig/__init__.py.in:422 msgid "Which attributes shall be used to evaluate if an account is expired" msgstr "" "Атрибути які слід використовувати для визначення чинності облікового запису" -#: src/config/SSSDConfig/__init__.py.in:422 +#: src/config/SSSDConfig/__init__.py.in:423 msgid "Which rules should be used to evaluate access control" msgstr "" "Правила, які має бути використано для визначення достатності прав доступу" -#: src/config/SSSDConfig/__init__.py.in:425 +#: src/config/SSSDConfig/__init__.py.in:426 msgid "URI of an LDAP server where password changes are allowed" msgstr "Адреса на сервері LDAP, для якої можливі зміни паролів" -#: src/config/SSSDConfig/__init__.py.in:426 +#: src/config/SSSDConfig/__init__.py.in:427 msgid "URI of a backup LDAP server where password changes are allowed" msgstr "Адреса резервного сервера LDAP, для якої можливі зміни паролів" -#: src/config/SSSDConfig/__init__.py.in:427 +#: src/config/SSSDConfig/__init__.py.in:428 msgid "DNS service name for LDAP password change server" msgstr "Назва у службі DNS сервера зміни паролів LDAP" -#: src/config/SSSDConfig/__init__.py.in:428 +#: src/config/SSSDConfig/__init__.py.in:429 msgid "" "Whether to update the ldap_user_shadow_last_change attribute after a " "password change" @@ -1455,25 +1462,25 @@ msgstr "" "Визначає, чи слід оновлювати атрибут ldap_user_shadow_last_change після " "зміни пароля" -#: src/config/SSSDConfig/__init__.py.in:431 +#: src/config/SSSDConfig/__init__.py.in:432 msgid "Base DN for sudo rules lookups" msgstr "Базова назва домену для пошуків правил sudo" -#: src/config/SSSDConfig/__init__.py.in:432 +#: src/config/SSSDConfig/__init__.py.in:433 msgid "Automatic full refresh period" msgstr "Період автоматичного повного оновлення даних" -#: src/config/SSSDConfig/__init__.py.in:433 +#: src/config/SSSDConfig/__init__.py.in:434 msgid "Automatic smart refresh period" msgstr "Період автоматичного кмітливого оновлення даних" -#: src/config/SSSDConfig/__init__.py.in:434 +#: src/config/SSSDConfig/__init__.py.in:435 msgid "Whether to filter rules by hostname, IP addresses and network" msgstr "" "Визначає, чи слід фільтрувати правила за назвами вузлів, IP-адресами та " "мережами" -#: src/config/SSSDConfig/__init__.py.in:435 +#: src/config/SSSDConfig/__init__.py.in:436 msgid "" "Hostnames and/or fully qualified domain names of this machine to filter sudo " "rules" @@ -1481,254 +1488,262 @@ msgstr "" "Назви вузлів і/або повні назви у домені для цього комп’ютера для " "фільтрування списку правил sudo" -#: src/config/SSSDConfig/__init__.py.in:436 +#: src/config/SSSDConfig/__init__.py.in:437 msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules" msgstr "" "Адреси IPv4 або IPv6 чи мережа цього комп’ютера для фільтрування списку " "правил sudo" -#: src/config/SSSDConfig/__init__.py.in:437 +#: src/config/SSSDConfig/__init__.py.in:438 msgid "Whether to include rules that contains netgroup in host attribute" msgstr "" "Визначає, чи слід включати правила, що містять мережеву групу у атрибуті " "вузла" -#: src/config/SSSDConfig/__init__.py.in:438 +#: src/config/SSSDConfig/__init__.py.in:439 msgid "" "Whether to include rules that contains regular expression in host attribute" msgstr "" "Визначає, чи слід включати правила, що містять формальний вираз у атрибуті " "вузла" -#: src/config/SSSDConfig/__init__.py.in:439 +#: src/config/SSSDConfig/__init__.py.in:440 msgid "Object class for sudo rules" msgstr "Клас об’єктів для правил sudo" -#: src/config/SSSDConfig/__init__.py.in:440 +#: src/config/SSSDConfig/__init__.py.in:441 msgid "Sudo rule name" msgstr "Назва правила sudo" -#: src/config/SSSDConfig/__init__.py.in:441 +#: src/config/SSSDConfig/__init__.py.in:442 msgid "Sudo rule command attribute" msgstr "Атрибут команди правила sudo" -#: src/config/SSSDConfig/__init__.py.in:442 +#: src/config/SSSDConfig/__init__.py.in:443 msgid "Sudo rule host attribute" msgstr "Атрибут вузла правила sudo" -#: src/config/SSSDConfig/__init__.py.in:443 +#: src/config/SSSDConfig/__init__.py.in:444 msgid "Sudo rule user attribute" msgstr "Атрибут користувача правила sudo" -#: src/config/SSSDConfig/__init__.py.in:444 +#: src/config/SSSDConfig/__init__.py.in:445 msgid "Sudo rule option attribute" msgstr "Атрибут параметрів правила sudo" -#: src/config/SSSDConfig/__init__.py.in:445 +#: src/config/SSSDConfig/__init__.py.in:446 msgid "Sudo rule runas attribute" msgstr "Атрибут runas правила sudo" -#: src/config/SSSDConfig/__init__.py.in:446 +#: src/config/SSSDConfig/__init__.py.in:447 msgid "Sudo rule runasuser attribute" msgstr "" "Атрибут користувача, від імені якого виконуватиметься запуск, правила sudo" -#: src/config/SSSDConfig/__init__.py.in:447 +#: src/config/SSSDConfig/__init__.py.in:448 msgid "Sudo rule runasgroup attribute" msgstr "Атрибут групи, від імені якої виконуватиметься запуск, правила sudo" -#: src/config/SSSDConfig/__init__.py.in:448 +#: src/config/SSSDConfig/__init__.py.in:449 msgid "Sudo rule notbefore attribute" msgstr "Атрибут граничного часу початку дії правила sudo" -#: src/config/SSSDConfig/__init__.py.in:449 +#: src/config/SSSDConfig/__init__.py.in:450 msgid "Sudo rule notafter attribute" msgstr "Атрибут граничного часу завершення дії правила sudo" -#: src/config/SSSDConfig/__init__.py.in:450 +#: src/config/SSSDConfig/__init__.py.in:451 msgid "Sudo rule order attribute" msgstr "Атрибут порядку правила sudo" -#: src/config/SSSDConfig/__init__.py.in:453 +#: src/config/SSSDConfig/__init__.py.in:454 msgid "Object class for automounter maps" msgstr "Клас об’єктів для карт автоматичного монтування" -#: src/config/SSSDConfig/__init__.py.in:454 +#: src/config/SSSDConfig/__init__.py.in:455 msgid "Automounter map name attribute" msgstr "Атрибут назви карти автоматичного монтування" -#: src/config/SSSDConfig/__init__.py.in:455 +#: src/config/SSSDConfig/__init__.py.in:456 msgid "Object class for automounter map entries" msgstr "Клас об’єктів для записів карт автоматичного монтування" -#: src/config/SSSDConfig/__init__.py.in:456 +#: src/config/SSSDConfig/__init__.py.in:457 msgid "Automounter map entry key attribute" msgstr "Атрибут ключа запису карти автоматичного монтування" -#: src/config/SSSDConfig/__init__.py.in:457 +#: src/config/SSSDConfig/__init__.py.in:458 msgid "Automounter map entry value attribute" msgstr "Атрибут значення запису карти автоматичного монтування" -#: src/config/SSSDConfig/__init__.py.in:458 +#: src/config/SSSDConfig/__init__.py.in:459 msgid "Base DN for automounter map lookups" msgstr "Базовий сервер назв домену для пошуків карти автоматичного монтування" -#: src/config/SSSDConfig/__init__.py.in:461 +#: src/config/SSSDConfig/__init__.py.in:462 msgid "Comma separated list of allowed users" msgstr "Відокремлений комами список дозволених користувачів" -#: src/config/SSSDConfig/__init__.py.in:462 +#: src/config/SSSDConfig/__init__.py.in:463 msgid "Comma separated list of prohibited users" msgstr "Відокремлений комами список заборонених користувачів" -#: src/config/SSSDConfig/__init__.py.in:465 +#: src/config/SSSDConfig/__init__.py.in:466 msgid "Default shell, /bin/bash" msgstr "Типова оболонка, /bin/bash" -#: src/config/SSSDConfig/__init__.py.in:466 +#: src/config/SSSDConfig/__init__.py.in:467 msgid "Base for home directories" msgstr "Базова адреса домашніх каталогів" -#: src/config/SSSDConfig/__init__.py.in:469 +#: src/config/SSSDConfig/__init__.py.in:470 msgid "The number of preforked proxy children." msgstr "Кількість попередньо відгалужених дочірніх проксі-записів." -#: src/config/SSSDConfig/__init__.py.in:472 +#: src/config/SSSDConfig/__init__.py.in:473 msgid "The name of the NSS library to use" msgstr "Назва бібліотеки NSS, яку слід використовувати" -#: src/config/SSSDConfig/__init__.py.in:473 +#: src/config/SSSDConfig/__init__.py.in:474 msgid "Whether to look up canonical group name from cache if possible" msgstr "" "Визначає, чи слід виконувати пошук канонічної назви групи у кеші, якщо це " "можливо" -#: src/config/SSSDConfig/__init__.py.in:476 +#: src/config/SSSDConfig/__init__.py.in:477 msgid "PAM stack to use" msgstr "Стек PAM, який слід використовувати" -#: src/config/SSSDConfig/__init__.py.in:479 +#: src/config/SSSDConfig/__init__.py.in:480 msgid "Path of passwd file sources." msgstr "Шлях до початкового тексту файла passwd." -#: src/config/SSSDConfig/__init__.py.in:480 +#: src/config/SSSDConfig/__init__.py.in:481 msgid "Path of group file sources." msgstr "Шлях до початкового тексту файла group." -#: src/monitor/monitor.c:2347 +#: src/monitor/monitor.c:2332 msgid "Become a daemon (default)" msgstr "Запуститися фонову службу (типова поведінка)" -#: src/monitor/monitor.c:2349 +#: src/monitor/monitor.c:2334 msgid "Run interactive (not a daemon)" msgstr "Запустити у інтерактивному режимі (без фонової служби)" -#: src/monitor/monitor.c:2352 +#: src/monitor/monitor.c:2337 msgid "Disable netlink interface" msgstr "Вимкнути інтерфейс netlink" -#: src/monitor/monitor.c:2354 src/tools/sssctl/sssctl_logs.c:311 +#: src/monitor/monitor.c:2339 src/tools/sssctl/sssctl_logs.c:311 msgid "Specify a non-default config file" msgstr "Вказати нетиповий файл налаштувань" -#: src/monitor/monitor.c:2356 +#: src/monitor/monitor.c:2341 msgid "Refresh the configuration database, then exit" msgstr "Оновити налаштування бази даних, потім вийти" -#: src/monitor/monitor.c:2359 +#: src/monitor/monitor.c:2344 msgid "Similar to --genconf, but only refreshes the given section" -msgstr "" +msgstr "Подібний до --genconf, але оновлює дані лише вказаного розділу" -#: src/monitor/monitor.c:2362 +#: src/monitor/monitor.c:2347 msgid "Print version number and exit" msgstr "Вивести номер версії і завершити роботу" -#: src/monitor/monitor.c:2538 +#: src/monitor/monitor.c:2523 msgid "SSSD is already running\n" msgstr "SSSD вже запущено\n" -#: src/providers/krb5/krb5_child.c:3219 src/providers/ldap/ldap_child.c:605 +#: src/providers/krb5/krb5_child.c:3232 src/providers/ldap/ldap_child.c:605 msgid "Debug level" msgstr "Рівень зневаджування" -#: src/providers/krb5/krb5_child.c:3221 src/providers/ldap/ldap_child.c:607 +#: src/providers/krb5/krb5_child.c:3234 src/providers/ldap/ldap_child.c:607 msgid "Add debug timestamps" msgstr "Додавати діагностичні часові позначки" -#: src/providers/krb5/krb5_child.c:3223 src/providers/ldap/ldap_child.c:609 +#: src/providers/krb5/krb5_child.c:3236 src/providers/ldap/ldap_child.c:609 msgid "Show timestamps with microseconds" msgstr "Показувати мікросекунди у часових позначках" -#: src/providers/krb5/krb5_child.c:3225 src/providers/ldap/ldap_child.c:611 +#: src/providers/krb5/krb5_child.c:3238 src/providers/ldap/ldap_child.c:611 msgid "An open file descriptor for the debug logs" msgstr "Дескриптор відкритого файла для запису журналів діагностики" -#: src/providers/krb5/krb5_child.c:3228 src/providers/ldap/ldap_child.c:613 +#: src/providers/krb5/krb5_child.c:3241 src/providers/ldap/ldap_child.c:613 msgid "Send the debug output to stderr directly." msgstr "Надіслати діагностичну інформацію безпосередньо до stderr." -#: src/providers/krb5/krb5_child.c:3231 +#: src/providers/krb5/krb5_child.c:3244 msgid "The user to create FAST ccache as" msgstr "Користувач, від імені якого слід створити ccache FAST" -#: src/providers/krb5/krb5_child.c:3233 +#: src/providers/krb5/krb5_child.c:3246 msgid "The group to create FAST ccache as" msgstr "Група, від імені якої слід створити ccache FAST" -#: src/providers/krb5/krb5_child.c:3235 +#: src/providers/krb5/krb5_child.c:3248 msgid "Kerberos realm to use" msgstr "Область Kerberos, якою слід скористатися" -#: src/providers/krb5/krb5_child.c:3237 +#: src/providers/krb5/krb5_child.c:3250 msgid "Requested lifetime of the ticket" msgstr "Запитаний строк дії квитка" -#: src/providers/krb5/krb5_child.c:3239 +#: src/providers/krb5/krb5_child.c:3252 msgid "Requested renewable lifetime of the ticket" msgstr "Запитаний час оновлення строку дії квитка" -#: src/providers/krb5/krb5_child.c:3241 +#: src/providers/krb5/krb5_child.c:3254 msgid "FAST options ('never', 'try', 'demand')" msgstr "Параметри FAST ('never', 'try', 'demand')" -#: src/providers/krb5/krb5_child.c:3244 +#: src/providers/krb5/krb5_child.c:3257 msgid "Specifies the server principal to use for FAST" msgstr "" "Визначає реєстраційний запис сервера, який слід використовувати для FAST" -#: src/providers/krb5/krb5_child.c:3246 +#: src/providers/krb5/krb5_child.c:3259 msgid "Requests canonicalization of the principal name" msgstr "Вимагає перетворення реєстраційного запису у канонічну форму" -#: src/providers/krb5/krb5_child.c:3248 +#: src/providers/krb5/krb5_child.c:3261 msgid "Use custom version of krb5_get_init_creds_password" msgstr "Використовувати нетипову версію krb5_get_init_creds_password" -#: src/providers/data_provider_be.c:630 +#: src/providers/data_provider_be.c:673 msgid "Domain of the information provider (mandatory)" msgstr "Домен надання відомостей (обов’язковий)" -#: src/sss_client/common.c:1067 +#: src/sss_client/common.c:1079 msgid "Privileged socket has wrong ownership or permissions." msgstr "У привілейованого сокета помилковий власник або права доступу." -#: src/sss_client/common.c:1070 +#: src/sss_client/common.c:1082 msgid "Public socket has wrong ownership or permissions." msgstr "У відкритого сокета помилковий власник або права доступу." -#: src/sss_client/common.c:1073 +#: src/sss_client/common.c:1085 msgid "Unexpected format of the server credential message." msgstr "Некоректний формат повідомлення щодо реєстраційних даних сервера." -#: src/sss_client/common.c:1076 +#: src/sss_client/common.c:1088 msgid "SSSD is not run by root." msgstr "SSSD запущено не від імені користувача root." -#: src/sss_client/common.c:1081 +#: src/sss_client/common.c:1091 +msgid "SSSD socket does not exist." +msgstr "" + +#: src/sss_client/common.c:1094 +msgid "Cannot get stat of SSSD socket." +msgstr "" + +#: src/sss_client/common.c:1099 msgid "An error occurred, but no description can be found." msgstr "Сталася помилка, але не вдалося знайти її опису." -#: src/sss_client/common.c:1087 +#: src/sss_client/common.c:1105 msgid "Unexpected error while looking for an error description" msgstr "Неочікувана помилка під час пошуку опису помилки" @@ -1736,46 +1751,46 @@ msgstr "Неочікувана помилка під час пошуку опи msgid "Permission denied. " msgstr "Відмовлено у доступі. " -#: src/sss_client/pam_sss.c:68 src/sss_client/pam_sss.c:774 -#: src/sss_client/pam_sss.c:785 +#: src/sss_client/pam_sss.c:68 src/sss_client/pam_sss.c:777 +#: src/sss_client/pam_sss.c:788 msgid "Server message: " msgstr "Повідомлення сервера: " -#: src/sss_client/pam_sss.c:292 +#: src/sss_client/pam_sss.c:295 msgid "Passwords do not match" msgstr "Паролі не збігаються" -#: src/sss_client/pam_sss.c:480 +#: src/sss_client/pam_sss.c:483 msgid "Password reset by root is not supported." msgstr "Підтримки скидання пароля користувачем root не передбачено." -#: src/sss_client/pam_sss.c:521 +#: src/sss_client/pam_sss.c:524 msgid "Authenticated with cached credentials" msgstr "Розпізнано за реєстраційними даними з кешу" -#: src/sss_client/pam_sss.c:522 +#: src/sss_client/pam_sss.c:525 msgid ", your cached password will expire at: " msgstr ", строк дії вашого кешованого пароля завершиться: " -#: src/sss_client/pam_sss.c:552 +#: src/sss_client/pam_sss.c:555 #, c-format msgid "Your password has expired. You have %1$d grace login(s) remaining." msgstr "Строк дії вашого пароля вичерпано. Залишилося %1$d резервних входи." -#: src/sss_client/pam_sss.c:598 +#: src/sss_client/pam_sss.c:601 #, c-format msgid "Your password will expire in %1$d %2$s." msgstr "Строк дії вашого пароля завершиться за %1$d %2$s." -#: src/sss_client/pam_sss.c:647 +#: src/sss_client/pam_sss.c:650 msgid "Authentication is denied until: " msgstr "Розпізнавання заборонено до: " -#: src/sss_client/pam_sss.c:668 +#: src/sss_client/pam_sss.c:671 msgid "System is offline, password change not possible" msgstr "Система працює у автономному режимі, зміна пароля неможлива" -#: src/sss_client/pam_sss.c:683 +#: src/sss_client/pam_sss.c:686 msgid "" "After changing the OTP password, you need to log out and back in order to " "acquire a ticket" @@ -1783,43 +1798,43 @@ msgstr "" "Після зміни пароля OTP вам слід вийти із системи і увійти до неї знову, щоб " "отримати про квиток" -#: src/sss_client/pam_sss.c:771 src/sss_client/pam_sss.c:784 +#: src/sss_client/pam_sss.c:774 src/sss_client/pam_sss.c:787 msgid "Password change failed. " msgstr "Спроба зміни пароля зазнала невдачі. " -#: src/sss_client/pam_sss.c:1921 +#: src/sss_client/pam_sss.c:1977 msgid "New Password: " msgstr "Новий пароль: " -#: src/sss_client/pam_sss.c:1922 +#: src/sss_client/pam_sss.c:1978 msgid "Reenter new Password: " msgstr "Ще раз введіть новий пароль: " -#: src/sss_client/pam_sss.c:2038 src/sss_client/pam_sss.c:2041 +#: src/sss_client/pam_sss.c:2139 src/sss_client/pam_sss.c:2142 msgid "First Factor: " msgstr "Перший фактор:" -#: src/sss_client/pam_sss.c:2039 src/sss_client/pam_sss.c:2201 +#: src/sss_client/pam_sss.c:2140 src/sss_client/pam_sss.c:2303 msgid "Second Factor (optional): " msgstr "Другий фактор (необов'язковий): " -#: src/sss_client/pam_sss.c:2042 src/sss_client/pam_sss.c:2204 +#: src/sss_client/pam_sss.c:2143 src/sss_client/pam_sss.c:2306 msgid "Second Factor: " msgstr "Другий фактор:" -#: src/sss_client/pam_sss.c:2057 +#: src/sss_client/pam_sss.c:2158 msgid "Password: " msgstr "Пароль: " -#: src/sss_client/pam_sss.c:2200 src/sss_client/pam_sss.c:2203 +#: src/sss_client/pam_sss.c:2302 src/sss_client/pam_sss.c:2305 msgid "First Factor (Current Password): " msgstr "Перший фактор (поточний пароль): " -#: src/sss_client/pam_sss.c:2207 +#: src/sss_client/pam_sss.c:2309 msgid "Current Password: " msgstr "Поточний пароль: " -#: src/sss_client/pam_sss.c:2562 +#: src/sss_client/pam_sss.c:2664 msgid "Password expired. Change your password now." msgstr "Строк дії пароля вичерпано. Змініть ваш пароль." @@ -1828,7 +1843,7 @@ msgstr "Строк дії пароля вичерпано. Змініть ваш #: src/tools/sss_groupadd.c:41 src/tools/sss_groupdel.c:44 #: src/tools/sss_groupmod.c:42 src/tools/sss_groupshow.c:668 #: src/tools/sss_userdel.c:134 src/tools/sss_usermod.c:47 -#: src/tools/sss_cache.c:687 +#: src/tools/sss_cache.c:704 msgid "The debug level to run with" msgstr "Рівень діагностики під час запуску" @@ -1841,7 +1856,7 @@ msgstr "Домен SSSD, який слід використовувати" #: src/tools/sss_groupadd.c:59 src/tools/sss_groupdel.c:54 #: src/tools/sss_groupmod.c:66 src/tools/sss_groupshow.c:680 #: src/tools/sss_userdel.c:152 src/tools/sss_usermod.c:79 -#: src/tools/sss_cache.c:733 +#: src/tools/sss_cache.c:750 msgid "Error setting the locale\n" msgstr "Помилка під час спроби встановити локаль\n" @@ -1863,7 +1878,7 @@ msgstr "Порт, яким слід користуватися для встан #: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:210 msgid "Print the host ssh public keys" -msgstr "" +msgstr "Вивести відкриті ключі SSH вузла" #: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:252 msgid "Invalid port\n" @@ -1877,6 +1892,11 @@ msgstr "Не вказано вузол\n" msgid "The path to the proxy command must be absolute\n" msgstr "Має бути вказано абсолютний шлях до команди проксі-сервера\n" +#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:342 +#, c-format +msgid "sss_ssh_knownhostsproxy: Could not resolve hostname %s\n" +msgstr "" + #: src/tools/sss_useradd.c:49 src/tools/sss_usermod.c:48 msgid "The UID of the user" msgstr "Ідентифікатор користувача" @@ -2314,85 +2334,85 @@ msgid "Transaction error. Could not modify user.\n" msgstr "" "Помилка під час виконання операції. Не вдалося змінити запис користувача.\n" -#: src/tools/sss_cache.c:228 +#: src/tools/sss_cache.c:245 msgid "No cache object matched the specified search\n" msgstr "Вказаному критерію пошуку не відповідає жоден об’єкт у кеші\n" -#: src/tools/sss_cache.c:519 +#: src/tools/sss_cache.c:536 #, c-format msgid "Couldn't invalidate %1$s\n" msgstr "Не вдалося скасувати чинність %1$s\n" -#: src/tools/sss_cache.c:526 +#: src/tools/sss_cache.c:543 #, c-format msgid "Couldn't invalidate %1$s %2$s\n" msgstr "Не вдалося скасувати чинність %1$s %2$s\n" -#: src/tools/sss_cache.c:689 +#: src/tools/sss_cache.c:706 msgid "Invalidate all cached entries" msgstr "Скасувати чинність усіх кешованих записів" -#: src/tools/sss_cache.c:691 +#: src/tools/sss_cache.c:708 msgid "Invalidate particular user" msgstr "Скасувати визначення певного користувача" -#: src/tools/sss_cache.c:693 +#: src/tools/sss_cache.c:710 msgid "Invalidate all users" msgstr "Скасувати визначення всіх користувачів" -#: src/tools/sss_cache.c:695 +#: src/tools/sss_cache.c:712 msgid "Invalidate particular group" msgstr "Скасувати визначення певної групи" -#: src/tools/sss_cache.c:697 +#: src/tools/sss_cache.c:714 msgid "Invalidate all groups" msgstr "Скасувати визначення всіх груп" -#: src/tools/sss_cache.c:699 +#: src/tools/sss_cache.c:716 msgid "Invalidate particular netgroup" msgstr "Скасувати визначення певної мережевої групи" -#: src/tools/sss_cache.c:701 +#: src/tools/sss_cache.c:718 msgid "Invalidate all netgroups" msgstr "Скасувати визначення всіх мережевих груп" -#: src/tools/sss_cache.c:703 +#: src/tools/sss_cache.c:720 msgid "Invalidate particular service" msgstr "Скасувати визначення певної служби" -#: src/tools/sss_cache.c:705 +#: src/tools/sss_cache.c:722 msgid "Invalidate all services" msgstr "Скасувати визначення всіх служб" -#: src/tools/sss_cache.c:708 +#: src/tools/sss_cache.c:725 msgid "Invalidate particular autofs map" msgstr "Скасувати визначення певну карту autofs" -#: src/tools/sss_cache.c:710 +#: src/tools/sss_cache.c:727 msgid "Invalidate all autofs maps" msgstr "Скасувати визначення всіх карт autofs" -#: src/tools/sss_cache.c:714 +#: src/tools/sss_cache.c:731 msgid "Invalidate particular SSH host" msgstr "Скасувати чинність певного вузла SSH" -#: src/tools/sss_cache.c:716 +#: src/tools/sss_cache.c:733 msgid "Invalidate all SSH hosts" msgstr "Скасувати чинність усіх вузлів SSH" -#: src/tools/sss_cache.c:720 +#: src/tools/sss_cache.c:737 msgid "Invalidate particular sudo rule" msgstr "Скасувати чинність певного правила sudo" -#: src/tools/sss_cache.c:722 +#: src/tools/sss_cache.c:739 msgid "Invalidate all cached sudo rules" msgstr "Скасувати чинність усіх кешованих правил sudo" -#: src/tools/sss_cache.c:725 +#: src/tools/sss_cache.c:742 msgid "Only invalidate entries from a particular domain" msgstr "Скасувати визначення лише записів з певного домену" -#: src/tools/sss_cache.c:779 +#: src/tools/sss_cache.c:796 msgid "" "Unexpected argument(s) provided, options that invalidate a single object " "only accept a single provided argument.\n" @@ -2400,12 +2420,12 @@ msgstr "" "Надано неочікувані аргументи. Параметри, які скасовують чинність окремого " "об'єкта вимагають лише одного наданого аргументу.\n" -#: src/tools/sss_cache.c:789 +#: src/tools/sss_cache.c:806 msgid "Please select at least one object to invalidate\n" msgstr "" "Будь ласка, виберіть принаймні один об’єкт для скасовування відповідності\n" -#: src/tools/sss_cache.c:872 +#: src/tools/sss_cache.c:889 #, c-format msgid "" "Could not open domain %1$s. If the domain is a subdomain (trusted domain), " @@ -2414,7 +2434,7 @@ msgstr "" "Не вдалося відкрити домен %1$s. Якщо цей домен є піддоменом (довіреним " "доменом), скористайтеся повною назвою замість параметра --domain/-d.\n" -#: src/tools/sss_cache.c:877 +#: src/tools/sss_cache.c:894 msgid "Could not open available domains\n" msgstr "Не вдалося відкрити доступні домени\n" @@ -2656,9 +2676,10 @@ msgstr "" #: src/tools/sssctl/sssctl_domains.c:105 src/tools/sssctl/sssctl_domains.c:354 #: src/tools/sssctl/sssctl_user_checks.c:95 -#, fuzzy, c-format +#, c-format msgid "Unable to connect to system bus!\n" -msgstr "Не вдалося встановити з'єднання із InfoPipe" +msgstr "" +"Не вдалося встановити з'єднання із системним каналом передавання даних!\n" #: src/tools/sssctl/sssctl_domains.c:167 #, c-format @@ -3001,44 +3022,18 @@ msgstr "Середовище PAM:\n" msgid " - no env -\n" msgstr " - немає середовища -\n" -#: src/util/util.h:73 +#: src/util/util.h:74 msgid "The user ID to run the server as" msgstr "Ідентифікатор користувача, від імені якого слід запустити сервер" -#: src/util/util.h:75 +#: src/util/util.h:76 msgid "The group ID to run the server as" msgstr "Ідентифікатор групи, від імені якої слід запустити сервер" -#: src/util/util.h:83 +#: src/util/util.h:84 msgid "Informs that the responder has been socket-activated" msgstr "Інформує про те, що на відповідачі задіяно сокет" -#: src/util/util.h:85 +#: src/util/util.h:86 msgid "Informs that the responder has been dbus-activated" msgstr "Інформує про те, що на відповідачі задіяно D-Bus" - -#~ msgid "Store password hashes" -#~ msgstr "Зберігати хеші паролів" - -#~ msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for group lookups" -#~ msgstr "" -#~ "Використовувати LDAP_MATCHING_RULE_IN_CHAIN щодо пошуків груп (group)" - -#~ msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for initgroup lookups" -#~ msgstr "" -#~ "Використовувати LDAP_MATCHING_RULE_IN_CHAIN щодо пошуків початкових груп " -#~ "(initgroup)" - -#~ msgid "" -#~ "Check that SSSD is running and the InfoPipe responder is enabled. Make " -#~ "sure 'ifp' is listed in the 'services' option in sssd.conf.\n" -#~ msgstr "" -#~ "Перевірте, чи запущено SSSD і чи увімкнено відповідач InfoPipe. " -#~ "Переконайтеся, що у списку параметра «services» у sssd.conf є запис " -#~ "«ifp».\n" - -#~ msgid "Unable to get user object" -#~ msgstr "Не вдалося отримати об'єкт користувача" - -#~ msgid "Unable to get user name attr" -#~ msgstr "Не вдалося отримати атрибут імені користувача" diff --git a/po/zh_CN.po b/po/zh_CN.po index 7ed74791c1a..7d5f8406f8d 100644 --- a/po/zh_CN.po +++ b/po/zh_CN.po @@ -8,7 +8,7 @@ msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n" -"POT-Creation-Date: 2019-02-27 19:55+0100\n" +"POT-Creation-Date: 2019-06-13 20:35+0200\n" "PO-Revision-Date: 2014-12-14 11:50+0000\n" "Last-Translator: Copied by Zanata \n" "Language-Team: Chinese (China) (http://www.transifex.com/projects/p/sssd/" @@ -675,7 +675,7 @@ msgid "Active Directory client hostname" msgstr "" #: src/config/SSSDConfig/__init__.py.in:236 -#: src/config/SSSDConfig/__init__.py.in:420 +#: src/config/SSSDConfig/__init__.py.in:421 msgid "LDAP filter to determine access privileges" msgstr "" @@ -845,746 +845,758 @@ msgid "The Schema Type in use on the LDAP server, rfc2307" msgstr "" #: src/config/SSSDConfig/__init__.py.in:285 -msgid "The default bind DN" +msgid "Mode used to change user password" msgstr "" #: src/config/SSSDConfig/__init__.py.in:286 -msgid "The type of the authentication token of the default bind DN" +msgid "The default bind DN" msgstr "" #: src/config/SSSDConfig/__init__.py.in:287 -msgid "The authentication token of the default bind DN" +msgid "The type of the authentication token of the default bind DN" msgstr "" #: src/config/SSSDConfig/__init__.py.in:288 -msgid "Length of time to attempt connection" +msgid "The authentication token of the default bind DN" msgstr "" #: src/config/SSSDConfig/__init__.py.in:289 -msgid "Length of time to attempt synchronous LDAP operations" +msgid "Length of time to attempt connection" msgstr "" #: src/config/SSSDConfig/__init__.py.in:290 -msgid "Length of time between attempts to reconnect while offline" +msgid "Length of time to attempt synchronous LDAP operations" msgstr "" #: src/config/SSSDConfig/__init__.py.in:291 -msgid "Use only the upper case for realm names" +msgid "Length of time between attempts to reconnect while offline" msgstr "" #: src/config/SSSDConfig/__init__.py.in:292 -msgid "File that contains CA certificates" +msgid "Use only the upper case for realm names" msgstr "" #: src/config/SSSDConfig/__init__.py.in:293 -msgid "Path to CA certificate directory" +msgid "File that contains CA certificates" msgstr "" #: src/config/SSSDConfig/__init__.py.in:294 -msgid "File that contains the client certificate" +msgid "Path to CA certificate directory" msgstr "" #: src/config/SSSDConfig/__init__.py.in:295 -msgid "File that contains the client key" +msgid "File that contains the client certificate" msgstr "" #: src/config/SSSDConfig/__init__.py.in:296 -msgid "List of possible ciphers suites" +msgid "File that contains the client key" msgstr "" #: src/config/SSSDConfig/__init__.py.in:297 -msgid "Require TLS certificate verification" +msgid "List of possible ciphers suites" msgstr "" #: src/config/SSSDConfig/__init__.py.in:298 -msgid "Specify the sasl mechanism to use" +msgid "Require TLS certificate verification" msgstr "" #: src/config/SSSDConfig/__init__.py.in:299 -msgid "Specify the sasl authorization id to use" +msgid "Specify the sasl mechanism to use" msgstr "" #: src/config/SSSDConfig/__init__.py.in:300 -msgid "Specify the sasl authorization realm to use" +msgid "Specify the sasl authorization id to use" msgstr "" #: src/config/SSSDConfig/__init__.py.in:301 -msgid "Specify the minimal SSF for LDAP sasl authorization" +msgid "Specify the sasl authorization realm to use" msgstr "" #: src/config/SSSDConfig/__init__.py.in:302 -msgid "Kerberos service keytab" +msgid "Specify the minimal SSF for LDAP sasl authorization" msgstr "" #: src/config/SSSDConfig/__init__.py.in:303 -msgid "Use Kerberos auth for LDAP connection" +msgid "Kerberos service keytab" msgstr "" #: src/config/SSSDConfig/__init__.py.in:304 -msgid "Follow LDAP referrals" +msgid "Use Kerberos auth for LDAP connection" msgstr "" #: src/config/SSSDConfig/__init__.py.in:305 -msgid "Lifetime of TGT for LDAP connection" +msgid "Follow LDAP referrals" msgstr "" #: src/config/SSSDConfig/__init__.py.in:306 -msgid "How to dereference aliases" +msgid "Lifetime of TGT for LDAP connection" msgstr "" #: src/config/SSSDConfig/__init__.py.in:307 -msgid "Service name for DNS service lookups" +msgid "How to dereference aliases" msgstr "" #: src/config/SSSDConfig/__init__.py.in:308 -msgid "The number of records to retrieve in a single LDAP query" +msgid "Service name for DNS service lookups" msgstr "" #: src/config/SSSDConfig/__init__.py.in:309 -msgid "The number of members that must be missing to trigger a full deref" +msgid "The number of records to retrieve in a single LDAP query" msgstr "" #: src/config/SSSDConfig/__init__.py.in:310 +msgid "The number of members that must be missing to trigger a full deref" +msgstr "" + +#: src/config/SSSDConfig/__init__.py.in:311 msgid "" "Whether the LDAP library should perform a reverse lookup to canonicalize the " "host name during a SASL bind" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:312 +#: src/config/SSSDConfig/__init__.py.in:313 msgid "entryUSN attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:313 +#: src/config/SSSDConfig/__init__.py.in:314 msgid "lastUSN attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:315 +#: src/config/SSSDConfig/__init__.py.in:316 msgid "How long to retain a connection to the LDAP server before disconnecting" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:317 +#: src/config/SSSDConfig/__init__.py.in:318 msgid "Disable the LDAP paging control" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:318 +#: src/config/SSSDConfig/__init__.py.in:319 msgid "Disable Active Directory range retrieval" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:321 +#: src/config/SSSDConfig/__init__.py.in:322 msgid "Length of time to wait for a search request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:322 +#: src/config/SSSDConfig/__init__.py.in:323 msgid "Length of time to wait for a enumeration request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:323 +#: src/config/SSSDConfig/__init__.py.in:324 msgid "Length of time between enumeration updates" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:324 +#: src/config/SSSDConfig/__init__.py.in:325 msgid "Length of time between cache cleanups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:325 +#: src/config/SSSDConfig/__init__.py.in:326 msgid "Require TLS for ID lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:326 +#: src/config/SSSDConfig/__init__.py.in:327 msgid "Use ID-mapping of objectSID instead of pre-set IDs" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:327 +#: src/config/SSSDConfig/__init__.py.in:328 msgid "Base DN for user lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:328 +#: src/config/SSSDConfig/__init__.py.in:329 msgid "Scope of user lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:329 +#: src/config/SSSDConfig/__init__.py.in:330 msgid "Filter for user lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:330 +#: src/config/SSSDConfig/__init__.py.in:331 msgid "Objectclass for users" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:331 +#: src/config/SSSDConfig/__init__.py.in:332 msgid "Username attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:333 +#: src/config/SSSDConfig/__init__.py.in:334 msgid "UID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:334 +#: src/config/SSSDConfig/__init__.py.in:335 msgid "Primary GID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:335 +#: src/config/SSSDConfig/__init__.py.in:336 msgid "GECOS attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:336 +#: src/config/SSSDConfig/__init__.py.in:337 msgid "Home directory attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:337 +#: src/config/SSSDConfig/__init__.py.in:338 msgid "Shell attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:338 +#: src/config/SSSDConfig/__init__.py.in:339 msgid "UUID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:339 -#: src/config/SSSDConfig/__init__.py.in:381 +#: src/config/SSSDConfig/__init__.py.in:340 +#: src/config/SSSDConfig/__init__.py.in:382 msgid "objectSID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:340 +#: src/config/SSSDConfig/__init__.py.in:341 msgid "Active Directory primary group attribute for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:341 +#: src/config/SSSDConfig/__init__.py.in:342 msgid "User principal attribute (for Kerberos)" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:342 +#: src/config/SSSDConfig/__init__.py.in:343 msgid "Full Name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:343 +#: src/config/SSSDConfig/__init__.py.in:344 msgid "memberOf attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:344 +#: src/config/SSSDConfig/__init__.py.in:345 msgid "Modification time attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:346 +#: src/config/SSSDConfig/__init__.py.in:347 msgid "shadowLastChange attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:347 +#: src/config/SSSDConfig/__init__.py.in:348 msgid "shadowMin attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:348 +#: src/config/SSSDConfig/__init__.py.in:349 msgid "shadowMax attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:349 +#: src/config/SSSDConfig/__init__.py.in:350 msgid "shadowWarning attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:350 +#: src/config/SSSDConfig/__init__.py.in:351 msgid "shadowInactive attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:351 +#: src/config/SSSDConfig/__init__.py.in:352 msgid "shadowExpire attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:352 +#: src/config/SSSDConfig/__init__.py.in:353 msgid "shadowFlag attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:353 +#: src/config/SSSDConfig/__init__.py.in:354 msgid "Attribute listing authorized PAM services" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:354 +#: src/config/SSSDConfig/__init__.py.in:355 msgid "Attribute listing authorized server hosts" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:355 +#: src/config/SSSDConfig/__init__.py.in:356 msgid "Attribute listing authorized server rhosts" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:356 +#: src/config/SSSDConfig/__init__.py.in:357 msgid "krbLastPwdChange attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:357 +#: src/config/SSSDConfig/__init__.py.in:358 msgid "krbPasswordExpiration attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:358 +#: src/config/SSSDConfig/__init__.py.in:359 msgid "Attribute indicating that server side password policies are active" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:359 +#: src/config/SSSDConfig/__init__.py.in:360 msgid "accountExpires attribute of AD" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:360 +#: src/config/SSSDConfig/__init__.py.in:361 msgid "userAccountControl attribute of AD" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:361 +#: src/config/SSSDConfig/__init__.py.in:362 msgid "nsAccountLock attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:362 +#: src/config/SSSDConfig/__init__.py.in:363 msgid "loginDisabled attribute of NDS" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:363 +#: src/config/SSSDConfig/__init__.py.in:364 msgid "loginExpirationTime attribute of NDS" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:364 +#: src/config/SSSDConfig/__init__.py.in:365 msgid "loginAllowedTimeMap attribute of NDS" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:365 +#: src/config/SSSDConfig/__init__.py.in:366 msgid "SSH public key attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:366 +#: src/config/SSSDConfig/__init__.py.in:367 msgid "attribute listing allowed authentication types for a user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:367 +#: src/config/SSSDConfig/__init__.py.in:368 msgid "attribute containing the X509 certificate of the user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:368 +#: src/config/SSSDConfig/__init__.py.in:369 msgid "attribute containing the email address of the user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:370 +#: src/config/SSSDConfig/__init__.py.in:371 msgid "A list of extra attributes to download along with the user entry" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:372 +#: src/config/SSSDConfig/__init__.py.in:373 msgid "Base DN for group lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:375 +#: src/config/SSSDConfig/__init__.py.in:376 msgid "Objectclass for groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:376 +#: src/config/SSSDConfig/__init__.py.in:377 msgid "Group name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:377 +#: src/config/SSSDConfig/__init__.py.in:378 msgid "Group password" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:378 +#: src/config/SSSDConfig/__init__.py.in:379 msgid "GID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:379 +#: src/config/SSSDConfig/__init__.py.in:380 msgid "Group member attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:380 +#: src/config/SSSDConfig/__init__.py.in:381 msgid "Group UUID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:382 +#: src/config/SSSDConfig/__init__.py.in:383 msgid "Modification time attribute for groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:383 +#: src/config/SSSDConfig/__init__.py.in:384 msgid "Type of the group and other flags" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:384 +#: src/config/SSSDConfig/__init__.py.in:385 msgid "The LDAP group external member attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:386 +#: src/config/SSSDConfig/__init__.py.in:387 msgid "Maximum nesting level SSSD will follow" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:388 +#: src/config/SSSDConfig/__init__.py.in:389 msgid "Base DN for netgroup lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:389 +#: src/config/SSSDConfig/__init__.py.in:390 msgid "Objectclass for netgroups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:390 +#: src/config/SSSDConfig/__init__.py.in:391 msgid "Netgroup name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:391 +#: src/config/SSSDConfig/__init__.py.in:392 msgid "Netgroups members attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:392 +#: src/config/SSSDConfig/__init__.py.in:393 msgid "Netgroup triple attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:393 +#: src/config/SSSDConfig/__init__.py.in:394 msgid "Modification time attribute for netgroups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:395 +#: src/config/SSSDConfig/__init__.py.in:396 msgid "Base DN for service lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:396 +#: src/config/SSSDConfig/__init__.py.in:397 msgid "Objectclass for services" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:397 +#: src/config/SSSDConfig/__init__.py.in:398 msgid "Service name attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:398 +#: src/config/SSSDConfig/__init__.py.in:399 msgid "Service port attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:399 +#: src/config/SSSDConfig/__init__.py.in:400 msgid "Service protocol attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:402 +#: src/config/SSSDConfig/__init__.py.in:403 msgid "Lower bound for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:403 +#: src/config/SSSDConfig/__init__.py.in:404 msgid "Upper bound for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:404 +#: src/config/SSSDConfig/__init__.py.in:405 msgid "Number of IDs for each slice when ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:405 +#: src/config/SSSDConfig/__init__.py.in:406 msgid "Use autorid-compatible algorithm for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:406 +#: src/config/SSSDConfig/__init__.py.in:407 msgid "Name of the default domain for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:407 +#: src/config/SSSDConfig/__init__.py.in:408 msgid "SID of the default domain for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:408 +#: src/config/SSSDConfig/__init__.py.in:409 msgid "Number of secondary slices" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:410 +#: src/config/SSSDConfig/__init__.py.in:411 msgid "Whether to use Token-Groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:411 +#: src/config/SSSDConfig/__init__.py.in:412 msgid "Set lower boundary for allowed IDs from the LDAP server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:412 +#: src/config/SSSDConfig/__init__.py.in:413 msgid "Set upper boundary for allowed IDs from the LDAP server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:413 +#: src/config/SSSDConfig/__init__.py.in:414 msgid "DN for ppolicy queries" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:414 +#: src/config/SSSDConfig/__init__.py.in:415 msgid "How many maximum entries to fetch during a wildcard request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:417 +#: src/config/SSSDConfig/__init__.py.in:418 msgid "Policy to evaluate the password expiration" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:421 +#: src/config/SSSDConfig/__init__.py.in:422 msgid "Which attributes shall be used to evaluate if an account is expired" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:422 +#: src/config/SSSDConfig/__init__.py.in:423 msgid "Which rules should be used to evaluate access control" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:425 +#: src/config/SSSDConfig/__init__.py.in:426 msgid "URI of an LDAP server where password changes are allowed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:426 +#: src/config/SSSDConfig/__init__.py.in:427 msgid "URI of a backup LDAP server where password changes are allowed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:427 +#: src/config/SSSDConfig/__init__.py.in:428 msgid "DNS service name for LDAP password change server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:428 +#: src/config/SSSDConfig/__init__.py.in:429 msgid "" "Whether to update the ldap_user_shadow_last_change attribute after a " "password change" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:431 +#: src/config/SSSDConfig/__init__.py.in:432 msgid "Base DN for sudo rules lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:432 +#: src/config/SSSDConfig/__init__.py.in:433 msgid "Automatic full refresh period" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:433 +#: src/config/SSSDConfig/__init__.py.in:434 msgid "Automatic smart refresh period" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:434 +#: src/config/SSSDConfig/__init__.py.in:435 msgid "Whether to filter rules by hostname, IP addresses and network" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:435 +#: src/config/SSSDConfig/__init__.py.in:436 msgid "" "Hostnames and/or fully qualified domain names of this machine to filter sudo " "rules" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:436 +#: src/config/SSSDConfig/__init__.py.in:437 msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:437 +#: src/config/SSSDConfig/__init__.py.in:438 msgid "Whether to include rules that contains netgroup in host attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:438 +#: src/config/SSSDConfig/__init__.py.in:439 msgid "" "Whether to include rules that contains regular expression in host attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:439 +#: src/config/SSSDConfig/__init__.py.in:440 msgid "Object class for sudo rules" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:440 +#: src/config/SSSDConfig/__init__.py.in:441 msgid "Sudo rule name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:441 +#: src/config/SSSDConfig/__init__.py.in:442 msgid "Sudo rule command attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:442 +#: src/config/SSSDConfig/__init__.py.in:443 msgid "Sudo rule host attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:443 +#: src/config/SSSDConfig/__init__.py.in:444 msgid "Sudo rule user attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:444 +#: src/config/SSSDConfig/__init__.py.in:445 msgid "Sudo rule option attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:445 +#: src/config/SSSDConfig/__init__.py.in:446 msgid "Sudo rule runas attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:446 +#: src/config/SSSDConfig/__init__.py.in:447 msgid "Sudo rule runasuser attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:447 +#: src/config/SSSDConfig/__init__.py.in:448 msgid "Sudo rule runasgroup attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:448 +#: src/config/SSSDConfig/__init__.py.in:449 msgid "Sudo rule notbefore attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:449 +#: src/config/SSSDConfig/__init__.py.in:450 msgid "Sudo rule notafter attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:450 +#: src/config/SSSDConfig/__init__.py.in:451 msgid "Sudo rule order attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:453 +#: src/config/SSSDConfig/__init__.py.in:454 msgid "Object class for automounter maps" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:454 +#: src/config/SSSDConfig/__init__.py.in:455 msgid "Automounter map name attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:455 +#: src/config/SSSDConfig/__init__.py.in:456 msgid "Object class for automounter map entries" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:456 +#: src/config/SSSDConfig/__init__.py.in:457 msgid "Automounter map entry key attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:457 +#: src/config/SSSDConfig/__init__.py.in:458 msgid "Automounter map entry value attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:458 +#: src/config/SSSDConfig/__init__.py.in:459 msgid "Base DN for automounter map lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:461 +#: src/config/SSSDConfig/__init__.py.in:462 msgid "Comma separated list of allowed users" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:462 +#: src/config/SSSDConfig/__init__.py.in:463 msgid "Comma separated list of prohibited users" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:465 +#: src/config/SSSDConfig/__init__.py.in:466 msgid "Default shell, /bin/bash" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:466 +#: src/config/SSSDConfig/__init__.py.in:467 msgid "Base for home directories" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:469 +#: src/config/SSSDConfig/__init__.py.in:470 msgid "The number of preforked proxy children." msgstr "" -#: src/config/SSSDConfig/__init__.py.in:472 +#: src/config/SSSDConfig/__init__.py.in:473 msgid "The name of the NSS library to use" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:473 +#: src/config/SSSDConfig/__init__.py.in:474 msgid "Whether to look up canonical group name from cache if possible" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:476 +#: src/config/SSSDConfig/__init__.py.in:477 msgid "PAM stack to use" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:479 +#: src/config/SSSDConfig/__init__.py.in:480 msgid "Path of passwd file sources." msgstr "" -#: src/config/SSSDConfig/__init__.py.in:480 +#: src/config/SSSDConfig/__init__.py.in:481 msgid "Path of group file sources." msgstr "" -#: src/monitor/monitor.c:2347 +#: src/monitor/monitor.c:2332 msgid "Become a daemon (default)" msgstr "" -#: src/monitor/monitor.c:2349 +#: src/monitor/monitor.c:2334 msgid "Run interactive (not a daemon)" msgstr "" -#: src/monitor/monitor.c:2352 +#: src/monitor/monitor.c:2337 msgid "Disable netlink interface" msgstr "" -#: src/monitor/monitor.c:2354 src/tools/sssctl/sssctl_logs.c:311 +#: src/monitor/monitor.c:2339 src/tools/sssctl/sssctl_logs.c:311 msgid "Specify a non-default config file" msgstr "" -#: src/monitor/monitor.c:2356 +#: src/monitor/monitor.c:2341 msgid "Refresh the configuration database, then exit" msgstr "" -#: src/monitor/monitor.c:2359 +#: src/monitor/monitor.c:2344 msgid "Similar to --genconf, but only refreshes the given section" msgstr "" -#: src/monitor/monitor.c:2362 +#: src/monitor/monitor.c:2347 msgid "Print version number and exit" msgstr "" -#: src/monitor/monitor.c:2538 +#: src/monitor/monitor.c:2523 msgid "SSSD is already running\n" msgstr "" -#: src/providers/krb5/krb5_child.c:3219 src/providers/ldap/ldap_child.c:605 +#: src/providers/krb5/krb5_child.c:3232 src/providers/ldap/ldap_child.c:605 msgid "Debug level" msgstr "" -#: src/providers/krb5/krb5_child.c:3221 src/providers/ldap/ldap_child.c:607 +#: src/providers/krb5/krb5_child.c:3234 src/providers/ldap/ldap_child.c:607 msgid "Add debug timestamps" msgstr "" -#: src/providers/krb5/krb5_child.c:3223 src/providers/ldap/ldap_child.c:609 +#: src/providers/krb5/krb5_child.c:3236 src/providers/ldap/ldap_child.c:609 msgid "Show timestamps with microseconds" msgstr "" -#: src/providers/krb5/krb5_child.c:3225 src/providers/ldap/ldap_child.c:611 +#: src/providers/krb5/krb5_child.c:3238 src/providers/ldap/ldap_child.c:611 msgid "An open file descriptor for the debug logs" msgstr "" -#: src/providers/krb5/krb5_child.c:3228 src/providers/ldap/ldap_child.c:613 +#: src/providers/krb5/krb5_child.c:3241 src/providers/ldap/ldap_child.c:613 msgid "Send the debug output to stderr directly." msgstr "" -#: src/providers/krb5/krb5_child.c:3231 +#: src/providers/krb5/krb5_child.c:3244 msgid "The user to create FAST ccache as" msgstr "" -#: src/providers/krb5/krb5_child.c:3233 +#: src/providers/krb5/krb5_child.c:3246 msgid "The group to create FAST ccache as" msgstr "" -#: src/providers/krb5/krb5_child.c:3235 +#: src/providers/krb5/krb5_child.c:3248 msgid "Kerberos realm to use" msgstr "" -#: src/providers/krb5/krb5_child.c:3237 +#: src/providers/krb5/krb5_child.c:3250 msgid "Requested lifetime of the ticket" msgstr "" -#: src/providers/krb5/krb5_child.c:3239 +#: src/providers/krb5/krb5_child.c:3252 msgid "Requested renewable lifetime of the ticket" msgstr "" -#: src/providers/krb5/krb5_child.c:3241 +#: src/providers/krb5/krb5_child.c:3254 msgid "FAST options ('never', 'try', 'demand')" msgstr "" -#: src/providers/krb5/krb5_child.c:3244 +#: src/providers/krb5/krb5_child.c:3257 msgid "Specifies the server principal to use for FAST" msgstr "" -#: src/providers/krb5/krb5_child.c:3246 +#: src/providers/krb5/krb5_child.c:3259 msgid "Requests canonicalization of the principal name" msgstr "" -#: src/providers/krb5/krb5_child.c:3248 +#: src/providers/krb5/krb5_child.c:3261 msgid "Use custom version of krb5_get_init_creds_password" msgstr "" -#: src/providers/data_provider_be.c:630 +#: src/providers/data_provider_be.c:673 msgid "Domain of the information provider (mandatory)" msgstr "" -#: src/sss_client/common.c:1067 +#: src/sss_client/common.c:1079 msgid "Privileged socket has wrong ownership or permissions." msgstr "" -#: src/sss_client/common.c:1070 +#: src/sss_client/common.c:1082 msgid "Public socket has wrong ownership or permissions." msgstr "" -#: src/sss_client/common.c:1073 +#: src/sss_client/common.c:1085 msgid "Unexpected format of the server credential message." msgstr "" -#: src/sss_client/common.c:1076 +#: src/sss_client/common.c:1088 msgid "SSSD is not run by root." msgstr "" -#: src/sss_client/common.c:1081 +#: src/sss_client/common.c:1091 +msgid "SSSD socket does not exist." +msgstr "" + +#: src/sss_client/common.c:1094 +msgid "Cannot get stat of SSSD socket." +msgstr "" + +#: src/sss_client/common.c:1099 msgid "An error occurred, but no description can be found." msgstr "" -#: src/sss_client/common.c:1087 +#: src/sss_client/common.c:1105 msgid "Unexpected error while looking for an error description" msgstr "" @@ -1592,88 +1604,88 @@ msgstr "" msgid "Permission denied. " msgstr "" -#: src/sss_client/pam_sss.c:68 src/sss_client/pam_sss.c:774 -#: src/sss_client/pam_sss.c:785 +#: src/sss_client/pam_sss.c:68 src/sss_client/pam_sss.c:777 +#: src/sss_client/pam_sss.c:788 msgid "Server message: " msgstr "" -#: src/sss_client/pam_sss.c:292 +#: src/sss_client/pam_sss.c:295 msgid "Passwords do not match" msgstr "" -#: src/sss_client/pam_sss.c:480 +#: src/sss_client/pam_sss.c:483 msgid "Password reset by root is not supported." msgstr "" -#: src/sss_client/pam_sss.c:521 +#: src/sss_client/pam_sss.c:524 msgid "Authenticated with cached credentials" msgstr "" -#: src/sss_client/pam_sss.c:522 +#: src/sss_client/pam_sss.c:525 msgid ", your cached password will expire at: " msgstr "" -#: src/sss_client/pam_sss.c:552 +#: src/sss_client/pam_sss.c:555 #, c-format msgid "Your password has expired. You have %1$d grace login(s) remaining." msgstr "" -#: src/sss_client/pam_sss.c:598 +#: src/sss_client/pam_sss.c:601 #, c-format msgid "Your password will expire in %1$d %2$s." msgstr "" -#: src/sss_client/pam_sss.c:647 +#: src/sss_client/pam_sss.c:650 msgid "Authentication is denied until: " msgstr "" -#: src/sss_client/pam_sss.c:668 +#: src/sss_client/pam_sss.c:671 msgid "System is offline, password change not possible" msgstr "" -#: src/sss_client/pam_sss.c:683 +#: src/sss_client/pam_sss.c:686 msgid "" "After changing the OTP password, you need to log out and back in order to " "acquire a ticket" msgstr "" -#: src/sss_client/pam_sss.c:771 src/sss_client/pam_sss.c:784 +#: src/sss_client/pam_sss.c:774 src/sss_client/pam_sss.c:787 msgid "Password change failed. " msgstr "" -#: src/sss_client/pam_sss.c:1921 +#: src/sss_client/pam_sss.c:1977 msgid "New Password: " msgstr "" -#: src/sss_client/pam_sss.c:1922 +#: src/sss_client/pam_sss.c:1978 msgid "Reenter new Password: " msgstr "" -#: src/sss_client/pam_sss.c:2038 src/sss_client/pam_sss.c:2041 +#: src/sss_client/pam_sss.c:2139 src/sss_client/pam_sss.c:2142 msgid "First Factor: " msgstr "" -#: src/sss_client/pam_sss.c:2039 src/sss_client/pam_sss.c:2201 +#: src/sss_client/pam_sss.c:2140 src/sss_client/pam_sss.c:2303 msgid "Second Factor (optional): " msgstr "" -#: src/sss_client/pam_sss.c:2042 src/sss_client/pam_sss.c:2204 +#: src/sss_client/pam_sss.c:2143 src/sss_client/pam_sss.c:2306 msgid "Second Factor: " msgstr "" -#: src/sss_client/pam_sss.c:2057 +#: src/sss_client/pam_sss.c:2158 msgid "Password: " msgstr "" -#: src/sss_client/pam_sss.c:2200 src/sss_client/pam_sss.c:2203 +#: src/sss_client/pam_sss.c:2302 src/sss_client/pam_sss.c:2305 msgid "First Factor (Current Password): " msgstr "" -#: src/sss_client/pam_sss.c:2207 +#: src/sss_client/pam_sss.c:2309 msgid "Current Password: " msgstr "" -#: src/sss_client/pam_sss.c:2562 +#: src/sss_client/pam_sss.c:2664 msgid "Password expired. Change your password now." msgstr "" @@ -1682,7 +1694,7 @@ msgstr "" #: src/tools/sss_groupadd.c:41 src/tools/sss_groupdel.c:44 #: src/tools/sss_groupmod.c:42 src/tools/sss_groupshow.c:668 #: src/tools/sss_userdel.c:134 src/tools/sss_usermod.c:47 -#: src/tools/sss_cache.c:687 +#: src/tools/sss_cache.c:704 msgid "The debug level to run with" msgstr "" @@ -1695,7 +1707,7 @@ msgstr "" #: src/tools/sss_groupadd.c:59 src/tools/sss_groupdel.c:54 #: src/tools/sss_groupmod.c:66 src/tools/sss_groupshow.c:680 #: src/tools/sss_userdel.c:152 src/tools/sss_usermod.c:79 -#: src/tools/sss_cache.c:733 +#: src/tools/sss_cache.c:750 msgid "Error setting the locale\n" msgstr "" @@ -1731,6 +1743,11 @@ msgstr "" msgid "The path to the proxy command must be absolute\n" msgstr "" +#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:342 +#, c-format +msgid "sss_ssh_knownhostsproxy: Could not resolve hostname %s\n" +msgstr "" + #: src/tools/sss_useradd.c:49 src/tools/sss_usermod.c:48 msgid "The UID of the user" msgstr "" @@ -2129,102 +2146,102 @@ msgstr "" msgid "Transaction error. Could not modify user.\n" msgstr "" -#: src/tools/sss_cache.c:228 +#: src/tools/sss_cache.c:245 msgid "No cache object matched the specified search\n" msgstr "" -#: src/tools/sss_cache.c:519 +#: src/tools/sss_cache.c:536 #, c-format msgid "Couldn't invalidate %1$s\n" msgstr "" -#: src/tools/sss_cache.c:526 +#: src/tools/sss_cache.c:543 #, c-format msgid "Couldn't invalidate %1$s %2$s\n" msgstr "" -#: src/tools/sss_cache.c:689 +#: src/tools/sss_cache.c:706 msgid "Invalidate all cached entries" msgstr "" -#: src/tools/sss_cache.c:691 +#: src/tools/sss_cache.c:708 msgid "Invalidate particular user" msgstr "" -#: src/tools/sss_cache.c:693 +#: src/tools/sss_cache.c:710 msgid "Invalidate all users" msgstr "" -#: src/tools/sss_cache.c:695 +#: src/tools/sss_cache.c:712 msgid "Invalidate particular group" msgstr "" -#: src/tools/sss_cache.c:697 +#: src/tools/sss_cache.c:714 msgid "Invalidate all groups" msgstr "" -#: src/tools/sss_cache.c:699 +#: src/tools/sss_cache.c:716 msgid "Invalidate particular netgroup" msgstr "" -#: src/tools/sss_cache.c:701 +#: src/tools/sss_cache.c:718 msgid "Invalidate all netgroups" msgstr "" -#: src/tools/sss_cache.c:703 +#: src/tools/sss_cache.c:720 msgid "Invalidate particular service" msgstr "" -#: src/tools/sss_cache.c:705 +#: src/tools/sss_cache.c:722 msgid "Invalidate all services" msgstr "" -#: src/tools/sss_cache.c:708 +#: src/tools/sss_cache.c:725 msgid "Invalidate particular autofs map" msgstr "" -#: src/tools/sss_cache.c:710 +#: src/tools/sss_cache.c:727 msgid "Invalidate all autofs maps" msgstr "" -#: src/tools/sss_cache.c:714 +#: src/tools/sss_cache.c:731 msgid "Invalidate particular SSH host" msgstr "" -#: src/tools/sss_cache.c:716 +#: src/tools/sss_cache.c:733 msgid "Invalidate all SSH hosts" msgstr "" -#: src/tools/sss_cache.c:720 +#: src/tools/sss_cache.c:737 msgid "Invalidate particular sudo rule" msgstr "" -#: src/tools/sss_cache.c:722 +#: src/tools/sss_cache.c:739 msgid "Invalidate all cached sudo rules" msgstr "" -#: src/tools/sss_cache.c:725 +#: src/tools/sss_cache.c:742 msgid "Only invalidate entries from a particular domain" msgstr "" -#: src/tools/sss_cache.c:779 +#: src/tools/sss_cache.c:796 msgid "" "Unexpected argument(s) provided, options that invalidate a single object " "only accept a single provided argument.\n" msgstr "" -#: src/tools/sss_cache.c:789 +#: src/tools/sss_cache.c:806 msgid "Please select at least one object to invalidate\n" msgstr "" -#: src/tools/sss_cache.c:872 +#: src/tools/sss_cache.c:889 #, c-format msgid "" "Could not open domain %1$s. If the domain is a subdomain (trusted domain), " "use fully qualified name instead of --domain/-d parameter.\n" msgstr "" -#: src/tools/sss_cache.c:877 +#: src/tools/sss_cache.c:894 msgid "Could not open available domains\n" msgstr "" @@ -2773,21 +2790,18 @@ msgstr "" msgid " - no env -\n" msgstr "" -#: src/util/util.h:73 +#: src/util/util.h:74 msgid "The user ID to run the server as" msgstr "" -#: src/util/util.h:75 +#: src/util/util.h:76 msgid "The group ID to run the server as" msgstr "" -#: src/util/util.h:83 +#: src/util/util.h:84 msgid "Informs that the responder has been socket-activated" msgstr "" -#: src/util/util.h:85 +#: src/util/util.h:86 msgid "Informs that the responder has been dbus-activated" msgstr "" - -#~ msgid "Store password hashes" -#~ msgstr "保存密码哈希值" diff --git a/po/zh_TW.po b/po/zh_TW.po index 9bae3b45ad0..c91c4828eca 100644 --- a/po/zh_TW.po +++ b/po/zh_TW.po @@ -7,7 +7,7 @@ msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n" -"POT-Creation-Date: 2019-02-27 19:55+0100\n" +"POT-Creation-Date: 2019-06-13 20:35+0200\n" "PO-Revision-Date: 2014-12-14 11:50+0000\n" "Last-Translator: Copied by Zanata \n" "Language-Team: Chinese (Taiwan) (http://www.transifex.com/projects/p/sssd/" @@ -260,9 +260,8 @@ msgid "Allowed services for using smartcards" msgstr "" #: src/config/SSSDConfig/__init__.py.in:107 -#, fuzzy msgid "Additional timeout to wait for a card if requested" -msgstr "搜尋請求的等候時間長度" +msgstr "" #: src/config/SSSDConfig/__init__.py.in:108 msgid "" @@ -675,7 +674,7 @@ msgid "Active Directory client hostname" msgstr "" #: src/config/SSSDConfig/__init__.py.in:236 -#: src/config/SSSDConfig/__init__.py.in:420 +#: src/config/SSSDConfig/__init__.py.in:421 msgid "LDAP filter to determine access privileges" msgstr "" @@ -845,746 +844,759 @@ msgid "The Schema Type in use on the LDAP server, rfc2307" msgstr "" #: src/config/SSSDConfig/__init__.py.in:285 +#, fuzzy +msgid "Mode used to change user password" +msgstr "密碼已過期。請立刻變更您的密碼。" + +#: src/config/SSSDConfig/__init__.py.in:286 msgid "The default bind DN" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:286 +#: src/config/SSSDConfig/__init__.py.in:287 msgid "The type of the authentication token of the default bind DN" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:287 +#: src/config/SSSDConfig/__init__.py.in:288 msgid "The authentication token of the default bind DN" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:288 +#: src/config/SSSDConfig/__init__.py.in:289 msgid "Length of time to attempt connection" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:289 +#: src/config/SSSDConfig/__init__.py.in:290 msgid "Length of time to attempt synchronous LDAP operations" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:290 +#: src/config/SSSDConfig/__init__.py.in:291 msgid "Length of time between attempts to reconnect while offline" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:291 +#: src/config/SSSDConfig/__init__.py.in:292 msgid "Use only the upper case for realm names" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:292 +#: src/config/SSSDConfig/__init__.py.in:293 msgid "File that contains CA certificates" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:293 +#: src/config/SSSDConfig/__init__.py.in:294 msgid "Path to CA certificate directory" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:294 +#: src/config/SSSDConfig/__init__.py.in:295 msgid "File that contains the client certificate" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:295 +#: src/config/SSSDConfig/__init__.py.in:296 msgid "File that contains the client key" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:296 +#: src/config/SSSDConfig/__init__.py.in:297 msgid "List of possible ciphers suites" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:297 +#: src/config/SSSDConfig/__init__.py.in:298 msgid "Require TLS certificate verification" msgstr "需要 TLS 憑證驗證" -#: src/config/SSSDConfig/__init__.py.in:298 +#: src/config/SSSDConfig/__init__.py.in:299 msgid "Specify the sasl mechanism to use" msgstr "指定要使用的 sasl 機制" -#: src/config/SSSDConfig/__init__.py.in:299 +#: src/config/SSSDConfig/__init__.py.in:300 msgid "Specify the sasl authorization id to use" msgstr "指定要使用的 sasl 認證 id" -#: src/config/SSSDConfig/__init__.py.in:300 +#: src/config/SSSDConfig/__init__.py.in:301 msgid "Specify the sasl authorization realm to use" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:301 +#: src/config/SSSDConfig/__init__.py.in:302 msgid "Specify the minimal SSF for LDAP sasl authorization" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:302 +#: src/config/SSSDConfig/__init__.py.in:303 msgid "Kerberos service keytab" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:303 +#: src/config/SSSDConfig/__init__.py.in:304 msgid "Use Kerberos auth for LDAP connection" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:304 +#: src/config/SSSDConfig/__init__.py.in:305 msgid "Follow LDAP referrals" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:305 +#: src/config/SSSDConfig/__init__.py.in:306 msgid "Lifetime of TGT for LDAP connection" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:306 +#: src/config/SSSDConfig/__init__.py.in:307 msgid "How to dereference aliases" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:307 +#: src/config/SSSDConfig/__init__.py.in:308 msgid "Service name for DNS service lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:308 +#: src/config/SSSDConfig/__init__.py.in:309 msgid "The number of records to retrieve in a single LDAP query" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:309 +#: src/config/SSSDConfig/__init__.py.in:310 msgid "The number of members that must be missing to trigger a full deref" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:310 +#: src/config/SSSDConfig/__init__.py.in:311 msgid "" "Whether the LDAP library should perform a reverse lookup to canonicalize the " "host name during a SASL bind" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:312 +#: src/config/SSSDConfig/__init__.py.in:313 msgid "entryUSN attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:313 +#: src/config/SSSDConfig/__init__.py.in:314 msgid "lastUSN attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:315 +#: src/config/SSSDConfig/__init__.py.in:316 msgid "How long to retain a connection to the LDAP server before disconnecting" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:317 +#: src/config/SSSDConfig/__init__.py.in:318 msgid "Disable the LDAP paging control" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:318 +#: src/config/SSSDConfig/__init__.py.in:319 msgid "Disable Active Directory range retrieval" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:321 +#: src/config/SSSDConfig/__init__.py.in:322 msgid "Length of time to wait for a search request" msgstr "搜尋請求的等候時間長度" -#: src/config/SSSDConfig/__init__.py.in:322 +#: src/config/SSSDConfig/__init__.py.in:323 msgid "Length of time to wait for a enumeration request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:323 +#: src/config/SSSDConfig/__init__.py.in:324 msgid "Length of time between enumeration updates" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:324 +#: src/config/SSSDConfig/__init__.py.in:325 msgid "Length of time between cache cleanups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:325 +#: src/config/SSSDConfig/__init__.py.in:326 msgid "Require TLS for ID lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:326 +#: src/config/SSSDConfig/__init__.py.in:327 msgid "Use ID-mapping of objectSID instead of pre-set IDs" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:327 +#: src/config/SSSDConfig/__init__.py.in:328 msgid "Base DN for user lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:328 +#: src/config/SSSDConfig/__init__.py.in:329 msgid "Scope of user lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:329 +#: src/config/SSSDConfig/__init__.py.in:330 msgid "Filter for user lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:330 +#: src/config/SSSDConfig/__init__.py.in:331 msgid "Objectclass for users" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:331 +#: src/config/SSSDConfig/__init__.py.in:332 msgid "Username attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:333 +#: src/config/SSSDConfig/__init__.py.in:334 msgid "UID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:334 +#: src/config/SSSDConfig/__init__.py.in:335 msgid "Primary GID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:335 +#: src/config/SSSDConfig/__init__.py.in:336 msgid "GECOS attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:336 +#: src/config/SSSDConfig/__init__.py.in:337 msgid "Home directory attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:337 +#: src/config/SSSDConfig/__init__.py.in:338 msgid "Shell attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:338 +#: src/config/SSSDConfig/__init__.py.in:339 msgid "UUID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:339 -#: src/config/SSSDConfig/__init__.py.in:381 +#: src/config/SSSDConfig/__init__.py.in:340 +#: src/config/SSSDConfig/__init__.py.in:382 msgid "objectSID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:340 +#: src/config/SSSDConfig/__init__.py.in:341 msgid "Active Directory primary group attribute for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:341 +#: src/config/SSSDConfig/__init__.py.in:342 msgid "User principal attribute (for Kerberos)" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:342 +#: src/config/SSSDConfig/__init__.py.in:343 msgid "Full Name" msgstr "全名" -#: src/config/SSSDConfig/__init__.py.in:343 +#: src/config/SSSDConfig/__init__.py.in:344 msgid "memberOf attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:344 +#: src/config/SSSDConfig/__init__.py.in:345 msgid "Modification time attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:346 +#: src/config/SSSDConfig/__init__.py.in:347 msgid "shadowLastChange attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:347 +#: src/config/SSSDConfig/__init__.py.in:348 msgid "shadowMin attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:348 +#: src/config/SSSDConfig/__init__.py.in:349 msgid "shadowMax attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:349 +#: src/config/SSSDConfig/__init__.py.in:350 msgid "shadowWarning attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:350 +#: src/config/SSSDConfig/__init__.py.in:351 msgid "shadowInactive attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:351 +#: src/config/SSSDConfig/__init__.py.in:352 msgid "shadowExpire attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:352 +#: src/config/SSSDConfig/__init__.py.in:353 msgid "shadowFlag attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:353 +#: src/config/SSSDConfig/__init__.py.in:354 msgid "Attribute listing authorized PAM services" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:354 +#: src/config/SSSDConfig/__init__.py.in:355 msgid "Attribute listing authorized server hosts" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:355 +#: src/config/SSSDConfig/__init__.py.in:356 msgid "Attribute listing authorized server rhosts" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:356 +#: src/config/SSSDConfig/__init__.py.in:357 msgid "krbLastPwdChange attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:357 +#: src/config/SSSDConfig/__init__.py.in:358 msgid "krbPasswordExpiration attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:358 +#: src/config/SSSDConfig/__init__.py.in:359 msgid "Attribute indicating that server side password policies are active" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:359 +#: src/config/SSSDConfig/__init__.py.in:360 msgid "accountExpires attribute of AD" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:360 +#: src/config/SSSDConfig/__init__.py.in:361 msgid "userAccountControl attribute of AD" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:361 +#: src/config/SSSDConfig/__init__.py.in:362 msgid "nsAccountLock attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:362 +#: src/config/SSSDConfig/__init__.py.in:363 msgid "loginDisabled attribute of NDS" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:363 +#: src/config/SSSDConfig/__init__.py.in:364 msgid "loginExpirationTime attribute of NDS" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:364 +#: src/config/SSSDConfig/__init__.py.in:365 msgid "loginAllowedTimeMap attribute of NDS" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:365 +#: src/config/SSSDConfig/__init__.py.in:366 msgid "SSH public key attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:366 +#: src/config/SSSDConfig/__init__.py.in:367 msgid "attribute listing allowed authentication types for a user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:367 +#: src/config/SSSDConfig/__init__.py.in:368 msgid "attribute containing the X509 certificate of the user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:368 +#: src/config/SSSDConfig/__init__.py.in:369 msgid "attribute containing the email address of the user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:370 +#: src/config/SSSDConfig/__init__.py.in:371 msgid "A list of extra attributes to download along with the user entry" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:372 +#: src/config/SSSDConfig/__init__.py.in:373 msgid "Base DN for group lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:375 +#: src/config/SSSDConfig/__init__.py.in:376 msgid "Objectclass for groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:376 +#: src/config/SSSDConfig/__init__.py.in:377 msgid "Group name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:377 +#: src/config/SSSDConfig/__init__.py.in:378 msgid "Group password" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:378 +#: src/config/SSSDConfig/__init__.py.in:379 msgid "GID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:379 +#: src/config/SSSDConfig/__init__.py.in:380 msgid "Group member attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:380 +#: src/config/SSSDConfig/__init__.py.in:381 msgid "Group UUID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:382 +#: src/config/SSSDConfig/__init__.py.in:383 msgid "Modification time attribute for groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:383 +#: src/config/SSSDConfig/__init__.py.in:384 msgid "Type of the group and other flags" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:384 +#: src/config/SSSDConfig/__init__.py.in:385 msgid "The LDAP group external member attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:386 +#: src/config/SSSDConfig/__init__.py.in:387 msgid "Maximum nesting level SSSD will follow" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:388 +#: src/config/SSSDConfig/__init__.py.in:389 msgid "Base DN for netgroup lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:389 +#: src/config/SSSDConfig/__init__.py.in:390 msgid "Objectclass for netgroups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:390 +#: src/config/SSSDConfig/__init__.py.in:391 msgid "Netgroup name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:391 +#: src/config/SSSDConfig/__init__.py.in:392 msgid "Netgroups members attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:392 +#: src/config/SSSDConfig/__init__.py.in:393 msgid "Netgroup triple attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:393 +#: src/config/SSSDConfig/__init__.py.in:394 msgid "Modification time attribute for netgroups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:395 +#: src/config/SSSDConfig/__init__.py.in:396 msgid "Base DN for service lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:396 +#: src/config/SSSDConfig/__init__.py.in:397 msgid "Objectclass for services" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:397 +#: src/config/SSSDConfig/__init__.py.in:398 msgid "Service name attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:398 +#: src/config/SSSDConfig/__init__.py.in:399 msgid "Service port attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:399 +#: src/config/SSSDConfig/__init__.py.in:400 msgid "Service protocol attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:402 +#: src/config/SSSDConfig/__init__.py.in:403 msgid "Lower bound for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:403 +#: src/config/SSSDConfig/__init__.py.in:404 msgid "Upper bound for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:404 +#: src/config/SSSDConfig/__init__.py.in:405 msgid "Number of IDs for each slice when ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:405 +#: src/config/SSSDConfig/__init__.py.in:406 msgid "Use autorid-compatible algorithm for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:406 +#: src/config/SSSDConfig/__init__.py.in:407 msgid "Name of the default domain for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:407 +#: src/config/SSSDConfig/__init__.py.in:408 msgid "SID of the default domain for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:408 +#: src/config/SSSDConfig/__init__.py.in:409 msgid "Number of secondary slices" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:410 +#: src/config/SSSDConfig/__init__.py.in:411 msgid "Whether to use Token-Groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:411 +#: src/config/SSSDConfig/__init__.py.in:412 msgid "Set lower boundary for allowed IDs from the LDAP server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:412 +#: src/config/SSSDConfig/__init__.py.in:413 msgid "Set upper boundary for allowed IDs from the LDAP server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:413 +#: src/config/SSSDConfig/__init__.py.in:414 msgid "DN for ppolicy queries" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:414 +#: src/config/SSSDConfig/__init__.py.in:415 msgid "How many maximum entries to fetch during a wildcard request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:417 +#: src/config/SSSDConfig/__init__.py.in:418 msgid "Policy to evaluate the password expiration" msgstr "評估密碼過期時效的策略" -#: src/config/SSSDConfig/__init__.py.in:421 +#: src/config/SSSDConfig/__init__.py.in:422 msgid "Which attributes shall be used to evaluate if an account is expired" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:422 +#: src/config/SSSDConfig/__init__.py.in:423 msgid "Which rules should be used to evaluate access control" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:425 +#: src/config/SSSDConfig/__init__.py.in:426 msgid "URI of an LDAP server where password changes are allowed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:426 +#: src/config/SSSDConfig/__init__.py.in:427 msgid "URI of a backup LDAP server where password changes are allowed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:427 +#: src/config/SSSDConfig/__init__.py.in:428 msgid "DNS service name for LDAP password change server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:428 +#: src/config/SSSDConfig/__init__.py.in:429 msgid "" "Whether to update the ldap_user_shadow_last_change attribute after a " "password change" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:431 +#: src/config/SSSDConfig/__init__.py.in:432 msgid "Base DN for sudo rules lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:432 +#: src/config/SSSDConfig/__init__.py.in:433 msgid "Automatic full refresh period" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:433 +#: src/config/SSSDConfig/__init__.py.in:434 msgid "Automatic smart refresh period" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:434 +#: src/config/SSSDConfig/__init__.py.in:435 msgid "Whether to filter rules by hostname, IP addresses and network" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:435 +#: src/config/SSSDConfig/__init__.py.in:436 msgid "" "Hostnames and/or fully qualified domain names of this machine to filter sudo " "rules" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:436 +#: src/config/SSSDConfig/__init__.py.in:437 msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:437 +#: src/config/SSSDConfig/__init__.py.in:438 msgid "Whether to include rules that contains netgroup in host attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:438 +#: src/config/SSSDConfig/__init__.py.in:439 msgid "" "Whether to include rules that contains regular expression in host attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:439 +#: src/config/SSSDConfig/__init__.py.in:440 msgid "Object class for sudo rules" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:440 +#: src/config/SSSDConfig/__init__.py.in:441 msgid "Sudo rule name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:441 +#: src/config/SSSDConfig/__init__.py.in:442 msgid "Sudo rule command attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:442 +#: src/config/SSSDConfig/__init__.py.in:443 msgid "Sudo rule host attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:443 +#: src/config/SSSDConfig/__init__.py.in:444 msgid "Sudo rule user attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:444 +#: src/config/SSSDConfig/__init__.py.in:445 msgid "Sudo rule option attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:445 +#: src/config/SSSDConfig/__init__.py.in:446 msgid "Sudo rule runas attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:446 +#: src/config/SSSDConfig/__init__.py.in:447 msgid "Sudo rule runasuser attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:447 +#: src/config/SSSDConfig/__init__.py.in:448 msgid "Sudo rule runasgroup attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:448 +#: src/config/SSSDConfig/__init__.py.in:449 msgid "Sudo rule notbefore attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:449 +#: src/config/SSSDConfig/__init__.py.in:450 msgid "Sudo rule notafter attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:450 +#: src/config/SSSDConfig/__init__.py.in:451 msgid "Sudo rule order attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:453 +#: src/config/SSSDConfig/__init__.py.in:454 msgid "Object class for automounter maps" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:454 +#: src/config/SSSDConfig/__init__.py.in:455 msgid "Automounter map name attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:455 +#: src/config/SSSDConfig/__init__.py.in:456 msgid "Object class for automounter map entries" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:456 +#: src/config/SSSDConfig/__init__.py.in:457 msgid "Automounter map entry key attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:457 +#: src/config/SSSDConfig/__init__.py.in:458 msgid "Automounter map entry value attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:458 +#: src/config/SSSDConfig/__init__.py.in:459 msgid "Base DN for automounter map lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:461 +#: src/config/SSSDConfig/__init__.py.in:462 msgid "Comma separated list of allowed users" msgstr "許可的使用者清單,請使用半形逗號作為分隔" -#: src/config/SSSDConfig/__init__.py.in:462 +#: src/config/SSSDConfig/__init__.py.in:463 msgid "Comma separated list of prohibited users" msgstr "被禁止的使用者清單,請使用半形逗號作為分隔" -#: src/config/SSSDConfig/__init__.py.in:465 +#: src/config/SSSDConfig/__init__.py.in:466 msgid "Default shell, /bin/bash" msgstr "預設 shell,/bin/bash" -#: src/config/SSSDConfig/__init__.py.in:466 +#: src/config/SSSDConfig/__init__.py.in:467 msgid "Base for home directories" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:469 +#: src/config/SSSDConfig/__init__.py.in:470 msgid "The number of preforked proxy children." msgstr "" -#: src/config/SSSDConfig/__init__.py.in:472 +#: src/config/SSSDConfig/__init__.py.in:473 msgid "The name of the NSS library to use" msgstr "要使用的 NSS 函式庫名稱" -#: src/config/SSSDConfig/__init__.py.in:473 +#: src/config/SSSDConfig/__init__.py.in:474 msgid "Whether to look up canonical group name from cache if possible" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:476 +#: src/config/SSSDConfig/__init__.py.in:477 msgid "PAM stack to use" msgstr "要使用的 PAM 堆疊" -#: src/config/SSSDConfig/__init__.py.in:479 +#: src/config/SSSDConfig/__init__.py.in:480 msgid "Path of passwd file sources." msgstr "" -#: src/config/SSSDConfig/__init__.py.in:480 +#: src/config/SSSDConfig/__init__.py.in:481 msgid "Path of group file sources." msgstr "" -#: src/monitor/monitor.c:2347 +#: src/monitor/monitor.c:2332 msgid "Become a daemon (default)" msgstr "作為幕後程式 (預設)" -#: src/monitor/monitor.c:2349 +#: src/monitor/monitor.c:2334 msgid "Run interactive (not a daemon)" msgstr "以互動方式執行 (非幕後程式)" -#: src/monitor/monitor.c:2352 +#: src/monitor/monitor.c:2337 msgid "Disable netlink interface" msgstr "" -#: src/monitor/monitor.c:2354 src/tools/sssctl/sssctl_logs.c:311 +#: src/monitor/monitor.c:2339 src/tools/sssctl/sssctl_logs.c:311 msgid "Specify a non-default config file" msgstr "指定非預設的配置檔" -#: src/monitor/monitor.c:2356 +#: src/monitor/monitor.c:2341 msgid "Refresh the configuration database, then exit" msgstr "" -#: src/monitor/monitor.c:2359 +#: src/monitor/monitor.c:2344 msgid "Similar to --genconf, but only refreshes the given section" msgstr "" -#: src/monitor/monitor.c:2362 +#: src/monitor/monitor.c:2347 msgid "Print version number and exit" msgstr "" -#: src/monitor/monitor.c:2538 +#: src/monitor/monitor.c:2523 msgid "SSSD is already running\n" msgstr "" -#: src/providers/krb5/krb5_child.c:3219 src/providers/ldap/ldap_child.c:605 +#: src/providers/krb5/krb5_child.c:3232 src/providers/ldap/ldap_child.c:605 msgid "Debug level" msgstr "除錯層級" -#: src/providers/krb5/krb5_child.c:3221 src/providers/ldap/ldap_child.c:607 +#: src/providers/krb5/krb5_child.c:3234 src/providers/ldap/ldap_child.c:607 msgid "Add debug timestamps" msgstr "加入除錯時間戳記" -#: src/providers/krb5/krb5_child.c:3223 src/providers/ldap/ldap_child.c:609 +#: src/providers/krb5/krb5_child.c:3236 src/providers/ldap/ldap_child.c:609 msgid "Show timestamps with microseconds" msgstr "" -#: src/providers/krb5/krb5_child.c:3225 src/providers/ldap/ldap_child.c:611 +#: src/providers/krb5/krb5_child.c:3238 src/providers/ldap/ldap_child.c:611 msgid "An open file descriptor for the debug logs" msgstr "" -#: src/providers/krb5/krb5_child.c:3228 src/providers/ldap/ldap_child.c:613 +#: src/providers/krb5/krb5_child.c:3241 src/providers/ldap/ldap_child.c:613 msgid "Send the debug output to stderr directly." msgstr "" -#: src/providers/krb5/krb5_child.c:3231 +#: src/providers/krb5/krb5_child.c:3244 msgid "The user to create FAST ccache as" msgstr "" -#: src/providers/krb5/krb5_child.c:3233 +#: src/providers/krb5/krb5_child.c:3246 msgid "The group to create FAST ccache as" msgstr "" -#: src/providers/krb5/krb5_child.c:3235 +#: src/providers/krb5/krb5_child.c:3248 msgid "Kerberos realm to use" msgstr "" -#: src/providers/krb5/krb5_child.c:3237 +#: src/providers/krb5/krb5_child.c:3250 msgid "Requested lifetime of the ticket" msgstr "" -#: src/providers/krb5/krb5_child.c:3239 +#: src/providers/krb5/krb5_child.c:3252 msgid "Requested renewable lifetime of the ticket" msgstr "" -#: src/providers/krb5/krb5_child.c:3241 +#: src/providers/krb5/krb5_child.c:3254 msgid "FAST options ('never', 'try', 'demand')" msgstr "" -#: src/providers/krb5/krb5_child.c:3244 +#: src/providers/krb5/krb5_child.c:3257 msgid "Specifies the server principal to use for FAST" msgstr "" -#: src/providers/krb5/krb5_child.c:3246 +#: src/providers/krb5/krb5_child.c:3259 msgid "Requests canonicalization of the principal name" msgstr "" -#: src/providers/krb5/krb5_child.c:3248 +#: src/providers/krb5/krb5_child.c:3261 msgid "Use custom version of krb5_get_init_creds_password" msgstr "" -#: src/providers/data_provider_be.c:630 +#: src/providers/data_provider_be.c:673 msgid "Domain of the information provider (mandatory)" msgstr "" -#: src/sss_client/common.c:1067 +#: src/sss_client/common.c:1079 msgid "Privileged socket has wrong ownership or permissions." msgstr "" -#: src/sss_client/common.c:1070 +#: src/sss_client/common.c:1082 msgid "Public socket has wrong ownership or permissions." msgstr "" -#: src/sss_client/common.c:1073 +#: src/sss_client/common.c:1085 msgid "Unexpected format of the server credential message." msgstr "" -#: src/sss_client/common.c:1076 +#: src/sss_client/common.c:1088 msgid "SSSD is not run by root." msgstr "" -#: src/sss_client/common.c:1081 +#: src/sss_client/common.c:1091 +msgid "SSSD socket does not exist." +msgstr "" + +#: src/sss_client/common.c:1094 +msgid "Cannot get stat of SSSD socket." +msgstr "" + +#: src/sss_client/common.c:1099 msgid "An error occurred, but no description can be found." msgstr "" -#: src/sss_client/common.c:1087 +#: src/sss_client/common.c:1105 msgid "Unexpected error while looking for an error description" msgstr "" @@ -1592,88 +1604,88 @@ msgstr "" msgid "Permission denied. " msgstr "" -#: src/sss_client/pam_sss.c:68 src/sss_client/pam_sss.c:774 -#: src/sss_client/pam_sss.c:785 +#: src/sss_client/pam_sss.c:68 src/sss_client/pam_sss.c:777 +#: src/sss_client/pam_sss.c:788 msgid "Server message: " msgstr "伺服器訊息:" -#: src/sss_client/pam_sss.c:292 +#: src/sss_client/pam_sss.c:295 msgid "Passwords do not match" msgstr "密碼不相符" -#: src/sss_client/pam_sss.c:480 +#: src/sss_client/pam_sss.c:483 msgid "Password reset by root is not supported." msgstr "" -#: src/sss_client/pam_sss.c:521 +#: src/sss_client/pam_sss.c:524 msgid "Authenticated with cached credentials" msgstr "" -#: src/sss_client/pam_sss.c:522 +#: src/sss_client/pam_sss.c:525 msgid ", your cached password will expire at: " msgstr ",您快取的密碼將在此刻過期:" -#: src/sss_client/pam_sss.c:552 +#: src/sss_client/pam_sss.c:555 #, c-format msgid "Your password has expired. You have %1$d grace login(s) remaining." msgstr "" -#: src/sss_client/pam_sss.c:598 +#: src/sss_client/pam_sss.c:601 #, c-format msgid "Your password will expire in %1$d %2$s." msgstr "" -#: src/sss_client/pam_sss.c:647 +#: src/sss_client/pam_sss.c:650 msgid "Authentication is denied until: " msgstr "" -#: src/sss_client/pam_sss.c:668 +#: src/sss_client/pam_sss.c:671 msgid "System is offline, password change not possible" msgstr "系統已離線,不可能作密碼變更" -#: src/sss_client/pam_sss.c:683 +#: src/sss_client/pam_sss.c:686 msgid "" "After changing the OTP password, you need to log out and back in order to " "acquire a ticket" msgstr "" -#: src/sss_client/pam_sss.c:771 src/sss_client/pam_sss.c:784 +#: src/sss_client/pam_sss.c:774 src/sss_client/pam_sss.c:787 msgid "Password change failed. " msgstr "密碼變更失敗。" -#: src/sss_client/pam_sss.c:1921 +#: src/sss_client/pam_sss.c:1977 msgid "New Password: " msgstr "新密碼:" -#: src/sss_client/pam_sss.c:1922 +#: src/sss_client/pam_sss.c:1978 msgid "Reenter new Password: " msgstr "再次輸入新密碼:" -#: src/sss_client/pam_sss.c:2038 src/sss_client/pam_sss.c:2041 +#: src/sss_client/pam_sss.c:2139 src/sss_client/pam_sss.c:2142 msgid "First Factor: " msgstr "" -#: src/sss_client/pam_sss.c:2039 src/sss_client/pam_sss.c:2201 +#: src/sss_client/pam_sss.c:2140 src/sss_client/pam_sss.c:2303 msgid "Second Factor (optional): " msgstr "" -#: src/sss_client/pam_sss.c:2042 src/sss_client/pam_sss.c:2204 +#: src/sss_client/pam_sss.c:2143 src/sss_client/pam_sss.c:2306 msgid "Second Factor: " msgstr "" -#: src/sss_client/pam_sss.c:2057 +#: src/sss_client/pam_sss.c:2158 msgid "Password: " msgstr "密碼:" -#: src/sss_client/pam_sss.c:2200 src/sss_client/pam_sss.c:2203 +#: src/sss_client/pam_sss.c:2302 src/sss_client/pam_sss.c:2305 msgid "First Factor (Current Password): " msgstr "" -#: src/sss_client/pam_sss.c:2207 +#: src/sss_client/pam_sss.c:2309 msgid "Current Password: " msgstr "目前的密碼:" -#: src/sss_client/pam_sss.c:2562 +#: src/sss_client/pam_sss.c:2664 msgid "Password expired. Change your password now." msgstr "密碼已過期。請立刻變更您的密碼。" @@ -1682,7 +1694,7 @@ msgstr "密碼已過期。請立刻變更您的密碼。" #: src/tools/sss_groupadd.c:41 src/tools/sss_groupdel.c:44 #: src/tools/sss_groupmod.c:42 src/tools/sss_groupshow.c:668 #: src/tools/sss_userdel.c:134 src/tools/sss_usermod.c:47 -#: src/tools/sss_cache.c:687 +#: src/tools/sss_cache.c:704 msgid "The debug level to run with" msgstr "" @@ -1695,7 +1707,7 @@ msgstr "" #: src/tools/sss_groupadd.c:59 src/tools/sss_groupdel.c:54 #: src/tools/sss_groupmod.c:66 src/tools/sss_groupshow.c:680 #: src/tools/sss_userdel.c:152 src/tools/sss_usermod.c:79 -#: src/tools/sss_cache.c:733 +#: src/tools/sss_cache.c:750 msgid "Error setting the locale\n" msgstr "設定區域設置時發生錯誤\n" @@ -1731,6 +1743,11 @@ msgstr "" msgid "The path to the proxy command must be absolute\n" msgstr "" +#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:342 +#, c-format +msgid "sss_ssh_knownhostsproxy: Could not resolve hostname %s\n" +msgstr "" + #: src/tools/sss_useradd.c:49 src/tools/sss_usermod.c:48 msgid "The UID of the user" msgstr "使用者的 UID" @@ -2129,102 +2146,102 @@ msgstr "無法修改使用者 - 使用者是否已經是群組的成員?\n" msgid "Transaction error. Could not modify user.\n" msgstr "處理事項發生錯誤。無法修改使用者。\n" -#: src/tools/sss_cache.c:228 +#: src/tools/sss_cache.c:245 msgid "No cache object matched the specified search\n" msgstr "" -#: src/tools/sss_cache.c:519 +#: src/tools/sss_cache.c:536 #, c-format msgid "Couldn't invalidate %1$s\n" msgstr "" -#: src/tools/sss_cache.c:526 +#: src/tools/sss_cache.c:543 #, c-format msgid "Couldn't invalidate %1$s %2$s\n" msgstr "" -#: src/tools/sss_cache.c:689 +#: src/tools/sss_cache.c:706 msgid "Invalidate all cached entries" msgstr "" -#: src/tools/sss_cache.c:691 +#: src/tools/sss_cache.c:708 msgid "Invalidate particular user" msgstr "" -#: src/tools/sss_cache.c:693 +#: src/tools/sss_cache.c:710 msgid "Invalidate all users" msgstr "" -#: src/tools/sss_cache.c:695 +#: src/tools/sss_cache.c:712 msgid "Invalidate particular group" msgstr "" -#: src/tools/sss_cache.c:697 +#: src/tools/sss_cache.c:714 msgid "Invalidate all groups" msgstr "" -#: src/tools/sss_cache.c:699 +#: src/tools/sss_cache.c:716 msgid "Invalidate particular netgroup" msgstr "" -#: src/tools/sss_cache.c:701 +#: src/tools/sss_cache.c:718 msgid "Invalidate all netgroups" msgstr "" -#: src/tools/sss_cache.c:703 +#: src/tools/sss_cache.c:720 msgid "Invalidate particular service" msgstr "" -#: src/tools/sss_cache.c:705 +#: src/tools/sss_cache.c:722 msgid "Invalidate all services" msgstr "" -#: src/tools/sss_cache.c:708 +#: src/tools/sss_cache.c:725 msgid "Invalidate particular autofs map" msgstr "" -#: src/tools/sss_cache.c:710 +#: src/tools/sss_cache.c:727 msgid "Invalidate all autofs maps" msgstr "" -#: src/tools/sss_cache.c:714 +#: src/tools/sss_cache.c:731 msgid "Invalidate particular SSH host" msgstr "" -#: src/tools/sss_cache.c:716 +#: src/tools/sss_cache.c:733 msgid "Invalidate all SSH hosts" msgstr "" -#: src/tools/sss_cache.c:720 +#: src/tools/sss_cache.c:737 msgid "Invalidate particular sudo rule" msgstr "" -#: src/tools/sss_cache.c:722 +#: src/tools/sss_cache.c:739 msgid "Invalidate all cached sudo rules" msgstr "" -#: src/tools/sss_cache.c:725 +#: src/tools/sss_cache.c:742 msgid "Only invalidate entries from a particular domain" msgstr "" -#: src/tools/sss_cache.c:779 +#: src/tools/sss_cache.c:796 msgid "" "Unexpected argument(s) provided, options that invalidate a single object " "only accept a single provided argument.\n" msgstr "" -#: src/tools/sss_cache.c:789 +#: src/tools/sss_cache.c:806 msgid "Please select at least one object to invalidate\n" msgstr "" -#: src/tools/sss_cache.c:872 +#: src/tools/sss_cache.c:889 #, c-format msgid "" "Could not open domain %1$s. If the domain is a subdomain (trusted domain), " "use fully qualified name instead of --domain/-d parameter.\n" msgstr "" -#: src/tools/sss_cache.c:877 +#: src/tools/sss_cache.c:894 msgid "Could not open available domains\n" msgstr "" @@ -2773,18 +2790,18 @@ msgstr "" msgid " - no env -\n" msgstr "" -#: src/util/util.h:73 +#: src/util/util.h:74 msgid "The user ID to run the server as" msgstr "" -#: src/util/util.h:75 +#: src/util/util.h:76 msgid "The group ID to run the server as" msgstr "" -#: src/util/util.h:83 +#: src/util/util.h:84 msgid "Informs that the responder has been socket-activated" msgstr "" -#: src/util/util.h:85 +#: src/util/util.h:86 msgid "Informs that the responder has been dbus-activated" msgstr "" diff --git a/src/man/po/br.po b/src/man/po/br.po index 1fcb6271b73..ae1dc00337c 100644 --- a/src/man/po/br.po +++ b/src/man/po/br.po @@ -6,9 +6,9 @@ # Fulup , 2012 msgid "" msgstr "" -"Project-Id-Version: sssd-docs 1.16.2\n" +"Project-Id-Version: sssd-docs 2.0.99\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2019-02-27 19:54+0100\n" +"POT-Creation-Date: 2019-06-13 20:34+0200\n" "PO-Revision-Date: 2014-12-14 11:51+0000\n" "Last-Translator: Copied by Zanata \n" "Language-Team: Breton (http://www.transifex.com/projects/p/sssd/language/" @@ -298,11 +298,11 @@ msgid "" msgstr "" #. type: Content of: -#: sssd.conf.5.xml:133 sssd.conf.5.xml:579 sssd.conf.5.xml:875 -#: sssd.conf.5.xml:1648 sssd.conf.5.xml:1678 sssd-ldap.5.xml:1792 -#: sssd-ldap.5.xml:1889 sssd-ldap.5.xml:1951 sssd-ldap.5.xml:2517 -#: sssd-ldap.5.xml:2582 sssd-ipa.5.xml:326 sssd-ad.5.xml:227 sssd-ad.5.xml:341 -#: sssd-ad.5.xml:907 sssd-ad.5.xml:1040 sssd-krb5.5.xml:499 +#: sssd.conf.5.xml:133 sssd.conf.5.xml:579 sssd.conf.5.xml:876 +#: sssd.conf.5.xml:1649 sssd.conf.5.xml:1679 sssd-ldap.5.xml:1849 +#: sssd-ldap.5.xml:1947 sssd-ldap.5.xml:2009 sssd-ldap.5.xml:2586 +#: sssd-ldap.5.xml:2651 sssd-ipa.5.xml:326 sssd-ad.5.xml:227 sssd-ad.5.xml:341 +#: sssd-ad.5.xml:926 sssd-ad.5.xml:1059 sssd-krb5.5.xml:499 #: sssd-secrets.5.xml:351 sssd-secrets.5.xml:364 msgid "Default: true" msgstr "Dre ziouer : true" @@ -321,16 +321,16 @@ msgstr "" #. type: Content of: #: sssd.conf.5.xml:146 sssd.conf.5.xml:576 sssd.conf.5.xml:758 -#: sssd.conf.5.xml:1581 sssd.conf.5.xml:3140 sssd-ldap.5.xml:708 -#: sssd-ldap.5.xml:1655 sssd-ldap.5.xml:1674 sssd-ldap.5.xml:1861 -#: sssd-ldap.5.xml:2287 sssd-ldap.5.xml:2606 sssd-ipa.5.xml:151 +#: sssd.conf.5.xml:1582 sssd.conf.5.xml:3207 sssd-ldap.5.xml:746 +#: sssd-ldap.5.xml:1700 sssd-ldap.5.xml:1719 sssd-ldap.5.xml:1919 +#: sssd-ldap.5.xml:2345 sssd-ldap.5.xml:2675 sssd-ipa.5.xml:151 #: sssd-ipa.5.xml:238 sssd-ipa.5.xml:574 sssd-krb5.5.xml:266 #: sssd-krb5.5.xml:300 sssd-krb5.5.xml:471 msgid "Default: false" msgstr "" #. type: Content of: -#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:2325 +#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:2383 #: sssd-systemtap.5.xml:82 sssd-systemtap.5.xml:143 sssd-systemtap.5.xml:210 #: sssd-systemtap.5.xml:248 sssd-systemtap.5.xml:304 msgid "" @@ -355,8 +355,8 @@ msgid "" msgstr "" #. type: Content of: -#: sssd.conf.5.xml:169 sssd.conf.5.xml:1412 sssd.conf.5.xml:3156 -#: sssd-ldap.5.xml:1526 include/ldap_id_mapping.xml:264 +#: sssd.conf.5.xml:169 sssd.conf.5.xml:1413 sssd.conf.5.xml:3223 +#: sssd-ldap.5.xml:1571 include/ldap_id_mapping.xml:264 msgid "Default: 10" msgstr "" @@ -371,7 +371,7 @@ msgid "The [sssd] section" msgstr "Ar rann [sssd]" #. type: Content of: -#: sssd.conf.5.xml:191 sssd.conf.5.xml:3245 +#: sssd.conf.5.xml:191 sssd.conf.5.xml:3312 msgid "Section parameters" msgstr "Arventennoù ar rann" @@ -451,7 +451,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:259 sssd.conf.5.xml:2754 +#: sssd.conf.5.xml:259 sssd.conf.5.xml:2755 msgid "re_expression (string)" msgstr "re_expression (neudennad)" @@ -471,12 +471,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:276 sssd.conf.5.xml:2802 +#: sssd.conf.5.xml:276 sssd.conf.5.xml:2803 msgid "full_name_format (string)" msgstr "full_name_format (neudennad)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:279 sssd.conf.5.xml:2805 +#: sssd.conf.5.xml:279 sssd.conf.5.xml:2806 msgid "" "A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" "manvolnum> </citerefentry>-compatible format that describes how to compose a " @@ -484,39 +484,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:290 sssd.conf.5.xml:2816 +#: sssd.conf.5.xml:290 sssd.conf.5.xml:2817 msgid "%1$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:291 sssd.conf.5.xml:2817 +#: sssd.conf.5.xml:291 sssd.conf.5.xml:2818 msgid "user name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:294 sssd.conf.5.xml:2820 +#: sssd.conf.5.xml:294 sssd.conf.5.xml:2821 msgid "%2$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:297 sssd.conf.5.xml:2823 +#: sssd.conf.5.xml:297 sssd.conf.5.xml:2824 msgid "domain name as specified in the SSSD config file." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:303 sssd.conf.5.xml:2829 +#: sssd.conf.5.xml:303 sssd.conf.5.xml:2830 msgid "%3$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:306 sssd.conf.5.xml:2832 +#: sssd.conf.5.xml:306 sssd.conf.5.xml:2833 msgid "" "domain flat name. Mostly usable for Active Directory domains, both directly " "configured or discovered via IPA trusts." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:287 sssd.conf.5.xml:2813 +#: sssd.conf.5.xml:287 sssd.conf.5.xml:2814 msgid "" "The following expansions are supported: <placeholder type=\"variablelist\" " "id=\"0\"/>" @@ -640,10 +640,10 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:418 sssd.conf.5.xml:1201 sssd-ldap.5.xml:679 -#: sssd-ldap.5.xml:1260 sssd-ldap.5.xml:1614 sssd-ldap.5.xml:1626 -#: sssd-ldap.5.xml:1708 sssd-ad.5.xml:712 sssd-ad.5.xml:787 sssd.8.xml:126 -#: sssd-krb5.5.xml:410 sssd-krb5.5.xml:556 sssd-secrets.5.xml:339 +#: sssd.conf.5.xml:418 sssd.conf.5.xml:1202 sssd-ldap.5.xml:717 +#: sssd-ldap.5.xml:1298 sssd-ldap.5.xml:1659 sssd-ldap.5.xml:1671 +#: sssd-ldap.5.xml:1763 sssd-ad.5.xml:731 sssd-ad.5.xml:806 sssd.8.xml:126 +#: sssd-krb5.5.xml:410 sssd-krb5.5.xml:590 sssd-secrets.5.xml:339 #: sssd-secrets.5.xml:377 sssd-secrets.5.xml:390 sssd-secrets.5.xml:404 #: sssd-secrets.5.xml:415 include/ldap_id_mapping.xml:205 #: include/ldap_id_mapping.xml:216 @@ -786,12 +786,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:533 sssd.conf.5.xml:1397 sssd.conf.5.xml:1703 +#: sssd.conf.5.xml:533 sssd.conf.5.xml:1398 sssd.conf.5.xml:1704 msgid "This man page was generated for the NSS version." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:536 sssd.conf.5.xml:1400 sssd.conf.5.xml:1706 +#: sssd.conf.5.xml:536 sssd.conf.5.xml:1401 sssd.conf.5.xml:1707 msgid "This man page was generated for the OpenSSL version." msgstr "" @@ -875,7 +875,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:624 sssd.conf.5.xml:1424 sssd.conf.5.xml:3206 +#: sssd.conf.5.xml:624 sssd.conf.5.xml:1425 sssd.conf.5.xml:3273 #: sssd-ad.5.xml:164 sssd-ad.5.xml:302 sssd-ad.5.xml:316 msgid "Default: Not set" msgstr "" @@ -951,8 +951,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:692 sssd.conf.5.xml:724 sssd.conf.5.xml:1006 -#: sssd.conf.5.xml:1267 sssd.conf.5.xml:1513 sssd-ldap.5.xml:1353 +#: sssd.conf.5.xml:692 sssd.conf.5.xml:724 sssd.conf.5.xml:1007 +#: sssd.conf.5.xml:1268 sssd.conf.5.xml:1514 sssd-ldap.5.xml:1391 msgid "Default: 60" msgstr "" @@ -1012,8 +1012,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:746 sssd.conf.5.xml:1019 sssd.conf.5.xml:1773 -#: sssd-ldap.5.xml:722 +#: sssd.conf.5.xml:746 sssd.conf.5.xml:1020 sssd.conf.5.xml:1774 +#: sssd-ldap.5.xml:760 msgid "Default: 300" msgstr "" @@ -1090,7 +1090,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:812 sssd.conf.5.xml:1602 +#: sssd.conf.5.xml:812 sssd.conf.5.xml:1603 msgid "Default: 50" msgstr "" @@ -1108,7 +1108,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:826 sssd.conf.5.xml:1626 +#: sssd.conf.5.xml:826 sssd.conf.5.xml:1627 msgid "Default: 15" msgstr "Dre ziouer : 15" @@ -1141,11 +1141,11 @@ msgid "" "Exclude certain users or groups from being fetched from the sss NSS " "database. This is particularly useful for system accounts. This option can " "also be set per-domain or include fully-qualified names to filter only users " -"from the particular domain." +"from the particular domain or by a user principal name (UPN)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:855 +#: sssd.conf.5.xml:856 msgid "" "NOTE: The filter_groups option doesn't affect inheritance of nested group " "members, since filtering happens after they are propagated for returning via " @@ -1154,41 +1154,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:863 +#: sssd.conf.5.xml:864 msgid "Default: root" msgstr "Dre zoiuer : root" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:868 +#: sssd.conf.5.xml:869 msgid "filter_users_in_groups (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:871 +#: sssd.conf.5.xml:872 msgid "" "If you want filtered user still be group members set this option to false." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:882 +#: sssd.conf.5.xml:883 msgid "fallback_homedir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:885 +#: sssd.conf.5.xml:886 msgid "" "Set a default template for a user's home directory if one is not specified " "explicitly by the domain's data provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:890 +#: sssd.conf.5.xml:891 msgid "" "The available values for this option are the same as for override_homedir." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:896 +#: sssd.conf.5.xml:897 #, no-wrap msgid "" "fallback_homedir = /home/%u\n" @@ -1196,23 +1196,23 @@ msgid "" msgstr "" #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:894 sssd.conf.5.xml:1334 sssd.conf.5.xml:1353 -#: sssd-krb5.5.xml:539 include/override_homedir.xml:59 +#: sssd.conf.5.xml:895 sssd.conf.5.xml:1335 sssd.conf.5.xml:1354 +#: sssd-krb5.5.xml:573 include/override_homedir.xml:59 msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:900 +#: sssd.conf.5.xml:901 msgid "Default: not set (no substitution for unset home directories)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:906 +#: sssd.conf.5.xml:907 msgid "override_shell (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:909 +#: sssd.conf.5.xml:910 msgid "" "Override the login shell for all users. This option supersedes any other " "shell options if it takes effect and can be set either in the [nss] section " @@ -1220,47 +1220,47 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:915 +#: sssd.conf.5.xml:916 msgid "Default: not set (SSSD will use the value retrieved from LDAP)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:921 +#: sssd.conf.5.xml:922 msgid "allowed_shells (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:924 +#: sssd.conf.5.xml:925 msgid "" "Restrict user shell to one of the listed values. The order of evaluation is:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:927 +#: sssd.conf.5.xml:928 msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:931 +#: sssd.conf.5.xml:932 msgid "" "2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</" "quote>, use the value of the shell_fallback parameter." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:936 +#: sssd.conf.5.xml:937 msgid "" "3. If the shell is not in the allowed_shells list and not in <quote>/etc/" "shells</quote>, a nologin shell is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:941 +#: sssd.conf.5.xml:942 msgid "The wildcard (*) can be used to allow any shell." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:944 +#: sssd.conf.5.xml:945 msgid "" "The (*) is useful if you want to use shell_fallback in case that user's " "shell is not in <quote>/etc/shells</quote> and maintaining list of all " @@ -1268,112 +1268,112 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:951 +#: sssd.conf.5.xml:952 msgid "An empty string for shell is passed as-is to libc." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:954 +#: sssd.conf.5.xml:955 msgid "" "The <quote>/etc/shells</quote> is only read on SSSD start up, which means " "that a restart of the SSSD is required in case a new shell is installed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:958 +#: sssd.conf.5.xml:959 msgid "Default: Not set. The user shell is automatically used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:963 +#: sssd.conf.5.xml:964 msgid "vetoed_shells (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:966 +#: sssd.conf.5.xml:967 msgid "Replace any instance of these shells with the shell_fallback" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:971 +#: sssd.conf.5.xml:972 msgid "shell_fallback (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:974 +#: sssd.conf.5.xml:975 msgid "" "The default shell to use if an allowed shell is not installed on the machine." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:978 +#: sssd.conf.5.xml:979 msgid "Default: /bin/sh" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:983 +#: sssd.conf.5.xml:984 msgid "default_shell" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:986 +#: sssd.conf.5.xml:987 msgid "" "The default shell to use if the provider does not return one during lookup. " "This option can be specified globally in the [nss] section or per-domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:992 +#: sssd.conf.5.xml:993 msgid "" "Default: not set (Return NULL if no shell is specified and rely on libc to " "substitute something sensible when necessary, usually /bin/sh)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:999 sssd.conf.5.xml:1260 +#: sssd.conf.5.xml:1000 sssd.conf.5.xml:1261 msgid "get_domains_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1002 sssd.conf.5.xml:1263 +#: sssd.conf.5.xml:1003 sssd.conf.5.xml:1264 msgid "" "Specifies time in seconds for which the list of subdomains will be " "considered valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1011 +#: sssd.conf.5.xml:1012 msgid "memcache_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1014 +#: sssd.conf.5.xml:1015 msgid "" "Specifies time in seconds for which records in the in-memory cache will be " "valid. Setting this option to zero will disable the in-memory cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1022 +#: sssd.conf.5.xml:1023 msgid "" "WARNING: Disabling the in-memory cache will have significant negative impact " "on SSSD's performance and should only be used for testing." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1028 +#: sssd.conf.5.xml:1029 msgid "" "NOTE: If the environment variable SSS_NSS_USE_MEMCACHE is set to \"NO\", " "client applications will not use the fast in-memory cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1036 sssd-ifp.5.xml:74 +#: sssd.conf.5.xml:1037 sssd-ifp.5.xml:74 msgid "user_attributes (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1039 +#: sssd.conf.5.xml:1040 msgid "" "Some of the additional NSS responder requests can return more attributes " "than just the POSIX ones defined by the NSS interface. The list of " @@ -1384,96 +1384,96 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1052 +#: sssd.conf.5.xml:1053 msgid "" "To make configuration more easy the NSS responder will check the InfoPipe " "option if it is not set for the NSS responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1057 +#: sssd.conf.5.xml:1058 msgid "Default: not set, fallback to InfoPipe option" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1062 +#: sssd.conf.5.xml:1063 msgid "pwfield (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1065 +#: sssd.conf.5.xml:1066 msgid "" "The value that NSS operations that return users or groups will return for " "the <quote>password</quote> field." msgstr "" #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:1070 include/override_homedir.xml:56 +#: sssd.conf.5.xml:1071 include/override_homedir.xml:56 msgid "This option can also be set per-domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1073 +#: sssd.conf.5.xml:1074 msgid "" "Default: <quote>*</quote> (remote domains) or <quote>x</quote> (the files " "domain)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1081 +#: sssd.conf.5.xml:1082 msgid "PAM configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1083 +#: sssd.conf.5.xml:1084 msgid "" "These options can be used to configure the Pluggable Authentication Module " "(PAM) service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1088 +#: sssd.conf.5.xml:1089 msgid "offline_credentials_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1091 +#: sssd.conf.5.xml:1092 msgid "" "If the authentication provider is offline, how long should we allow cached " "logins (in days since the last successful online login)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1096 sssd.conf.5.xml:1109 +#: sssd.conf.5.xml:1097 sssd.conf.5.xml:1110 msgid "Default: 0 (No limit)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1102 +#: sssd.conf.5.xml:1103 msgid "offline_failed_login_attempts (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1105 +#: sssd.conf.5.xml:1106 msgid "" "If the authentication provider is offline, how many failed login attempts " "are allowed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1115 +#: sssd.conf.5.xml:1116 msgid "offline_failed_login_delay (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1118 +#: sssd.conf.5.xml:1119 msgid "" "The time in minutes which has to pass after offline_failed_login_attempts " "has been reached before a new login attempt is possible." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1123 +#: sssd.conf.5.xml:1124 msgid "" "If set to 0 the user cannot authenticate offline if " "offline_failed_login_attempts has been reached. Only a successful online " @@ -1481,59 +1481,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1129 sssd.conf.5.xml:1227 +#: sssd.conf.5.xml:1130 sssd.conf.5.xml:1228 msgid "Default: 5" msgstr "Dre zoiuer : 5" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1135 +#: sssd.conf.5.xml:1136 msgid "pam_verbosity (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1138 +#: sssd.conf.5.xml:1139 msgid "" "Controls what kind of messages are shown to the user during authentication. " "The higher the number to more messages are displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1143 +#: sssd.conf.5.xml:1144 msgid "Currently sssd supports the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1146 +#: sssd.conf.5.xml:1147 msgid "<emphasis>0</emphasis>: do not show any message" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1149 +#: sssd.conf.5.xml:1150 msgid "<emphasis>1</emphasis>: show only important messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1153 +#: sssd.conf.5.xml:1154 msgid "<emphasis>2</emphasis>: show informational messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1156 +#: sssd.conf.5.xml:1157 msgid "<emphasis>3</emphasis>: show all messages and debug information" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1160 sssd.8.xml:63 +#: sssd.conf.5.xml:1161 sssd.8.xml:63 msgid "Default: 1" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1166 +#: sssd.conf.5.xml:1167 msgid "pam_response_filter (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1169 +#: sssd.conf.5.xml:1170 msgid "" "A comma separated list of strings which allows to remove (filter) data sent " "by the PAM responder to pam_sss PAM module. There are different kind of " @@ -1542,61 +1542,61 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1177 +#: sssd.conf.5.xml:1178 msgid "" "While messages already can be controlled with the help of the pam_verbosity " "option this option allows to filter out other kind of responses as well." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1184 +#: sssd.conf.5.xml:1185 msgid "ENV" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1185 +#: sssd.conf.5.xml:1186 msgid "Do not send any environment variables to any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1188 +#: sssd.conf.5.xml:1189 msgid "ENV:var_name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1189 +#: sssd.conf.5.xml:1190 msgid "Do not send environment variable var_name to any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1193 +#: sssd.conf.5.xml:1194 msgid "ENV:var_name:service" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1194 +#: sssd.conf.5.xml:1195 msgid "Do not send environment variable var_name to service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1182 +#: sssd.conf.5.xml:1183 msgid "" "Currently the following filters are supported: <placeholder type=" "\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1204 +#: sssd.conf.5.xml:1205 msgid "Example: ENV:KRB5CCNAME:sudo-i" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1210 +#: sssd.conf.5.xml:1211 msgid "pam_id_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1213 +#: sssd.conf.5.xml:1214 msgid "" "For any PAM request while SSSD is online, the SSSD will attempt to " "immediately update the cached identity information for the user in order to " @@ -1604,7 +1604,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1219 +#: sssd.conf.5.xml:1220 msgid "" "A complete PAM conversation may perform multiple PAM requests, such as " "account management and session opening. This option controls (on a per-" @@ -1613,17 +1613,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1233 +#: sssd.conf.5.xml:1234 msgid "pam_pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1236 sssd.conf.5.xml:2235 +#: sssd.conf.5.xml:1237 sssd.conf.5.xml:2236 msgid "Display a warning N days before the password expires." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1239 +#: sssd.conf.5.xml:1240 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -1631,31 +1631,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1245 sssd.conf.5.xml:2238 +#: sssd.conf.5.xml:1246 sssd.conf.5.xml:2239 msgid "" "If zero is set, then this filter is not applied, i.e. if the expiration " "warning was received from backend server, it will automatically be displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1250 +#: sssd.conf.5.xml:1251 msgid "" "This setting can be overridden by setting <emphasis>pwd_expiration_warning</" "emphasis> for a particular domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1255 sssd.conf.5.xml:3061 sssd.8.xml:79 +#: sssd.conf.5.xml:1256 sssd.conf.5.xml:3069 sssd.8.xml:79 msgid "Default: 0" msgstr "Dre ziouer : 0" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1272 +#: sssd.conf.5.xml:1273 msgid "pam_trusted_users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1275 +#: sssd.conf.5.xml:1276 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to run PAM conversations against trusted domains. Users not " @@ -1665,75 +1665,75 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1285 +#: sssd.conf.5.xml:1286 msgid "Default: All users are considered trusted by default" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1289 +#: sssd.conf.5.xml:1290 msgid "" "Please note that UID 0 is always allowed to access the PAM responder even in " "case it is not in the pam_trusted_users list." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1296 +#: sssd.conf.5.xml:1297 msgid "pam_public_domains (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1299 +#: sssd.conf.5.xml:1300 msgid "" "Specifies the comma-separated list of domain names that are accessible even " "to untrusted users." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1303 +#: sssd.conf.5.xml:1304 msgid "Two special values for pam_public_domains option are defined:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1307 +#: sssd.conf.5.xml:1308 msgid "" "all (Untrusted users are allowed to access all domains in PAM responder.)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1311 +#: sssd.conf.5.xml:1312 msgid "" "none (Untrusted users are not allowed to access any domains PAM in " "responder.)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1315 sssd.conf.5.xml:1340 sssd.conf.5.xml:1359 -#: sssd.conf.5.xml:1546 sssd.conf.5.xml:2032 sssd.conf.5.xml:2997 -#: sssd-ldap.5.xml:1920 +#: sssd.conf.5.xml:1316 sssd.conf.5.xml:1341 sssd.conf.5.xml:1360 +#: sssd.conf.5.xml:1547 sssd.conf.5.xml:2033 sssd.conf.5.xml:2998 +#: sssd-ldap.5.xml:1978 msgid "Default: none" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1320 +#: sssd.conf.5.xml:1321 msgid "pam_account_expired_message (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1323 +#: sssd.conf.5.xml:1324 msgid "" "Allows a custom expiration message to be set, replacing the default " "'Permission denied' message." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1328 +#: sssd.conf.5.xml:1329 msgid "" "Note: Please be aware that message is only printed for the SSH service " "unless pam_verbosity is set to 3 (show all messages and debug information)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1336 +#: sssd.conf.5.xml:1337 #, no-wrap msgid "" "pam_account_expired_message = Account expired, please contact help desk.\n" @@ -1741,19 +1741,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1345 +#: sssd.conf.5.xml:1346 msgid "pam_account_locked_message (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1348 +#: sssd.conf.5.xml:1349 msgid "" "Allows a custom lockout message to be set, replacing the default 'Permission " "denied' message." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1355 +#: sssd.conf.5.xml:1356 #, no-wrap msgid "" "pam_account_locked_message = Account locked, please contact help desk.\n" @@ -1761,12 +1761,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1364 +#: sssd.conf.5.xml:1365 msgid "pam_cert_auth (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1367 +#: sssd.conf.5.xml:1368 msgid "" "Enable certificate based Smartcard authentication. Since this requires " "additional communication with the Smartcard which will delay the " @@ -1774,77 +1774,77 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1373 sssd.conf.5.xml:3090 sssd-ldap.5.xml:1455 -#: sssd-ldap.5.xml:1476 sssd-ldap.5.xml:1993 sssd-ad.5.xml:435 +#: sssd.conf.5.xml:1374 sssd-ldap.5.xml:1493 sssd-ldap.5.xml:1514 +#: sssd-ldap.5.xml:2051 sssd-ad.5.xml:435 sssd-ad.5.xml:453 #: include/ldap_id_mapping.xml:244 msgid "Default: False" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1378 +#: sssd.conf.5.xml:1379 msgid "pam_cert_db_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1381 +#: sssd.conf.5.xml:1382 msgid "" "The path to the certificate database which contain the PKCS#11 modules to " "access the Smartcard." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1385 sssd.conf.5.xml:1691 sssd.conf.5.xml:3441 +#: sssd.conf.5.xml:1386 sssd.conf.5.xml:1692 sssd.conf.5.xml:3509 msgid "Default:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1387 sssd.conf.5.xml:1693 +#: sssd.conf.5.xml:1388 sssd.conf.5.xml:1694 msgid "/etc/pki/nssdb (NSS version, path to a NSS database)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1390 sssd.conf.5.xml:1696 +#: sssd.conf.5.xml:1391 sssd.conf.5.xml:1697 msgid "" "/etc/sssd/pki/sssd_auth_ca_db.pem (OpenSSL version, path to a file with " "trusted CA certificates in PEM format)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1405 +#: sssd.conf.5.xml:1406 msgid "p11_child_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1408 +#: sssd.conf.5.xml:1409 msgid "How many seconds will pam_sss wait for p11_child to finish." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1417 +#: sssd.conf.5.xml:1418 msgid "pam_app_services (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1420 +#: sssd.conf.5.xml:1421 msgid "" "Which PAM services are permitted to contact domains of type " "<quote>application</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1429 +#: sssd.conf.5.xml:1430 msgid "pam_p11_allowed_services (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1432 +#: sssd.conf.5.xml:1433 msgid "" "A comma-separated list of PAM service names for which it will be allowed to " "use Smartcards." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1447 +#: sssd.conf.5.xml:1448 #, no-wrap msgid "" "pam_p11_allowed_services = +my_pam_service, -login\n" @@ -1852,7 +1852,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1436 +#: sssd.conf.5.xml:1437 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -1864,63 +1864,63 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1451 sssd-ad.5.xml:485 sssd-ad.5.xml:581 sssd-ad.5.xml:627 -#: sssd-ad.5.xml:673 sssd-ad.5.xml:739 +#: sssd.conf.5.xml:1452 sssd-ad.5.xml:504 sssd-ad.5.xml:600 sssd-ad.5.xml:646 +#: sssd-ad.5.xml:692 sssd-ad.5.xml:758 msgid "Default: the default set of PAM service names includes:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1456 sssd-ad.5.xml:489 +#: sssd.conf.5.xml:1457 sssd-ad.5.xml:508 msgid "login" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1461 sssd-ad.5.xml:494 +#: sssd.conf.5.xml:1462 sssd-ad.5.xml:513 msgid "su" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1466 sssd-ad.5.xml:499 +#: sssd.conf.5.xml:1467 sssd-ad.5.xml:518 msgid "su-l" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1471 sssd-ad.5.xml:514 +#: sssd.conf.5.xml:1472 sssd-ad.5.xml:533 msgid "gdm-smartcard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1476 sssd-ad.5.xml:509 +#: sssd.conf.5.xml:1477 sssd-ad.5.xml:528 msgid "gdm-password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1481 sssd-ad.5.xml:519 +#: sssd.conf.5.xml:1482 sssd-ad.5.xml:538 msgid "kdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1486 sssd-ad.5.xml:748 +#: sssd.conf.5.xml:1487 sssd-ad.5.xml:767 msgid "sudo" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1491 sssd-ad.5.xml:753 +#: sssd.conf.5.xml:1492 sssd-ad.5.xml:772 msgid "sudo-i" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1496 +#: sssd.conf.5.xml:1497 msgid "gnome-screensaver" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1504 +#: sssd.conf.5.xml:1505 msgid "p11_wait_for_card_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1507 +#: sssd.conf.5.xml:1508 msgid "" "If Smartcard authentication is required how many extra seconds in addition " "to p11_child_timeout should the PAM responder wait until a Smartcard is " @@ -1928,25 +1928,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1518 -#, fuzzy -#| msgid "re_expression (string)" +#: sssd.conf.5.xml:1519 msgid "p11_uri (string)" -msgstr "re_expression (neudennad)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1521 +#: sssd.conf.5.xml:1522 msgid "" "PKCS#11 URI (see RFC-7512 for details) which can be used to restrict the " "selection of devices used for Smartcard authentication. By default SSSD's " "p11_child will search for a PKCS#11 slot (reader) where the 'removable' " "flags is set and read the certificates from the inserted token from the " -"first slot found. If multiple readers are connected p11_uri can be use to " +"first slot found. If multiple readers are connected p11_uri can be used to " "tell p11_child to use a specific reader." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1534 +#: sssd.conf.5.xml:1535 #, no-wrap msgid "" "p11_uri = slot-description=My%20Smartcar%20Reader\n" @@ -1954,7 +1952,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1538 +#: sssd.conf.5.xml:1539 #, no-wrap msgid "" "p11_uri = library-description=OpenSC%20smartcard%20framework;slot-id=2\n" @@ -1962,7 +1960,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1532 +#: sssd.conf.5.xml:1533 msgid "" "Example: <placeholder type=\"programlisting\" id=\"0\"/> or <placeholder " "type=\"programlisting\" id=\"1\"/> To find suitable URI please check the " @@ -1971,12 +1969,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1554 +#: sssd.conf.5.xml:1555 msgid "SUDO configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1556 +#: sssd.conf.5.xml:1557 msgid "" "These options can be used to configure the sudo service. The detailed " "instructions for configuration of <citerefentry> <refentrytitle>sudo</" @@ -1987,24 +1985,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1573 +#: sssd.conf.5.xml:1574 msgid "sudo_timed (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1576 +#: sssd.conf.5.xml:1577 msgid "" "Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " "that implement time-dependent sudoers entries." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1588 +#: sssd.conf.5.xml:1589 msgid "sudo_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1591 +#: sssd.conf.5.xml:1592 msgid "" "Maximum number of expired rules that can be refreshed at once. If number of " "expired rules is below threshold, those rules are refreshed with " @@ -2014,22 +2012,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1610 +#: sssd.conf.5.xml:1611 msgid "AUTOFS configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1612 +#: sssd.conf.5.xml:1613 msgid "These options can be used to configure the autofs service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1616 +#: sssd.conf.5.xml:1617 msgid "autofs_negative_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1619 +#: sssd.conf.5.xml:1620 msgid "" "Specifies for how many seconds should the autofs responder negative cache " "hits (that is, queries for invalid map entries, like nonexistent ones) " @@ -2037,51 +2035,51 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1635 +#: sssd.conf.5.xml:1636 msgid "SSH configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1637 +#: sssd.conf.5.xml:1638 msgid "These options can be used to configure the SSH service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1641 +#: sssd.conf.5.xml:1642 msgid "ssh_hash_known_hosts (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1644 +#: sssd.conf.5.xml:1645 msgid "" "Whether or not to hash host names and addresses in the managed known_hosts " "file." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1653 +#: sssd.conf.5.xml:1654 msgid "ssh_known_hosts_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1656 +#: sssd.conf.5.xml:1657 msgid "" "How many seconds to keep a host in the managed known_hosts file after its " "host keys were requested." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1660 +#: sssd.conf.5.xml:1661 msgid "Default: 180" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1665 +#: sssd.conf.5.xml:1666 msgid "ssh_use_certificate_keys (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1668 +#: sssd.conf.5.xml:1669 msgid "" "If set to true the <command>sss_ssh_authorizedkeys</command> will return ssh " "keys derived from the public key of X.509 certificates stored in the user " @@ -2090,24 +2088,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1683 +#: sssd.conf.5.xml:1684 msgid "ca_db (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1686 +#: sssd.conf.5.xml:1687 msgid "" "Path to a storage of trusted CA certificates. The option is used to validate " "user certificates before deriving public ssh keys from them." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1714 +#: sssd.conf.5.xml:1715 msgid "PAC responder configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1716 +#: sssd.conf.5.xml:1717 msgid "" "The PAC responder works together with the authorization data plugin for MIT " "Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the " @@ -2118,7 +2116,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1725 +#: sssd.conf.5.xml:1726 msgid "" "If the remote user does not exist in the cache, it is created. The UID is " "determined with the help of the SID, trusted domains will have UPGs and the " @@ -2129,24 +2127,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1733 +#: sssd.conf.5.xml:1734 msgid "" "If there are SIDs of groups from domains sssd knows about, the user will be " "added to those groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1739 +#: sssd.conf.5.xml:1740 msgid "These options can be used to configure the PAC responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1743 sssd-ifp.5.xml:50 +#: sssd.conf.5.xml:1744 sssd-ifp.5.xml:50 msgid "allowed_uids (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1746 +#: sssd.conf.5.xml:1747 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to access the PAC responder. User names are resolved to UIDs at " @@ -2154,12 +2152,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1752 +#: sssd.conf.5.xml:1753 msgid "Default: 0 (only the root user is allowed to access the PAC responder)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1756 +#: sssd.conf.5.xml:1757 msgid "" "Please note that although the UID 0 is used as the default it will be " "overwritten with this option. If you still want to allow the root user to " @@ -2168,24 +2166,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1765 +#: sssd.conf.5.xml:1766 msgid "pac_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1768 +#: sssd.conf.5.xml:1769 msgid "" "Lifetime of the PAC entry in seconds. As long as the PAC is valid the PAC " "data can be used to determine the group memberships of a user." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1781 +#: sssd.conf.5.xml:1782 msgid "Session recording configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1783 +#: sssd.conf.5.xml:1784 msgid "" "Session recording works in conjunction with <citerefentry> " "<refentrytitle>tlog-rec-session</refentrytitle> <manvolnum>8</manvolnum> </" @@ -2195,66 +2193,66 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1796 +#: sssd.conf.5.xml:1797 msgid "These options can be used to configure session recording." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1800 sssd-session-recording.5.xml:64 +#: sssd.conf.5.xml:1801 sssd-session-recording.5.xml:64 msgid "scope (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1807 sssd-session-recording.5.xml:71 +#: sssd.conf.5.xml:1808 sssd-session-recording.5.xml:71 msgid "\"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1810 sssd-session-recording.5.xml:74 +#: sssd.conf.5.xml:1811 sssd-session-recording.5.xml:74 msgid "No users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1815 sssd-session-recording.5.xml:79 +#: sssd.conf.5.xml:1816 sssd-session-recording.5.xml:79 msgid "\"some\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1818 sssd-session-recording.5.xml:82 +#: sssd.conf.5.xml:1819 sssd-session-recording.5.xml:82 msgid "" "Users/groups specified by <replaceable>users</replaceable> and " "<replaceable>groups</replaceable> options are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1827 sssd-session-recording.5.xml:91 +#: sssd.conf.5.xml:1828 sssd-session-recording.5.xml:91 msgid "\"all\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1830 sssd-session-recording.5.xml:94 +#: sssd.conf.5.xml:1831 sssd-session-recording.5.xml:94 msgid "All users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1803 sssd-session-recording.5.xml:67 +#: sssd.conf.5.xml:1804 sssd-session-recording.5.xml:67 msgid "" "One of the following strings specifying the scope of session recording: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1837 sssd-session-recording.5.xml:101 +#: sssd.conf.5.xml:1838 sssd-session-recording.5.xml:101 msgid "Default: \"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1842 sssd-session-recording.5.xml:106 +#: sssd.conf.5.xml:1843 sssd-session-recording.5.xml:106 msgid "users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1845 sssd-session-recording.5.xml:109 +#: sssd.conf.5.xml:1846 sssd-session-recording.5.xml:109 msgid "" "A comma-separated list of users which should have session recording enabled. " "Matches user names as returned by NSS. I.e. after the possible space " @@ -2262,17 +2260,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1851 sssd-session-recording.5.xml:115 +#: sssd.conf.5.xml:1852 sssd-session-recording.5.xml:115 msgid "Default: Empty. Matches no users." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1856 sssd-session-recording.5.xml:120 +#: sssd.conf.5.xml:1857 sssd-session-recording.5.xml:120 msgid "groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1859 sssd-session-recording.5.xml:123 +#: sssd.conf.5.xml:1860 sssd-session-recording.5.xml:123 msgid "" "A comma-separated list of groups, members of which should have session " "recording enabled. Matches group names as returned by NSS. I.e. after the " @@ -2280,7 +2278,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1865 sssd-session-recording.5.xml:129 +#: sssd.conf.5.xml:1866 sssd-session-recording.5.xml:129 msgid "" "NOTE: using this option (having it set to anything) has a considerable " "performance cost, because each uncached request for a user requires " @@ -2288,22 +2286,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1872 sssd-session-recording.5.xml:136 +#: sssd.conf.5.xml:1873 sssd-session-recording.5.xml:136 msgid "Default: Empty. Matches no groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1882 +#: sssd.conf.5.xml:1883 msgid "DOMAIN SECTIONS" msgstr "RANNOÙ DOMANI" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1889 +#: sssd.conf.5.xml:1890 msgid "domain_type (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1892 +#: sssd.conf.5.xml:1893 msgid "" "Specifies whether the domain is meant to be used by POSIX-aware clients such " "as the Name Service Switch or by applications that do not need POSIX data to " @@ -2312,14 +2310,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1900 +#: sssd.conf.5.xml:1901 msgid "" "Allowed values for this option are <quote>posix</quote> and " "<quote>application</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1904 +#: sssd.conf.5.xml:1905 msgid "" "POSIX domains are reachable by all services. Application domains are only " "reachable from the InfoPipe responder (see <citerefentry> " @@ -2328,38 +2326,38 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1912 +#: sssd.conf.5.xml:1913 msgid "" "NOTE: The application domains are currently well tested with " "<quote>id_provider=ldap</quote> only." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1916 +#: sssd.conf.5.xml:1917 msgid "" "For an easy way to configure a non-POSIX domains, please see the " "<quote>Application domains</quote> section." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1920 +#: sssd.conf.5.xml:1921 msgid "Default: posix" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1926 +#: sssd.conf.5.xml:1927 msgid "min_id,max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1929 +#: sssd.conf.5.xml:1930 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1934 +#: sssd.conf.5.xml:1935 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For non-" @@ -2368,24 +2366,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1941 +#: sssd.conf.5.xml:1942 msgid "" "These ID limits affect even saving entries to cache, not only returning them " "by name or ID." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1945 +#: sssd.conf.5.xml:1946 msgid "Default: 1 for min_id, 0 (no limit) for max_id" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1951 +#: sssd.conf.5.xml:1952 msgid "enumerate (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1954 +#: sssd.conf.5.xml:1955 msgid "" "Determines if a domain can be enumerated, that is, whether the domain can " "list all the users and group it contains. Note that it is not required to " @@ -2394,29 +2392,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1962 +#: sssd.conf.5.xml:1963 msgid "TRUE = Users and groups are enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1965 +#: sssd.conf.5.xml:1966 msgid "FALSE = No enumerations for this domain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1968 sssd.conf.5.xml:2190 sssd.conf.5.xml:2365 +#: sssd.conf.5.xml:1969 sssd.conf.5.xml:2191 sssd.conf.5.xml:2366 msgid "Default: FALSE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1971 +#: sssd.conf.5.xml:1972 msgid "" "Enumerating a domain requires SSSD to download and store ALL user and group " "entries from the remote server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1976 +#: sssd.conf.5.xml:1977 msgid "" "Note: Enabling enumeration has a moderate performance impact on SSSD while " "enumeration is running. It may take up to several minutes after SSSD startup " @@ -2430,14 +2428,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1991 +#: sssd.conf.5.xml:1992 msgid "" "While the first enumeration is running, requests for the complete user or " "group lists may return no results until it completes." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1996 +#: sssd.conf.5.xml:1997 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " @@ -2446,39 +2444,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2004 +#: sssd.conf.5.xml:2005 msgid "" "For the reasons cited above, enabling enumeration is not recommended, " "especially in large environments." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2012 +#: sssd.conf.5.xml:2013 msgid "subdomain_enumerate (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2019 +#: sssd.conf.5.xml:2020 msgid "all" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2020 +#: sssd.conf.5.xml:2021 msgid "All discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2023 +#: sssd.conf.5.xml:2024 msgid "none" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2024 +#: sssd.conf.5.xml:2025 msgid "No discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2015 +#: sssd.conf.5.xml:2016 msgid "" "Whether any of autodetected trusted domains should be enumerated. The " "supported values are: <placeholder type=\"variablelist\" id=\"0\"/> " @@ -2487,19 +2485,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2038 +#: sssd.conf.5.xml:2039 msgid "entry_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2041 +#: sssd.conf.5.xml:2042 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2045 +#: sssd.conf.5.xml:2046 msgid "" "The cache expiration timestamps are stored as attributes of individual " "objects in the cache. Therefore, changing the cache timeout only has effect " @@ -2510,151 +2508,151 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2058 +#: sssd.conf.5.xml:2059 msgid "Default: 5400" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2064 +#: sssd.conf.5.xml:2065 msgid "entry_cache_user_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2067 +#: sssd.conf.5.xml:2068 msgid "" "How many seconds should nss_sss consider user entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2071 sssd.conf.5.xml:2084 sssd.conf.5.xml:2097 -#: sssd.conf.5.xml:2110 sssd.conf.5.xml:2123 sssd.conf.5.xml:2137 -#: sssd.conf.5.xml:2151 +#: sssd.conf.5.xml:2072 sssd.conf.5.xml:2085 sssd.conf.5.xml:2098 +#: sssd.conf.5.xml:2111 sssd.conf.5.xml:2124 sssd.conf.5.xml:2138 +#: sssd.conf.5.xml:2152 msgid "Default: entry_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2077 +#: sssd.conf.5.xml:2078 msgid "entry_cache_group_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2080 +#: sssd.conf.5.xml:2081 msgid "" "How many seconds should nss_sss consider group entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2090 +#: sssd.conf.5.xml:2091 msgid "entry_cache_netgroup_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2093 +#: sssd.conf.5.xml:2094 msgid "" "How many seconds should nss_sss consider netgroup entries valid before " "asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2103 +#: sssd.conf.5.xml:2104 msgid "entry_cache_service_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2106 +#: sssd.conf.5.xml:2107 msgid "" "How many seconds should nss_sss consider service entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2116 +#: sssd.conf.5.xml:2117 msgid "entry_cache_sudo_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2119 +#: sssd.conf.5.xml:2120 msgid "" "How many seconds should sudo consider rules valid before asking the backend " "again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2129 +#: sssd.conf.5.xml:2130 msgid "entry_cache_autofs_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2132 +#: sssd.conf.5.xml:2133 msgid "" "How many seconds should the autofs service consider automounter maps valid " "before asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2143 +#: sssd.conf.5.xml:2144 msgid "entry_cache_ssh_host_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2146 +#: sssd.conf.5.xml:2147 msgid "" "How many seconds to keep a host ssh key after refresh. IE how long to cache " "the host key for." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2157 +#: sssd.conf.5.xml:2158 msgid "refresh_expired_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2160 +#: sssd.conf.5.xml:2161 msgid "" "Specifies how many seconds SSSD has to wait before triggering a background " "refresh task which will refresh all expired or nearly expired records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2165 +#: sssd.conf.5.xml:2166 msgid "" "The background refresh will process users, groups and netgroups in the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2169 +#: sssd.conf.5.xml:2170 msgid "You can consider setting this value to 3/4 * entry_cache_timeout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2173 sssd-ldap.5.xml:746 sssd-ipa.5.xml:254 +#: sssd.conf.5.xml:2174 sssd-ldap.5.xml:784 sssd-ipa.5.xml:254 msgid "Default: 0 (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2179 +#: sssd.conf.5.xml:2180 msgid "cache_credentials (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2182 +#: sssd.conf.5.xml:2183 msgid "Determines if user credentials are also cached in the local LDB cache" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2186 +#: sssd.conf.5.xml:2187 msgid "User credentials are stored in a SHA512 hash, not in plaintext" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2196 +#: sssd.conf.5.xml:2197 msgid "cache_credentials_minimal_first_factor_length (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2199 +#: sssd.conf.5.xml:2200 msgid "" "If 2-Factor-Authentication (2FA) is used and credentials should be saved " "this value determines the minimal length the first authentication factor " @@ -2662,24 +2660,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2206 +#: sssd.conf.5.xml:2207 msgid "" "This should avoid that the short PINs of a PIN based 2FA scheme are saved in " "the cache which would make them easy targets for brute-force attacks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2211 +#: sssd.conf.5.xml:2212 msgid "Default: 8" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2217 +#: sssd.conf.5.xml:2218 msgid "account_cache_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2220 +#: sssd.conf.5.xml:2221 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " @@ -2688,17 +2686,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2227 +#: sssd.conf.5.xml:2228 msgid "Default: 0 (unlimited)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2232 +#: sssd.conf.5.xml:2233 msgid "pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2243 +#: sssd.conf.5.xml:2244 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -2707,34 +2705,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2250 +#: sssd.conf.5.xml:2251 msgid "Default: 7 (Kerberos), 0 (LDAP)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2256 +#: sssd.conf.5.xml:2257 msgid "id_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2259 +#: sssd.conf.5.xml:2260 msgid "" "The identification provider used for the domain. Supported ID providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2263 +#: sssd.conf.5.xml:2264 msgid "<quote>proxy</quote>: Support a legacy NSS provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2266 +#: sssd.conf.5.xml:2267 msgid "" "<quote>local</quote>: SSSD internal provider for local users (DEPRECATED)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2270 +#: sssd.conf.5.xml:2271 msgid "" "<quote>files</quote>: FILES provider. See <citerefentry> <refentrytitle>sssd-" "files</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -2742,7 +2740,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2278 +#: sssd.conf.5.xml:2279 msgid "" "<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -2750,8 +2748,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2286 sssd.conf.5.xml:2391 sssd.conf.5.xml:2446 -#: sssd.conf.5.xml:2509 +#: sssd.conf.5.xml:2287 sssd.conf.5.xml:2392 sssd.conf.5.xml:2447 +#: sssd.conf.5.xml:2510 msgid "" "<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management " "provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " @@ -2760,8 +2758,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2295 sssd.conf.5.xml:2400 sssd.conf.5.xml:2455 -#: sssd.conf.5.xml:2518 +#: sssd.conf.5.xml:2296 sssd.conf.5.xml:2401 sssd.conf.5.xml:2456 +#: sssd.conf.5.xml:2519 msgid "" "<quote>ad</quote>: Active Directory provider. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2769,19 +2767,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2306 +#: sssd.conf.5.xml:2307 msgid "use_fully_qualified_names (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2309 +#: sssd.conf.5.xml:2310 msgid "" "Use the full name and domain (as formatted by the domain's full_name_format) " "as the user's login name reported to NSS." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2314 +#: sssd.conf.5.xml:2315 msgid "" "If set to TRUE, all requests to this domain must use fully qualified names. " "For example, if used in LOCAL domain that contains a \"test\" user, " @@ -2790,7 +2788,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2322 +#: sssd.conf.5.xml:2323 msgid "" "NOTE: This option has no effect on netgroup lookups due to their tendency to " "include nested netgroups without qualified names. For netgroups, all domains " @@ -2798,22 +2796,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2329 +#: sssd.conf.5.xml:2330 msgid "Default: FALSE (TRUE if default_domain_suffix is used)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2335 +#: sssd.conf.5.xml:2336 msgid "ignore_group_members (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2338 +#: sssd.conf.5.xml:2339 msgid "Do not return group members for group lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2341 +#: sssd.conf.5.xml:2342 msgid "" "If set to TRUE, the group membership attribute is not requested from the " "ldap server, and group members are not returned when processing group lookup " @@ -2825,7 +2823,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2359 +#: sssd.conf.5.xml:2360 msgid "" "Enabling this option can also make access provider checks for group " "membership significantly faster, especially for groups containing many " @@ -2833,19 +2831,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2370 +#: sssd.conf.5.xml:2371 msgid "auth_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2373 +#: sssd.conf.5.xml:2374 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2377 sssd.conf.5.xml:2439 +#: sssd.conf.5.xml:2378 sssd.conf.5.xml:2440 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2853,7 +2851,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2384 +#: sssd.conf.5.xml:2385 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2861,35 +2859,35 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2408 +#: sssd.conf.5.xml:2409 msgid "" "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2411 +#: sssd.conf.5.xml:2412 msgid "<quote>local</quote>: SSSD internal provider for local users" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2415 +#: sssd.conf.5.xml:2416 msgid "<quote>none</quote> disables authentication explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2418 +#: sssd.conf.5.xml:2419 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2424 +#: sssd.conf.5.xml:2425 msgid "access_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2427 +#: sssd.conf.5.xml:2428 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " @@ -2897,19 +2895,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2433 +#: sssd.conf.5.xml:2434 msgid "" "<quote>permit</quote> always allow access. It's the only permitted access " "provider for a local domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2436 +#: sssd.conf.5.xml:2437 msgid "<quote>deny</quote> always deny access." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2463 +#: sssd.conf.5.xml:2464 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" @@ -2918,7 +2916,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2470 +#: sssd.conf.5.xml:2471 msgid "" "<quote>krb5</quote>: .k5login based access control. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum></" @@ -2926,29 +2924,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2477 +#: sssd.conf.5.xml:2478 msgid "<quote>proxy</quote> for relaying access control to another PAM module." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2480 +#: sssd.conf.5.xml:2481 msgid "Default: <quote>permit</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2485 +#: sssd.conf.5.xml:2486 msgid "chpass_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2488 +#: sssd.conf.5.xml:2489 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2493 +#: sssd.conf.5.xml:2494 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -2956,7 +2954,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2501 +#: sssd.conf.5.xml:2502 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2964,35 +2962,35 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2526 +#: sssd.conf.5.xml:2527 msgid "" "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2530 +#: sssd.conf.5.xml:2531 msgid "<quote>none</quote> disallows password changes explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2533 +#: sssd.conf.5.xml:2534 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2540 +#: sssd.conf.5.xml:2541 msgid "sudo_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2543 +#: sssd.conf.5.xml:2544 msgid "The SUDO provider used for the domain. Supported SUDO providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2547 +#: sssd.conf.5.xml:2548 msgid "" "<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3000,32 +2998,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2555 +#: sssd.conf.5.xml:2556 msgid "" "<quote>ipa</quote> the same as <quote>ldap</quote> but with IPA default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2559 +#: sssd.conf.5.xml:2560 msgid "" "<quote>ad</quote> the same as <quote>ldap</quote> but with AD default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2563 +#: sssd.conf.5.xml:2564 msgid "<quote>none</quote> disables SUDO explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2566 sssd.conf.5.xml:2652 sssd.conf.5.xml:2722 -#: sssd.conf.5.xml:2747 +#: sssd.conf.5.xml:2567 sssd.conf.5.xml:2653 sssd.conf.5.xml:2723 +#: sssd.conf.5.xml:2748 msgid "Default: The value of <quote>id_provider</quote> is used if it is set." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2570 +#: sssd.conf.5.xml:2571 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -3036,7 +3034,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2585 +#: sssd.conf.5.xml:2586 msgid "" "<emphasis>NOTE:</emphasis> Sudo rules are periodically downloaded in the " "background unless the sudo provider is explicitly disabled. Set " @@ -3045,12 +3043,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2595 +#: sssd.conf.5.xml:2596 msgid "selinux_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2598 +#: sssd.conf.5.xml:2599 msgid "" "The provider which should handle loading of selinux settings. Note that this " "provider will be called right after access provider ends. Supported selinux " @@ -3058,7 +3056,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2604 +#: sssd.conf.5.xml:2605 msgid "" "<quote>ipa</quote> to load selinux settings from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3066,31 +3064,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2612 +#: sssd.conf.5.xml:2613 msgid "<quote>none</quote> disallows fetching selinux settings explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2615 +#: sssd.conf.5.xml:2616 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "selinux loading requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2621 +#: sssd.conf.5.xml:2622 msgid "subdomains_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2624 +#: sssd.conf.5.xml:2625 msgid "" "The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider. Supported subdomain providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2630 +#: sssd.conf.5.xml:2631 msgid "" "<quote>ipa</quote> to load a list of subdomains from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3098,7 +3096,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2639 +#: sssd.conf.5.xml:2640 msgid "" "<quote>ad</quote> to load a list of subdomains from an Active Directory " "server. See <citerefentry> <refentrytitle>sssd-ad</refentrytitle> " @@ -3107,17 +3105,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2648 +#: sssd.conf.5.xml:2649 msgid "<quote>none</quote> disallows fetching subdomains explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2658 +#: sssd.conf.5.xml:2659 msgid "session_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2661 +#: sssd.conf.5.xml:2662 msgid "" "The provider which configures and manages user session related tasks. The " "only user session task currently provided is the integration with Fleet " @@ -3125,43 +3123,43 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2668 +#: sssd.conf.5.xml:2669 msgid "<quote>ipa</quote> to allow performing user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2672 +#: sssd.conf.5.xml:2673 msgid "" "<quote>none</quote> does not perform any kind of user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2676 +#: sssd.conf.5.xml:2677 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can perform " "session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2680 +#: sssd.conf.5.xml:2681 msgid "" "<emphasis>NOTE:</emphasis> In order to have this feature working as expected " "SSSD must be running as \"root\" and not as the unprivileged user." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2688 +#: sssd.conf.5.xml:2689 msgid "autofs_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2691 +#: sssd.conf.5.xml:2692 msgid "" "The autofs provider used for the domain. Supported autofs providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2695 +#: sssd.conf.5.xml:2696 msgid "" "<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3169,7 +3167,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2702 +#: sssd.conf.5.xml:2703 msgid "" "<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> " "<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3177,7 +3175,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2710 +#: sssd.conf.5.xml:2711 msgid "" "<quote>ad</quote> to load maps stored in an AD server. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3185,24 +3183,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2719 +#: sssd.conf.5.xml:2720 msgid "<quote>none</quote> disables autofs explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2729 +#: sssd.conf.5.xml:2730 msgid "hostid_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2732 +#: sssd.conf.5.xml:2733 msgid "" "The provider used for retrieving host identity information. Supported " "hostid providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2736 +#: sssd.conf.5.xml:2737 msgid "" "<quote>ipa</quote> to load host identity stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3210,12 +3208,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2744 +#: sssd.conf.5.xml:2745 msgid "<quote>none</quote> disables hostid explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2757 +#: sssd.conf.5.xml:2758 msgid "" "Regular expression for this domain that describes how to parse the string " "containing user name and domain into these components. The \"domain\" can " @@ -3225,7 +3223,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2766 +#: sssd.conf.5.xml:2767 msgid "" "Default for the AD and IPA provider: <quote>(((?P<domain>[^\\\\]+)\\" "\\(?P<name>.+$))|((?P<name>[^@]+)@(?P<domain>.+$))|(^(?" @@ -3234,29 +3232,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2771 +#: sssd.conf.5.xml:2772 msgid "username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2774 +#: sssd.conf.5.xml:2775 msgid "username@domain.name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2777 +#: sssd.conf.5.xml:2778 msgid "domain\\username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2780 +#: sssd.conf.5.xml:2781 msgid "" "While the first two correspond to the general default the third one is " "introduced to allow easy integration of users from Windows domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2785 +#: sssd.conf.5.xml:2786 msgid "" "Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " "which translates to \"the name is everything up to the <quote>@</quote> " @@ -3264,7 +3262,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2791 +#: sssd.conf.5.xml:2792 msgid "" "NOTE: Some Active Directory groups, typically those used for MS Exchange " "contain an <quote>@</quote> sign in the name, which clashes with the default " @@ -3274,59 +3272,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2842 +#: sssd.conf.5.xml:2843 msgid "Default: <quote>%1$s@%2$s</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2848 +#: sssd.conf.5.xml:2849 msgid "lookup_family_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2851 +#: sssd.conf.5.xml:2852 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2855 +#: sssd.conf.5.xml:2856 msgid "Supported values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2858 +#: sssd.conf.5.xml:2859 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2861 +#: sssd.conf.5.xml:2862 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2864 +#: sssd.conf.5.xml:2865 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2867 +#: sssd.conf.5.xml:2868 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2870 +#: sssd.conf.5.xml:2871 msgid "Default: ipv4_first" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2876 +#: sssd.conf.5.xml:2877 msgid "dns_resolver_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2879 +#: sssd.conf.5.xml:2880 msgid "" "Defines the amount of time (in seconds) to wait for a reply from the " "internal fail over service before assuming that the service is unreachable. " @@ -3335,77 +3333,77 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2886 +#: sssd.conf.5.xml:2887 msgid "" "Please see the section <quote>FAILOVER</quote> for more information about " "the service resolution." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2891 sssd-ldap.5.xml:1337 sssd-ldap.5.xml:1379 -#: sssd-ldap.5.xml:1397 sssd-krb5.5.xml:248 +#: sssd.conf.5.xml:2892 sssd-ldap.5.xml:1375 sssd-ldap.5.xml:1417 +#: sssd-ldap.5.xml:1435 sssd-krb5.5.xml:248 msgid "Default: 6" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2897 +#: sssd.conf.5.xml:2898 msgid "dns_discovery_domain (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2900 +#: sssd.conf.5.xml:2901 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2904 +#: sssd.conf.5.xml:2905 msgid "Default: Use the domain part of machine's hostname" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2910 +#: sssd.conf.5.xml:2911 msgid "override_gid (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2913 +#: sssd.conf.5.xml:2914 msgid "Override the primary GID value with the one specified." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2919 +#: sssd.conf.5.xml:2920 msgid "case_sensitive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2930 +#: sssd.conf.5.xml:2931 msgid "True" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2933 +#: sssd.conf.5.xml:2934 msgid "Case sensitive. This value is invalid for AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2939 +#: sssd.conf.5.xml:2940 msgid "False" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2941 +#: sssd.conf.5.xml:2942 msgid "Case insensitive." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2945 +#: sssd.conf.5.xml:2946 msgid "Preserving" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2948 +#: sssd.conf.5.xml:2949 msgid "" "Same as False (case insensitive), but does not lowercase names in the result " "of NSS operations. Note that name aliases (and in case of services also " @@ -3413,7 +3411,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2922 +#: sssd.conf.5.xml:2923 msgid "" "Treat user and group names as case sensitive. <phrase condition=" "\"enable_local_provider\"> At the moment, this option is not supported in " @@ -3422,17 +3420,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2960 +#: sssd.conf.5.xml:2961 msgid "Default: True (False for AD provider)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2966 +#: sssd.conf.5.xml:2967 msgid "subdomain_inherit (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2969 +#: sssd.conf.5.xml:2970 msgid "" "Specifies a list of configuration parameters that should be inherited by a " "subdomain. Please note that only selected parameters can be inherited. " @@ -3440,34 +3438,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2975 +#: sssd.conf.5.xml:2976 msgid "ignore_group_members" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2978 +#: sssd.conf.5.xml:2979 msgid "ldap_purge_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2981 sssd-ldap.5.xml:1061 +#: sssd.conf.5.xml:2982 sssd-ldap.5.xml:1099 msgid "ldap_use_tokengroups" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2984 +#: sssd.conf.5.xml:2985 msgid "ldap_user_principal" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2987 +#: sssd.conf.5.xml:2988 msgid "" "ldap_krb5_keytab (the value of krb5_keytab will be used if ldap_krb5_keytab " "is not set explicitly)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:2993 +#: sssd.conf.5.xml:2994 #, no-wrap msgid "" "subdomain_inherit = ldap_purge_cache_timeout\n" @@ -3475,32 +3473,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2991 sssd-secrets.5.xml:448 +#: sssd.conf.5.xml:2992 sssd-secrets.5.xml:448 msgid "Example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3000 +#: sssd.conf.5.xml:3001 msgid "Note: This option only works with the IPA and AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3007 +#: sssd.conf.5.xml:3008 msgid "subdomain_homedir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3018 +#: sssd.conf.5.xml:3019 msgid "%F" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3019 +#: sssd.conf.5.xml:3020 msgid "flat (NetBIOS) name of a subdomain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3010 +#: sssd.conf.5.xml:3011 msgid "" "Use this homedir as default value for all subdomains within this domain in " "IPA AD trust. See <emphasis>override_homedir</emphasis> for info about " @@ -3510,47 +3508,55 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3024 +#: sssd.conf.5.xml:3025 msgid "" "The value can be overridden by <emphasis>override_homedir</emphasis> option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3028 +#: sssd.conf.5.xml:3029 msgid "Default: <filename>/home/%d/%u</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3033 +#: sssd.conf.5.xml:3034 msgid "realmd_tags (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3036 +#: sssd.conf.5.xml:3037 msgid "" "Various tags stored by the realmd configuration service for this domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3042 +#: sssd.conf.5.xml:3043 msgid "cached_auth_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3045 +#: sssd.conf.5.xml:3046 msgid "" "Specifies time in seconds since last successful online authentication for " "which user will be authenticated using cached credentials while SSSD is in " -"the online mode." +"the online mode. If the credentials are incorrect, SSSD falls back to online " +"authentication." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3051 +#: sssd.conf.5.xml:3054 +msgid "" +"This option's value is inherited by all trusted domains. At the moment it is " +"not possible to set a different value per trusted domain." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3059 msgid "Special value 0 implies that this feature is disabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3055 +#: sssd.conf.5.xml:3063 msgid "" "Please note that if <quote>cached_auth_timeout</quote> is longer than " "<quote>pam_id_timeout</quote> then the back end could be called to handle " @@ -3558,43 +3564,115 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3066 +#: sssd.conf.5.xml:3074 msgid "auto_private_groups (string)" msgstr "" -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3069 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3080 +msgid "true" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3083 msgid "" -"If this option is enabled, SSSD will automatically create user private " -"groups based on user's UID number. The GID number is ignored in this case." +"Create user's private group unconditionally from user's UID number. The GID " +"number is ignored in this case." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3087 +msgid "" +"NOTE: Because the GID number and the user private group are inferred from " +"the UID number, it is not supported to have multiple entries with the same " +"UID or GID number with this option. In other words, enabling this option " +"enforces uniqueness across the ID space." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3096 +msgid "false" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3099 +msgid "" +"Always use the user's primary GID number. The GID number must refer to a " +"group object in the LDAP database." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3105 +msgid "hybrid" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3108 +msgid "" +"A primary group is autogenerated for user entries whose UID and GID numbers " +"have the same value and at the same time the GID number does not correspond " +"to a real group object in LDAP If the values are the same, but the primary " +"GID in the user entry is also used by a group object, the primary GID of the " +"user resolves to that group object." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3121 +msgid "" +"If the UID and GID of a user are different, then the GID must correspond to " +"a group entry, otherwise the GID is simply not resolvable." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3128 +msgid "" +"This feature is useful for environments that wish to stop maintaining a " +"separate group objects for the user private groups, but also wish to retain " +"the existing user private groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3074 +#: sssd.conf.5.xml:3077 msgid "" -"For POSIX subdomains, setting the option in the main domain is inherited in " -"the subdomain." +"This option takes any of three available values: <placeholder type=" +"\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3078 +#: sssd.conf.5.xml:3140 +msgid "" +"For subdomains, the default value is False for subdomains that use assigned " +"POSIX IDs and True for subdomains that use automatic ID-mapping." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd.conf.5.xml:3148 +#, no-wrap msgid "" -"For ID-mapping subdomains, auto_private_groups is already enabled for the " -"subdomains and setting it to false will not have any effect for the " -"subdomain." +"[domain/forest.domain/sub.domain]\n" +"auto_private_groups = false\n" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd.conf.5.xml:3154 +#, no-wrap +msgid "" +"[domain/forest.domain]\n" +"subdomain_inherit = auto_private_groups\n" +"auto_private_groups = false\n" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3083 +#: sssd.conf.5.xml:3145 msgid "" -"NOTE: Because the GID number and the user private group are inferred from " -"the UID number, it is not supported to have multiple entries with the same " -"UID or GID number with this option. In other words, enabling this option " -"enforces uniqueness across the ID space." +"The value of auto_private_groups can either be set per subdomains in a " +"subsection, for example: <placeholder type=\"programlisting\" id=\"0\"/> or " +"globally for all subdomains in the main domain section using the " +"subdomain_inherit option: <placeholder type=\"programlisting\" id=\"1\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1884 +#: sssd.conf.5.xml:1885 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called <quote>[domain/<replaceable>NAME</" @@ -3602,29 +3680,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3102 +#: sssd.conf.5.xml:3169 msgid "proxy_pam_target (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3105 +#: sssd.conf.5.xml:3172 msgid "The proxy target PAM proxies to." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3108 +#: sssd.conf.5.xml:3175 msgid "" "Default: not set by default, you have to take an existing pam configuration " "or create a new one and add the service name here." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3116 +#: sssd.conf.5.xml:3183 msgid "proxy_lib_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3119 +#: sssd.conf.5.xml:3186 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " @@ -3632,12 +3710,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3129 +#: sssd.conf.5.xml:3196 msgid "proxy_fast_alias (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3132 +#: sssd.conf.5.xml:3199 msgid "" "When a user or group is looked up by name in the proxy provider, a second " "lookup by ID is performed to \"canonicalize\" the name in case the requested " @@ -3646,12 +3724,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3146 +#: sssd.conf.5.xml:3213 msgid "proxy_max_children (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3149 +#: sssd.conf.5.xml:3216 msgid "" "This option specifies the number of pre-forked proxy children. It is useful " "for high-load SSSD environments where sssd may run out of available child " @@ -3659,19 +3737,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3098 +#: sssd.conf.5.xml:3165 msgid "" "Options valid for proxy domains. <placeholder type=\"variablelist\" id=" "\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:3165 +#: sssd.conf.5.xml:3232 msgid "Application domains" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3167 +#: sssd.conf.5.xml:3234 msgid "" "SSSD, with its D-Bus interface (see <citerefentry> <refentrytitle>sssd-ifp</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry>) is appealing to " @@ -3688,7 +3766,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3187 +#: sssd.conf.5.xml:3254 msgid "" "Please note that the application domain must still be explicitly enabled in " "the <quote>domains</quote> parameter so that the lookup order between the " @@ -3696,17 +3774,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:3193 +#: sssd.conf.5.xml:3260 msgid "Application domain parameters" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3195 +#: sssd.conf.5.xml:3262 msgid "inherit_from (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3198 +#: sssd.conf.5.xml:3265 msgid "" "The SSSD POSIX-type domain the application domain inherits all settings " "from. The application domain can moreover add its own settings to the " @@ -3715,7 +3793,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3212 +#: sssd.conf.5.xml:3279 msgid "" "The following example illustrates the use of an application domain. In this " "setup, the POSIX domain is connected to an LDAP server and is used by the OS " @@ -3725,7 +3803,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><programlisting> -#: sssd.conf.5.xml:3220 +#: sssd.conf.5.xml:3287 #, no-wrap msgid "" "[sssd]\n" @@ -3745,12 +3823,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:3238 +#: sssd.conf.5.xml:3305 msgid "The local domain section" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3240 +#: sssd.conf.5.xml:3307 msgid "" "This section contains settings for domain that stores users and groups in " "SSSD native database, that is, a domain that uses " @@ -3758,73 +3836,73 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3247 +#: sssd.conf.5.xml:3314 msgid "default_shell (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3250 +#: sssd.conf.5.xml:3317 msgid "The default shell for users created with SSSD userspace tools." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3254 +#: sssd.conf.5.xml:3321 msgid "Default: <filename>/bin/bash</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3259 +#: sssd.conf.5.xml:3326 msgid "base_directory (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3262 +#: sssd.conf.5.xml:3329 msgid "" "The tools append the login name to <replaceable>base_directory</replaceable> " "and use that as the home directory." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3267 +#: sssd.conf.5.xml:3334 msgid "Default: <filename>/home</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3272 +#: sssd.conf.5.xml:3339 msgid "create_homedir (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3275 +#: sssd.conf.5.xml:3342 msgid "" "Indicate if a home directory should be created by default for new users. " "Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3279 sssd.conf.5.xml:3291 +#: sssd.conf.5.xml:3346 sssd.conf.5.xml:3358 msgid "Default: TRUE" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3284 +#: sssd.conf.5.xml:3351 msgid "remove_homedir (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3287 +#: sssd.conf.5.xml:3354 msgid "" "Indicate if a home directory should be removed by default for deleted " "users. Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3296 +#: sssd.conf.5.xml:3363 msgid "homedir_umask (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3299 +#: sssd.conf.5.xml:3366 msgid "" "Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " @@ -3832,17 +3910,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3307 +#: sssd.conf.5.xml:3374 msgid "Default: 077" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3312 +#: sssd.conf.5.xml:3379 msgid "skel_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3315 +#: sssd.conf.5.xml:3382 msgid "" "The skeleton directory, which contains files and directories to be copied in " "the user's home directory, when the home directory is created by " @@ -3851,17 +3929,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3325 +#: sssd.conf.5.xml:3392 msgid "Default: <filename>/etc/skel</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3330 +#: sssd.conf.5.xml:3397 msgid "mail_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3333 +#: sssd.conf.5.xml:3400 msgid "" "The mail spool directory. This is needed to manipulate the mailbox when its " "corresponding user account is modified or deleted. If not specified, a " @@ -3869,17 +3947,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3340 +#: sssd.conf.5.xml:3407 msgid "Default: <filename>/var/mail</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3345 +#: sssd.conf.5.xml:3412 msgid "userdel_cmd (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3348 +#: sssd.conf.5.xml:3415 msgid "" "The command that is run after a user is removed. The command us passed the " "username of the user being removed as the first and only parameter. The " @@ -3887,17 +3965,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3354 +#: sssd.conf.5.xml:3421 msgid "Default: None, no command is run" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3364 +#: sssd.conf.5.xml:3431 msgid "TRUSTED DOMAIN SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3366 +#: sssd.conf.5.xml:3433 msgid "" "Some options used in the domain section can also be used in the trusted " "domain section, that is, in a section called <quote>[domain/" @@ -3908,64 +3986,69 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3373 +#: sssd.conf.5.xml:3440 msgid "ldap_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3374 +#: sssd.conf.5.xml:3441 msgid "ldap_user_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3375 +#: sssd.conf.5.xml:3442 msgid "ldap_group_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3376 +#: sssd.conf.5.xml:3443 msgid "ldap_netgroup_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3377 +#: sssd.conf.5.xml:3444 msgid "ldap_service_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3378 +#: sssd.conf.5.xml:3445 +msgid "ldap_sasl_mech," +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:3446 msgid "ad_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3379 +#: sssd.conf.5.xml:3447 msgid "ad_backup_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3380 +#: sssd.conf.5.xml:3448 msgid "ad_site," msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3381 sssd-ipa.5.xml:797 +#: sssd.conf.5.xml:3449 sssd-ipa.5.xml:797 msgid "use_fully_qualified_names" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3383 +#: sssd.conf.5.xml:3451 msgid "" "For more details about these options see their individual description in the " "manual page." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3389 +#: sssd.conf.5.xml:3457 msgid "CERTIFICATE MAPPING SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3391 +#: sssd.conf.5.xml:3459 msgid "" "To allow authentication with Smartcards and certificates SSSD must be able " "to map certificates to users. This can be done by adding the full " @@ -3978,7 +4061,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3405 +#: sssd.conf.5.xml:3473 msgid "" "To make the mapping more flexible mapping and matching rules were added to " "SSSD (see <citerefentry> <refentrytitle>sss-certmap</refentrytitle> " @@ -3986,7 +4069,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3414 +#: sssd.conf.5.xml:3482 msgid "" "A mapping and matching rule can be added to the SSSD configuration in a " "section on its own with a name like <quote>[certmap/" @@ -3995,59 +4078,55 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3421 +#: sssd.conf.5.xml:3489 msgid "matchrule (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3424 +#: sssd.conf.5.xml:3492 msgid "" "Only certificates from the Smartcard which matches this rule will be " "processed, all others are ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3428 +#: sssd.conf.5.xml:3496 msgid "" "Default: KRB5:<EKU>clientAuth, i.e. only certificates which have the " "Extended Key Usage <quote>clientAuth</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3435 -#, fuzzy -#| msgid "re_expression (string)" +#: sssd.conf.5.xml:3503 msgid "maprule (string)" -msgstr "re_expression (neudennad)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3438 +#: sssd.conf.5.xml:3506 msgid "Defines how the user is found for a given certificate." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3444 +#: sssd.conf.5.xml:3512 msgid "" "LDAP:(userCertificate;binary={cert!bin}) for LDAP based providers like " "<quote>ldap</quote>, <quote>AD</quote> or <quote>ipa</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3450 +#: sssd.conf.5.xml:3518 msgid "" "The RULE_NAME for the <quote>files</quote> provider which tries to find a " "user with the same name." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3459 -#, fuzzy -#| msgid "domains" +#: sssd.conf.5.xml:3527 msgid "domains (string)" -msgstr "domanioù" +msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3462 +#: sssd.conf.5.xml:3530 msgid "" "Comma separated list of domain names the rule should be applied. By default " "a rule is only valid in the domain configured in sssd.conf. If the provider " @@ -4056,17 +4135,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3469 +#: sssd.conf.5.xml:3537 msgid "Default: the configured domain in sssd.conf" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3474 +#: sssd.conf.5.xml:3542 msgid "priority (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3477 +#: sssd.conf.5.xml:3545 msgid "" "Unsigned integer value defining the priority of the rule. The higher the " "number the lower the priority. <quote>0</quote> stands for the highest " @@ -4074,26 +4153,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3483 +#: sssd.conf.5.xml:3551 msgid "Default: the lowest priority" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3489 +#: sssd.conf.5.xml:3557 msgid "" "To make the configuration simple and reduce the amount of configuration " "options the <quote>files</quote> provider has some special properties:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3495 +#: sssd.conf.5.xml:3563 msgid "" "if maprule is not set the RULE_NAME name is assumed to be the name of the " "matching user" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3501 +#: sssd.conf.5.xml:3569 msgid "" "if a maprule is used both a single user name or a template like " "<quote>{subject_rfc822_name.short_name}</quote> must be in braces like e.g. " @@ -4102,17 +4181,124 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3510 +#: sssd.conf.5.xml:3578 msgid "the <quote>domains</quote> option is ignored" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3518 idmap_sss.8.xml:43 +#: sssd.conf.5.xml:3586 +msgid "PROMPTING CONFIGURATION SECTION" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:3588 +msgid "" +"If a special file (<filename>/var/lib/sss/pubconf/pam_preauth_available</" +"filename>) exists SSSD's PAM module pam_sss will ask SSSD to figure out " +"which authentication methods are available for the user trying to log in. " +"Based on the results pam_sss will prompt the user for appropriate " +"credentials." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:3596 +msgid "" +"With the growing number of authentication methods and the possibility that " +"there are multiple ones for a single user the heuristic used by pam_sss to " +"select the prompting might not be suitable for all use cases. To following " +"options should provide a better flexibility here." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3608 +msgid "[prompting/password]" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3611 +msgid "password_prompt" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3612 +msgid "to change the string of the password prompt" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3610 +msgid "" +"to configure password prompting, allowed options are: <placeholder type=" +"\"variablelist\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3620 +msgid "[prompting/2fa]" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3624 +msgid "first_prompt" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3625 +msgid "to change the string of the prompt for the first factor" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3628 +msgid "second_prompt" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3629 +msgid "to change the string of the prompt for the second factor" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3632 +msgid "single_prompt" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3633 +msgid "" +"boolean value, if True there will be only a single prompt using the value of " +"first_prompt where it is expected that both factor are entered as a single " +"string" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3622 +msgid "" +"to configure two-factor authentication prompting, allowed options are: " +"<placeholder type=\"variablelist\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:3603 +msgid "" +"Each supported authentication method has it's own configuration sub-section " +"under <quote>[prompting/...]</quote>. Currently there are: <placeholder type=" +"\"variablelist\" id=\"0\"/> <placeholder type=\"variablelist\" id=\"1\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:3645 +msgid "" +"It is possible to add a sub-section for specific PAM services like e.g. " +"<quote>[prompting/password/sshd]</quote> to individual change the prompting " +"for this service." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sssd.conf.5.xml:3652 idmap_sss.8.xml:43 msgid "EXAMPLES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3524 +#: sssd.conf.5.xml:3658 #, no-wrap msgid "" "[sssd]\n" @@ -4142,7 +4328,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3520 +#: sssd.conf.5.xml:3654 msgid "" "1. The following example shows a typical SSSD config. It does not describe " "configuration of the domains themselves - refer to documentation on " @@ -4151,7 +4337,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3557 +#: sssd.conf.5.xml:3691 #, no-wrap msgid "" "[domain/ipa.com/child.ad.com]\n" @@ -4159,7 +4345,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3551 +#: sssd.conf.5.xml:3685 msgid "" "2. The following example shows configuration of IPA AD trust where the AD " "forest consists of two domains in a parent-child structure. Suppose IPA " @@ -4170,7 +4356,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3571 +#: sssd.conf.5.xml:3705 #, no-wrap msgid "" "[certmap/my.domain/rule_name]\n" @@ -4184,7 +4370,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3562 +#: sssd.conf.5.xml:3696 msgid "" "3. The following example shows the configuration for two certificate mapping " "rules. The first is valid for the configured domain <quote>my.domain</quote> " @@ -4334,7 +4520,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:662 sssd-ad.5.xml:286 +#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:700 sssd-ad.5.xml:286 #: sss_override.8.xml:137 sss_override.8.xml:234 msgid "Examples:" msgstr "" @@ -4429,123 +4615,164 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:209 -msgid "ldap_default_bind_dn (string)" +msgid "ldap_pwmodify_mode (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:212 +msgid "Specify the operation that is used to modify user password." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:216 +msgid "Two modes are currently supported:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ldap.5.xml:220 +msgid "exop - Password Modify Extended Operation (RFC 3062)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ldap.5.xml:226 +msgid "ldap_modify - Direct modification of userPassword (not recommended)." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:233 +msgid "" +"Note: First, a new connection is established to verify current password by " +"binding as the user that requested password change. If successful, this " +"connection is used to change the password therefore the user must have write " +"access to userPassword attribute." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:241 +#, fuzzy +#| msgid "Default: 3" +msgid "Default: exop" +msgstr "Dre ziouer : 3" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:247 +msgid "ldap_default_bind_dn (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:250 msgid "The default bind DN to use for performing LDAP operations." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:219 +#: sssd-ldap.5.xml:257 msgid "ldap_default_authtok_type (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:222 +#: sssd-ldap.5.xml:260 msgid "The type of the authentication token of the default bind DN." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:226 +#: sssd-ldap.5.xml:264 msgid "The two mechanisms currently supported are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:229 +#: sssd-ldap.5.xml:267 msgid "password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:232 +#: sssd-ldap.5.xml:270 msgid "obfuscated_password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:235 +#: sssd-ldap.5.xml:273 msgid "Default: password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:241 +#: sssd-ldap.5.xml:279 msgid "ldap_default_authtok (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:244 +#: sssd-ldap.5.xml:282 msgid "" "The authentication token of the default bind DN. Only clear text passwords " "are currently supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:251 +#: sssd-ldap.5.xml:289 msgid "ldap_user_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:254 +#: sssd-ldap.5.xml:292 msgid "The object class of a user entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:257 +#: sssd-ldap.5.xml:295 msgid "Default: posixAccount" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:263 +#: sssd-ldap.5.xml:301 msgid "ldap_user_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:266 +#: sssd-ldap.5.xml:304 msgid "The LDAP attribute that corresponds to the user's login name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:270 +#: sssd-ldap.5.xml:308 msgid "Default: uid (rfc2307, rfc2307bis and IPA), sAMAccountName (AD)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:277 +#: sssd-ldap.5.xml:315 msgid "ldap_user_uid_number (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:280 +#: sssd-ldap.5.xml:318 msgid "The LDAP attribute that corresponds to the user's id." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:284 +#: sssd-ldap.5.xml:322 msgid "Default: uidNumber" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:290 +#: sssd-ldap.5.xml:328 msgid "ldap_user_gid_number (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:293 +#: sssd-ldap.5.xml:331 msgid "The LDAP attribute that corresponds to the user's primary group id." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:297 sssd-ldap.5.xml:929 +#: sssd-ldap.5.xml:335 sssd-ldap.5.xml:967 msgid "Default: gidNumber" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:303 +#: sssd-ldap.5.xml:341 msgid "ldap_user_primary_group (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:306 +#: sssd-ldap.5.xml:344 msgid "" "Active Directory primary group attribute for ID-mapping. Note that this " "attribute should only be set manually if you are running the <quote>ldap</" @@ -4553,113 +4780,113 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:312 +#: sssd-ldap.5.xml:350 msgid "Default: unset (LDAP), primaryGroupID (AD)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:318 +#: sssd-ldap.5.xml:356 msgid "ldap_user_gecos (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:321 +#: sssd-ldap.5.xml:359 msgid "The LDAP attribute that corresponds to the user's gecos field." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:325 +#: sssd-ldap.5.xml:363 msgid "Default: gecos" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:331 +#: sssd-ldap.5.xml:369 msgid "ldap_user_home_directory (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:334 +#: sssd-ldap.5.xml:372 msgid "The LDAP attribute that contains the name of the user's home directory." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:338 +#: sssd-ldap.5.xml:376 msgid "Default: homeDirectory" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:344 +#: sssd-ldap.5.xml:382 msgid "ldap_user_shell (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:347 +#: sssd-ldap.5.xml:385 msgid "The LDAP attribute that contains the path to the user's default shell." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:351 +#: sssd-ldap.5.xml:389 msgid "Default: loginShell" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:357 +#: sssd-ldap.5.xml:395 msgid "ldap_user_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:360 +#: sssd-ldap.5.xml:398 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:364 sssd-ldap.5.xml:955 +#: sssd-ldap.5.xml:402 sssd-ldap.5.xml:993 msgid "" "Default: not set in the general case, objectGUID for AD and ipaUniqueID for " "IPA" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:371 +#: sssd-ldap.5.xml:409 msgid "ldap_user_objectsid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:374 +#: sssd-ldap.5.xml:412 msgid "" "The LDAP attribute that contains the objectSID of an LDAP user object. This " "is usually only necessary for ActiveDirectory servers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:379 sssd-ldap.5.xml:970 +#: sssd-ldap.5.xml:417 sssd-ldap.5.xml:1008 msgid "Default: objectSid for ActiveDirectory, not set for other servers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:386 +#: sssd-ldap.5.xml:424 msgid "ldap_user_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:389 sssd-ldap.5.xml:980 sssd-ldap.5.xml:1144 +#: sssd-ldap.5.xml:427 sssd-ldap.5.xml:1018 sssd-ldap.5.xml:1182 msgid "" "The LDAP attribute that contains timestamp of the last modification of the " "parent object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:393 sssd-ldap.5.xml:984 sssd-ldap.5.xml:1151 +#: sssd-ldap.5.xml:431 sssd-ldap.5.xml:1022 sssd-ldap.5.xml:1189 msgid "Default: modifyTimestamp" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:399 +#: sssd-ldap.5.xml:437 msgid "ldap_user_shadow_last_change (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:402 +#: sssd-ldap.5.xml:440 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -4668,17 +4895,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:412 +#: sssd-ldap.5.xml:450 msgid "Default: shadowLastChange" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:418 +#: sssd-ldap.5.xml:456 msgid "ldap_user_shadow_min (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:421 +#: sssd-ldap.5.xml:459 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -4687,17 +4914,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:430 +#: sssd-ldap.5.xml:468 msgid "Default: shadowMin" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:436 +#: sssd-ldap.5.xml:474 msgid "ldap_user_shadow_max (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:439 +#: sssd-ldap.5.xml:477 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -4706,17 +4933,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:448 +#: sssd-ldap.5.xml:486 msgid "Default: shadowMax" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:454 +#: sssd-ldap.5.xml:492 msgid "ldap_user_shadow_warning (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:457 +#: sssd-ldap.5.xml:495 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -4725,17 +4952,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:467 +#: sssd-ldap.5.xml:505 msgid "Default: shadowWarning" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:473 +#: sssd-ldap.5.xml:511 msgid "ldap_user_shadow_inactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:476 +#: sssd-ldap.5.xml:514 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -4744,17 +4971,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:486 +#: sssd-ldap.5.xml:524 msgid "Default: shadowInactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:492 +#: sssd-ldap.5.xml:530 msgid "ldap_user_shadow_expire (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:495 +#: sssd-ldap.5.xml:533 msgid "" "When using ldap_pwd_policy=shadow or ldap_account_expire_policy=shadow, this " "parameter contains the name of an LDAP attribute corresponding to its " @@ -4763,17 +4990,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:505 +#: sssd-ldap.5.xml:543 msgid "Default: shadowExpire" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:511 +#: sssd-ldap.5.xml:549 msgid "ldap_user_krb_last_pwd_change (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:514 +#: sssd-ldap.5.xml:552 msgid "" "When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " "an LDAP attribute storing the date and time of last password change in " @@ -4781,155 +5008,155 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:520 +#: sssd-ldap.5.xml:558 msgid "Default: krbLastPwdChange" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:526 +#: sssd-ldap.5.xml:564 msgid "ldap_user_krb_password_expiration (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:529 +#: sssd-ldap.5.xml:567 msgid "" "When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " "an LDAP attribute storing the date and time when current password expires." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:535 +#: sssd-ldap.5.xml:573 msgid "Default: krbPasswordExpiration" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:541 +#: sssd-ldap.5.xml:579 msgid "ldap_user_ad_account_expires (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:544 +#: sssd-ldap.5.xml:582 msgid "" "When using ldap_account_expire_policy=ad, this parameter contains the name " "of an LDAP attribute storing the expiration time of the account." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:549 +#: sssd-ldap.5.xml:587 msgid "Default: accountExpires" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:555 +#: sssd-ldap.5.xml:593 msgid "ldap_user_ad_user_account_control (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:558 +#: sssd-ldap.5.xml:596 msgid "" "When using ldap_account_expire_policy=ad, this parameter contains the name " "of an LDAP attribute storing the user account control bit field." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:563 +#: sssd-ldap.5.xml:601 msgid "Default: userAccountControl" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:569 +#: sssd-ldap.5.xml:607 msgid "ldap_ns_account_lock (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:572 +#: sssd-ldap.5.xml:610 msgid "" "When using ldap_account_expire_policy=rhds or equivalent, this parameter " "determines if access is allowed or not." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:577 +#: sssd-ldap.5.xml:615 msgid "Default: nsAccountLock" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:583 +#: sssd-ldap.5.xml:621 msgid "ldap_user_nds_login_disabled (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:586 +#: sssd-ldap.5.xml:624 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines if " "access is allowed or not." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:590 sssd-ldap.5.xml:604 +#: sssd-ldap.5.xml:628 sssd-ldap.5.xml:642 msgid "Default: loginDisabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:596 +#: sssd-ldap.5.xml:634 msgid "ldap_user_nds_login_expiration_time (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:599 +#: sssd-ldap.5.xml:637 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines until " "which date access is granted." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:610 +#: sssd-ldap.5.xml:648 msgid "ldap_user_nds_login_allowed_time_map (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:613 +#: sssd-ldap.5.xml:651 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines the " "hours of a day in a week when access is granted." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:618 +#: sssd-ldap.5.xml:656 msgid "Default: loginAllowedTimeMap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:624 +#: sssd-ldap.5.xml:662 msgid "ldap_user_principal (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:627 +#: sssd-ldap.5.xml:665 msgid "" "The LDAP attribute that contains the user's Kerberos User Principal Name " "(UPN)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:631 +#: sssd-ldap.5.xml:669 msgid "Default: krbPrincipalName" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:637 +#: sssd-ldap.5.xml:675 msgid "ldap_user_extra_attrs (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:640 +#: sssd-ldap.5.xml:678 msgid "" "Comma-separated list of LDAP attributes that SSSD would fetch along with the " "usual set of user attributes." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:645 +#: sssd-ldap.5.xml:683 msgid "" "The list can either contain LDAP attribute names only, or colon-separated " "tuples of SSSD cache attribute name and LDAP attribute name. In case only " @@ -4939,7 +5166,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:655 +#: sssd-ldap.5.xml:693 msgid "" "Please note that several attribute names are reserved by SSSD, notably the " "<quote>name</quote> attribute. SSSD would report an error if any of the " @@ -4947,51 +5174,51 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:665 +#: sssd-ldap.5.xml:703 msgid "ldap_user_extra_attrs = telephoneNumber" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:668 +#: sssd-ldap.5.xml:706 msgid "" "Save the <quote>telephoneNumber</quote> attribute from LDAP as " "<quote>telephoneNumber</quote> to the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:672 +#: sssd-ldap.5.xml:710 msgid "ldap_user_extra_attrs = phone:telephoneNumber" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:675 +#: sssd-ldap.5.xml:713 msgid "" "Save the <quote>telephoneNumber</quote> attribute from LDAP as <quote>phone</" "quote> to the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:685 +#: sssd-ldap.5.xml:723 msgid "ldap_user_ssh_public_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:688 +#: sssd-ldap.5.xml:726 msgid "The LDAP attribute that contains the user's SSH public keys." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:692 sssd-ldap.5.xml:1247 +#: sssd-ldap.5.xml:730 sssd-ldap.5.xml:1285 msgid "Default: sshPublicKey" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:698 +#: sssd-ldap.5.xml:736 msgid "ldap_force_upper_case_realm (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:701 +#: sssd-ldap.5.xml:739 msgid "" "Some directory servers, for example Active Directory, might deliver the " "realm part of the UPN in lower case, which might cause the authentication to " @@ -5000,24 +5227,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:714 +#: sssd-ldap.5.xml:752 msgid "ldap_enumeration_refresh_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:717 +#: sssd-ldap.5.xml:755 msgid "" "Specifies how many seconds SSSD has to wait before refreshing its cache of " "enumerated records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:728 +#: sssd-ldap.5.xml:766 msgid "ldap_purge_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:731 +#: sssd-ldap.5.xml:769 msgid "" "Determine how often to check the cache for inactive entries (such as groups " "with no members and users who have never logged in) and remove them to save " @@ -5025,7 +5252,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:737 +#: sssd-ldap.5.xml:775 msgid "" "Setting this option to zero will disable the cache cleanup operation. Please " "note that if enumeration is enabled, the cleanup task is required in order " @@ -5034,43 +5261,43 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:752 +#: sssd-ldap.5.xml:790 msgid "ldap_user_fullname (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:755 +#: sssd-ldap.5.xml:793 msgid "The LDAP attribute that corresponds to the user's full name." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:759 sssd-ldap.5.xml:1102 sssd-ldap.5.xml:1176 -#: sssd-ldap.5.xml:1285 sssd-ldap.5.xml:2346 sssd-ipa.5.xml:622 +#: sssd-ldap.5.xml:797 sssd-ldap.5.xml:1140 sssd-ldap.5.xml:1214 +#: sssd-ldap.5.xml:1323 sssd-ldap.5.xml:2404 sssd-ipa.5.xml:622 msgid "Default: cn" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:765 +#: sssd-ldap.5.xml:803 msgid "ldap_user_member_of (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:768 +#: sssd-ldap.5.xml:806 msgid "The LDAP attribute that lists the user's group memberships." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:772 sssd-ldap.5.xml:1215 +#: sssd-ldap.5.xml:810 sssd-ldap.5.xml:1253 msgid "Default: memberOf" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:778 +#: sssd-ldap.5.xml:816 msgid "ldap_user_authorized_service (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:781 +#: sssd-ldap.5.xml:819 msgid "" "If access_provider=ldap and ldap_access_order=authorized_service, SSSD will " "use the presence of the authorizedService attribute in the user's LDAP entry " @@ -5078,14 +5305,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:788 +#: sssd-ldap.5.xml:826 msgid "" "An explicit deny (!svc) is resolved first. Second, SSSD searches for " "explicit allow (svc) and finally for allow_all (*)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:793 +#: sssd-ldap.5.xml:831 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>authorized_service</quote> in order for the " @@ -5093,17 +5320,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:800 +#: sssd-ldap.5.xml:838 msgid "Default: authorizedService" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:806 +#: sssd-ldap.5.xml:844 msgid "ldap_user_authorized_host (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:809 +#: sssd-ldap.5.xml:847 msgid "" "If access_provider=ldap and ldap_access_order=host, SSSD will use the " "presence of the host attribute in the user's LDAP entry to determine access " @@ -5111,14 +5338,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:815 +#: sssd-ldap.5.xml:853 msgid "" "An explicit deny (!host) is resolved first. Second, SSSD searches for " "explicit allow (host) and finally for allow_all (*)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:820 +#: sssd-ldap.5.xml:858 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>host</quote> in order for the " @@ -5126,17 +5353,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:827 +#: sssd-ldap.5.xml:865 msgid "Default: host" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:833 +#: sssd-ldap.5.xml:871 msgid "ldap_user_authorized_rhost (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:836 +#: sssd-ldap.5.xml:874 msgid "" "If access_provider=ldap and ldap_access_order=rhost, SSSD will use the " "presence of the rhost attribute in the user's LDAP entry to determine access " @@ -5144,14 +5371,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:843 +#: sssd-ldap.5.xml:881 msgid "" "An explicit deny (!rhost) is resolved first. Second, SSSD searches for " "explicit allow (rhost) and finally for allow_all (*)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:848 +#: sssd-ldap.5.xml:886 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>rhost</quote> in order for the " @@ -5159,37 +5386,37 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:855 +#: sssd-ldap.5.xml:893 msgid "Default: rhost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:861 +#: sssd-ldap.5.xml:899 msgid "ldap_user_certificate (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:864 +#: sssd-ldap.5.xml:902 msgid "Name of the LDAP attribute containing the X509 certificate of the user." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:868 +#: sssd-ldap.5.xml:906 msgid "Default: userCertificate;binary" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:874 +#: sssd-ldap.5.xml:912 msgid "ldap_user_email (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:877 +#: sssd-ldap.5.xml:915 msgid "Name of the LDAP attribute containing the email address of the user." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:881 +#: sssd-ldap.5.xml:919 msgid "" "Note: If an email address of a user conflicts with an email address or fully " "qualified name of another user, then SSSD will not be able to serve those " @@ -5199,106 +5426,106 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:890 +#: sssd-ldap.5.xml:928 msgid "Default: mail" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:896 +#: sssd-ldap.5.xml:934 msgid "ldap_group_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:899 +#: sssd-ldap.5.xml:937 msgid "The object class of a group entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:902 +#: sssd-ldap.5.xml:940 msgid "Default: posixGroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:908 +#: sssd-ldap.5.xml:946 msgid "ldap_group_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:911 +#: sssd-ldap.5.xml:949 msgid "The LDAP attribute that corresponds to the group name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:915 +#: sssd-ldap.5.xml:953 msgid "Default: cn (rfc2307, rfc2307bis and IPA), sAMAccountName (AD)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:922 +#: sssd-ldap.5.xml:960 msgid "ldap_group_gid_number (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:925 +#: sssd-ldap.5.xml:963 msgid "The LDAP attribute that corresponds to the group's id." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:935 +#: sssd-ldap.5.xml:973 msgid "ldap_group_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:938 +#: sssd-ldap.5.xml:976 msgid "The LDAP attribute that contains the names of the group's members." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:942 +#: sssd-ldap.5.xml:980 msgid "Default: memberuid (rfc2307) / member (rfc2307bis)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:948 +#: sssd-ldap.5.xml:986 msgid "ldap_group_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:951 +#: sssd-ldap.5.xml:989 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:962 +#: sssd-ldap.5.xml:1000 msgid "ldap_group_objectsid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:965 +#: sssd-ldap.5.xml:1003 msgid "" "The LDAP attribute that contains the objectSID of an LDAP group object. This " "is usually only necessary for ActiveDirectory servers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:977 +#: sssd-ldap.5.xml:1015 msgid "ldap_group_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:990 +#: sssd-ldap.5.xml:1028 msgid "ldap_group_type (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:993 +#: sssd-ldap.5.xml:1031 msgid "" "The LDAP attribute that contains an integer value indicating the type of the " "group and maybe other flags." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:998 +#: sssd-ldap.5.xml:1036 msgid "" "This attribute is currently only used by the AD provider to determine if a " "group is a domain local groups and has to be filtered out for trusted " @@ -5306,34 +5533,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1004 +#: sssd-ldap.5.xml:1042 msgid "Default: groupType in the AD provider, otherwise not set" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1011 +#: sssd-ldap.5.xml:1049 msgid "ldap_group_external_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1014 +#: sssd-ldap.5.xml:1052 msgid "" "The LDAP attribute that references group members that are defined in an " "external domain. At the moment, only IPA's external members are supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1020 +#: sssd-ldap.5.xml:1058 msgid "Default: ipaExternalMember in the IPA provider, otherwise unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1027 +#: sssd-ldap.5.xml:1065 msgid "ldap_group_nesting_level (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1030 +#: sssd-ldap.5.xml:1068 msgid "" "If ldap_schema is set to a schema format that supports nested groups (e.g. " "RFC2307bis), then this option controls how many levels of nesting SSSD will " @@ -5341,7 +5568,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1037 +#: sssd-ldap.5.xml:1075 msgid "" "Note: This option specifies the guaranteed level of nested groups to be " "processed for any lookup. However, nested groups beyond this limit " @@ -5351,7 +5578,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1046 +#: sssd-ldap.5.xml:1084 msgid "" "If ldap_group_nesting_level is set to 0 then no nested groups are processed " "at all. However, when connected to Active-Directory Server 2008 and later " @@ -5361,177 +5588,177 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1055 +#: sssd-ldap.5.xml:1093 msgid "Default: 2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1064 +#: sssd-ldap.5.xml:1102 msgid "" "This options enables or disables use of Token-Groups attribute when " "performing initgroup for users from Active Directory Server 2008 and later." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1069 +#: sssd-ldap.5.xml:1107 msgid "Default: True for AD and IPA otherwise False." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1075 +#: sssd-ldap.5.xml:1113 msgid "ldap_netgroup_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1078 +#: sssd-ldap.5.xml:1116 msgid "The object class of a netgroup entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1081 +#: sssd-ldap.5.xml:1119 msgid "In IPA provider, ipa_netgroup_object_class should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1085 +#: sssd-ldap.5.xml:1123 msgid "Default: nisNetgroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1091 +#: sssd-ldap.5.xml:1129 msgid "ldap_netgroup_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1094 +#: sssd-ldap.5.xml:1132 msgid "The LDAP attribute that corresponds to the netgroup name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1098 +#: sssd-ldap.5.xml:1136 msgid "In IPA provider, ipa_netgroup_name should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1108 +#: sssd-ldap.5.xml:1146 msgid "ldap_netgroup_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1111 +#: sssd-ldap.5.xml:1149 msgid "The LDAP attribute that contains the names of the netgroup's members." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1115 +#: sssd-ldap.5.xml:1153 msgid "In IPA provider, ipa_netgroup_member should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1119 +#: sssd-ldap.5.xml:1157 msgid "Default: memberNisNetgroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1125 +#: sssd-ldap.5.xml:1163 msgid "ldap_netgroup_triple (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1128 +#: sssd-ldap.5.xml:1166 msgid "" "The LDAP attribute that contains the (host, user, domain) netgroup triples." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1132 sssd-ldap.5.xml:1148 +#: sssd-ldap.5.xml:1170 sssd-ldap.5.xml:1186 msgid "This option is not available in IPA provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1135 +#: sssd-ldap.5.xml:1173 msgid "Default: nisNetgroupTriple" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1141 +#: sssd-ldap.5.xml:1179 msgid "ldap_netgroup_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1157 +#: sssd-ldap.5.xml:1195 msgid "ldap_host_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1160 +#: sssd-ldap.5.xml:1198 msgid "The object class of a host entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1163 sssd-ldap.5.xml:1272 +#: sssd-ldap.5.xml:1201 sssd-ldap.5.xml:1310 msgid "Default: ipService" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1169 +#: sssd-ldap.5.xml:1207 msgid "ldap_host_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1172 sssd-ldap.5.xml:1198 +#: sssd-ldap.5.xml:1210 sssd-ldap.5.xml:1236 msgid "The LDAP attribute that corresponds to the host's name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1182 +#: sssd-ldap.5.xml:1220 msgid "ldap_host_fqdn (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1185 +#: sssd-ldap.5.xml:1223 msgid "" "The LDAP attribute that corresponds to the host's fully-qualified domain " "name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1189 +#: sssd-ldap.5.xml:1227 msgid "Default: fqdn" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1195 +#: sssd-ldap.5.xml:1233 msgid "ldap_host_serverhostname (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1202 +#: sssd-ldap.5.xml:1240 msgid "Default: serverHostname" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1208 +#: sssd-ldap.5.xml:1246 msgid "ldap_host_member_of (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1211 +#: sssd-ldap.5.xml:1249 msgid "The LDAP attribute that lists the host's group memberships." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1221 +#: sssd-ldap.5.xml:1259 msgid "ldap_host_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1224 +#: sssd-ldap.5.xml:1262 msgid "Optional. Use the given string as search base for host objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1228 sssd-ipa.5.xml:374 sssd-ipa.5.xml:393 +#: sssd-ldap.5.xml:1266 sssd-ipa.5.xml:374 sssd-ipa.5.xml:393 #: sssd-ipa.5.xml:412 sssd-ipa.5.xml:431 msgid "" "See <quote>ldap_search_base</quote> for information about configuring " @@ -5539,95 +5766,95 @@ msgid "" msgstr "" #. type: Content of: <listitem><para> -#: sssd-ldap.5.xml:1233 sssd-ipa.5.xml:379 include/ldap_search_bases.xml:27 +#: sssd-ldap.5.xml:1271 sssd-ipa.5.xml:379 include/ldap_search_bases.xml:27 msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1240 +#: sssd-ldap.5.xml:1278 msgid "ldap_host_ssh_public_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1243 +#: sssd-ldap.5.xml:1281 msgid "The LDAP attribute that contains the host's SSH public keys." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1253 +#: sssd-ldap.5.xml:1291 msgid "ldap_host_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1256 +#: sssd-ldap.5.xml:1294 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP host object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1266 +#: sssd-ldap.5.xml:1304 msgid "ldap_service_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1269 +#: sssd-ldap.5.xml:1307 msgid "The object class of a service entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1278 +#: sssd-ldap.5.xml:1316 msgid "ldap_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1281 +#: sssd-ldap.5.xml:1319 msgid "" "The LDAP attribute that contains the name of service attributes and their " "aliases." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1291 +#: sssd-ldap.5.xml:1329 msgid "ldap_service_port (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1294 +#: sssd-ldap.5.xml:1332 msgid "The LDAP attribute that contains the port managed by this service." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1298 +#: sssd-ldap.5.xml:1336 msgid "Default: ipServicePort" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1304 +#: sssd-ldap.5.xml:1342 msgid "ldap_service_proto (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1307 +#: sssd-ldap.5.xml:1345 msgid "" "The LDAP attribute that contains the protocols understood by this service." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1311 +#: sssd-ldap.5.xml:1349 msgid "Default: ipServiceProtocol" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1317 +#: sssd-ldap.5.xml:1355 msgid "ldap_service_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1322 +#: sssd-ldap.5.xml:1360 msgid "ldap_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1325 +#: sssd-ldap.5.xml:1363 msgid "" "Specifies the timeout (in seconds) that ldap searches are allowed to run " "before they are cancelled and cached results are returned (and offline mode " @@ -5635,7 +5862,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1331 +#: sssd-ldap.5.xml:1369 msgid "" "Note: this option is subject to change in future versions of the SSSD. It " "will likely be replaced at some point by a series of timeouts for specific " @@ -5643,12 +5870,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1343 +#: sssd-ldap.5.xml:1381 msgid "ldap_enumeration_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1346 +#: sssd-ldap.5.xml:1384 msgid "" "Specifies the timeout (in seconds) that ldap searches for user and group " "enumerations are allowed to run before they are cancelled and cached results " @@ -5656,12 +5883,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1359 +#: sssd-ldap.5.xml:1397 msgid "ldap_network_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1362 +#: sssd-ldap.5.xml:1400 msgid "" "Specifies the timeout (in seconds) after which the <citerefentry> " "<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" @@ -5672,12 +5899,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1385 +#: sssd-ldap.5.xml:1423 msgid "ldap_opt_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1388 +#: sssd-ldap.5.xml:1426 msgid "" "Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " "will abort if no response is received. Also controls the timeout when " @@ -5686,12 +5913,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1403 +#: sssd-ldap.5.xml:1441 msgid "ldap_connection_expire_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1406 +#: sssd-ldap.5.xml:1444 msgid "" "Specifies a timeout (in seconds) that a connection to an LDAP server will be " "maintained. After this time, the connection will be re-established. If used " @@ -5700,34 +5927,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1414 sssd-ldap.5.xml:2503 +#: sssd-ldap.5.xml:1452 sssd-ldap.5.xml:2572 msgid "Default: 900 (15 minutes)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1420 +#: sssd-ldap.5.xml:1458 msgid "ldap_page_size (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1423 +#: sssd-ldap.5.xml:1461 msgid "" "Specify the number of records to retrieve from LDAP in a single request. " "Some LDAP servers enforce a maximum limit per-request." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1428 +#: sssd-ldap.5.xml:1466 msgid "Default: 1000" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1434 +#: sssd-ldap.5.xml:1472 msgid "ldap_disable_paging (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1437 +#: sssd-ldap.5.xml:1475 msgid "" "Disable the LDAP paging control. This option should be used if the LDAP " "server reports that it supports the LDAP paging control in its RootDSE but " @@ -5735,14 +5962,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1443 +#: sssd-ldap.5.xml:1481 msgid "" "Example: OpenLDAP servers with the paging control module installed on the " "server but not enabled will report it in the RootDSE but be unable to use it." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1449 +#: sssd-ldap.5.xml:1487 msgid "" "Example: 389 DS has a bug where it can only support a one paging control at " "a time on a single connection. On busy clients, this can result in some " @@ -5750,17 +5977,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1461 +#: sssd-ldap.5.xml:1499 msgid "ldap_disable_range_retrieval (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1464 +#: sssd-ldap.5.xml:1502 msgid "Disable Active Directory range retrieval." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1467 +#: sssd-ldap.5.xml:1505 msgid "" "Active Directory limits the number of members to be retrieved in a single " "lookup using the MaxValRange policy (which defaults to 1500 members). If a " @@ -5770,12 +5997,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1482 +#: sssd-ldap.5.xml:1520 msgid "ldap_sasl_minssf (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1485 +#: sssd-ldap.5.xml:1523 msgid "" "When communicating with an LDAP server using SASL, specify the minimum " "security level necessary to establish the connection. The values of this " @@ -5783,17 +6010,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1491 +#: sssd-ldap.5.xml:1529 msgid "Default: Use the system default (usually specified by ldap.conf)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1498 +#: sssd-ldap.5.xml:1536 msgid "ldap_deref_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1501 +#: sssd-ldap.5.xml:1539 msgid "" "Specify the number of group members that must be missing from the internal " "cache in order to trigger a dereference lookup. If less members are missing, " @@ -5801,13 +6028,18 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1507 +#: sssd-ldap.5.xml:1545 msgid "" -"You can turn off dereference lookups completely by setting the value to 0." +"You can turn off dereference lookups completely by setting the value to 0. " +"Please note that there are some codepaths in SSSD, like the IPA HBAC " +"provider, that are only implemented using the dereference call, so even with " +"dereference explicitly disabled, those parts will still use dereference if " +"the server supports it and advertises the dereference control in the rootDSE " +"object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1511 +#: sssd-ldap.5.xml:1556 msgid "" "A dereference lookup is a means of fetching all group members in a single " "LDAP call. Different LDAP servers may implement different dereference " @@ -5816,7 +6048,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1519 +#: sssd-ldap.5.xml:1564 msgid "" "<emphasis>Note:</emphasis> If any of the search bases specifies a search " "filter, then the dereference lookup performance enhancement will be disabled " @@ -5824,26 +6056,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1532 +#: sssd-ldap.5.xml:1577 msgid "ldap_tls_reqcert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1535 +#: sssd-ldap.5.xml:1580 msgid "" "Specifies what checks to perform on server certificates in a TLS session, if " "any. It can be specified as one of the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1541 +#: sssd-ldap.5.xml:1586 msgid "" "<emphasis>never</emphasis> = The client will not request or check any server " "certificate." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1545 +#: sssd-ldap.5.xml:1590 msgid "" "<emphasis>allow</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -5851,7 +6083,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1552 +#: sssd-ldap.5.xml:1597 msgid "" "<emphasis>try</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -5859,7 +6091,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1558 +#: sssd-ldap.5.xml:1603 msgid "" "<emphasis>demand</emphasis> = The server certificate is requested. If no " "certificate is provided, or a bad certificate is provided, the session is " @@ -5867,41 +6099,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1564 +#: sssd-ldap.5.xml:1609 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1568 +#: sssd-ldap.5.xml:1613 msgid "Default: hard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1574 +#: sssd-ldap.5.xml:1619 msgid "ldap_tls_cacert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1577 +#: sssd-ldap.5.xml:1622 msgid "" "Specifies the file that contains certificates for all of the Certificate " "Authorities that <command>sssd</command> will recognize." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1582 sssd-ldap.5.xml:1600 sssd-ldap.5.xml:1641 +#: sssd-ldap.5.xml:1627 sssd-ldap.5.xml:1645 sssd-ldap.5.xml:1686 msgid "" "Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." "conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1589 +#: sssd-ldap.5.xml:1634 msgid "ldap_tls_cacertdir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1592 +#: sssd-ldap.5.xml:1637 msgid "" "Specifies the path of a directory that contains Certificate Authority " "certificates in separate individual files. Typically the file names need to " @@ -5910,32 +6142,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1607 +#: sssd-ldap.5.xml:1652 msgid "ldap_tls_cert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1610 +#: sssd-ldap.5.xml:1655 msgid "Specifies the file that contains the certificate for the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1620 +#: sssd-ldap.5.xml:1665 msgid "ldap_tls_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1623 +#: sssd-ldap.5.xml:1668 msgid "Specifies the file that contains the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1632 +#: sssd-ldap.5.xml:1677 msgid "ldap_tls_cipher_suite (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1635 +#: sssd-ldap.5.xml:1680 msgid "" "Specifies acceptable cipher suites. Typically this is a colon separated " "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " @@ -5943,24 +6175,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1648 +#: sssd-ldap.5.xml:1693 msgid "ldap_id_use_start_tls (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1651 +#: sssd-ldap.5.xml:1696 msgid "" "Specifies that the id_provider connection must also use <systemitem class=" "\"protocol\">tls</systemitem> to protect the channel." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1661 +#: sssd-ldap.5.xml:1706 msgid "ldap_id_mapping (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1664 +#: sssd-ldap.5.xml:1709 msgid "" "Specifies that SSSD should attempt to map user and group IDs from the " "ldap_user_objectsid and ldap_group_objectsid attributes instead of relying " @@ -5968,17 +6200,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1670 +#: sssd-ldap.5.xml:1715 msgid "Currently this feature supports only ActiveDirectory objectSID mapping." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1680 +#: sssd-ldap.5.xml:1725 msgid "ldap_min_id, ldap_max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1683 +#: sssd-ldap.5.xml:1728 msgid "" "In contrast to the SID based ID mapping which is used if ldap_id_mapping is " "set to true the allowed ID range for ldap_user_uid_number and " @@ -5989,29 +6221,40 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1695 +#: sssd-ldap.5.xml:1740 msgid "Default: not set (both options are set to 0)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1701 +#: sssd-ldap.5.xml:1746 msgid "ldap_sasl_mech (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1704 +#: sssd-ldap.5.xml:1749 +msgid "" +"Specify the SASL mechanism to use. Currently only GSSAPI and GSS-SPNEGO are " +"tested and supported." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1753 msgid "" -"Specify the SASL mechanism to use. Currently only GSSAPI is tested and " -"supported." +"If the backend supports sub-domains the value of ldap_sasl_mech is " +"automatically inherited to the sub-domains. If a different value is needed " +"for a sub-domain it can be overwritten by setting ldap_sasl_mech for this " +"sub-domain explicitly. Please see TRUSTED DOMAIN SECTION in " +"<citerefentry><refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" +"manvolnum></citerefentry> for details." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1714 +#: sssd-ldap.5.xml:1769 msgid "ldap_sasl_authid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ldap.5.xml:1725 +#: sssd-ldap.5.xml:1781 #, no-wrap msgid "" "hostname@REALM\n" @@ -6024,29 +6267,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1717 +#: sssd-ldap.5.xml:1772 msgid "" -"Specify the SASL authorization id to use. When GSSAPI is used, this " -"represents the Kerberos principal used for authentication to the directory. " -"This option can either contain the full principal (for example host/" -"myhost@EXAMPLE.COM) or just the principal name (for example host/myhost). By " -"default, the value is not set and the following principals are used: " -"<placeholder type=\"programlisting\" id=\"0\"/> If none of them are found, " -"the first principal in keytab is returned." +"Specify the SASL authorization id to use. When GSSAPI/GSS-SPNEGO are used, " +"this represents the Kerberos principal used for authentication to the " +"directory. This option can either contain the full principal (for example " +"host/myhost@EXAMPLE.COM) or just the principal name (for example host/" +"myhost). By default, the value is not set and the following principals are " +"used: <placeholder type=\"programlisting\" id=\"0\"/> If none of them are " +"found, the first principal in keytab is returned." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1736 +#: sssd-ldap.5.xml:1792 msgid "Default: host/hostname@REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1742 +#: sssd-ldap.5.xml:1798 msgid "ldap_sasl_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1745 +#: sssd-ldap.5.xml:1801 msgid "" "Specify the SASL realm to use. When not specified, this option defaults to " "the value of krb5_realm. If the ldap_sasl_authid contains the realm as " @@ -6054,77 +6297,78 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1751 +#: sssd-ldap.5.xml:1807 msgid "Default: the value of krb5_realm." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1757 +#: sssd-ldap.5.xml:1813 msgid "ldap_sasl_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1760 +#: sssd-ldap.5.xml:1816 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1765 +#: sssd-ldap.5.xml:1821 msgid "Default: false;" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1771 +#: sssd-ldap.5.xml:1827 msgid "ldap_krb5_keytab (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1774 -msgid "Specify the keytab to use when using SASL/GSSAPI." +#: sssd-ldap.5.xml:1830 +msgid "Specify the keytab to use when using SASL/GSSAPI/GSS-SPNEGO." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1777 +#: sssd-ldap.5.xml:1834 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1783 +#: sssd-ldap.5.xml:1840 msgid "ldap_krb5_init_creds (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1786 +#: sssd-ldap.5.xml:1843 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " -"GSSAPI." +"GSSAPI or GSS-SPNEGO." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1798 +#: sssd-ldap.5.xml:1855 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1801 -msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." +#: sssd-ldap.5.xml:1858 +msgid "" +"Specifies the lifetime in seconds of the TGT if GSSAPI or GSS-SPNEGO is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1805 sssd-ad.5.xml:959 +#: sssd-ldap.5.xml:1862 sssd-ad.5.xml:978 msgid "Default: 86400 (24 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1811 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:1868 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1814 +#: sssd-ldap.5.xml:1871 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of preference. " @@ -6136,7 +6380,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1826 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:1883 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -6144,7 +6388,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1831 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1888 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " @@ -6152,39 +6396,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1840 sssd-ipa.5.xml:443 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1897 sssd-ipa.5.xml:443 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1843 -msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." +#: sssd-ldap.5.xml:1900 +msgid "Specify the Kerberos REALM (for SASL/GSSAPI/GSS-SPNEGO auth)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1846 +#: sssd-ldap.5.xml:1904 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1852 sssd-krb5.5.xml:462 +#: sssd-ldap.5.xml:1910 sssd-krb5.5.xml:462 msgid "krb5_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1855 +#: sssd-ldap.5.xml:1913 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1867 sssd-krb5.5.xml:477 +#: sssd-ldap.5.xml:1925 sssd-krb5.5.xml:477 msgid "krb5_use_kdcinfo (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1870 sssd-krb5.5.xml:480 +#: sssd-ldap.5.xml:1928 sssd-krb5.5.xml:480 msgid "" "Specifies if the SSSD should instruct the Kerberos libraries what realm and " "which KDCs to use. This option is on by default, if you disable it, you need " @@ -6194,7 +6438,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1881 sssd-krb5.5.xml:491 +#: sssd-ldap.5.xml:1939 sssd-krb5.5.xml:491 msgid "" "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more " @@ -6202,26 +6446,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1895 +#: sssd-ldap.5.xml:1953 msgid "ldap_pwd_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1898 +#: sssd-ldap.5.xml:1956 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1903 +#: sssd-ldap.5.xml:1961 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1908 +#: sssd-ldap.5.xml:1966 msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " @@ -6229,7 +6473,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1914 +#: sssd-ldap.5.xml:1972 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " @@ -6237,31 +6481,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1923 +#: sssd-ldap.5.xml:1981 msgid "" "<emphasis>Note</emphasis>: if a password policy is configured on server " "side, it always takes precedence over policy set with this option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1931 +#: sssd-ldap.5.xml:1989 msgid "ldap_referrals (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1934 +#: sssd-ldap.5.xml:1992 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1938 +#: sssd-ldap.5.xml:1996 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1943 +#: sssd-ldap.5.xml:2001 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " @@ -6270,56 +6514,56 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1957 +#: sssd-ldap.5.xml:2015 msgid "ldap_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1960 +#: sssd-ldap.5.xml:2018 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1964 +#: sssd-ldap.5.xml:2022 msgid "Default: ldap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1970 +#: sssd-ldap.5.xml:2028 msgid "ldap_chpass_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1973 +#: sssd-ldap.5.xml:2031 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1978 +#: sssd-ldap.5.xml:2036 msgid "Default: not set, i.e. service discovery is disabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1984 +#: sssd-ldap.5.xml:2042 msgid "ldap_chpass_update_last_change (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1987 +#: sssd-ldap.5.xml:2045 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1999 +#: sssd-ldap.5.xml:2057 msgid "ldap_access_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2002 +#: sssd-ldap.5.xml:2060 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -6335,12 +6579,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2022 +#: sssd-ldap.5.xml:2080 msgid "Example:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:2025 +#: sssd-ldap.5.xml:2083 #, no-wrap msgid "" "access_provider = ldap\n" @@ -6349,14 +6593,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2029 +#: sssd-ldap.5.xml:2087 msgid "" "This example means that access to this host is restricted to users whose " "employeeType attribute is set to \"admin\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2034 +#: sssd-ldap.5.xml:2092 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -6365,24 +6609,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2042 sssd-ldap.5.xml:2099 +#: sssd-ldap.5.xml:2100 sssd-ldap.5.xml:2157 msgid "Default: Empty" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2048 +#: sssd-ldap.5.xml:2106 msgid "ldap_account_expire_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2051 +#: sssd-ldap.5.xml:2109 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2055 +#: sssd-ldap.5.xml:2113 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -6390,19 +6634,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2062 +#: sssd-ldap.5.xml:2120 msgid "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2065 +#: sssd-ldap.5.xml:2123 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2070 +#: sssd-ldap.5.xml:2128 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -6411,7 +6655,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2077 +#: sssd-ldap.5.xml:2135 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " @@ -6419,7 +6663,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2083 +#: sssd-ldap.5.xml:2141 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -6428,7 +6672,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2092 +#: sssd-ldap.5.xml:2150 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>expire</quote> in order for the " @@ -6436,22 +6680,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2105 +#: sssd-ldap.5.xml:2163 msgid "ldap_access_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2108 +#: sssd-ldap.5.xml:2166 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2112 +#: sssd-ldap.5.xml:2170 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2115 +#: sssd-ldap.5.xml:2173 msgid "" "<emphasis>lockout</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -6461,14 +6705,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2125 +#: sssd-ldap.5.xml:2183 msgid "" "<emphasis> Please note that this option is superseded by the <quote>ppolicy</" "quote> option and might be removed in a future release. </emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2132 +#: sssd-ldap.5.xml:2190 msgid "" "<emphasis>ppolicy</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -6481,12 +6725,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2149 +#: sssd-ldap.5.xml:2207 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2153 +#: sssd-ldap.5.xml:2211 msgid "" "<emphasis>pwd_expire_policy_reject, pwd_expire_policy_warn, " "pwd_expire_policy_renew: </emphasis> These options are useful if users are " @@ -6496,7 +6740,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2163 +#: sssd-ldap.5.xml:2221 msgid "" "The difference between these options is the action taken if user password is " "expired: pwd_expire_policy_reject - user is denied to log in, " @@ -6506,63 +6750,63 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2171 +#: sssd-ldap.5.xml:2229 msgid "" "Note If user password is expired no explicit message is prompted by SSSD." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2175 +#: sssd-ldap.5.xml:2233 msgid "" "Please note that 'access_provider = ldap' must be set for this feature to " "work. Also 'ldap_pwd_policy' must be set to an appropriate password policy." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2180 +#: sssd-ldap.5.xml:2238 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2185 +#: sssd-ldap.5.xml:2243 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2189 +#: sssd-ldap.5.xml:2247 msgid "" "<emphasis>rhost</emphasis>: use the rhost attribute to determine whether " "remote host can access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2193 +#: sssd-ldap.5.xml:2251 msgid "" "Please note, rhost field in pam is set by application, it is better to check " "what the application sends to pam, before enabling this access control option" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2198 +#: sssd-ldap.5.xml:2256 msgid "Default: filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2201 +#: sssd-ldap.5.xml:2259 msgid "" "Please note that it is a configuration error if a value is used more than " "once." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2208 +#: sssd-ldap.5.xml:2266 msgid "ldap_pwdlockout_dn (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2211 +#: sssd-ldap.5.xml:2269 msgid "" "This option specifies the DN of password policy entry on LDAP server. Please " "note that absence of this option in sssd.conf in case of enabled account " @@ -6571,74 +6815,74 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2219 +#: sssd-ldap.5.xml:2277 msgid "Example: cn=ppolicy,ou=policies,dc=example,dc=com" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2222 +#: sssd-ldap.5.xml:2280 msgid "Default: cn=ppolicy,ou=policies,$ldap_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2228 +#: sssd-ldap.5.xml:2286 msgid "ldap_deref (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2231 +#: sssd-ldap.5.xml:2289 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2236 +#: sssd-ldap.5.xml:2294 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2240 +#: sssd-ldap.5.xml:2298 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2245 +#: sssd-ldap.5.xml:2303 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2250 +#: sssd-ldap.5.xml:2308 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2255 +#: sssd-ldap.5.xml:2313 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2263 +#: sssd-ldap.5.xml:2321 msgid "ldap_rfc2307_fallback_to_local_users (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2266 +#: sssd-ldap.5.xml:2324 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2270 +#: sssd-ldap.5.xml:2328 msgid "" "In some environments where the RFC2307 schema is used, local users are made " "members of LDAP groups by adding their names to the memberUid attribute. " @@ -6649,7 +6893,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2281 +#: sssd-ldap.5.xml:2339 msgid "" "This option falls back to checking if local users are referenced, and caches " "them so that later initgroups() calls will augment the local users with the " @@ -6657,24 +6901,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2293 sssd-ifp.5.xml:136 +#: sssd-ldap.5.xml:2351 sssd-ifp.5.xml:136 msgid "wildcard_limit (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2296 +#: sssd-ldap.5.xml:2354 msgid "" "Specifies an upper limit on the number of entries that are downloaded during " "a wildcard lookup." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2300 +#: sssd-ldap.5.xml:2358 msgid "At the moment, only the InfoPipe responder supports wildcard lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2304 +#: sssd-ldap.5.xml:2362 msgid "Default: 1000 (often the size of one page)" msgstr "" @@ -6689,12 +6933,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2314 +#: sssd-ldap.5.xml:2372 msgid "SUDO OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2316 +#: sssd-ldap.5.xml:2374 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -6702,317 +6946,327 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2327 +#: sssd-ldap.5.xml:2385 msgid "ldap_sudorule_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2330 +#: sssd-ldap.5.xml:2388 msgid "The object class of a sudo rule entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2333 +#: sssd-ldap.5.xml:2391 msgid "Default: sudoRole" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2339 +#: sssd-ldap.5.xml:2397 msgid "ldap_sudorule_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2342 +#: sssd-ldap.5.xml:2400 msgid "The LDAP attribute that corresponds to the sudo rule name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2352 +#: sssd-ldap.5.xml:2410 msgid "ldap_sudorule_command (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2355 +#: sssd-ldap.5.xml:2413 msgid "The LDAP attribute that corresponds to the command name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2359 +#: sssd-ldap.5.xml:2417 msgid "Default: sudoCommand" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2365 +#: sssd-ldap.5.xml:2423 msgid "ldap_sudorule_host (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2368 +#: sssd-ldap.5.xml:2426 msgid "" "The LDAP attribute that corresponds to the host name (or host IP address, " "host IP network, or host netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2373 +#: sssd-ldap.5.xml:2431 msgid "Default: sudoHost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2379 +#: sssd-ldap.5.xml:2437 msgid "ldap_sudorule_user (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2382 +#: sssd-ldap.5.xml:2440 msgid "" "The LDAP attribute that corresponds to the user name (or UID, group name or " "user's netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2386 +#: sssd-ldap.5.xml:2444 msgid "Default: sudoUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2392 +#: sssd-ldap.5.xml:2450 msgid "ldap_sudorule_option (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2395 +#: sssd-ldap.5.xml:2453 msgid "The LDAP attribute that corresponds to the sudo options." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2399 +#: sssd-ldap.5.xml:2457 msgid "Default: sudoOption" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2405 +#: sssd-ldap.5.xml:2463 msgid "ldap_sudorule_runasuser (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2408 +#: sssd-ldap.5.xml:2466 msgid "" "The LDAP attribute that corresponds to the user name that commands may be " "run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2412 +#: sssd-ldap.5.xml:2470 msgid "Default: sudoRunAsUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2418 +#: sssd-ldap.5.xml:2476 msgid "ldap_sudorule_runasgroup (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2421 +#: sssd-ldap.5.xml:2479 msgid "" "The LDAP attribute that corresponds to the group name or group GID that " "commands may be run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2425 +#: sssd-ldap.5.xml:2483 msgid "Default: sudoRunAsGroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2431 +#: sssd-ldap.5.xml:2489 msgid "ldap_sudorule_notbefore (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2434 +#: sssd-ldap.5.xml:2492 msgid "" "The LDAP attribute that corresponds to the start date/time for when the sudo " "rule is valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2438 +#: sssd-ldap.5.xml:2496 msgid "Default: sudoNotBefore" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2444 +#: sssd-ldap.5.xml:2502 msgid "ldap_sudorule_notafter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2447 +#: sssd-ldap.5.xml:2505 msgid "" "The LDAP attribute that corresponds to the expiration date/time, after which " "the sudo rule will no longer be valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2452 +#: sssd-ldap.5.xml:2510 msgid "Default: sudoNotAfter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2458 +#: sssd-ldap.5.xml:2516 msgid "ldap_sudorule_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2461 +#: sssd-ldap.5.xml:2519 msgid "The LDAP attribute that corresponds to the ordering index of the rule." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2465 +#: sssd-ldap.5.xml:2523 msgid "Default: sudoOrder" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2471 +#: sssd-ldap.5.xml:2529 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2474 +#: sssd-ldap.5.xml:2532 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2479 +#: sssd-ldap.5.xml:2537 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </" "emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2484 +#: sssd-ldap.5.xml:2542 msgid "Default: 21600 (6 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2490 +#: sssd-ldap.5.xml:2548 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2493 +#: sssd-ldap.5.xml:2551 msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " -"rules (which downloads all rules that have USN higher than the highest USN " -"of cached rules)." +"rules (which downloads all rules that have USN higher than the highest " +"server USN value that is currently known by SSSD)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2499 +#: sssd-ldap.5.xml:2557 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:2561 +msgid "" +"<emphasis>Note:</emphasis> the highest USN value can be updated by three " +"tasks: 1) By sudo full and smart refresh (if updated rules are found), 2) by " +"enumeration of users and groups (if enabled and updated users or groups are " +"found) and 3) by reconnecting to the server (by default every 15 minutes, " +"see <emphasis>ldap_connection_expire_timeout</emphasis>)." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2509 +#: sssd-ldap.5.xml:2578 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2512 +#: sssd-ldap.5.xml:2581 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2523 +#: sssd-ldap.5.xml:2592 msgid "ldap_sudo_hostnames (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2526 +#: sssd-ldap.5.xml:2595 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2531 +#: sssd-ldap.5.xml:2600 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2536 sssd-ldap.5.xml:2559 sssd-ldap.5.xml:2577 -#: sssd-ldap.5.xml:2595 +#: sssd-ldap.5.xml:2605 sssd-ldap.5.xml:2628 sssd-ldap.5.xml:2646 +#: sssd-ldap.5.xml:2664 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</" "emphasis> then this option has no effect." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2541 sssd-ldap.5.xml:2564 +#: sssd-ldap.5.xml:2610 sssd-ldap.5.xml:2633 msgid "Default: not specified" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2547 +#: sssd-ldap.5.xml:2616 msgid "ldap_sudo_ip (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2550 +#: sssd-ldap.5.xml:2619 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2555 +#: sssd-ldap.5.xml:2624 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2570 +#: sssd-ldap.5.xml:2639 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2573 +#: sssd-ldap.5.xml:2642 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2588 +#: sssd-ldap.5.xml:2657 msgid "ldap_sudo_include_regexp (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2591 +#: sssd-ldap.5.xml:2660 msgid "" "If true then SSSD will download every rule that contains a wildcard in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><note><para> -#: sssd-ldap.5.xml:2601 +#: sssd-ldap.5.xml:2670 msgid "" "Using wildcard is an operation that is very costly to evaluate on the LDAP " "server side!" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2613 +#: sssd-ldap.5.xml:2682 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -7021,111 +7275,111 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2623 +#: sssd-ldap.5.xml:2692 msgid "AUTOFS OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2625 +#: sssd-ldap.5.xml:2694 msgid "" "Some of the defaults for the parameters below are dependent on the LDAP " "schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2631 +#: sssd-ldap.5.xml:2700 msgid "ldap_autofs_map_master_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2634 +#: sssd-ldap.5.xml:2703 msgid "The name of the automount master map in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2637 +#: sssd-ldap.5.xml:2706 msgid "Default: auto.master" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2644 +#: sssd-ldap.5.xml:2713 msgid "ldap_autofs_map_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2647 +#: sssd-ldap.5.xml:2716 msgid "The object class of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2650 +#: sssd-ldap.5.xml:2719 msgid "Default: nisMap (rfc2307, autofs_provider=ad), otherwise automountMap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2658 +#: sssd-ldap.5.xml:2727 msgid "ldap_autofs_map_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2661 +#: sssd-ldap.5.xml:2730 msgid "The name of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2664 +#: sssd-ldap.5.xml:2733 msgid "" "Default: nisMapName (rfc2307, autofs_provider=ad), otherwise automountMapName" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2672 +#: sssd-ldap.5.xml:2741 msgid "ldap_autofs_entry_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2675 +#: sssd-ldap.5.xml:2744 msgid "" "The object class of an automount entry in LDAP. The entry usually " "corresponds to a mount point." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2680 +#: sssd-ldap.5.xml:2749 msgid "Default: nisObject (rfc2307, autofs_provider=ad), otherwise automount" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2688 +#: sssd-ldap.5.xml:2757 msgid "ldap_autofs_entry_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2691 sssd-ldap.5.xml:2706 +#: sssd-ldap.5.xml:2760 sssd-ldap.5.xml:2775 msgid "" "The key of an automount entry in LDAP. The entry usually corresponds to a " "mount point." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2695 +#: sssd-ldap.5.xml:2764 msgid "Default: cn (rfc2307, autofs_provider=ad), otherwise automountKey" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2703 +#: sssd-ldap.5.xml:2772 msgid "ldap_autofs_entry_value (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2710 +#: sssd-ldap.5.xml:2779 msgid "" "Default: nisMapEntry (rfc2307, autofs_provider=ad), otherwise " "automountInformation" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2629 +#: sssd-ldap.5.xml:2698 msgid "" "<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" "\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " @@ -7134,32 +7388,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2721 +#: sssd-ldap.5.xml:2790 msgid "ADVANCED OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2728 +#: sssd-ldap.5.xml:2797 msgid "ldap_netgroup_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2733 +#: sssd-ldap.5.xml:2802 msgid "ldap_user_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2738 +#: sssd-ldap.5.xml:2807 msgid "ldap_group_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note> -#: sssd-ldap.5.xml:2743 +#: sssd-ldap.5.xml:2812 msgid "<note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note><para> -#: sssd-ldap.5.xml:2745 +#: sssd-ldap.5.xml:2814 msgid "" "If the option <quote>ldap_use_tokengroups</quote> is enabled, the searches " "against Active Directory will not be restricted and return all groups " @@ -7168,22 +7422,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist> -#: sssd-ldap.5.xml:2752 +#: sssd-ldap.5.xml:2821 msgid "</note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2754 +#: sssd-ldap.5.xml:2823 msgid "ldap_sudo_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2759 +#: sssd-ldap.5.xml:2828 msgid "ldap_autofs_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2723 +#: sssd-ldap.5.xml:2792 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -7192,14 +7446,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2774 sssd-simple.5.xml:131 sssd-ipa.5.xml:843 -#: sssd-ad.5.xml:1078 sssd-krb5.5.xml:570 sss_rpcidmapd.5.xml:98 +#: sssd-ldap.5.xml:2843 sssd-simple.5.xml:131 sssd-ipa.5.xml:843 +#: sssd-ad.5.xml:1097 sssd-krb5.5.xml:604 sss_rpcidmapd.5.xml:98 #: sssd-files.5.xml:130 sssd-session-recording.5.xml:144 msgid "EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2776 +#: sssd-ldap.5.xml:2845 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -7207,7 +7461,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2782 +#: sssd-ldap.5.xml:2851 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -7220,27 +7474,27 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:2781 sssd-ldap.5.xml:2799 sssd-simple.5.xml:139 -#: sssd-ipa.5.xml:851 sssd-ad.5.xml:1086 sssd-sudo.5.xml:56 sssd-krb5.5.xml:579 +#: sssd-ldap.5.xml:2850 sssd-ldap.5.xml:2868 sssd-simple.5.xml:139 +#: sssd-ipa.5.xml:851 sssd-ad.5.xml:1105 sssd-sudo.5.xml:56 sssd-krb5.5.xml:613 #: sssd-files.5.xml:137 sssd-files.5.xml:148 sssd-session-recording.5.xml:150 #: include/ldap_id_mapping.xml:105 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2793 +#: sssd-ldap.5.xml:2862 msgid "LDAP ACCESS FILTER EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2795 +#: sssd-ldap.5.xml:2864 msgid "" "The following example assumes that SSSD is correctly configured and to use " "the ldap_access_order=lockout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2800 +#: sssd-ldap.5.xml:2869 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -7256,13 +7510,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2815 sssd_krb5_locator_plugin.8.xml:81 sssd-simple.5.xml:148 -#: sssd-ad.5.xml:1101 sssd.8.xml:257 sss_seed.8.xml:163 +#: sssd-ldap.5.xml:2884 sssd_krb5_locator_plugin.8.xml:83 sssd-simple.5.xml:148 +#: sssd-ad.5.xml:1120 sssd.8.xml:257 sss_seed.8.xml:163 msgid "NOTES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2817 +#: sssd-ldap.5.xml:2886 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -7475,7 +7729,7 @@ msgstr "" msgid "" "Try to use certificate based authentication, i.e. authentication with a " "Smartcard or similar devices. If a Smartcard is available and the service is " -"allowed for Smartcard authentication the use will be prompted for a PIN and " +"allowed for Smartcard authentication the user will be prompted for a PIN and " "the certificate based authentication will continue" msgstr "" @@ -7522,13 +7776,22 @@ msgid "" "<option>password</option> and <option>session</option>) are provided." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para> +#: pam_sss.8.xml:259 +msgid "" +"If SSSD's PAM responder is not running, e.g. if the PAM responder socket is " +"not available, pam_sss will return PAM_USER_UNKNOWN when called as " +"<option>account</option> module to avoid issues with users from other " +"sources during access control." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><title> -#: pam_sss.8.xml:262 +#: pam_sss.8.xml:266 msgid "FILES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:263 +#: pam_sss.8.xml:267 msgid "" "If a password reset by root fails, because the corresponding SSSD provider " "does not support password resets, an individual message can be displayed. " @@ -7536,7 +7799,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:268 +#: pam_sss.8.xml:272 msgid "" "The message is read from the file <filename>pam_sss_pw_reset_message.LOC</" "filename> where LOC stands for a locale string returned by <citerefentry> " @@ -7548,7 +7811,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:278 +#: pam_sss.8.xml:282 msgid "" "These files are searched in the directory <filename>/etc/sssd/customize/" "DOMAIN_NAME/</filename>. If no matching file is present a generic message is " @@ -7598,34 +7861,44 @@ msgstr "" msgid "" "The plugin reads the information about the KDCs of a given realm from a file " "called <filename>kdcinfo.REALM</filename>. The file should contain one or " -"more IP addresses either in dotted-decimal IPv4 notation or the hexadecimal " -"IPv6 notation. An optional port number can be added to the end separated " -"with a colon, the IPv6 address has to be enclosed in squared brackets in " -"this case as usual. Valid entries are:" +"more DNS names or IP addresses either in dotted-decimal IPv4 notation or the " +"hexadecimal IPv6 notation. An optional port number can be added to the end " +"separated with a colon, the IPv6 address has to be enclosed in squared " +"brackets in this case as usual. Valid entries are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> #: sssd_krb5_locator_plugin.8.xml:58 -msgid "1.2.3.4" +msgid "kdc.example.com" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> #: sssd_krb5_locator_plugin.8.xml:59 -msgid "5.6.7.8:99" +msgid "kdc.example.com:321" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> #: sssd_krb5_locator_plugin.8.xml:60 -msgid "2001:db8:85a3::8a2e:370:7334" +msgid "1.2.3.4" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> #: sssd_krb5_locator_plugin.8.xml:61 +msgid "5.6.7.8:99" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd_krb5_locator_plugin.8.xml:62 +msgid "2001:db8:85a3::8a2e:370:7334" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd_krb5_locator_plugin.8.xml:63 msgid "[2001:db8:85a3::8a2e:370:7334]:321" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:63 +#: sssd_krb5_locator_plugin.8.xml:65 msgid "" "SSSD's krb5 auth-provider which is used by the IPA and AD providers as well " "adds the address of the current KDC or domain controller SSSD is using to " @@ -7633,7 +7906,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:68 +#: sssd_krb5_locator_plugin.8.xml:70 msgid "" "In environments with read-only and read-write KDCs where clients are " "expected to use the read-only instances for the general operations and only " @@ -7646,7 +7919,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:83 +#: sssd_krb5_locator_plugin.8.xml:85 msgid "" "Not all Kerberos implementations support the use of plugins. If " "<command>sssd_krb5_locator_plugin</command> is not available on your system " @@ -7654,20 +7927,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:89 +#: sssd_krb5_locator_plugin.8.xml:91 msgid "" "If the environment variable SSSD_KRB5_LOCATOR_DEBUG is set to any value " "debug messages will be sent to stderr." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:93 +#: sssd_krb5_locator_plugin.8.xml:95 msgid "" "If the environment variable SSSD_KRB5_LOCATOR_DISABLE is set to any value " "the plugin is disabled and will just return KRB5_PLUGIN_NO_HANDLE to the " "caller." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:100 +msgid "" +"If the environment variable SSSD_KRB5_LOCATOR_IGNORE_DNS_FAILURES is set to " +"any value plugin will try to resolve all DNS names in kdcinfo file. By " +"default plugin returns KRB5_PLUGIN_NO_HANDLE to the caller immediately on " +"first DNS resolving failure." +msgstr "" + #. type: Content of: <reference><refentry><refnamediv><refname> #: sssd-simple.5.xml:10 sssd-simple.5.xml:16 msgid "sssd-simple" @@ -8764,7 +9046,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:128 sssd-ad.5.xml:888 +#: sssd-ipa.5.xml:128 sssd-ad.5.xml:907 msgid "dyndns_update (boolean)" msgstr "" @@ -8779,7 +9061,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:140 sssd-ad.5.xml:902 +#: sssd-ipa.5.xml:140 sssd-ad.5.xml:921 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" @@ -8794,12 +9076,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:157 sssd-ad.5.xml:913 +#: sssd-ipa.5.xml:157 sssd-ad.5.xml:932 msgid "dyndns_ttl (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:160 sssd-ad.5.xml:916 +#: sssd-ipa.5.xml:160 sssd-ad.5.xml:935 msgid "" "The TTL to apply to the client DNS record when updating it. If " "dyndns_update is false this has no effect. This will override the TTL " @@ -8820,12 +9102,12 @@ msgid "Default: 1200 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:177 sssd-ad.5.xml:927 +#: sssd-ipa.5.xml:177 sssd-ad.5.xml:946 msgid "dyndns_iface (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:180 sssd-ad.5.xml:930 +#: sssd-ipa.5.xml:180 sssd-ad.5.xml:949 msgid "" "Optional. Applicable only when dyndns_update is true. Choose the interface " "or a list of interfaces whose IP addresses should be used for dynamic DNS " @@ -8849,17 +9131,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:197 sssd-ad.5.xml:941 +#: sssd-ipa.5.xml:197 sssd-ad.5.xml:960 msgid "Example: dyndns_iface = em1, vnet1, vnet2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:203 sssd-ad.5.xml:992 +#: sssd-ipa.5.xml:203 sssd-ad.5.xml:1011 msgid "dyndns_auth (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:206 sssd-ad.5.xml:995 +#: sssd-ipa.5.xml:206 sssd-ad.5.xml:1014 msgid "" "Whether the nsupdate utility should use GSS-TSIG authentication for secure " "updates with the DNS server, insecure updates can be sent by setting this " @@ -8867,7 +9149,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:212 sssd-ad.5.xml:1001 +#: sssd-ipa.5.xml:212 sssd-ad.5.xml:1020 msgid "Default: GSS-TSIG" msgstr "" @@ -8894,7 +9176,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:244 sssd-ad.5.xml:947 +#: sssd-ipa.5.xml:244 sssd-ad.5.xml:966 msgid "dyndns_refresh_interval (integer)" msgstr "" @@ -8907,12 +9189,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:260 sssd-ad.5.xml:965 +#: sssd-ipa.5.xml:260 sssd-ad.5.xml:984 msgid "dyndns_update_ptr (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:263 sssd-ad.5.xml:968 +#: sssd-ipa.5.xml:263 sssd-ad.5.xml:987 msgid "" "Whether the PTR record should also be explicitly updated when updating the " "client's DNS records. Applicable only when dyndns_update is true." @@ -8931,60 +9213,60 @@ msgid "Default: False (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:280 sssd-ad.5.xml:979 +#: sssd-ipa.5.xml:280 sssd-ad.5.xml:998 msgid "dyndns_force_tcp (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:283 sssd-ad.5.xml:982 +#: sssd-ipa.5.xml:283 sssd-ad.5.xml:1001 msgid "" "Whether the nsupdate utility should default to using TCP for communicating " "with the DNS server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:287 sssd-ad.5.xml:986 +#: sssd-ipa.5.xml:287 sssd-ad.5.xml:1005 msgid "Default: False (let nsupdate choose the protocol)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:293 sssd-ad.5.xml:1007 +#: sssd-ipa.5.xml:293 sssd-ad.5.xml:1026 msgid "dyndns_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:296 sssd-ad.5.xml:1010 +#: sssd-ipa.5.xml:296 sssd-ad.5.xml:1029 msgid "" "The DNS server to use when performing a DNS update. In most setups, it's " "recommended to leave this option unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:301 sssd-ad.5.xml:1015 +#: sssd-ipa.5.xml:301 sssd-ad.5.xml:1034 msgid "" "Setting this option makes sense for environments where the DNS server is " "different from the identity server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:306 sssd-ad.5.xml:1020 +#: sssd-ipa.5.xml:306 sssd-ad.5.xml:1039 msgid "" "Please note that this option will be only used in fallback attempt when " "previous attempt using autodetected settings failed." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:311 sssd-ad.5.xml:1025 +#: sssd-ipa.5.xml:311 sssd-ad.5.xml:1044 msgid "Default: None (let nsupdate choose the server)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:317 sssd-ad.5.xml:1031 +#: sssd-ipa.5.xml:317 sssd-ad.5.xml:1050 msgid "dyndns_update_per_family (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:320 sssd-ad.5.xml:1034 +#: sssd-ipa.5.xml:320 sssd-ad.5.xml:1053 msgid "" "DNS update is by default performed in two steps - IPv4 update and then IPv6 " "update. In some cases it might be desirable to perform IPv4 and IPv6 update " @@ -9098,26 +9380,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:458 sssd-ad.5.xml:1049 +#: sssd-ipa.5.xml:458 sssd-ad.5.xml:1068 msgid "krb5_confd_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:461 sssd-ad.5.xml:1052 +#: sssd-ipa.5.xml:461 sssd-ad.5.xml:1071 msgid "" "Absolute path of a directory where SSSD should place Kerberos configuration " "snippets." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:465 sssd-ad.5.xml:1056 +#: sssd-ipa.5.xml:465 sssd-ad.5.xml:1075 msgid "" "To disable the creation of the configuration snippets set the parameter to " "'none'." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:469 sssd-ad.5.xml:1060 +#: sssd-ipa.5.xml:469 sssd-ad.5.xml:1079 msgid "" "Default: not set (krb5.include.d subdirectory of SSSD's pubconf directory)" msgstr "" @@ -9136,7 +9418,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:486 sssd-ipa.5.xml:516 sssd-ipa.5.xml:532 sssd-ad.5.xml:452 +#: sssd-ipa.5.xml:486 sssd-ipa.5.xml:516 sssd-ipa.5.xml:532 sssd-ad.5.xml:471 msgid "Default: 5 (seconds)" msgstr "" @@ -10012,12 +10294,27 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:442 +#: sssd-ad.5.xml:441 +msgid "ad_gpo_ignore_unreadable (boolean)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:444 +msgid "" +"Normally when some group policy containers (AD object) of applicable group " +"policy objects are not readable by SSSD then users are denied access. This " +"option allows to ignore group policy containers and with them associated " +"policies if their attributes in group policy containers are not readable for " +"SSSD." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:461 msgid "ad_gpo_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:445 +#: sssd-ad.5.xml:464 msgid "" "The amount of time between lookups of GPO policy files against the AD " "server. This will reduce the latency and load on the AD server if there are " @@ -10025,12 +10322,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:458 +#: sssd-ad.5.xml:477 msgid "ad_gpo_map_interactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:461 +#: sssd-ad.5.xml:480 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the InteractiveLogonRight and " @@ -10038,14 +10335,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:467 +#: sssd-ad.5.xml:486 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on locally\" and \"Deny log on locally\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:481 +#: sssd-ad.5.xml:500 #, no-wrap msgid "" "ad_gpo_map_interactive = +my_pam_service, -login\n" @@ -10053,7 +10350,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:472 +#: sssd-ad.5.xml:491 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -10065,42 +10362,42 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:504 +#: sssd-ad.5.xml:523 msgid "gdm-fingerprint" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:524 +#: sssd-ad.5.xml:543 msgid "lightdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:529 +#: sssd-ad.5.xml:548 msgid "lxdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:534 +#: sssd-ad.5.xml:553 msgid "sddm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:539 +#: sssd-ad.5.xml:558 msgid "unity" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:544 +#: sssd-ad.5.xml:563 msgid "xdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:553 +#: sssd-ad.5.xml:572 msgid "ad_gpo_map_remote_interactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:556 +#: sssd-ad.5.xml:575 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the RemoteInteractiveLogonRight and " @@ -10108,7 +10405,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:562 +#: sssd-ad.5.xml:581 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on through Remote Desktop Services\" and \"Deny log on through Remote " @@ -10116,7 +10413,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:577 +#: sssd-ad.5.xml:596 #, no-wrap msgid "" "ad_gpo_map_remote_interactive = +my_pam_service, -sshd\n" @@ -10124,7 +10421,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:568 +#: sssd-ad.5.xml:587 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -10136,22 +10433,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:585 +#: sssd-ad.5.xml:604 msgid "sshd" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:590 +#: sssd-ad.5.xml:609 msgid "cockpit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:599 +#: sssd-ad.5.xml:618 msgid "ad_gpo_map_network (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:602 +#: sssd-ad.5.xml:621 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the NetworkLogonRight and " @@ -10159,7 +10456,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:608 +#: sssd-ad.5.xml:627 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Access " "this computer from the network\" and \"Deny access to this computer from the " @@ -10167,7 +10464,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:623 +#: sssd-ad.5.xml:642 #, no-wrap msgid "" "ad_gpo_map_network = +my_pam_service, -ftp\n" @@ -10175,7 +10472,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:614 +#: sssd-ad.5.xml:633 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -10187,22 +10484,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:631 +#: sssd-ad.5.xml:650 msgid "ftp" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:636 +#: sssd-ad.5.xml:655 msgid "samba" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:645 +#: sssd-ad.5.xml:664 msgid "ad_gpo_map_batch (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:648 +#: sssd-ad.5.xml:667 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the BatchLogonRight and DenyBatchLogonRight " @@ -10210,14 +10507,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:654 +#: sssd-ad.5.xml:673 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a batch job\" and \"Deny log on as a batch job\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:668 +#: sssd-ad.5.xml:687 #, no-wrap msgid "" "ad_gpo_map_batch = +my_pam_service, -crond\n" @@ -10225,7 +10522,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:659 +#: sssd-ad.5.xml:678 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -10237,23 +10534,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:671 +#: sssd-ad.5.xml:690 msgid "" "Note: Cron service name may differ depending on Linux distribution used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:677 +#: sssd-ad.5.xml:696 msgid "crond" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:686 +#: sssd-ad.5.xml:705 msgid "ad_gpo_map_service (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:689 +#: sssd-ad.5.xml:708 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the ServiceLogonRight and " @@ -10261,14 +10558,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:695 +#: sssd-ad.5.xml:714 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a service\" and \"Deny log on as a service\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:708 +#: sssd-ad.5.xml:727 #, no-wrap msgid "" "ad_gpo_map_service = +my_pam_service\n" @@ -10276,7 +10573,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:700 sssd-ad.5.xml:775 +#: sssd-ad.5.xml:719 sssd-ad.5.xml:794 msgid "" "It is possible to add a PAM service name to the default set by using <quote>" "+service_name</quote>. Since the default set is empty, it is not possible " @@ -10287,19 +10584,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:718 +#: sssd-ad.5.xml:737 msgid "ad_gpo_map_permit (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:721 +#: sssd-ad.5.xml:740 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always granted, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:735 +#: sssd-ad.5.xml:754 #, no-wrap msgid "" "ad_gpo_map_permit = +my_pam_service, -sudo\n" @@ -10307,7 +10604,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:726 +#: sssd-ad.5.xml:745 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -10319,29 +10616,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:743 +#: sssd-ad.5.xml:762 msgid "polkit-1" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:758 +#: sssd-ad.5.xml:777 msgid "systemd-user" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:767 +#: sssd-ad.5.xml:786 msgid "ad_gpo_map_deny (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:770 +#: sssd-ad.5.xml:789 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always denied, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:783 +#: sssd-ad.5.xml:802 #, no-wrap msgid "" "ad_gpo_map_deny = +my_pam_service\n" @@ -10349,12 +10646,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:793 +#: sssd-ad.5.xml:812 msgid "ad_gpo_default_right (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:796 +#: sssd-ad.5.xml:815 msgid "" "This option defines how access control is evaluated for PAM service names " "that are not explicitly listed in one of the ad_gpo_map_* options. This " @@ -10367,57 +10664,57 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:809 +#: sssd-ad.5.xml:828 msgid "Supported values for this option include:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:813 +#: sssd-ad.5.xml:832 msgid "interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:818 +#: sssd-ad.5.xml:837 msgid "remote_interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:823 +#: sssd-ad.5.xml:842 msgid "network" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:828 +#: sssd-ad.5.xml:847 msgid "batch" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:833 +#: sssd-ad.5.xml:852 msgid "service" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:838 +#: sssd-ad.5.xml:857 msgid "permit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:843 +#: sssd-ad.5.xml:862 msgid "deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:849 +#: sssd-ad.5.xml:868 msgid "Default: deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:855 +#: sssd-ad.5.xml:874 msgid "ad_maximum_machine_account_password_age (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:858 +#: sssd-ad.5.xml:877 msgid "" "SSSD will check once a day if the machine account password is older than the " "given age in days and try to renew it. A value of 0 will disable the renewal " @@ -10425,17 +10722,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:864 +#: sssd-ad.5.xml:883 msgid "Default: 30 days" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:870 +#: sssd-ad.5.xml:889 msgid "ad_machine_account_password_renewal_opts (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:873 +#: sssd-ad.5.xml:892 msgid "" "This option should only be used to test the machine account renewal task. " "The option expects 2 integers separated by a colon (':'). The first integer " @@ -10445,12 +10742,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:882 +#: sssd-ad.5.xml:901 msgid "Default: 86400:750 (24h and 15m)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:891 +#: sssd-ad.5.xml:910 msgid "" "Optional. This option tells SSSD to automatically update the Active " "Directory DNS server with the IP address of this client. The update is " @@ -10461,19 +10758,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:921 +#: sssd-ad.5.xml:940 msgid "Default: 3600 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:937 +#: sssd-ad.5.xml:956 msgid "" "Default: Use the IP addresses of the interface which is used for AD LDAP " "connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:950 +#: sssd-ad.5.xml:969 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -10483,12 +10780,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:973 sss_rpcidmapd.5.xml:76 +#: sssd-ad.5.xml:992 sss_rpcidmapd.5.xml:76 msgid "Default: True" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1080 +#: sssd-ad.5.xml:1099 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -10496,7 +10793,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1087 +#: sssd-ad.5.xml:1106 #, no-wrap msgid "" "[domain/EXAMPLE]\n" @@ -10511,7 +10808,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1107 +#: sssd-ad.5.xml:1126 #, no-wrap msgid "" "access_provider = ldap\n" @@ -10520,7 +10817,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1103 +#: sssd-ad.5.xml:1122 msgid "" "The AD access control provider checks if the account is expired. It has the " "same effect as the following configuration of the LDAP provider: " @@ -10528,7 +10825,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1113 +#: sssd-ad.5.xml:1132 msgid "" "However, unless the <quote>ad</quote> access control provider is explicitly " "configured, the default access provider is <quote>permit</quote>. Please " @@ -10538,7 +10835,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1121 +#: sssd-ad.5.xml:1140 msgid "" "When the autofs provider is set to <quote>ad</quote>, the RFC2307 schema " "attribute mapping (nisMap, nisObject, ...) is used, because these attributes " @@ -10924,14 +11221,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd.8.xml:169 -#, fuzzy -#| msgid "" -#| "<option>-a</option>,<option>--append-group</option> <replaceable>GROUPS</" -#| "replaceable>" msgid "<option>-g</option>,<option>--genconf</option>" msgstr "" -"<option>-a</option>,<option>--append-group</option> <replaceable>GROUPS</" -"replaceable>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.8.xml:173 @@ -10942,14 +11233,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd.8.xml:181 -#, fuzzy -#| msgid "" -#| "<option>-a</option>,<option>--append-group</option> <replaceable>GROUPS</" -#| "replaceable>" msgid "<option>-s</option>,<option>--genconf-section</option>" msgstr "" -"<option>-a</option>,<option>--append-group</option> <replaceable>GROUPS</" -"replaceable>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.8.xml:185 @@ -12034,23 +12319,61 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-krb5.5.xml:505 -msgid "krb5_use_enterprise_principal (boolean)" +msgid "krb5_kdcinfo_lookahead (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:508 msgid "" +"When krb5_use_kdcinfo is set to true, you can limit the amount of servers " +"handed to <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" +"refentrytitle> <manvolnum>8</manvolnum> </citerefentry>. This might be " +"helpful when there are too many servers discovered using SRV record." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:518 +msgid "" +"The krb5_kdcinfo_lookahead option contains two numbers seperated by a colon. " +"The first number represents number of primary servers used and the second " +"number specifies the number of backup servers." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:524 +msgid "" +"For example <emphasis>10:0</emphasis> means that up to 10 primary servers " +"will be handed to <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" +"refentrytitle> <manvolnum>8</manvolnum> </citerefentry>. but no backup " +"servers." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:533 +#, fuzzy +#| msgid "Default: 3" +msgid "Default: 3:1" +msgstr "Dre ziouer : 3" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-krb5.5.xml:539 +msgid "krb5_use_enterprise_principal (boolean)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:542 +msgid "" "Specifies if the user principal should be treated as enterprise principal. " "See section 5 of RFC 6806 for more details about enterprise principals." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:514 +#: sssd-krb5.5.xml:548 msgid "Default: false (AD provider: true)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:517 +#: sssd-krb5.5.xml:551 msgid "" "The IPA provider will set to option to 'true' if it detects that the server " "is capable of handling enterprise principals and the option is not set " @@ -12058,12 +12381,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:526 +#: sssd-krb5.5.xml:560 msgid "krb5_map_user (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:529 +#: sssd-krb5.5.xml:563 msgid "" "The list of mappings is given as a comma-separated list of pairs " "<quote>username:primary</quote> where <quote>username</quote> is a UNIX user " @@ -12073,7 +12396,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-krb5.5.xml:541 +#: sssd-krb5.5.xml:575 #, no-wrap msgid "" "krb5_realm = REALM\n" @@ -12081,7 +12404,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:546 +#: sssd-krb5.5.xml:580 msgid "" "<quote>joe</quote> and <quote>dick</quote> are UNIX user names and " "<quote>juser</quote> and <quote>richard</quote> are primaries of kerberos " @@ -12101,7 +12424,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:572 +#: sssd-krb5.5.xml:606 msgid "" "The following example assumes that SSSD is correctly configured and FOO is " "one of the domains in the <replaceable>[sssd]</replaceable> section. This " @@ -12110,7 +12433,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-krb5.5.xml:580 +#: sssd-krb5.5.xml:614 #, no-wrap msgid "" "[domain/FOO]\n" @@ -13283,14 +13606,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_ssh_knownhostsproxy.1.xml:89 -#, fuzzy -#| msgid "" -#| "<option>-a</option>,<option>--append-group</option> <replaceable>GROUPS</" -#| "replaceable>" msgid "<option>-k</option>,<option>--pubkey</option>" msgstr "" -"<option>-a</option>,<option>--append-group</option> <replaceable>GROUPS</" -"replaceable>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_ssh_knownhostsproxy.1.xml:93 diff --git a/src/man/po/ca.po b/src/man/po/ca.po index 9f7da53e07d..b30302c792d 100644 --- a/src/man/po/ca.po +++ b/src/man/po/ca.po @@ -12,9 +12,9 @@ # Robert Antoni Buj Gelonch <rbuj@fedoraproject.org>, 2015. #zanata msgid "" msgstr "" -"Project-Id-Version: sssd-docs 1.16.2\n" +"Project-Id-Version: sssd-docs 2.0.99\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2019-02-27 19:54+0100\n" +"POT-Creation-Date: 2019-06-13 20:34+0200\n" "PO-Revision-Date: 2015-10-18 04:13+0000\n" "Last-Translator: Robert Antoni Buj Gelonch <rbuj@fedoraproject.org>\n" "Language-Team: Catalan (http://www.transifex.com/projects/p/sssd/language/" @@ -332,11 +332,11 @@ msgstr "" "opció." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:133 sssd.conf.5.xml:579 sssd.conf.5.xml:875 -#: sssd.conf.5.xml:1648 sssd.conf.5.xml:1678 sssd-ldap.5.xml:1792 -#: sssd-ldap.5.xml:1889 sssd-ldap.5.xml:1951 sssd-ldap.5.xml:2517 -#: sssd-ldap.5.xml:2582 sssd-ipa.5.xml:326 sssd-ad.5.xml:227 sssd-ad.5.xml:341 -#: sssd-ad.5.xml:907 sssd-ad.5.xml:1040 sssd-krb5.5.xml:499 +#: sssd.conf.5.xml:133 sssd.conf.5.xml:579 sssd.conf.5.xml:876 +#: sssd.conf.5.xml:1649 sssd.conf.5.xml:1679 sssd-ldap.5.xml:1849 +#: sssd-ldap.5.xml:1947 sssd-ldap.5.xml:2009 sssd-ldap.5.xml:2586 +#: sssd-ldap.5.xml:2651 sssd-ipa.5.xml:326 sssd-ad.5.xml:227 sssd-ad.5.xml:341 +#: sssd-ad.5.xml:926 sssd-ad.5.xml:1059 sssd-krb5.5.xml:499 #: sssd-secrets.5.xml:351 sssd-secrets.5.xml:364 msgid "Default: true" msgstr "Per defecte: true" @@ -358,16 +358,16 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:146 sssd.conf.5.xml:576 sssd.conf.5.xml:758 -#: sssd.conf.5.xml:1581 sssd.conf.5.xml:3140 sssd-ldap.5.xml:708 -#: sssd-ldap.5.xml:1655 sssd-ldap.5.xml:1674 sssd-ldap.5.xml:1861 -#: sssd-ldap.5.xml:2287 sssd-ldap.5.xml:2606 sssd-ipa.5.xml:151 +#: sssd.conf.5.xml:1582 sssd.conf.5.xml:3207 sssd-ldap.5.xml:746 +#: sssd-ldap.5.xml:1700 sssd-ldap.5.xml:1719 sssd-ldap.5.xml:1919 +#: sssd-ldap.5.xml:2345 sssd-ldap.5.xml:2675 sssd-ipa.5.xml:151 #: sssd-ipa.5.xml:238 sssd-ipa.5.xml:574 sssd-krb5.5.xml:266 #: sssd-krb5.5.xml:300 sssd-krb5.5.xml:471 msgid "Default: false" msgstr "Per defecte: false" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:2325 +#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:2383 #: sssd-systemtap.5.xml:82 sssd-systemtap.5.xml:143 sssd-systemtap.5.xml:210 #: sssd-systemtap.5.xml:248 sssd-systemtap.5.xml:304 msgid "<placeholder type=\"variablelist\" id=\"0\"/>" @@ -392,8 +392,8 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:169 sssd.conf.5.xml:1412 sssd.conf.5.xml:3156 -#: sssd-ldap.5.xml:1526 include/ldap_id_mapping.xml:264 +#: sssd.conf.5.xml:169 sssd.conf.5.xml:1413 sssd.conf.5.xml:3223 +#: sssd-ldap.5.xml:1571 include/ldap_id_mapping.xml:264 msgid "Default: 10" msgstr "Per defecte: 10" @@ -408,7 +408,7 @@ msgid "The [sssd] section" msgstr "La secció [sssd]" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:191 sssd.conf.5.xml:3245 +#: sssd.conf.5.xml:191 sssd.conf.5.xml:3312 msgid "Section parameters" msgstr "Paràmetres de la secció" @@ -497,7 +497,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:259 sssd.conf.5.xml:2754 +#: sssd.conf.5.xml:259 sssd.conf.5.xml:2755 msgid "re_expression (string)" msgstr "re_expression (cadena)" @@ -519,12 +519,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:276 sssd.conf.5.xml:2802 +#: sssd.conf.5.xml:276 sssd.conf.5.xml:2803 msgid "full_name_format (string)" msgstr "full_name_format (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:279 sssd.conf.5.xml:2805 +#: sssd.conf.5.xml:279 sssd.conf.5.xml:2806 msgid "" "A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" "manvolnum> </citerefentry>-compatible format that describes how to compose a " @@ -535,40 +535,40 @@ msgstr "" "compondre un FQN des dels components del nom d'usuari i del nom del domini." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:290 sssd.conf.5.xml:2816 +#: sssd.conf.5.xml:290 sssd.conf.5.xml:2817 msgid "%1$s" msgstr "%1$s" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:291 sssd.conf.5.xml:2817 +#: sssd.conf.5.xml:291 sssd.conf.5.xml:2818 msgid "user name" msgstr "nom d'usuari" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:294 sssd.conf.5.xml:2820 +#: sssd.conf.5.xml:294 sssd.conf.5.xml:2821 msgid "%2$s" msgstr "%2$s" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:297 sssd.conf.5.xml:2823 +#: sssd.conf.5.xml:297 sssd.conf.5.xml:2824 msgid "domain name as specified in the SSSD config file." msgstr "" "el nom del domini tal com s'especifica al fitxer de configuració de l'SSSD." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:303 sssd.conf.5.xml:2829 +#: sssd.conf.5.xml:303 sssd.conf.5.xml:2830 msgid "%3$s" msgstr "%3$s" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:306 sssd.conf.5.xml:2832 +#: sssd.conf.5.xml:306 sssd.conf.5.xml:2833 msgid "" "domain flat name. Mostly usable for Active Directory domains, both directly " "configured or discovered via IPA trusts." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:287 sssd.conf.5.xml:2813 +#: sssd.conf.5.xml:287 sssd.conf.5.xml:2814 msgid "" "The following expansions are supported: <placeholder type=\"variablelist\" " "id=\"0\"/>" @@ -726,10 +726,10 @@ msgstr "" "d'aquesta opció juntament amb use_fully_qualified_names establert a False." #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:418 sssd.conf.5.xml:1201 sssd-ldap.5.xml:679 -#: sssd-ldap.5.xml:1260 sssd-ldap.5.xml:1614 sssd-ldap.5.xml:1626 -#: sssd-ldap.5.xml:1708 sssd-ad.5.xml:712 sssd-ad.5.xml:787 sssd.8.xml:126 -#: sssd-krb5.5.xml:410 sssd-krb5.5.xml:556 sssd-secrets.5.xml:339 +#: sssd.conf.5.xml:418 sssd.conf.5.xml:1202 sssd-ldap.5.xml:717 +#: sssd-ldap.5.xml:1298 sssd-ldap.5.xml:1659 sssd-ldap.5.xml:1671 +#: sssd-ldap.5.xml:1763 sssd-ad.5.xml:731 sssd-ad.5.xml:806 sssd.8.xml:126 +#: sssd-krb5.5.xml:410 sssd-krb5.5.xml:590 sssd-secrets.5.xml:339 #: sssd-secrets.5.xml:377 sssd-secrets.5.xml:390 sssd-secrets.5.xml:404 #: sssd-secrets.5.xml:415 include/ldap_id_mapping.xml:205 #: include/ldap_id_mapping.xml:216 @@ -847,20 +847,12 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:509 -#, fuzzy -#| msgid "" -#| "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " -#| "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" -#| "citerefentry> for more information on configuring Kerberos." msgid "" "(NSS Version) This option is ignored, please see <citerefentry> " "<refentrytitle>crlutil</refentrytitle> <manvolnum>1</manvolnum> </" "citerefentry> how to import a Certificate Revocation List (CRL) into a NSS " "database." msgstr "" -"<quote>krb5</quote> per canviar la contrasenya Kerberos. Vegeu " -"<citerefentry><refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</" -"manvolnum></citerefentry> per a més informació sobre configurar Kerberos." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:518 @@ -880,12 +872,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:533 sssd.conf.5.xml:1397 sssd.conf.5.xml:1703 +#: sssd.conf.5.xml:533 sssd.conf.5.xml:1398 sssd.conf.5.xml:1704 msgid "This man page was generated for the NSS version." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:536 sssd.conf.5.xml:1400 sssd.conf.5.xml:1706 +#: sssd.conf.5.xml:536 sssd.conf.5.xml:1401 sssd.conf.5.xml:1707 msgid "This man page was generated for the OpenSSL version." msgstr "" @@ -969,7 +961,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:624 sssd.conf.5.xml:1424 sssd.conf.5.xml:3206 +#: sssd.conf.5.xml:624 sssd.conf.5.xml:1425 sssd.conf.5.xml:3273 #: sssd-ad.5.xml:164 sssd-ad.5.xml:302 sssd-ad.5.xml:316 msgid "Default: Not set" msgstr "Per defecte: Sense establir" @@ -1055,8 +1047,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:692 sssd.conf.5.xml:724 sssd.conf.5.xml:1006 -#: sssd.conf.5.xml:1267 sssd.conf.5.xml:1513 sssd-ldap.5.xml:1353 +#: sssd.conf.5.xml:692 sssd.conf.5.xml:724 sssd.conf.5.xml:1007 +#: sssd.conf.5.xml:1268 sssd.conf.5.xml:1514 sssd-ldap.5.xml:1391 msgid "Default: 60" msgstr "Per defecte: 60" @@ -1116,8 +1108,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:746 sssd.conf.5.xml:1019 sssd.conf.5.xml:1773 -#: sssd-ldap.5.xml:722 +#: sssd.conf.5.xml:746 sssd.conf.5.xml:1020 sssd.conf.5.xml:1774 +#: sssd-ldap.5.xml:760 msgid "Default: 300" msgstr "Per defecte: 300" @@ -1211,7 +1203,7 @@ msgstr "" "(0 desactiva aquesta característica)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:812 sssd.conf.5.xml:1602 +#: sssd.conf.5.xml:812 sssd.conf.5.xml:1603 msgid "Default: 50" msgstr "Per defecte: 50" @@ -1233,7 +1225,7 @@ msgstr "" "altra vegada." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:826 sssd.conf.5.xml:1626 +#: sssd.conf.5.xml:826 sssd.conf.5.xml:1627 msgid "Default: 15" msgstr "Per defecte: 15" @@ -1266,11 +1258,11 @@ msgid "" "Exclude certain users or groups from being fetched from the sss NSS " "database. This is particularly useful for system accounts. This option can " "also be set per-domain or include fully-qualified names to filter only users " -"from the particular domain." +"from the particular domain or by a user principal name (UPN)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:855 +#: sssd.conf.5.xml:856 msgid "" "NOTE: The filter_groups option doesn't affect inheritance of nested group " "members, since filtering happens after they are propagated for returning via " @@ -1279,17 +1271,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:863 +#: sssd.conf.5.xml:864 msgid "Default: root" msgstr "Per defecte: root" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:868 +#: sssd.conf.5.xml:869 msgid "filter_users_in_groups (bool)" msgstr "filter_users_in_groups (booleà)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:871 +#: sssd.conf.5.xml:872 msgid "" "If you want filtered user still be group members set this option to false." msgstr "" @@ -1297,12 +1289,12 @@ msgstr "" "aquesta opció a false." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:882 +#: sssd.conf.5.xml:883 msgid "fallback_homedir (string)" msgstr "fallback_homedir (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:885 +#: sssd.conf.5.xml:886 msgid "" "Set a default template for a user's home directory if one is not specified " "explicitly by the domain's data provider." @@ -1311,7 +1303,7 @@ msgstr "" "si no se n'especifica cap explícitament amb el proveïdor de dades del domini." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:890 +#: sssd.conf.5.xml:891 msgid "" "The available values for this option are the same as for override_homedir." msgstr "" @@ -1319,7 +1311,7 @@ msgstr "" "override_homedir." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:896 +#: sssd.conf.5.xml:897 #, no-wrap msgid "" "fallback_homedir = /home/%u\n" @@ -1329,25 +1321,25 @@ msgstr "" " " #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:894 sssd.conf.5.xml:1334 sssd.conf.5.xml:1353 -#: sssd-krb5.5.xml:539 include/override_homedir.xml:59 +#: sssd.conf.5.xml:895 sssd.conf.5.xml:1335 sssd.conf.5.xml:1354 +#: sssd-krb5.5.xml:573 include/override_homedir.xml:59 msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "exemple: <placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:900 +#: sssd.conf.5.xml:901 msgid "Default: not set (no substitution for unset home directories)" msgstr "" "Per defecte: sense establir (cap substitució per als directoris inicials no " "establerts)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:906 +#: sssd.conf.5.xml:907 msgid "override_shell (string)" msgstr "override_shell (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:909 +#: sssd.conf.5.xml:910 msgid "" "Override the login shell for all users. This option supersedes any other " "shell options if it takes effect and can be set either in the [nss] section " @@ -1358,18 +1350,18 @@ msgstr "" "pot configurar ja sigui en la secció [nss] o per cada domini." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:915 +#: sssd.conf.5.xml:916 msgid "Default: not set (SSSD will use the value retrieved from LDAP)" msgstr "" "Per defecte: sense establir (SSSD utilitzarà el valor recuperat del LDAP)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:921 +#: sssd.conf.5.xml:922 msgid "allowed_shells (string)" msgstr "allowed_shells (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:924 +#: sssd.conf.5.xml:925 msgid "" "Restrict user shell to one of the listed values. The order of evaluation is:" msgstr "" @@ -1377,31 +1369,31 @@ msgstr "" "d'avaluació és:" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:927 +#: sssd.conf.5.xml:928 msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used." msgstr "1. Si el shell està present al <quote>/etc/shells</quote>, s'utilitza." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:931 +#: sssd.conf.5.xml:932 msgid "" "2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</" "quote>, use the value of the shell_fallback parameter." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:936 +#: sssd.conf.5.xml:937 msgid "" "3. If the shell is not in the allowed_shells list and not in <quote>/etc/" "shells</quote>, a nologin shell is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:941 +#: sssd.conf.5.xml:942 msgid "The wildcard (*) can be used to allow any shell." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:944 +#: sssd.conf.5.xml:945 msgid "" "The (*) is useful if you want to use shell_fallback in case that user's " "shell is not in <quote>/etc/shells</quote> and maintaining list of all " @@ -1409,112 +1401,112 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:951 +#: sssd.conf.5.xml:952 msgid "An empty string for shell is passed as-is to libc." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:954 +#: sssd.conf.5.xml:955 msgid "" "The <quote>/etc/shells</quote> is only read on SSSD start up, which means " "that a restart of the SSSD is required in case a new shell is installed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:958 +#: sssd.conf.5.xml:959 msgid "Default: Not set. The user shell is automatically used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:963 +#: sssd.conf.5.xml:964 msgid "vetoed_shells (string)" msgstr "vetoed_shells (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:966 +#: sssd.conf.5.xml:967 msgid "Replace any instance of these shells with the shell_fallback" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:971 +#: sssd.conf.5.xml:972 msgid "shell_fallback (string)" msgstr "shell_fallback (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:974 +#: sssd.conf.5.xml:975 msgid "" "The default shell to use if an allowed shell is not installed on the machine." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:978 +#: sssd.conf.5.xml:979 msgid "Default: /bin/sh" msgstr "Per defecte: /bin/sh" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:983 +#: sssd.conf.5.xml:984 msgid "default_shell" msgstr "default_shell" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:986 +#: sssd.conf.5.xml:987 msgid "" "The default shell to use if the provider does not return one during lookup. " "This option can be specified globally in the [nss] section or per-domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:992 +#: sssd.conf.5.xml:993 msgid "" "Default: not set (Return NULL if no shell is specified and rely on libc to " "substitute something sensible when necessary, usually /bin/sh)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:999 sssd.conf.5.xml:1260 +#: sssd.conf.5.xml:1000 sssd.conf.5.xml:1261 msgid "get_domains_timeout (int)" msgstr "get_domains_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1002 sssd.conf.5.xml:1263 +#: sssd.conf.5.xml:1003 sssd.conf.5.xml:1264 msgid "" "Specifies time in seconds for which the list of subdomains will be " "considered valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1011 +#: sssd.conf.5.xml:1012 msgid "memcache_timeout (int)" msgstr "memcache_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1014 +#: sssd.conf.5.xml:1015 msgid "" "Specifies time in seconds for which records in the in-memory cache will be " "valid. Setting this option to zero will disable the in-memory cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1022 +#: sssd.conf.5.xml:1023 msgid "" "WARNING: Disabling the in-memory cache will have significant negative impact " "on SSSD's performance and should only be used for testing." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1028 +#: sssd.conf.5.xml:1029 msgid "" "NOTE: If the environment variable SSS_NSS_USE_MEMCACHE is set to \"NO\", " "client applications will not use the fast in-memory cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1036 sssd-ifp.5.xml:74 +#: sssd.conf.5.xml:1037 sssd-ifp.5.xml:74 msgid "user_attributes (string)" msgstr "user_attributes (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1039 +#: sssd.conf.5.xml:1040 msgid "" "Some of the additional NSS responder requests can return more attributes " "than just the POSIX ones defined by the NSS interface. The list of " @@ -1525,48 +1517,48 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1052 +#: sssd.conf.5.xml:1053 msgid "" "To make configuration more easy the NSS responder will check the InfoPipe " "option if it is not set for the NSS responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1057 +#: sssd.conf.5.xml:1058 msgid "Default: not set, fallback to InfoPipe option" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1062 +#: sssd.conf.5.xml:1063 msgid "pwfield (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1065 +#: sssd.conf.5.xml:1066 msgid "" "The value that NSS operations that return users or groups will return for " "the <quote>password</quote> field." msgstr "" #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:1070 include/override_homedir.xml:56 +#: sssd.conf.5.xml:1071 include/override_homedir.xml:56 msgid "This option can also be set per-domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1073 +#: sssd.conf.5.xml:1074 msgid "" "Default: <quote>*</quote> (remote domains) or <quote>x</quote> (the files " "domain)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1081 +#: sssd.conf.5.xml:1082 msgid "PAM configuration options" msgstr "Opcions de configuració del PAM" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1083 +#: sssd.conf.5.xml:1084 msgid "" "These options can be used to configure the Pluggable Authentication Module " "(PAM) service." @@ -1575,12 +1567,12 @@ msgstr "" "(Pluggable Authentication Module)." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1088 +#: sssd.conf.5.xml:1089 msgid "offline_credentials_expiration (integer)" msgstr "offline_credentials_expiration (enter)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1091 +#: sssd.conf.5.xml:1092 msgid "" "If the authentication provider is offline, how long should we allow cached " "logins (in days since the last successful online login)." @@ -1590,17 +1582,17 @@ msgstr "" "de sessió)." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1096 sssd.conf.5.xml:1109 +#: sssd.conf.5.xml:1097 sssd.conf.5.xml:1110 msgid "Default: 0 (No limit)" msgstr "Per defecte: 0 (sense límit)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1102 +#: sssd.conf.5.xml:1103 msgid "offline_failed_login_attempts (integer)" msgstr "offline_failed_login_attempts (enter)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1105 +#: sssd.conf.5.xml:1106 msgid "" "If the authentication provider is offline, how many failed login attempts " "are allowed." @@ -1609,12 +1601,12 @@ msgstr "" "fallits es permet." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1115 +#: sssd.conf.5.xml:1116 msgid "offline_failed_login_delay (integer)" msgstr "offline_failed_login_delay (enter)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1118 +#: sssd.conf.5.xml:1119 msgid "" "The time in minutes which has to pass after offline_failed_login_attempts " "has been reached before a new login attempt is possible." @@ -1624,7 +1616,7 @@ msgstr "" "possible." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1123 +#: sssd.conf.5.xml:1124 msgid "" "If set to 0 the user cannot authenticate offline if " "offline_failed_login_attempts has been reached. Only a successful online " @@ -1632,17 +1624,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1129 sssd.conf.5.xml:1227 +#: sssd.conf.5.xml:1130 sssd.conf.5.xml:1228 msgid "Default: 5" msgstr "Per defecte: 5" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1135 +#: sssd.conf.5.xml:1136 msgid "pam_verbosity (integer)" msgstr "pam_verbosity (enter)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1138 +#: sssd.conf.5.xml:1139 msgid "" "Controls what kind of messages are shown to the user during authentication. " "The higher the number to more messages are displayed." @@ -1651,43 +1643,43 @@ msgstr "" "l'autenticació. Com més gran sigui el nombre més missatges es mostren." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1143 +#: sssd.conf.5.xml:1144 msgid "Currently sssd supports the following values:" msgstr "L'sssd actualment admet els següents valors:" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1146 +#: sssd.conf.5.xml:1147 msgid "<emphasis>0</emphasis>: do not show any message" msgstr "<emphasis>0</emphasis>: no mostris cap missatge" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1149 +#: sssd.conf.5.xml:1150 msgid "<emphasis>1</emphasis>: show only important messages" msgstr "<emphasis>1</emphasis>: Mostra només missatges importants" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1153 +#: sssd.conf.5.xml:1154 msgid "<emphasis>2</emphasis>: show informational messages" msgstr "<emphasis>2</emphasis>: Mostra missatges informatius" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1156 +#: sssd.conf.5.xml:1157 msgid "<emphasis>3</emphasis>: show all messages and debug information" msgstr "" "<emphasis>3</emphasis>: Mostra tots els missatges i informació de depuració" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1160 sssd.8.xml:63 +#: sssd.conf.5.xml:1161 sssd.8.xml:63 msgid "Default: 1" msgstr "Per defecte: 1" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1166 +#: sssd.conf.5.xml:1167 msgid "pam_response_filter (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1169 +#: sssd.conf.5.xml:1170 msgid "" "A comma separated list of strings which allows to remove (filter) data sent " "by the PAM responder to pam_sss PAM module. There are different kind of " @@ -1696,61 +1688,61 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1177 +#: sssd.conf.5.xml:1178 msgid "" "While messages already can be controlled with the help of the pam_verbosity " "option this option allows to filter out other kind of responses as well." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1184 +#: sssd.conf.5.xml:1185 msgid "ENV" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1185 +#: sssd.conf.5.xml:1186 msgid "Do not send any environment variables to any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1188 +#: sssd.conf.5.xml:1189 msgid "ENV:var_name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1189 +#: sssd.conf.5.xml:1190 msgid "Do not send environment variable var_name to any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1193 +#: sssd.conf.5.xml:1194 msgid "ENV:var_name:service" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1194 +#: sssd.conf.5.xml:1195 msgid "Do not send environment variable var_name to service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1182 +#: sssd.conf.5.xml:1183 msgid "" "Currently the following filters are supported: <placeholder type=" "\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1204 +#: sssd.conf.5.xml:1205 msgid "Example: ENV:KRB5CCNAME:sudo-i" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1210 +#: sssd.conf.5.xml:1211 msgid "pam_id_timeout (integer)" msgstr "pam_id_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1213 +#: sssd.conf.5.xml:1214 msgid "" "For any PAM request while SSSD is online, the SSSD will attempt to " "immediately update the cached identity information for the user in order to " @@ -1762,7 +1754,7 @@ msgstr "" "l'última informació." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1219 +#: sssd.conf.5.xml:1220 msgid "" "A complete PAM conversation may perform multiple PAM requests, such as " "account management and session opening. This option controls (on a per-" @@ -1776,17 +1768,17 @@ msgstr "" "excessives al proveïdor d'identitat." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1233 +#: sssd.conf.5.xml:1234 msgid "pam_pwd_expiration_warning (integer)" msgstr "pam_pwd_expiration_warning (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1236 sssd.conf.5.xml:2235 +#: sssd.conf.5.xml:1237 sssd.conf.5.xml:2236 msgid "Display a warning N days before the password expires." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1239 +#: sssd.conf.5.xml:1240 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -1794,31 +1786,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1245 sssd.conf.5.xml:2238 +#: sssd.conf.5.xml:1246 sssd.conf.5.xml:2239 msgid "" "If zero is set, then this filter is not applied, i.e. if the expiration " "warning was received from backend server, it will automatically be displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1250 +#: sssd.conf.5.xml:1251 msgid "" "This setting can be overridden by setting <emphasis>pwd_expiration_warning</" "emphasis> for a particular domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1255 sssd.conf.5.xml:3061 sssd.8.xml:79 +#: sssd.conf.5.xml:1256 sssd.conf.5.xml:3069 sssd.8.xml:79 msgid "Default: 0" msgstr "Per defecte: 0" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1272 +#: sssd.conf.5.xml:1273 msgid "pam_trusted_users (string)" msgstr "pam_trusted_users (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1275 +#: sssd.conf.5.xml:1276 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to run PAM conversations against trusted domains. Users not " @@ -1828,75 +1820,75 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1285 +#: sssd.conf.5.xml:1286 msgid "Default: All users are considered trusted by default" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1289 +#: sssd.conf.5.xml:1290 msgid "" "Please note that UID 0 is always allowed to access the PAM responder even in " "case it is not in the pam_trusted_users list." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1296 +#: sssd.conf.5.xml:1297 msgid "pam_public_domains (string)" msgstr "pam_public_domains (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1299 +#: sssd.conf.5.xml:1300 msgid "" "Specifies the comma-separated list of domain names that are accessible even " "to untrusted users." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1303 +#: sssd.conf.5.xml:1304 msgid "Two special values for pam_public_domains option are defined:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1307 +#: sssd.conf.5.xml:1308 msgid "" "all (Untrusted users are allowed to access all domains in PAM responder.)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1311 +#: sssd.conf.5.xml:1312 msgid "" "none (Untrusted users are not allowed to access any domains PAM in " "responder.)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1315 sssd.conf.5.xml:1340 sssd.conf.5.xml:1359 -#: sssd.conf.5.xml:1546 sssd.conf.5.xml:2032 sssd.conf.5.xml:2997 -#: sssd-ldap.5.xml:1920 +#: sssd.conf.5.xml:1316 sssd.conf.5.xml:1341 sssd.conf.5.xml:1360 +#: sssd.conf.5.xml:1547 sssd.conf.5.xml:2033 sssd.conf.5.xml:2998 +#: sssd-ldap.5.xml:1978 msgid "Default: none" msgstr "Per defecte: none" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1320 +#: sssd.conf.5.xml:1321 msgid "pam_account_expired_message (string)" msgstr "pam_account_expired_message (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1323 +#: sssd.conf.5.xml:1324 msgid "" "Allows a custom expiration message to be set, replacing the default " "'Permission denied' message." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1328 +#: sssd.conf.5.xml:1329 msgid "" "Note: Please be aware that message is only printed for the SSH service " "unless pam_verbosity is set to 3 (show all messages and debug information)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1336 +#: sssd.conf.5.xml:1337 #, no-wrap msgid "" "pam_account_expired_message = Account expired, please contact help desk.\n" @@ -1904,19 +1896,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1345 +#: sssd.conf.5.xml:1346 msgid "pam_account_locked_message (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1348 +#: sssd.conf.5.xml:1349 msgid "" "Allows a custom lockout message to be set, replacing the default 'Permission " "denied' message." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1355 +#: sssd.conf.5.xml:1356 #, no-wrap msgid "" "pam_account_locked_message = Account locked, please contact help desk.\n" @@ -1924,12 +1916,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1364 +#: sssd.conf.5.xml:1365 msgid "pam_cert_auth (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1367 +#: sssd.conf.5.xml:1368 msgid "" "Enable certificate based Smartcard authentication. Since this requires " "additional communication with the Smartcard which will delay the " @@ -1937,102 +1929,85 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1373 sssd.conf.5.xml:3090 sssd-ldap.5.xml:1455 -#: sssd-ldap.5.xml:1476 sssd-ldap.5.xml:1993 sssd-ad.5.xml:435 +#: sssd.conf.5.xml:1374 sssd-ldap.5.xml:1493 sssd-ldap.5.xml:1514 +#: sssd-ldap.5.xml:2051 sssd-ad.5.xml:435 sssd-ad.5.xml:453 #: include/ldap_id_mapping.xml:244 msgid "Default: False" msgstr "Per defecte: False" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1378 +#: sssd.conf.5.xml:1379 msgid "pam_cert_db_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1381 +#: sssd.conf.5.xml:1382 msgid "" "The path to the certificate database which contain the PKCS#11 modules to " "access the Smartcard." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1385 sssd.conf.5.xml:1691 sssd.conf.5.xml:3441 +#: sssd.conf.5.xml:1386 sssd.conf.5.xml:1692 sssd.conf.5.xml:3509 msgid "Default:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1387 sssd.conf.5.xml:1693 +#: sssd.conf.5.xml:1388 sssd.conf.5.xml:1694 msgid "/etc/pki/nssdb (NSS version, path to a NSS database)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1390 sssd.conf.5.xml:1696 +#: sssd.conf.5.xml:1391 sssd.conf.5.xml:1697 msgid "" "/etc/sssd/pki/sssd_auth_ca_db.pem (OpenSSL version, path to a file with " "trusted CA certificates in PEM format)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1405 +#: sssd.conf.5.xml:1406 msgid "p11_child_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1408 +#: sssd.conf.5.xml:1409 msgid "How many seconds will pam_sss wait for p11_child to finish." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1417 +#: sssd.conf.5.xml:1418 msgid "pam_app_services (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1420 +#: sssd.conf.5.xml:1421 msgid "" "Which PAM services are permitted to contact domains of type " "<quote>application</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1429 -#, fuzzy -#| msgid "ldap_page_size (integer)" +#: sssd.conf.5.xml:1430 msgid "pam_p11_allowed_services (integer)" -msgstr "ldap_page_size (enter)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1432 -#, fuzzy -#| msgid "Comma separated list of users who are allowed to log in." +#: sssd.conf.5.xml:1433 msgid "" "A comma-separated list of PAM service names for which it will be allowed to " "use Smartcards." msgstr "" -"Llista separada per comes dels usuaris a qui se'ls permet iniciar la sessió." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1447 -#, fuzzy, no-wrap -#| msgid "" -#| "ad_gpo_map_interactive = +my_pam_service, -login\n" -#| " " +#: sssd.conf.5.xml:1448 +#, no-wrap msgid "" "pam_p11_allowed_services = +my_pam_service, -login\n" " " msgstr "" -"ad_gpo_map_interactive = +my_pam_service, -login\n" -" " #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1436 -#, fuzzy -#| msgid "" -#| "It is possible to add another attribute to this set by using <quote>" -#| "+attr_name</quote> or explicitly remove an attribute using <quote>-" -#| "attr_name</quote>. For example, to allow <quote>telephoneNumber</quote> " -#| "but deny <quote>loginShell</quote>, you would use the following " -#| "configuration: <placeholder type=\"programlisting\" id=\"0\"/>" +#: sssd.conf.5.xml:1437 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -2042,72 +2017,65 @@ msgid "" "<quote>my_pam_service</quote>), you would use the following configuration: " "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" -"Es poden afegir altres atributs a aquest conjunt amb <quote>+nom_atribut</" -"quote> o suprimir explícitament un atribut amb <quote>-nom_atribut</quote>. " -"Per exemple, per permetre <quote>telephoneNumber</quote> però denegar " -"<quote>loginShell</quote>, podríeu utilitzar la següent configuració: " -"<placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1451 sssd-ad.5.xml:485 sssd-ad.5.xml:581 sssd-ad.5.xml:627 -#: sssd-ad.5.xml:673 sssd-ad.5.xml:739 +#: sssd.conf.5.xml:1452 sssd-ad.5.xml:504 sssd-ad.5.xml:600 sssd-ad.5.xml:646 +#: sssd-ad.5.xml:692 sssd-ad.5.xml:758 msgid "Default: the default set of PAM service names includes:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1456 sssd-ad.5.xml:489 +#: sssd.conf.5.xml:1457 sssd-ad.5.xml:508 msgid "login" msgstr "login" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1461 sssd-ad.5.xml:494 +#: sssd.conf.5.xml:1462 sssd-ad.5.xml:513 msgid "su" msgstr "su" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1466 sssd-ad.5.xml:499 +#: sssd.conf.5.xml:1467 sssd-ad.5.xml:518 msgid "su-l" msgstr "su-l" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1471 sssd-ad.5.xml:514 +#: sssd.conf.5.xml:1472 sssd-ad.5.xml:533 msgid "gdm-smartcard" msgstr "gdm-smartcard" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1476 sssd-ad.5.xml:509 +#: sssd.conf.5.xml:1477 sssd-ad.5.xml:528 msgid "gdm-password" msgstr "gdm-password" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1481 sssd-ad.5.xml:519 +#: sssd.conf.5.xml:1482 sssd-ad.5.xml:538 msgid "kdm" msgstr "kdm" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1486 sssd-ad.5.xml:748 +#: sssd.conf.5.xml:1487 sssd-ad.5.xml:767 msgid "sudo" msgstr "sudo" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1491 sssd-ad.5.xml:753 +#: sssd.conf.5.xml:1492 sssd-ad.5.xml:772 msgid "sudo-i" msgstr "sudo-i" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1496 +#: sssd.conf.5.xml:1497 msgid "gnome-screensaver" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1504 -#, fuzzy -#| msgid "pam_id_timeout (integer)" +#: sssd.conf.5.xml:1505 msgid "p11_wait_for_card_timeout (integer)" -msgstr "pam_id_timeout (enter)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1507 +#: sssd.conf.5.xml:1508 msgid "" "If Smartcard authentication is required how many extra seconds in addition " "to p11_child_timeout should the PAM responder wait until a Smartcard is " @@ -2115,25 +2083,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1518 -#, fuzzy -#| msgid "user (string)" +#: sssd.conf.5.xml:1519 msgid "p11_uri (string)" -msgstr "user (cadena)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1521 +#: sssd.conf.5.xml:1522 msgid "" "PKCS#11 URI (see RFC-7512 for details) which can be used to restrict the " "selection of devices used for Smartcard authentication. By default SSSD's " "p11_child will search for a PKCS#11 slot (reader) where the 'removable' " "flags is set and read the certificates from the inserted token from the " -"first slot found. If multiple readers are connected p11_uri can be use to " +"first slot found. If multiple readers are connected p11_uri can be used to " "tell p11_child to use a specific reader." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1534 +#: sssd.conf.5.xml:1535 #, no-wrap msgid "" "p11_uri = slot-description=My%20Smartcar%20Reader\n" @@ -2141,7 +2107,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1538 +#: sssd.conf.5.xml:1539 #, no-wrap msgid "" "p11_uri = library-description=OpenSC%20smartcard%20framework;slot-id=2\n" @@ -2149,7 +2115,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1532 +#: sssd.conf.5.xml:1533 msgid "" "Example: <placeholder type=\"programlisting\" id=\"0\"/> or <placeholder " "type=\"programlisting\" id=\"1\"/> To find suitable URI please check the " @@ -2158,12 +2124,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1554 +#: sssd.conf.5.xml:1555 msgid "SUDO configuration options" msgstr "Opcions de configuració de SUDO" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1556 +#: sssd.conf.5.xml:1557 msgid "" "These options can be used to configure the sudo service. The detailed " "instructions for configuration of <citerefentry> <refentrytitle>sudo</" @@ -2181,24 +2147,24 @@ msgstr "" "manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1573 +#: sssd.conf.5.xml:1574 msgid "sudo_timed (bool)" msgstr "sudo_timed (booleà)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1576 +#: sssd.conf.5.xml:1577 msgid "" "Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " "that implement time-dependent sudoers entries." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1588 +#: sssd.conf.5.xml:1589 msgid "sudo_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1591 +#: sssd.conf.5.xml:1592 msgid "" "Maximum number of expired rules that can be refreshed at once. If number of " "expired rules is below threshold, those rules are refreshed with " @@ -2208,23 +2174,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1610 +#: sssd.conf.5.xml:1611 msgid "AUTOFS configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1612 +#: sssd.conf.5.xml:1613 msgid "These options can be used to configure the autofs service." msgstr "" "Es poden utilitzar aquestes opcions per configurar el servei de l'autofs." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1616 +#: sssd.conf.5.xml:1617 msgid "autofs_negative_timeout (integer)" msgstr "autofs_negative_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1619 +#: sssd.conf.5.xml:1620 msgid "" "Specifies for how many seconds should the autofs responder negative cache " "hits (that is, queries for invalid map entries, like nonexistent ones) " @@ -2232,51 +2198,51 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1635 +#: sssd.conf.5.xml:1636 msgid "SSH configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1637 +#: sssd.conf.5.xml:1638 msgid "These options can be used to configure the SSH service." msgstr "Es poden utilitzar aquestes opcions per configurar el servei de l'SSH." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1641 +#: sssd.conf.5.xml:1642 msgid "ssh_hash_known_hosts (bool)" msgstr "ssh_hash_known_hosts (booleà)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1644 +#: sssd.conf.5.xml:1645 msgid "" "Whether or not to hash host names and addresses in the managed known_hosts " "file." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1653 +#: sssd.conf.5.xml:1654 msgid "ssh_known_hosts_timeout (integer)" msgstr "ssh_known_hosts_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1656 +#: sssd.conf.5.xml:1657 msgid "" "How many seconds to keep a host in the managed known_hosts file after its " "host keys were requested." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1660 +#: sssd.conf.5.xml:1661 msgid "Default: 180" msgstr "Per defecte: 180" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1665 +#: sssd.conf.5.xml:1666 msgid "ssh_use_certificate_keys (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1668 +#: sssd.conf.5.xml:1669 msgid "" "If set to true the <command>sss_ssh_authorizedkeys</command> will return ssh " "keys derived from the public key of X.509 certificates stored in the user " @@ -2285,24 +2251,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1683 +#: sssd.conf.5.xml:1684 msgid "ca_db (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1686 +#: sssd.conf.5.xml:1687 msgid "" "Path to a storage of trusted CA certificates. The option is used to validate " "user certificates before deriving public ssh keys from them." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1714 +#: sssd.conf.5.xml:1715 msgid "PAC responder configuration options" msgstr "Opcions de configuració del contestador del PAC." #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1716 +#: sssd.conf.5.xml:1717 msgid "" "The PAC responder works together with the authorization data plugin for MIT " "Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the " @@ -2313,7 +2279,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1725 +#: sssd.conf.5.xml:1726 msgid "" "If the remote user does not exist in the cache, it is created. The UID is " "determined with the help of the SID, trusted domains will have UPGs and the " @@ -2324,25 +2290,25 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1733 +#: sssd.conf.5.xml:1734 msgid "" "If there are SIDs of groups from domains sssd knows about, the user will be " "added to those groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1739 +#: sssd.conf.5.xml:1740 msgid "These options can be used to configure the PAC responder." msgstr "" "Es poden utilitzar aquestes opcions per configurar el contestador del PAC." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1743 sssd-ifp.5.xml:50 +#: sssd.conf.5.xml:1744 sssd-ifp.5.xml:50 msgid "allowed_uids (string)" msgstr "allowed_uids (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1746 +#: sssd.conf.5.xml:1747 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to access the PAC responder. User names are resolved to UIDs at " @@ -2350,12 +2316,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1752 +#: sssd.conf.5.xml:1753 msgid "Default: 0 (only the root user is allowed to access the PAC responder)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1756 +#: sssd.conf.5.xml:1757 msgid "" "Please note that although the UID 0 is used as the default it will be " "overwritten with this option. If you still want to allow the root user to " @@ -2364,24 +2330,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1765 +#: sssd.conf.5.xml:1766 msgid "pac_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1768 +#: sssd.conf.5.xml:1769 msgid "" "Lifetime of the PAC entry in seconds. As long as the PAC is valid the PAC " "data can be used to determine the group memberships of a user." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1781 +#: sssd.conf.5.xml:1782 msgid "Session recording configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1783 +#: sssd.conf.5.xml:1784 msgid "" "Session recording works in conjunction with <citerefentry> " "<refentrytitle>tlog-rec-session</refentrytitle> <manvolnum>8</manvolnum> </" @@ -2391,66 +2357,66 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1796 +#: sssd.conf.5.xml:1797 msgid "These options can be used to configure session recording." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1800 sssd-session-recording.5.xml:64 +#: sssd.conf.5.xml:1801 sssd-session-recording.5.xml:64 msgid "scope (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1807 sssd-session-recording.5.xml:71 +#: sssd.conf.5.xml:1808 sssd-session-recording.5.xml:71 msgid "\"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1810 sssd-session-recording.5.xml:74 +#: sssd.conf.5.xml:1811 sssd-session-recording.5.xml:74 msgid "No users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1815 sssd-session-recording.5.xml:79 +#: sssd.conf.5.xml:1816 sssd-session-recording.5.xml:79 msgid "\"some\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1818 sssd-session-recording.5.xml:82 +#: sssd.conf.5.xml:1819 sssd-session-recording.5.xml:82 msgid "" "Users/groups specified by <replaceable>users</replaceable> and " "<replaceable>groups</replaceable> options are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1827 sssd-session-recording.5.xml:91 +#: sssd.conf.5.xml:1828 sssd-session-recording.5.xml:91 msgid "\"all\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1830 sssd-session-recording.5.xml:94 +#: sssd.conf.5.xml:1831 sssd-session-recording.5.xml:94 msgid "All users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1803 sssd-session-recording.5.xml:67 +#: sssd.conf.5.xml:1804 sssd-session-recording.5.xml:67 msgid "" "One of the following strings specifying the scope of session recording: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1837 sssd-session-recording.5.xml:101 +#: sssd.conf.5.xml:1838 sssd-session-recording.5.xml:101 msgid "Default: \"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1842 sssd-session-recording.5.xml:106 +#: sssd.conf.5.xml:1843 sssd-session-recording.5.xml:106 msgid "users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1845 sssd-session-recording.5.xml:109 +#: sssd.conf.5.xml:1846 sssd-session-recording.5.xml:109 msgid "" "A comma-separated list of users which should have session recording enabled. " "Matches user names as returned by NSS. I.e. after the possible space " @@ -2458,17 +2424,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1851 sssd-session-recording.5.xml:115 +#: sssd.conf.5.xml:1852 sssd-session-recording.5.xml:115 msgid "Default: Empty. Matches no users." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1856 sssd-session-recording.5.xml:120 +#: sssd.conf.5.xml:1857 sssd-session-recording.5.xml:120 msgid "groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1859 sssd-session-recording.5.xml:123 +#: sssd.conf.5.xml:1860 sssd-session-recording.5.xml:123 msgid "" "A comma-separated list of groups, members of which should have session " "recording enabled. Matches group names as returned by NSS. I.e. after the " @@ -2476,7 +2442,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1865 sssd-session-recording.5.xml:129 +#: sssd.conf.5.xml:1866 sssd-session-recording.5.xml:129 msgid "" "NOTE: using this option (having it set to anything) has a considerable " "performance cost, because each uncached request for a user requires " @@ -2484,22 +2450,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1872 sssd-session-recording.5.xml:136 +#: sssd.conf.5.xml:1873 sssd-session-recording.5.xml:136 msgid "Default: Empty. Matches no groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1882 +#: sssd.conf.5.xml:1883 msgid "DOMAIN SECTIONS" msgstr "SECCIONS DE DOMINI" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1889 +#: sssd.conf.5.xml:1890 msgid "domain_type (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1892 +#: sssd.conf.5.xml:1893 msgid "" "Specifies whether the domain is meant to be used by POSIX-aware clients such " "as the Name Service Switch or by applications that do not need POSIX data to " @@ -2508,14 +2474,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1900 +#: sssd.conf.5.xml:1901 msgid "" "Allowed values for this option are <quote>posix</quote> and " "<quote>application</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1904 +#: sssd.conf.5.xml:1905 msgid "" "POSIX domains are reachable by all services. Application domains are only " "reachable from the InfoPipe responder (see <citerefentry> " @@ -2524,31 +2490,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1912 +#: sssd.conf.5.xml:1913 msgid "" "NOTE: The application domains are currently well tested with " "<quote>id_provider=ldap</quote> only." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1916 +#: sssd.conf.5.xml:1917 msgid "" "For an easy way to configure a non-POSIX domains, please see the " "<quote>Application domains</quote> section." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1920 +#: sssd.conf.5.xml:1921 msgid "Default: posix" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1926 +#: sssd.conf.5.xml:1927 msgid "min_id,max_id (integer)" msgstr "min_id, max_id (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1929 +#: sssd.conf.5.xml:1930 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." @@ -2557,7 +2523,7 @@ msgstr "" "fora d'aquests límits, s'ignora." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1934 +#: sssd.conf.5.xml:1935 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For non-" @@ -2570,24 +2536,24 @@ msgstr "" "com s'esperava." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1941 +#: sssd.conf.5.xml:1942 msgid "" "These ID limits affect even saving entries to cache, not only returning them " "by name or ID." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1945 +#: sssd.conf.5.xml:1946 msgid "Default: 1 for min_id, 0 (no limit) for max_id" msgstr "Per defecte: 1 per a min_id, 0 (sense límit) per a max_id" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1951 +#: sssd.conf.5.xml:1952 msgid "enumerate (bool)" msgstr "enumerate (booleà)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1954 +#: sssd.conf.5.xml:1955 msgid "" "Determines if a domain can be enumerated, that is, whether the domain can " "list all the users and group it contains. Note that it is not required to " @@ -2596,29 +2562,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1962 +#: sssd.conf.5.xml:1963 msgid "TRUE = Users and groups are enumerated" msgstr "TRUE = Els usuaris i grups s'enumeren" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1965 +#: sssd.conf.5.xml:1966 msgid "FALSE = No enumerations for this domain" msgstr "FALSE = Cap enumeració per a aquest domini" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1968 sssd.conf.5.xml:2190 sssd.conf.5.xml:2365 +#: sssd.conf.5.xml:1969 sssd.conf.5.xml:2191 sssd.conf.5.xml:2366 msgid "Default: FALSE" msgstr "Per defecte: FALSE" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1971 +#: sssd.conf.5.xml:1972 msgid "" "Enumerating a domain requires SSSD to download and store ALL user and group " "entries from the remote server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1976 +#: sssd.conf.5.xml:1977 msgid "" "Note: Enabling enumeration has a moderate performance impact on SSSD while " "enumeration is running. It may take up to several minutes after SSSD startup " @@ -2632,7 +2598,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1991 +#: sssd.conf.5.xml:1992 msgid "" "While the first enumeration is running, requests for the complete user or " "group lists may return no results until it completes." @@ -2642,7 +2608,7 @@ msgstr "" "finalitzi." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1996 +#: sssd.conf.5.xml:1997 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " @@ -2656,39 +2622,39 @@ msgstr "" "ús." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2004 +#: sssd.conf.5.xml:2005 msgid "" "For the reasons cited above, enabling enumeration is not recommended, " "especially in large environments." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2012 +#: sssd.conf.5.xml:2013 msgid "subdomain_enumerate (string)" msgstr "subdomain_enumerate (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2019 +#: sssd.conf.5.xml:2020 msgid "all" msgstr "all" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2020 +#: sssd.conf.5.xml:2021 msgid "All discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2023 +#: sssd.conf.5.xml:2024 msgid "none" msgstr "none" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2024 +#: sssd.conf.5.xml:2025 msgid "No discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2015 +#: sssd.conf.5.xml:2016 msgid "" "Whether any of autodetected trusted domains should be enumerated. The " "supported values are: <placeholder type=\"variablelist\" id=\"0\"/> " @@ -2697,12 +2663,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2038 +#: sssd.conf.5.xml:2039 msgid "entry_cache_timeout (integer)" msgstr "entry_cache_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2041 +#: sssd.conf.5.xml:2042 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" @@ -2711,7 +2677,7 @@ msgstr "" "demanar al rerefons una altra vegada" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2045 +#: sssd.conf.5.xml:2046 msgid "" "The cache expiration timestamps are stored as attributes of individual " "objects in the cache. Therefore, changing the cache timeout only has effect " @@ -2722,153 +2688,153 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2058 +#: sssd.conf.5.xml:2059 msgid "Default: 5400" msgstr "Per defecte: 5400" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2064 +#: sssd.conf.5.xml:2065 msgid "entry_cache_user_timeout (integer)" msgstr "entry_cache_user_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2067 +#: sssd.conf.5.xml:2068 msgid "" "How many seconds should nss_sss consider user entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2071 sssd.conf.5.xml:2084 sssd.conf.5.xml:2097 -#: sssd.conf.5.xml:2110 sssd.conf.5.xml:2123 sssd.conf.5.xml:2137 -#: sssd.conf.5.xml:2151 +#: sssd.conf.5.xml:2072 sssd.conf.5.xml:2085 sssd.conf.5.xml:2098 +#: sssd.conf.5.xml:2111 sssd.conf.5.xml:2124 sssd.conf.5.xml:2138 +#: sssd.conf.5.xml:2152 msgid "Default: entry_cache_timeout" msgstr "Per defecte: entry_cache_timeout" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2077 +#: sssd.conf.5.xml:2078 msgid "entry_cache_group_timeout (integer)" msgstr "entry_cache_group_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2080 +#: sssd.conf.5.xml:2081 msgid "" "How many seconds should nss_sss consider group entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2090 +#: sssd.conf.5.xml:2091 msgid "entry_cache_netgroup_timeout (integer)" msgstr "entry_cache_netgroup_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2093 +#: sssd.conf.5.xml:2094 msgid "" "How many seconds should nss_sss consider netgroup entries valid before " "asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2103 +#: sssd.conf.5.xml:2104 msgid "entry_cache_service_timeout (integer)" msgstr "entry_cache_service_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2106 +#: sssd.conf.5.xml:2107 msgid "" "How many seconds should nss_sss consider service entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2116 +#: sssd.conf.5.xml:2117 msgid "entry_cache_sudo_timeout (integer)" msgstr "entry_cache_sudo_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2119 +#: sssd.conf.5.xml:2120 msgid "" "How many seconds should sudo consider rules valid before asking the backend " "again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2129 +#: sssd.conf.5.xml:2130 msgid "entry_cache_autofs_timeout (integer)" msgstr "entry_cache_autofs_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2132 +#: sssd.conf.5.xml:2133 msgid "" "How many seconds should the autofs service consider automounter maps valid " "before asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2143 +#: sssd.conf.5.xml:2144 msgid "entry_cache_ssh_host_timeout (integer)" msgstr "entry_cache_ssh_host_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2146 +#: sssd.conf.5.xml:2147 msgid "" "How many seconds to keep a host ssh key after refresh. IE how long to cache " "the host key for." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2157 +#: sssd.conf.5.xml:2158 msgid "refresh_expired_interval (integer)" msgstr "refresh_expired_interval (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2160 +#: sssd.conf.5.xml:2161 msgid "" "Specifies how many seconds SSSD has to wait before triggering a background " "refresh task which will refresh all expired or nearly expired records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2165 +#: sssd.conf.5.xml:2166 msgid "" "The background refresh will process users, groups and netgroups in the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2169 +#: sssd.conf.5.xml:2170 msgid "You can consider setting this value to 3/4 * entry_cache_timeout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2173 sssd-ldap.5.xml:746 sssd-ipa.5.xml:254 +#: sssd.conf.5.xml:2174 sssd-ldap.5.xml:784 sssd-ipa.5.xml:254 msgid "Default: 0 (disabled)" msgstr "Per defecte: 0 (inhabilitat)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2179 +#: sssd.conf.5.xml:2180 msgid "cache_credentials (bool)" msgstr "cache_credentials (booleà)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2182 +#: sssd.conf.5.xml:2183 msgid "Determines if user credentials are also cached in the local LDB cache" msgstr "" "Determina si les credencials d'usuari també són emmagatzemades en la memòria " "cau local de LDB" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2186 +#: sssd.conf.5.xml:2187 msgid "User credentials are stored in a SHA512 hash, not in plaintext" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2196 +#: sssd.conf.5.xml:2197 msgid "cache_credentials_minimal_first_factor_length (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2199 +#: sssd.conf.5.xml:2200 msgid "" "If 2-Factor-Authentication (2FA) is used and credentials should be saved " "this value determines the minimal length the first authentication factor " @@ -2876,24 +2842,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2206 +#: sssd.conf.5.xml:2207 msgid "" "This should avoid that the short PINs of a PIN based 2FA scheme are saved in " "the cache which would make them easy targets for brute-force attacks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2211 +#: sssd.conf.5.xml:2212 msgid "Default: 8" msgstr "Per defecte: 8" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2217 +#: sssd.conf.5.xml:2218 msgid "account_cache_expiration (integer)" msgstr "account_cache_expiration (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2220 +#: sssd.conf.5.xml:2221 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " @@ -2906,17 +2872,17 @@ msgstr "" "ha de ser superior o igual que offline_credentials_expiration." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2227 +#: sssd.conf.5.xml:2228 msgid "Default: 0 (unlimited)" msgstr "Per defecte: 0 (sense límit)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2232 +#: sssd.conf.5.xml:2233 msgid "pwd_expiration_warning (integer)" msgstr "pwd_expiration_warning (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2243 +#: sssd.conf.5.xml:2244 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -2925,34 +2891,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2250 +#: sssd.conf.5.xml:2251 msgid "Default: 7 (Kerberos), 0 (LDAP)" msgstr "Per defecte: 7 (Kerberos), 0 (LDAP)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2256 +#: sssd.conf.5.xml:2257 msgid "id_provider (string)" msgstr "id_provider (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2259 +#: sssd.conf.5.xml:2260 msgid "" "The identification provider used for the domain. Supported ID providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2263 +#: sssd.conf.5.xml:2264 msgid "<quote>proxy</quote>: Support a legacy NSS provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2266 +#: sssd.conf.5.xml:2267 msgid "" "<quote>local</quote>: SSSD internal provider for local users (DEPRECATED)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2270 +#: sssd.conf.5.xml:2271 msgid "" "<quote>files</quote>: FILES provider. See <citerefentry> <refentrytitle>sssd-" "files</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -2960,7 +2926,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2278 +#: sssd.conf.5.xml:2279 msgid "" "<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -2968,8 +2934,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2286 sssd.conf.5.xml:2391 sssd.conf.5.xml:2446 -#: sssd.conf.5.xml:2509 +#: sssd.conf.5.xml:2287 sssd.conf.5.xml:2392 sssd.conf.5.xml:2447 +#: sssd.conf.5.xml:2510 msgid "" "<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management " "provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " @@ -2978,8 +2944,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2295 sssd.conf.5.xml:2400 sssd.conf.5.xml:2455 -#: sssd.conf.5.xml:2518 +#: sssd.conf.5.xml:2296 sssd.conf.5.xml:2401 sssd.conf.5.xml:2456 +#: sssd.conf.5.xml:2519 msgid "" "<quote>ad</quote>: Active Directory provider. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2987,19 +2953,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2306 +#: sssd.conf.5.xml:2307 msgid "use_fully_qualified_names (bool)" msgstr "use_fully_qualified_names (booleà)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2309 +#: sssd.conf.5.xml:2310 msgid "" "Use the full name and domain (as formatted by the domain's full_name_format) " "as the user's login name reported to NSS." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2314 +#: sssd.conf.5.xml:2315 msgid "" "If set to TRUE, all requests to this domain must use fully qualified names. " "For example, if used in LOCAL domain that contains a \"test\" user, " @@ -3012,7 +2978,7 @@ msgstr "" "l'usuari mentre que <command>getent passwd test@LOCAL</command> sí." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2322 +#: sssd.conf.5.xml:2323 msgid "" "NOTE: This option has no effect on netgroup lookups due to their tendency to " "include nested netgroups without qualified names. For netgroups, all domains " @@ -3020,22 +2986,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2329 +#: sssd.conf.5.xml:2330 msgid "Default: FALSE (TRUE if default_domain_suffix is used)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2335 +#: sssd.conf.5.xml:2336 msgid "ignore_group_members (bool)" msgstr "ignore_group_members (booleà)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2338 +#: sssd.conf.5.xml:2339 msgid "Do not return group members for group lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2341 +#: sssd.conf.5.xml:2342 msgid "" "If set to TRUE, the group membership attribute is not requested from the " "ldap server, and group members are not returned when processing group lookup " @@ -3047,7 +3013,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2359 +#: sssd.conf.5.xml:2360 msgid "" "Enabling this option can also make access provider checks for group " "membership significantly faster, especially for groups containing many " @@ -3055,12 +3021,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2370 +#: sssd.conf.5.xml:2371 msgid "auth_provider (string)" msgstr "auth_provider (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2373 +#: sssd.conf.5.xml:2374 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" @@ -3069,7 +3035,7 @@ msgstr "" "d'autenticació suportats són:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2377 sssd.conf.5.xml:2439 +#: sssd.conf.5.xml:2378 sssd.conf.5.xml:2440 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3080,7 +3046,7 @@ msgstr "" "manvolnum></citerefentry> per a més informació sobre configuració d'LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2384 +#: sssd.conf.5.xml:2385 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3091,7 +3057,7 @@ msgstr "" "manvolnum></citerefentry> per a més informació sobre configurar Kerberos." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2408 +#: sssd.conf.5.xml:2409 msgid "" "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "" @@ -3099,17 +3065,17 @@ msgstr "" "de PAM." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2411 +#: sssd.conf.5.xml:2412 msgid "<quote>local</quote>: SSSD internal provider for local users" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2415 +#: sssd.conf.5.xml:2416 msgid "<quote>none</quote> disables authentication explicitly." msgstr "<quote>none</quote> impossibilita l'autenticació explícitament." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2418 +#: sssd.conf.5.xml:2419 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." @@ -3118,12 +3084,12 @@ msgstr "" "gestionar les sol·licituds d'autenticació." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2424 +#: sssd.conf.5.xml:2425 msgid "access_provider (string)" msgstr "access_provider (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2427 +#: sssd.conf.5.xml:2428 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " @@ -3134,19 +3100,19 @@ msgstr "" "instal·lats) Els proveïdors especials interns són:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2433 +#: sssd.conf.5.xml:2434 msgid "" "<quote>permit</quote> always allow access. It's the only permitted access " "provider for a local domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2436 +#: sssd.conf.5.xml:2437 msgid "<quote>deny</quote> always deny access." msgstr "<quote>deny</quote> sempre denega l'accés." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2463 +#: sssd.conf.5.xml:2464 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" @@ -3159,7 +3125,7 @@ msgstr "" "configuració del mòdul d'accés simple." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2470 +#: sssd.conf.5.xml:2471 msgid "" "<quote>krb5</quote>: .k5login based access control. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum></" @@ -3167,22 +3133,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2477 +#: sssd.conf.5.xml:2478 msgid "<quote>proxy</quote> for relaying access control to another PAM module." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2480 +#: sssd.conf.5.xml:2481 msgid "Default: <quote>permit</quote>" msgstr "Per defecte: <quote>permit</quote>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2485 +#: sssd.conf.5.xml:2486 msgid "chpass_provider (string)" msgstr "chpass_provider (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2488 +#: sssd.conf.5.xml:2489 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" @@ -3191,7 +3157,7 @@ msgstr "" "al domini. Els proveïdors de canvi de contrasenya compatibles són:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2493 +#: sssd.conf.5.xml:2494 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -3199,7 +3165,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2501 +#: sssd.conf.5.xml:2502 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3210,7 +3176,7 @@ msgstr "" "manvolnum></citerefentry> per a més informació sobre configurar Kerberos." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2526 +#: sssd.conf.5.xml:2527 msgid "" "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "" @@ -3218,12 +3184,12 @@ msgstr "" "objectiu PAM." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2530 +#: sssd.conf.5.xml:2531 msgid "<quote>none</quote> disallows password changes explicitly." msgstr "<quote>none</quote> rebutja els canvis de contrasenya explícitament." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2533 +#: sssd.conf.5.xml:2534 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." @@ -3232,17 +3198,17 @@ msgstr "" "gestionar peticions de canvi de contrasenya." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2540 +#: sssd.conf.5.xml:2541 msgid "sudo_provider (string)" msgstr "sudo_provider (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2543 +#: sssd.conf.5.xml:2544 msgid "The SUDO provider used for the domain. Supported SUDO providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2547 +#: sssd.conf.5.xml:2548 msgid "" "<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3250,32 +3216,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2555 +#: sssd.conf.5.xml:2556 msgid "" "<quote>ipa</quote> the same as <quote>ldap</quote> but with IPA default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2559 +#: sssd.conf.5.xml:2560 msgid "" "<quote>ad</quote> the same as <quote>ldap</quote> but with AD default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2563 +#: sssd.conf.5.xml:2564 msgid "<quote>none</quote> disables SUDO explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2566 sssd.conf.5.xml:2652 sssd.conf.5.xml:2722 -#: sssd.conf.5.xml:2747 +#: sssd.conf.5.xml:2567 sssd.conf.5.xml:2653 sssd.conf.5.xml:2723 +#: sssd.conf.5.xml:2748 msgid "Default: The value of <quote>id_provider</quote> is used if it is set." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2570 +#: sssd.conf.5.xml:2571 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -3286,7 +3252,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2585 +#: sssd.conf.5.xml:2586 msgid "" "<emphasis>NOTE:</emphasis> Sudo rules are periodically downloaded in the " "background unless the sudo provider is explicitly disabled. Set " @@ -3295,12 +3261,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2595 +#: sssd.conf.5.xml:2596 msgid "selinux_provider (string)" msgstr "selinux_provider (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2598 +#: sssd.conf.5.xml:2599 msgid "" "The provider which should handle loading of selinux settings. Note that this " "provider will be called right after access provider ends. Supported selinux " @@ -3308,7 +3274,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2604 +#: sssd.conf.5.xml:2605 msgid "" "<quote>ipa</quote> to load selinux settings from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3316,31 +3282,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2612 +#: sssd.conf.5.xml:2613 msgid "<quote>none</quote> disallows fetching selinux settings explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2615 +#: sssd.conf.5.xml:2616 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "selinux loading requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2621 +#: sssd.conf.5.xml:2622 msgid "subdomains_provider (string)" msgstr "subdomains_provider (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2624 +#: sssd.conf.5.xml:2625 msgid "" "The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider. Supported subdomain providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2630 +#: sssd.conf.5.xml:2631 msgid "" "<quote>ipa</quote> to load a list of subdomains from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3348,7 +3314,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2639 +#: sssd.conf.5.xml:2640 msgid "" "<quote>ad</quote> to load a list of subdomains from an Active Directory " "server. See <citerefentry> <refentrytitle>sssd-ad</refentrytitle> " @@ -3357,17 +3323,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2648 +#: sssd.conf.5.xml:2649 msgid "<quote>none</quote> disallows fetching subdomains explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2658 +#: sssd.conf.5.xml:2659 msgid "session_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2661 +#: sssd.conf.5.xml:2662 msgid "" "The provider which configures and manages user session related tasks. The " "only user session task currently provided is the integration with Fleet " @@ -3375,43 +3341,43 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2668 +#: sssd.conf.5.xml:2669 msgid "<quote>ipa</quote> to allow performing user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2672 +#: sssd.conf.5.xml:2673 msgid "" "<quote>none</quote> does not perform any kind of user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2676 +#: sssd.conf.5.xml:2677 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can perform " "session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2680 +#: sssd.conf.5.xml:2681 msgid "" "<emphasis>NOTE:</emphasis> In order to have this feature working as expected " "SSSD must be running as \"root\" and not as the unprivileged user." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2688 +#: sssd.conf.5.xml:2689 msgid "autofs_provider (string)" msgstr "autofs_provider (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2691 +#: sssd.conf.5.xml:2692 msgid "" "The autofs provider used for the domain. Supported autofs providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2695 +#: sssd.conf.5.xml:2696 msgid "" "<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3419,7 +3385,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2702 +#: sssd.conf.5.xml:2703 msgid "" "<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> " "<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3427,7 +3393,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2710 +#: sssd.conf.5.xml:2711 msgid "" "<quote>ad</quote> to load maps stored in an AD server. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3435,24 +3401,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2719 +#: sssd.conf.5.xml:2720 msgid "<quote>none</quote> disables autofs explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2729 +#: sssd.conf.5.xml:2730 msgid "hostid_provider (string)" msgstr "hostid_provider (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2732 +#: sssd.conf.5.xml:2733 msgid "" "The provider used for retrieving host identity information. Supported " "hostid providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2736 +#: sssd.conf.5.xml:2737 msgid "" "<quote>ipa</quote> to load host identity stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3460,12 +3426,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2744 +#: sssd.conf.5.xml:2745 msgid "<quote>none</quote> disables hostid explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2757 +#: sssd.conf.5.xml:2758 msgid "" "Regular expression for this domain that describes how to parse the string " "containing user name and domain into these components. The \"domain\" can " @@ -3475,7 +3441,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2766 +#: sssd.conf.5.xml:2767 msgid "" "Default for the AD and IPA provider: <quote>(((?P<domain>[^\\\\]+)\\" "\\(?P<name>.+$))|((?P<name>[^@]+)@(?P<domain>.+$))|(^(?" @@ -3484,29 +3450,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2771 +#: sssd.conf.5.xml:2772 msgid "username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2774 +#: sssd.conf.5.xml:2775 msgid "username@domain.name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2777 +#: sssd.conf.5.xml:2778 msgid "domain\\username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2780 +#: sssd.conf.5.xml:2781 msgid "" "While the first two correspond to the general default the third one is " "introduced to allow easy integration of users from Windows domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2785 +#: sssd.conf.5.xml:2786 msgid "" "Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " "which translates to \"the name is everything up to the <quote>@</quote> " @@ -3517,7 +3483,7 @@ msgstr "" "quote> , el domini és tot el que hi ha després\"" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2791 +#: sssd.conf.5.xml:2792 msgid "" "NOTE: Some Active Directory groups, typically those used for MS Exchange " "contain an <quote>@</quote> sign in the name, which clashes with the default " @@ -3527,17 +3493,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2842 +#: sssd.conf.5.xml:2843 msgid "Default: <quote>%1$s@%2$s</quote>." msgstr "Per defecte: <quote>%1$s@%2$s</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2848 +#: sssd.conf.5.xml:2849 msgid "lookup_family_order (string)" msgstr "lookup_family_order (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2851 +#: sssd.conf.5.xml:2852 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." @@ -3546,42 +3512,42 @@ msgstr "" "realitzar cerques de DNS." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2855 +#: sssd.conf.5.xml:2856 msgid "Supported values:" msgstr "Valors admesos:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2858 +#: sssd.conf.5.xml:2859 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" msgstr "ipv4_first: Intenta resoldre l'adreça IPv4, si falla, intenta IPv6" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2861 +#: sssd.conf.5.xml:2862 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." msgstr "ipv4_only: Intenta resoldre només noms màquina a adreces IPv4." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2864 +#: sssd.conf.5.xml:2865 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" msgstr "ipv6_first: Intenta resoldre l'adreça IPv6, si falla, intenta IPv4" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2867 +#: sssd.conf.5.xml:2868 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." msgstr "ipv6_only: Intenta resoldre només noms màquina a adreces IPv6." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2870 +#: sssd.conf.5.xml:2871 msgid "Default: ipv4_first" msgstr "Per defecte: ipv4_first" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2876 +#: sssd.conf.5.xml:2877 msgid "dns_resolver_timeout (integer)" msgstr "dns_resolver_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2879 +#: sssd.conf.5.xml:2880 msgid "" "Defines the amount of time (in seconds) to wait for a reply from the " "internal fail over service before assuming that the service is unreachable. " @@ -3590,25 +3556,25 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2886 +#: sssd.conf.5.xml:2887 msgid "" "Please see the section <quote>FAILOVER</quote> for more information about " "the service resolution." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2891 sssd-ldap.5.xml:1337 sssd-ldap.5.xml:1379 -#: sssd-ldap.5.xml:1397 sssd-krb5.5.xml:248 +#: sssd.conf.5.xml:2892 sssd-ldap.5.xml:1375 sssd-ldap.5.xml:1417 +#: sssd-ldap.5.xml:1435 sssd-krb5.5.xml:248 msgid "Default: 6" msgstr "Per defecte: 6" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2897 +#: sssd.conf.5.xml:2898 msgid "dns_discovery_domain (string)" msgstr "dns_discovery_domain (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2900 +#: sssd.conf.5.xml:2901 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." @@ -3617,52 +3583,52 @@ msgstr "" "del domini de la consulta DNS del servei de descobriment." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2904 +#: sssd.conf.5.xml:2905 msgid "Default: Use the domain part of machine's hostname" msgstr "Per defecte: Utilitza la part del domini del nom de màquina" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2910 +#: sssd.conf.5.xml:2911 msgid "override_gid (integer)" msgstr "override_gid (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2913 +#: sssd.conf.5.xml:2914 msgid "Override the primary GID value with the one specified." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2919 +#: sssd.conf.5.xml:2920 msgid "case_sensitive (string)" msgstr "case_sensitive (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2930 +#: sssd.conf.5.xml:2931 msgid "True" msgstr "True" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2933 +#: sssd.conf.5.xml:2934 msgid "Case sensitive. This value is invalid for AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2939 +#: sssd.conf.5.xml:2940 msgid "False" msgstr "False" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2941 +#: sssd.conf.5.xml:2942 msgid "Case insensitive." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2945 +#: sssd.conf.5.xml:2946 msgid "Preserving" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2948 +#: sssd.conf.5.xml:2949 msgid "" "Same as False (case insensitive), but does not lowercase names in the result " "of NSS operations. Note that name aliases (and in case of services also " @@ -3670,7 +3636,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2922 +#: sssd.conf.5.xml:2923 msgid "" "Treat user and group names as case sensitive. <phrase condition=" "\"enable_local_provider\"> At the moment, this option is not supported in " @@ -3679,17 +3645,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2960 +#: sssd.conf.5.xml:2961 msgid "Default: True (False for AD provider)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2966 +#: sssd.conf.5.xml:2967 msgid "subdomain_inherit (string)" msgstr "subdomain_inherit (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2969 +#: sssd.conf.5.xml:2970 msgid "" "Specifies a list of configuration parameters that should be inherited by a " "subdomain. Please note that only selected parameters can be inherited. " @@ -3697,34 +3663,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2975 +#: sssd.conf.5.xml:2976 msgid "ignore_group_members" msgstr "ignore_group_members" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2978 +#: sssd.conf.5.xml:2979 msgid "ldap_purge_cache_timeout" msgstr "ldap_purge_cache_timeout" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2981 sssd-ldap.5.xml:1061 +#: sssd.conf.5.xml:2982 sssd-ldap.5.xml:1099 msgid "ldap_use_tokengroups" msgstr "ldap_use_tokengroups" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2984 +#: sssd.conf.5.xml:2985 msgid "ldap_user_principal" msgstr "ldap_user_principal" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2987 +#: sssd.conf.5.xml:2988 msgid "" "ldap_krb5_keytab (the value of krb5_keytab will be used if ldap_krb5_keytab " "is not set explicitly)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:2993 +#: sssd.conf.5.xml:2994 #, no-wrap msgid "" "subdomain_inherit = ldap_purge_cache_timeout\n" @@ -3734,32 +3700,32 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2991 sssd-secrets.5.xml:448 +#: sssd.conf.5.xml:2992 sssd-secrets.5.xml:448 msgid "Example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "Exemple: <placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3000 +#: sssd.conf.5.xml:3001 msgid "Note: This option only works with the IPA and AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3007 +#: sssd.conf.5.xml:3008 msgid "subdomain_homedir (string)" msgstr "subdomain_homedir (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3018 +#: sssd.conf.5.xml:3019 msgid "%F" msgstr "%F" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3019 +#: sssd.conf.5.xml:3020 msgid "flat (NetBIOS) name of a subdomain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3010 +#: sssd.conf.5.xml:3011 msgid "" "Use this homedir as default value for all subdomains within this domain in " "IPA AD trust. See <emphasis>override_homedir</emphasis> for info about " @@ -3769,47 +3735,55 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3024 +#: sssd.conf.5.xml:3025 msgid "" "The value can be overridden by <emphasis>override_homedir</emphasis> option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3028 +#: sssd.conf.5.xml:3029 msgid "Default: <filename>/home/%d/%u</filename>" msgstr "Per defecte: <filename>/home/%d/%u</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3033 +#: sssd.conf.5.xml:3034 msgid "realmd_tags (string)" msgstr "realmd_tags (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3036 +#: sssd.conf.5.xml:3037 msgid "" "Various tags stored by the realmd configuration service for this domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3042 +#: sssd.conf.5.xml:3043 msgid "cached_auth_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3045 +#: sssd.conf.5.xml:3046 msgid "" "Specifies time in seconds since last successful online authentication for " "which user will be authenticated using cached credentials while SSSD is in " -"the online mode." +"the online mode. If the credentials are incorrect, SSSD falls back to online " +"authentication." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3051 +#: sssd.conf.5.xml:3054 +msgid "" +"This option's value is inherited by all trusted domains. At the moment it is " +"not possible to set a different value per trusted domain." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3059 msgid "Special value 0 implies that this feature is disabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3055 +#: sssd.conf.5.xml:3063 msgid "" "Please note that if <quote>cached_auth_timeout</quote> is longer than " "<quote>pam_id_timeout</quote> then the back end could be called to handle " @@ -3817,43 +3791,123 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3066 +#: sssd.conf.5.xml:3074 msgid "auto_private_groups (string)" msgstr "" -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3069 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3080 +msgid "true" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3083 +msgid "" +"Create user's private group unconditionally from user's UID number. The GID " +"number is ignored in this case." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3087 +msgid "" +"NOTE: Because the GID number and the user private group are inferred from " +"the UID number, it is not supported to have multiple entries with the same " +"UID or GID number with this option. In other words, enabling this option " +"enforces uniqueness across the ID space." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3096 +#, fuzzy +#| msgid "False" +msgid "false" +msgstr "False" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3099 +msgid "" +"Always use the user's primary GID number. The GID number must refer to a " +"group object in the LDAP database." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3105 +msgid "hybrid" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3108 +msgid "" +"A primary group is autogenerated for user entries whose UID and GID numbers " +"have the same value and at the same time the GID number does not correspond " +"to a real group object in LDAP If the values are the same, but the primary " +"GID in the user entry is also used by a group object, the primary GID of the " +"user resolves to that group object." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3121 msgid "" -"If this option is enabled, SSSD will automatically create user private " -"groups based on user's UID number. The GID number is ignored in this case." +"If the UID and GID of a user are different, then the GID must correspond to " +"a group entry, otherwise the GID is simply not resolvable." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3128 +msgid "" +"This feature is useful for environments that wish to stop maintaining a " +"separate group objects for the user private groups, but also wish to retain " +"the existing user private groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3074 +#: sssd.conf.5.xml:3077 +#, fuzzy +#| msgid "" +#| "Options valid for proxy domains. <placeholder type=\"variablelist\" id=" +#| "\"0\"/>" msgid "" -"For POSIX subdomains, setting the option in the main domain is inherited in " -"the subdomain." +"This option takes any of three available values: <placeholder type=" +"\"variablelist\" id=\"0\"/>" msgstr "" +"Opcions vàlides per als dominis del servidor intermediari. <placeholder type=" +"\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3078 +#: sssd.conf.5.xml:3140 +msgid "" +"For subdomains, the default value is False for subdomains that use assigned " +"POSIX IDs and True for subdomains that use automatic ID-mapping." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd.conf.5.xml:3148 +#, no-wrap +msgid "" +"[domain/forest.domain/sub.domain]\n" +"auto_private_groups = false\n" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd.conf.5.xml:3154 +#, no-wrap msgid "" -"For ID-mapping subdomains, auto_private_groups is already enabled for the " -"subdomains and setting it to false will not have any effect for the " -"subdomain." +"[domain/forest.domain]\n" +"subdomain_inherit = auto_private_groups\n" +"auto_private_groups = false\n" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3083 +#: sssd.conf.5.xml:3145 msgid "" -"NOTE: Because the GID number and the user private group are inferred from " -"the UID number, it is not supported to have multiple entries with the same " -"UID or GID number with this option. In other words, enabling this option " -"enforces uniqueness across the ID space." +"The value of auto_private_groups can either be set per subdomains in a " +"subsection, for example: <placeholder type=\"programlisting\" id=\"0\"/> or " +"globally for all subdomains in the main domain section using the " +"subdomain_inherit option: <placeholder type=\"programlisting\" id=\"1\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1884 +#: sssd.conf.5.xml:1885 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called <quote>[domain/<replaceable>NAME</" @@ -3864,17 +3918,17 @@ msgstr "" "replaceable>]</quote> <placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3102 +#: sssd.conf.5.xml:3169 msgid "proxy_pam_target (string)" msgstr "proxy_pam_target (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3105 +#: sssd.conf.5.xml:3172 msgid "The proxy target PAM proxies to." msgstr "El servidor intermediari on reenvia PAM." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3108 +#: sssd.conf.5.xml:3175 msgid "" "Default: not set by default, you have to take an existing pam configuration " "or create a new one and add the service name here." @@ -3883,12 +3937,12 @@ msgstr "" "de pam existent o crear-ne una de nova i afegir aquí el nom del servei." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3116 +#: sssd.conf.5.xml:3183 msgid "proxy_lib_name (string)" msgstr "proxy_lib_name (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3119 +#: sssd.conf.5.xml:3186 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " @@ -3899,12 +3953,12 @@ msgstr "" "format _nss_$(libName)_$(function), per exemple _nss_files_getpwent." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3129 +#: sssd.conf.5.xml:3196 msgid "proxy_fast_alias (boolean)" msgstr "proxy_fast_alias (booleà)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3132 +#: sssd.conf.5.xml:3199 msgid "" "When a user or group is looked up by name in the proxy provider, a second " "lookup by ID is performed to \"canonicalize\" the name in case the requested " @@ -3913,12 +3967,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3146 +#: sssd.conf.5.xml:3213 msgid "proxy_max_children (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3149 +#: sssd.conf.5.xml:3216 msgid "" "This option specifies the number of pre-forked proxy children. It is useful " "for high-load SSSD environments where sssd may run out of available child " @@ -3926,7 +3980,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3098 +#: sssd.conf.5.xml:3165 msgid "" "Options valid for proxy domains. <placeholder type=\"variablelist\" id=" "\"0\"/>" @@ -3935,12 +3989,12 @@ msgstr "" "\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:3165 +#: sssd.conf.5.xml:3232 msgid "Application domains" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3167 +#: sssd.conf.5.xml:3234 msgid "" "SSSD, with its D-Bus interface (see <citerefentry> <refentrytitle>sssd-ifp</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry>) is appealing to " @@ -3957,7 +4011,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3187 +#: sssd.conf.5.xml:3254 msgid "" "Please note that the application domain must still be explicitly enabled in " "the <quote>domains</quote> parameter so that the lookup order between the " @@ -3965,17 +4019,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:3193 +#: sssd.conf.5.xml:3260 msgid "Application domain parameters" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3195 +#: sssd.conf.5.xml:3262 msgid "inherit_from (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3198 +#: sssd.conf.5.xml:3265 msgid "" "The SSSD POSIX-type domain the application domain inherits all settings " "from. The application domain can moreover add its own settings to the " @@ -3984,7 +4038,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3212 +#: sssd.conf.5.xml:3279 msgid "" "The following example illustrates the use of an application domain. In this " "setup, the POSIX domain is connected to an LDAP server and is used by the OS " @@ -3994,7 +4048,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><programlisting> -#: sssd.conf.5.xml:3220 +#: sssd.conf.5.xml:3287 #, no-wrap msgid "" "[sssd]\n" @@ -4014,12 +4068,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:3238 +#: sssd.conf.5.xml:3305 msgid "The local domain section" msgstr "La secció del domini local" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3240 +#: sssd.conf.5.xml:3307 msgid "" "This section contains settings for domain that stores users and groups in " "SSSD native database, that is, a domain that uses " @@ -4030,29 +4084,29 @@ msgstr "" "<replaceable>id_provider = local</replaceable>." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3247 +#: sssd.conf.5.xml:3314 msgid "default_shell (string)" msgstr "default_shell (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3250 +#: sssd.conf.5.xml:3317 msgid "The default shell for users created with SSSD userspace tools." msgstr "" "El shell predeterminat per als usuaris que es creen amb eines de l'espai " "d'usuari de l'SSSD." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3254 +#: sssd.conf.5.xml:3321 msgid "Default: <filename>/bin/bash</filename>" msgstr "Per defecte: <filename>/bin/bash</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3259 +#: sssd.conf.5.xml:3326 msgid "base_directory (string)" msgstr "base_directory (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3262 +#: sssd.conf.5.xml:3329 msgid "" "The tools append the login name to <replaceable>base_directory</replaceable> " "and use that as the home directory." @@ -4061,46 +4115,46 @@ msgstr "" "replaceable> i utilitzen aquest com el directori inicial." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3267 +#: sssd.conf.5.xml:3334 msgid "Default: <filename>/home</filename>" msgstr "Per defecte: <filename>/home</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3272 +#: sssd.conf.5.xml:3339 msgid "create_homedir (bool)" msgstr "create_homedir (booleà)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3275 +#: sssd.conf.5.xml:3342 msgid "" "Indicate if a home directory should be created by default for new users. " "Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3279 sssd.conf.5.xml:3291 +#: sssd.conf.5.xml:3346 sssd.conf.5.xml:3358 msgid "Default: TRUE" msgstr "Per defecte: TRUE" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3284 +#: sssd.conf.5.xml:3351 msgid "remove_homedir (bool)" msgstr "remove_homedir (booleà)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3287 +#: sssd.conf.5.xml:3354 msgid "" "Indicate if a home directory should be removed by default for deleted " "users. Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3296 +#: sssd.conf.5.xml:3363 msgid "homedir_umask (integer)" msgstr "homedir_umask (enter)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3299 +#: sssd.conf.5.xml:3366 msgid "" "Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " @@ -4111,17 +4165,17 @@ msgstr "" "defecte en un directori inicial acabat de crear." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3307 +#: sssd.conf.5.xml:3374 msgid "Default: 077" msgstr "Per defecte: 077" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3312 +#: sssd.conf.5.xml:3379 msgid "skel_dir (string)" msgstr "skel_dir (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3315 +#: sssd.conf.5.xml:3382 msgid "" "The skeleton directory, which contains files and directories to be copied in " "the user's home directory, when the home directory is created by " @@ -4134,17 +4188,17 @@ msgstr "" "manvolnum></citerefentry>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3325 +#: sssd.conf.5.xml:3392 msgid "Default: <filename>/etc/skel</filename>" msgstr "Per defecte: <filename>/etc/skel</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3330 +#: sssd.conf.5.xml:3397 msgid "mail_dir (string)" msgstr "mail_dir (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3333 +#: sssd.conf.5.xml:3400 msgid "" "The mail spool directory. This is needed to manipulate the mailbox when its " "corresponding user account is modified or deleted. If not specified, a " @@ -4155,17 +4209,17 @@ msgstr "" "suprimit. Si no s'especifica, s'utilitzarà un valor per defecte." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3340 +#: sssd.conf.5.xml:3407 msgid "Default: <filename>/var/mail</filename>" msgstr "Per defecte: <filename>/var/correu</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3345 +#: sssd.conf.5.xml:3412 msgid "userdel_cmd (string)" msgstr "userdel_cmd (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3348 +#: sssd.conf.5.xml:3415 msgid "" "The command that is run after a user is removed. The command us passed the " "username of the user being removed as the first and only parameter. The " @@ -4176,17 +4230,17 @@ msgstr "" "té en compte." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3354 +#: sssd.conf.5.xml:3421 msgid "Default: None, no command is run" msgstr "Per defecte: Cap, no s'executa cap comanda" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3364 +#: sssd.conf.5.xml:3431 msgid "TRUSTED DOMAIN SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3366 +#: sssd.conf.5.xml:3433 msgid "" "Some options used in the domain section can also be used in the trusted " "domain section, that is, in a section called <quote>[domain/" @@ -4197,64 +4251,71 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3373 +#: sssd.conf.5.xml:3440 msgid "ldap_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3374 +#: sssd.conf.5.xml:3441 msgid "ldap_user_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3375 +#: sssd.conf.5.xml:3442 msgid "ldap_group_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3376 +#: sssd.conf.5.xml:3443 msgid "ldap_netgroup_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3377 +#: sssd.conf.5.xml:3444 msgid "ldap_service_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3378 +#: sssd.conf.5.xml:3445 +#, fuzzy +#| msgid "ldap_sasl_mech (string)" +msgid "ldap_sasl_mech," +msgstr "ldap_sasl_mech (cadena)" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:3446 msgid "ad_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3379 +#: sssd.conf.5.xml:3447 msgid "ad_backup_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3380 +#: sssd.conf.5.xml:3448 msgid "ad_site," msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3381 sssd-ipa.5.xml:797 +#: sssd.conf.5.xml:3449 sssd-ipa.5.xml:797 msgid "use_fully_qualified_names" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3383 +#: sssd.conf.5.xml:3451 msgid "" "For more details about these options see their individual description in the " "manual page." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3389 +#: sssd.conf.5.xml:3457 msgid "CERTIFICATE MAPPING SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3391 +#: sssd.conf.5.xml:3459 msgid "" "To allow authentication with Smartcards and certificates SSSD must be able " "to map certificates to users. This can be done by adding the full " @@ -4267,23 +4328,15 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3405 -#, fuzzy -#| msgid "" -#| "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " -#| "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" -#| "citerefentry> for more information on configuring LDAP." +#: sssd.conf.5.xml:3473 msgid "" "To make the mapping more flexible mapping and matching rules were added to " "SSSD (see <citerefentry> <refentrytitle>sss-certmap</refentrytitle> " "<manvolnum>5</manvolnum> </citerefentry> for details)." msgstr "" -"<quote>ldap</quote> per autenticació nativa LDAP. Vegeu " -"<citerefentry><refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" -"manvolnum></citerefentry> per a més informació sobre configuració d'LDAP." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3414 +#: sssd.conf.5.xml:3482 msgid "" "A mapping and matching rule can be added to the SSSD configuration in a " "section on its own with a name like <quote>[certmap/" @@ -4292,61 +4345,55 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3421 -#, fuzzy -#| msgid "user (string)" +#: sssd.conf.5.xml:3489 msgid "matchrule (string)" -msgstr "user (cadena)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3424 +#: sssd.conf.5.xml:3492 msgid "" "Only certificates from the Smartcard which matches this rule will be " "processed, all others are ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3428 +#: sssd.conf.5.xml:3496 msgid "" "Default: KRB5:<EKU>clientAuth, i.e. only certificates which have the " "Extended Key Usage <quote>clientAuth</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3435 -#, fuzzy -#| msgid "user (string)" +#: sssd.conf.5.xml:3503 msgid "maprule (string)" -msgstr "user (cadena)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3438 +#: sssd.conf.5.xml:3506 msgid "Defines how the user is found for a given certificate." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3444 +#: sssd.conf.5.xml:3512 msgid "" "LDAP:(userCertificate;binary={cert!bin}) for LDAP based providers like " "<quote>ldap</quote>, <quote>AD</quote> or <quote>ipa</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3450 +#: sssd.conf.5.xml:3518 msgid "" "The RULE_NAME for the <quote>files</quote> provider which tries to find a " "user with the same name." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3459 -#, fuzzy -#| msgid "ad_domain (string)" +#: sssd.conf.5.xml:3527 msgid "domains (string)" -msgstr "ad_domain (cadena)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3462 +#: sssd.conf.5.xml:3530 msgid "" "Comma separated list of domain names the rule should be applied. By default " "a rule is only valid in the domain configured in sssd.conf. If the provider " @@ -4355,19 +4402,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3469 +#: sssd.conf.5.xml:3537 msgid "Default: the configured domain in sssd.conf" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3474 -#, fuzzy -#| msgid "pam_verbosity (integer)" +#: sssd.conf.5.xml:3542 msgid "priority (integer)" -msgstr "pam_verbosity (enter)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3477 +#: sssd.conf.5.xml:3545 msgid "" "Unsigned integer value defining the priority of the rule. The higher the " "number the lower the priority. <quote>0</quote> stands for the highest " @@ -4375,28 +4420,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3483 -#, fuzzy -#| msgid "Default: homeDirectory" +#: sssd.conf.5.xml:3551 msgid "Default: the lowest priority" -msgstr "Per defecte: homeDirectory" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3489 +#: sssd.conf.5.xml:3557 msgid "" "To make the configuration simple and reduce the amount of configuration " "options the <quote>files</quote> provider has some special properties:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3495 +#: sssd.conf.5.xml:3563 msgid "" "if maprule is not set the RULE_NAME name is assumed to be the name of the " "matching user" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3501 +#: sssd.conf.5.xml:3569 msgid "" "if a maprule is used both a single user name or a template like " "<quote>{subject_rfc822_name.short_name}</quote> must be in braces like e.g. " @@ -4405,17 +4448,140 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3510 +#: sssd.conf.5.xml:3578 msgid "the <quote>domains</quote> option is ignored" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3518 idmap_sss.8.xml:43 +#: sssd.conf.5.xml:3586 +#, fuzzy +#| msgid "CONFIGURATION OPTIONS" +msgid "PROMPTING CONFIGURATION SECTION" +msgstr "OPCIONS DE CONFIGURACIÓ" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:3588 +msgid "" +"If a special file (<filename>/var/lib/sss/pubconf/pam_preauth_available</" +"filename>) exists SSSD's PAM module pam_sss will ask SSSD to figure out " +"which authentication methods are available for the user trying to log in. " +"Based on the results pam_sss will prompt the user for appropriate " +"credentials." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:3596 +msgid "" +"With the growing number of authentication methods and the possibility that " +"there are multiple ones for a single user the heuristic used by pam_sss to " +"select the prompting might not be suitable for all use cases. To following " +"options should provide a better flexibility here." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3608 +msgid "[prompting/password]" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3611 +#, fuzzy +#| msgid "password" +msgid "password_prompt" +msgstr "contrasenya" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3612 +msgid "to change the string of the password prompt" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3610 +#, fuzzy +#| msgid "" +#| "Options valid for proxy domains. <placeholder type=\"variablelist\" id=" +#| "\"0\"/>" +msgid "" +"to configure password prompting, allowed options are: <placeholder type=" +"\"variablelist\" id=\"0\"/>" +msgstr "" +"Opcions vàlides per als dominis del servidor intermediari. <placeholder type=" +"\"variablelist\" id=\"0\"/>" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3620 +msgid "[prompting/2fa]" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3624 +msgid "first_prompt" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3625 +msgid "to change the string of the prompt for the first factor" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3628 +msgid "second_prompt" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3629 +msgid "to change the string of the prompt for the second factor" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3632 +msgid "single_prompt" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3633 +msgid "" +"boolean value, if True there will be only a single prompt using the value of " +"first_prompt where it is expected that both factor are entered as a single " +"string" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3622 +#, fuzzy +#| msgid "" +#| "Options valid for proxy domains. <placeholder type=\"variablelist\" id=" +#| "\"0\"/>" +msgid "" +"to configure two-factor authentication prompting, allowed options are: " +"<placeholder type=\"variablelist\" id=\"0\"/>" +msgstr "" +"Opcions vàlides per als dominis del servidor intermediari. <placeholder type=" +"\"variablelist\" id=\"0\"/>" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:3603 +msgid "" +"Each supported authentication method has it's own configuration sub-section " +"under <quote>[prompting/...]</quote>. Currently there are: <placeholder type=" +"\"variablelist\" id=\"0\"/> <placeholder type=\"variablelist\" id=\"1\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:3645 +msgid "" +"It is possible to add a sub-section for specific PAM services like e.g. " +"<quote>[prompting/password/sshd]</quote> to individual change the prompting " +"for this service." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sssd.conf.5.xml:3652 idmap_sss.8.xml:43 msgid "EXAMPLES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3524 +#: sssd.conf.5.xml:3658 #, no-wrap msgid "" "[sssd]\n" @@ -4469,7 +4635,7 @@ msgstr "" "enumerate = False\n" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3520 +#: sssd.conf.5.xml:3654 msgid "" "1. The following example shows a typical SSSD config. It does not describe " "configuration of the domains themselves - refer to documentation on " @@ -4478,7 +4644,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3557 +#: sssd.conf.5.xml:3691 #, no-wrap msgid "" "[domain/ipa.com/child.ad.com]\n" @@ -4486,7 +4652,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3551 +#: sssd.conf.5.xml:3685 msgid "" "2. The following example shows configuration of IPA AD trust where the AD " "forest consists of two domains in a parent-child structure. Suppose IPA " @@ -4497,7 +4663,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3571 +#: sssd.conf.5.xml:3705 #, no-wrap msgid "" "[certmap/my.domain/rule_name]\n" @@ -4511,7 +4677,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3562 +#: sssd.conf.5.xml:3696 msgid "" "3. The following example shows the configuration for two certificate mapping " "rules. The first is valid for the configured domain <quote>my.domain</quote> " @@ -4677,7 +4843,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:662 sssd-ad.5.xml:286 +#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:700 sssd-ad.5.xml:286 #: sss_override.8.xml:137 sss_override.8.xml:234 msgid "Examples:" msgstr "Exemples:" @@ -4774,52 +4940,97 @@ msgstr "Per defecte: rfc2307" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:209 +#, fuzzy +#| msgid "ldap_group_modify_timestamp (string)" +msgid "ldap_pwmodify_mode (string)" +msgstr "ldap_group_modify_timestamp (cadena)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:212 +msgid "Specify the operation that is used to modify user password." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:216 +#, fuzzy +#| msgid "The two mechanisms currently supported are:" +msgid "Two modes are currently supported:" +msgstr "Els dos mecanismes suportats actualment són:" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ldap.5.xml:220 +msgid "exop - Password Modify Extended Operation (RFC 3062)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ldap.5.xml:226 +msgid "ldap_modify - Direct modification of userPassword (not recommended)." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:233 +msgid "" +"Note: First, a new connection is established to verify current password by " +"binding as the user that requested password change. If successful, this " +"connection is used to change the password therefore the user must have write " +"access to userPassword attribute." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:241 +#, fuzzy +#| msgid "Default: gecos" +msgid "Default: exop" +msgstr "Per defecte: gecos" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:247 msgid "ldap_default_bind_dn (string)" msgstr "ldap_default_bind_dn (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:212 +#: sssd-ldap.5.xml:250 msgid "The default bind DN to use for performing LDAP operations." msgstr "" "El vincle DN per defecte per utilitzar en realitzar les operacions d'LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:219 +#: sssd-ldap.5.xml:257 msgid "ldap_default_authtok_type (string)" msgstr "ldap_default_authtok_type (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:222 +#: sssd-ldap.5.xml:260 msgid "The type of the authentication token of the default bind DN." msgstr "El tipus de testimoni d'autenticació del vincle DN per defecte." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:226 +#: sssd-ldap.5.xml:264 msgid "The two mechanisms currently supported are:" msgstr "Els dos mecanismes suportats actualment són:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:229 +#: sssd-ldap.5.xml:267 msgid "password" msgstr "contrasenya" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:232 +#: sssd-ldap.5.xml:270 msgid "obfuscated_password" msgstr "obfuscated_password" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:235 +#: sssd-ldap.5.xml:273 msgid "Default: password" msgstr "Per defecte: password" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:241 +#: sssd-ldap.5.xml:279 msgid "ldap_default_authtok (string)" msgstr "ldap_default_authtok (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:244 +#: sssd-ldap.5.xml:282 msgid "" "The authentication token of the default bind DN. Only clear text passwords " "are currently supported." @@ -4828,74 +5039,74 @@ msgstr "" "text contrasenyes estan suportats actualment." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:251 +#: sssd-ldap.5.xml:289 msgid "ldap_user_object_class (string)" msgstr "ldap_user_object_class (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:254 +#: sssd-ldap.5.xml:292 msgid "The object class of a user entry in LDAP." msgstr "La classe d'objecte d'una entrada d'usuari a LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:257 +#: sssd-ldap.5.xml:295 msgid "Default: posixAccount" msgstr "Per defecte: posixAccount" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:263 +#: sssd-ldap.5.xml:301 msgid "ldap_user_name (string)" msgstr "ldap_user_name (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:266 +#: sssd-ldap.5.xml:304 msgid "The LDAP attribute that corresponds to the user's login name." msgstr "L'atribut LDAP que correspon al nom de compte de l'usuari." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:270 +#: sssd-ldap.5.xml:308 msgid "Default: uid (rfc2307, rfc2307bis and IPA), sAMAccountName (AD)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:277 +#: sssd-ldap.5.xml:315 msgid "ldap_user_uid_number (string)" msgstr "ldap_user_uid_number (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:280 +#: sssd-ldap.5.xml:318 msgid "The LDAP attribute that corresponds to the user's id." msgstr "" "L'atribut LDAP que correspon al númerdo de l'identificador de l'usuari." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:284 +#: sssd-ldap.5.xml:322 msgid "Default: uidNumber" msgstr "Per defecte: uidNumber" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:290 +#: sssd-ldap.5.xml:328 msgid "ldap_user_gid_number (string)" msgstr "ldap_user_gid_number (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:293 +#: sssd-ldap.5.xml:331 msgid "The LDAP attribute that corresponds to the user's primary group id." msgstr "" "L'atribut LDAP que correspon a l'identificador del grup primari de l'usuari." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:297 sssd-ldap.5.xml:929 +#: sssd-ldap.5.xml:335 sssd-ldap.5.xml:967 msgid "Default: gidNumber" msgstr "Per defecte: gidNumber" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:303 +#: sssd-ldap.5.xml:341 msgid "ldap_user_primary_group (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:306 +#: sssd-ldap.5.xml:344 msgid "" "Active Directory primary group attribute for ID-mapping. Note that this " "attribute should only be set manually if you are running the <quote>ldap</" @@ -4903,96 +5114,96 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:312 +#: sssd-ldap.5.xml:350 msgid "Default: unset (LDAP), primaryGroupID (AD)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:318 +#: sssd-ldap.5.xml:356 msgid "ldap_user_gecos (string)" msgstr "ldap_user_gecos (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:321 +#: sssd-ldap.5.xml:359 msgid "The LDAP attribute that corresponds to the user's gecos field." msgstr "L'atribut LDAP que correspon al camp gecos de l'usuari." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:325 +#: sssd-ldap.5.xml:363 msgid "Default: gecos" msgstr "Per defecte: gecos" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:331 +#: sssd-ldap.5.xml:369 msgid "ldap_user_home_directory (string)" msgstr "ldap_user_home_directory (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:334 +#: sssd-ldap.5.xml:372 msgid "The LDAP attribute that contains the name of the user's home directory." msgstr "L'atribut LDAP que conté el nom del directori inicial de l'usuari." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:338 +#: sssd-ldap.5.xml:376 msgid "Default: homeDirectory" msgstr "Per defecte: homeDirectory" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:344 +#: sssd-ldap.5.xml:382 msgid "ldap_user_shell (string)" msgstr "ldap_user_shell (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:347 +#: sssd-ldap.5.xml:385 msgid "The LDAP attribute that contains the path to the user's default shell." msgstr "L'atribut LDAP que conté el camí al shell per defecte de l'usuari." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:351 +#: sssd-ldap.5.xml:389 msgid "Default: loginShell" msgstr "Per defecte: loginShell" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:357 +#: sssd-ldap.5.xml:395 msgid "ldap_user_uuid (string)" msgstr "ldap_user_uuid (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:360 +#: sssd-ldap.5.xml:398 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:364 sssd-ldap.5.xml:955 +#: sssd-ldap.5.xml:402 sssd-ldap.5.xml:993 msgid "" "Default: not set in the general case, objectGUID for AD and ipaUniqueID for " "IPA" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:371 +#: sssd-ldap.5.xml:409 msgid "ldap_user_objectsid (string)" msgstr "ldap_user_objectsid (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:374 +#: sssd-ldap.5.xml:412 msgid "" "The LDAP attribute that contains the objectSID of an LDAP user object. This " "is usually only necessary for ActiveDirectory servers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:379 sssd-ldap.5.xml:970 +#: sssd-ldap.5.xml:417 sssd-ldap.5.xml:1008 msgid "Default: objectSid for ActiveDirectory, not set for other servers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:386 +#: sssd-ldap.5.xml:424 msgid "ldap_user_modify_timestamp (string)" msgstr "ldap_user_modify_timestamp (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:389 sssd-ldap.5.xml:980 sssd-ldap.5.xml:1144 +#: sssd-ldap.5.xml:427 sssd-ldap.5.xml:1018 sssd-ldap.5.xml:1182 msgid "" "The LDAP attribute that contains timestamp of the last modification of the " "parent object." @@ -5001,17 +5212,17 @@ msgstr "" "pare." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:393 sssd-ldap.5.xml:984 sssd-ldap.5.xml:1151 +#: sssd-ldap.5.xml:431 sssd-ldap.5.xml:1022 sssd-ldap.5.xml:1189 msgid "Default: modifyTimestamp" msgstr "Per defecte: modifyTimestamp" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:399 +#: sssd-ldap.5.xml:437 msgid "ldap_user_shadow_last_change (string)" msgstr "ldap_user_shadow_last_change (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:402 +#: sssd-ldap.5.xml:440 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -5024,17 +5235,17 @@ msgstr "" "manvolnum></citerefentry> (data de l'últim canvi de contrasenya)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:412 +#: sssd-ldap.5.xml:450 msgid "Default: shadowLastChange" msgstr "Per defecte: shadowLastChange" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:418 +#: sssd-ldap.5.xml:456 msgid "ldap_user_shadow_min (string)" msgstr "ldap_user_shadow_min (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:421 +#: sssd-ldap.5.xml:459 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -5047,17 +5258,17 @@ msgstr "" "manvolnum></citerefentry> (edat mínima de la contrasenya)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:430 +#: sssd-ldap.5.xml:468 msgid "Default: shadowMin" msgstr "Per defecte: shadowMin" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:436 +#: sssd-ldap.5.xml:474 msgid "ldap_user_shadow_max (string)" msgstr "ldap_user_shadow_max (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:439 +#: sssd-ldap.5.xml:477 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -5070,17 +5281,17 @@ msgstr "" "manvolnum></citerefentry> (edat màxima de la contrasenya)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:448 +#: sssd-ldap.5.xml:486 msgid "Default: shadowMax" msgstr "Per defecte: shadowMax" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:454 +#: sssd-ldap.5.xml:492 msgid "ldap_user_shadow_warning (string)" msgstr "ldap_user_shadow_warning (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:457 +#: sssd-ldap.5.xml:495 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -5093,17 +5304,17 @@ msgstr "" "manvolnum></citerefentry> (període d'advertència de contrasenya)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:467 +#: sssd-ldap.5.xml:505 msgid "Default: shadowWarning" msgstr "Per defecte: shadowWarning" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:473 +#: sssd-ldap.5.xml:511 msgid "ldap_user_shadow_inactive (string)" msgstr "ldap_user_shadow_inactive (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:476 +#: sssd-ldap.5.xml:514 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -5116,17 +5327,17 @@ msgstr "" "manvolnum></citerefentry> (període d'inactivitat de contrasenya)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:486 +#: sssd-ldap.5.xml:524 msgid "Default: shadowInactive" msgstr "Per defecte: shadowInactive" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:492 +#: sssd-ldap.5.xml:530 msgid "ldap_user_shadow_expire (string)" msgstr "ldap_user_shadow_expire (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:495 +#: sssd-ldap.5.xml:533 msgid "" "When using ldap_pwd_policy=shadow or ldap_account_expire_policy=shadow, this " "parameter contains the name of an LDAP attribute corresponding to its " @@ -5139,17 +5350,17 @@ msgstr "" "manvolnum></citerefentry> (data de caducitat del compte)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:505 +#: sssd-ldap.5.xml:543 msgid "Default: shadowExpire" msgstr "Per defecte: shadowExpire" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:511 +#: sssd-ldap.5.xml:549 msgid "ldap_user_krb_last_pwd_change (string)" msgstr "ldap_user_krb_last_pwd_change (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:514 +#: sssd-ldap.5.xml:552 msgid "" "When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " "an LDAP attribute storing the date and time of last password change in " @@ -5160,17 +5371,17 @@ msgstr "" "contrasenya en kerberos." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:520 +#: sssd-ldap.5.xml:558 msgid "Default: krbLastPwdChange" msgstr "Per defecte: krbLastPwdChange" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:526 +#: sssd-ldap.5.xml:564 msgid "ldap_user_krb_password_expiration (string)" msgstr "ldap_user_krb_password_expiration (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:529 +#: sssd-ldap.5.xml:567 msgid "" "When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " "an LDAP attribute storing the date and time when current password expires." @@ -5180,114 +5391,114 @@ msgstr "" "contrasenya actual." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:535 +#: sssd-ldap.5.xml:573 msgid "Default: krbPasswordExpiration" msgstr "Per defecte: krbPasswordExpiration" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:541 +#: sssd-ldap.5.xml:579 msgid "ldap_user_ad_account_expires (string)" msgstr "ldap_user_ad_account_expires (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:544 +#: sssd-ldap.5.xml:582 msgid "" "When using ldap_account_expire_policy=ad, this parameter contains the name " "of an LDAP attribute storing the expiration time of the account." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:549 +#: sssd-ldap.5.xml:587 msgid "Default: accountExpires" msgstr "Per defecte: accountExpires" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:555 +#: sssd-ldap.5.xml:593 msgid "ldap_user_ad_user_account_control (string)" msgstr "ldap_user_ad_user_account_control (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:558 +#: sssd-ldap.5.xml:596 msgid "" "When using ldap_account_expire_policy=ad, this parameter contains the name " "of an LDAP attribute storing the user account control bit field." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:563 +#: sssd-ldap.5.xml:601 msgid "Default: userAccountControl" msgstr "Per defecte: userAccountControl" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:569 +#: sssd-ldap.5.xml:607 msgid "ldap_ns_account_lock (string)" msgstr "ldap_ns_account_lock (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:572 +#: sssd-ldap.5.xml:610 msgid "" "When using ldap_account_expire_policy=rhds or equivalent, this parameter " "determines if access is allowed or not." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:577 +#: sssd-ldap.5.xml:615 msgid "Default: nsAccountLock" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:583 +#: sssd-ldap.5.xml:621 msgid "ldap_user_nds_login_disabled (string)" msgstr "ldap_user_nds_login_disabled (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:586 +#: sssd-ldap.5.xml:624 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines if " "access is allowed or not." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:590 sssd-ldap.5.xml:604 +#: sssd-ldap.5.xml:628 sssd-ldap.5.xml:642 msgid "Default: loginDisabled" msgstr "Per defecte: loginDisabled" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:596 +#: sssd-ldap.5.xml:634 msgid "ldap_user_nds_login_expiration_time (string)" msgstr "ldap_user_nds_login_expiration_time (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:599 +#: sssd-ldap.5.xml:637 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines until " "which date access is granted." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:610 +#: sssd-ldap.5.xml:648 msgid "ldap_user_nds_login_allowed_time_map (string)" msgstr "ldap_user_nds_login_allowed_time_map (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:613 +#: sssd-ldap.5.xml:651 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines the " "hours of a day in a week when access is granted." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:618 +#: sssd-ldap.5.xml:656 msgid "Default: loginAllowedTimeMap" msgstr "Per defecte: loginAllowedTimeMap" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:624 +#: sssd-ldap.5.xml:662 msgid "ldap_user_principal (string)" msgstr "ldap_user_principal (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:627 +#: sssd-ldap.5.xml:665 msgid "" "The LDAP attribute that contains the user's Kerberos User Principal Name " "(UPN)." @@ -5296,24 +5507,24 @@ msgstr "" "Kerberos." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:631 +#: sssd-ldap.5.xml:669 msgid "Default: krbPrincipalName" msgstr "Per defecte: krbPrincipalName" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:637 +#: sssd-ldap.5.xml:675 msgid "ldap_user_extra_attrs (string)" msgstr "ldap_user_extra_attrs (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:640 +#: sssd-ldap.5.xml:678 msgid "" "Comma-separated list of LDAP attributes that SSSD would fetch along with the " "usual set of user attributes." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:645 +#: sssd-ldap.5.xml:683 msgid "" "The list can either contain LDAP attribute names only, or colon-separated " "tuples of SSSD cache attribute name and LDAP attribute name. In case only " @@ -5323,7 +5534,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:655 +#: sssd-ldap.5.xml:693 msgid "" "Please note that several attribute names are reserved by SSSD, notably the " "<quote>name</quote> attribute. SSSD would report an error if any of the " @@ -5331,51 +5542,51 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:665 +#: sssd-ldap.5.xml:703 msgid "ldap_user_extra_attrs = telephoneNumber" msgstr "ldap_user_extra_attrs = telephoneNumber" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:668 +#: sssd-ldap.5.xml:706 msgid "" "Save the <quote>telephoneNumber</quote> attribute from LDAP as " "<quote>telephoneNumber</quote> to the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:672 +#: sssd-ldap.5.xml:710 msgid "ldap_user_extra_attrs = phone:telephoneNumber" msgstr "ldap_user_extra_attrs = phone:telephoneNumber" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:675 +#: sssd-ldap.5.xml:713 msgid "" "Save the <quote>telephoneNumber</quote> attribute from LDAP as <quote>phone</" "quote> to the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:685 +#: sssd-ldap.5.xml:723 msgid "ldap_user_ssh_public_key (string)" msgstr "ldap_user_ssh_public_key (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:688 +#: sssd-ldap.5.xml:726 msgid "The LDAP attribute that contains the user's SSH public keys." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:692 sssd-ldap.5.xml:1247 +#: sssd-ldap.5.xml:730 sssd-ldap.5.xml:1285 msgid "Default: sshPublicKey" msgstr "Per defecte: sshPublicKey" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:698 +#: sssd-ldap.5.xml:736 msgid "ldap_force_upper_case_realm (boolean)" msgstr "ldap_force_upper_case_realm (booleà)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:701 +#: sssd-ldap.5.xml:739 msgid "" "Some directory servers, for example Active Directory, might deliver the " "realm part of the UPN in lower case, which might cause the authentication to " @@ -5388,24 +5599,24 @@ msgstr "" "voleu utilitzar un àmbit en majúscules." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:714 +#: sssd-ldap.5.xml:752 msgid "ldap_enumeration_refresh_timeout (integer)" msgstr "ldap_enumeration_refresh_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:717 +#: sssd-ldap.5.xml:755 msgid "" "Specifies how many seconds SSSD has to wait before refreshing its cache of " "enumerated records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:728 +#: sssd-ldap.5.xml:766 msgid "ldap_purge_cache_timeout (integer)" msgstr "ldap_purge_cache_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:731 +#: sssd-ldap.5.xml:769 msgid "" "Determine how often to check the cache for inactive entries (such as groups " "with no members and users who have never logged in) and remove them to save " @@ -5416,7 +5627,7 @@ msgstr "" "los per estalviar espai." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:737 +#: sssd-ldap.5.xml:775 msgid "" "Setting this option to zero will disable the cache cleanup operation. Please " "note that if enumeration is enabled, the cleanup task is required in order " @@ -5425,43 +5636,43 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:752 +#: sssd-ldap.5.xml:790 msgid "ldap_user_fullname (string)" msgstr "ldap_user_fullname (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:755 +#: sssd-ldap.5.xml:793 msgid "The LDAP attribute that corresponds to the user's full name." msgstr "L'atribut LDAP que correspon al nom complet de l'usuari." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:759 sssd-ldap.5.xml:1102 sssd-ldap.5.xml:1176 -#: sssd-ldap.5.xml:1285 sssd-ldap.5.xml:2346 sssd-ipa.5.xml:622 +#: sssd-ldap.5.xml:797 sssd-ldap.5.xml:1140 sssd-ldap.5.xml:1214 +#: sssd-ldap.5.xml:1323 sssd-ldap.5.xml:2404 sssd-ipa.5.xml:622 msgid "Default: cn" msgstr "Per defecte: cn" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:765 +#: sssd-ldap.5.xml:803 msgid "ldap_user_member_of (string)" msgstr "ldap_user_member_of (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:768 +#: sssd-ldap.5.xml:806 msgid "The LDAP attribute that lists the user's group memberships." msgstr "L'atribut LDAP que llista la pertanença a grups de l'usuari." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:772 sssd-ldap.5.xml:1215 +#: sssd-ldap.5.xml:810 sssd-ldap.5.xml:1253 msgid "Default: memberOf" msgstr "Per defecte: memberOf" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:778 +#: sssd-ldap.5.xml:816 msgid "ldap_user_authorized_service (string)" msgstr "ldap_user_authorized_service (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:781 +#: sssd-ldap.5.xml:819 msgid "" "If access_provider=ldap and ldap_access_order=authorized_service, SSSD will " "use the presence of the authorizedService attribute in the user's LDAP entry " @@ -5472,7 +5683,7 @@ msgstr "" "l'usuari per determinar els privilegis d'accés." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:788 +#: sssd-ldap.5.xml:826 msgid "" "An explicit deny (!svc) is resolved first. Second, SSSD searches for " "explicit allow (svc) and finally for allow_all (*)." @@ -5481,7 +5692,7 @@ msgstr "" "l'SSSD cerca autoritzacions explícites (svc) i, finalment, allow_all (*)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:793 +#: sssd-ldap.5.xml:831 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>authorized_service</quote> in order for the " @@ -5489,17 +5700,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:800 +#: sssd-ldap.5.xml:838 msgid "Default: authorizedService" msgstr "Per defecte: authorizedService" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:806 +#: sssd-ldap.5.xml:844 msgid "ldap_user_authorized_host (string)" msgstr "ldap_user_authorized_host (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:809 +#: sssd-ldap.5.xml:847 msgid "" "If access_provider=ldap and ldap_access_order=host, SSSD will use the " "presence of the host attribute in the user's LDAP entry to determine access " @@ -5507,14 +5718,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:815 +#: sssd-ldap.5.xml:853 msgid "" "An explicit deny (!host) is resolved first. Second, SSSD searches for " "explicit allow (host) and finally for allow_all (*)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:820 +#: sssd-ldap.5.xml:858 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>host</quote> in order for the " @@ -5522,17 +5733,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:827 +#: sssd-ldap.5.xml:865 msgid "Default: host" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:833 +#: sssd-ldap.5.xml:871 msgid "ldap_user_authorized_rhost (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:836 +#: sssd-ldap.5.xml:874 msgid "" "If access_provider=ldap and ldap_access_order=rhost, SSSD will use the " "presence of the rhost attribute in the user's LDAP entry to determine access " @@ -5540,14 +5751,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:843 +#: sssd-ldap.5.xml:881 msgid "" "An explicit deny (!rhost) is resolved first. Second, SSSD searches for " "explicit allow (rhost) and finally for allow_all (*)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:848 +#: sssd-ldap.5.xml:886 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>rhost</quote> in order for the " @@ -5555,37 +5766,37 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:855 +#: sssd-ldap.5.xml:893 msgid "Default: rhost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:861 +#: sssd-ldap.5.xml:899 msgid "ldap_user_certificate (string)" msgstr "ldap_user_certificate (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:864 +#: sssd-ldap.5.xml:902 msgid "Name of the LDAP attribute containing the X509 certificate of the user." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:868 +#: sssd-ldap.5.xml:906 msgid "Default: userCertificate;binary" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:874 +#: sssd-ldap.5.xml:912 msgid "ldap_user_email (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:877 +#: sssd-ldap.5.xml:915 msgid "Name of the LDAP attribute containing the email address of the user." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:881 +#: sssd-ldap.5.xml:919 msgid "" "Note: If an email address of a user conflicts with an email address or fully " "qualified name of another user, then SSSD will not be able to serve those " @@ -5595,106 +5806,106 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:890 +#: sssd-ldap.5.xml:928 msgid "Default: mail" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:896 +#: sssd-ldap.5.xml:934 msgid "ldap_group_object_class (string)" msgstr "ldap_group_object_class (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:899 +#: sssd-ldap.5.xml:937 msgid "The object class of a group entry in LDAP." msgstr "La classe d'objecte d'una entrada de grup a LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:902 +#: sssd-ldap.5.xml:940 msgid "Default: posixGroup" msgstr "Per defecte: posixGroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:908 +#: sssd-ldap.5.xml:946 msgid "ldap_group_name (string)" msgstr "ldap_group_name (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:911 +#: sssd-ldap.5.xml:949 msgid "The LDAP attribute that corresponds to the group name." msgstr "L'atribut LDAP que es correspon amb el nom del grup." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:915 +#: sssd-ldap.5.xml:953 msgid "Default: cn (rfc2307, rfc2307bis and IPA), sAMAccountName (AD)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:922 +#: sssd-ldap.5.xml:960 msgid "ldap_group_gid_number (string)" msgstr "ldap_group_gid_number (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:925 +#: sssd-ldap.5.xml:963 msgid "The LDAP attribute that corresponds to the group's id." msgstr "L'atribut LDAP que correspon a l'identificador del grup." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:935 +#: sssd-ldap.5.xml:973 msgid "ldap_group_member (string)" msgstr "ldap_group_member (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:938 +#: sssd-ldap.5.xml:976 msgid "The LDAP attribute that contains the names of the group's members." msgstr "L'atribut LDAP que conté els noms dels membres del grup." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:942 +#: sssd-ldap.5.xml:980 msgid "Default: memberuid (rfc2307) / member (rfc2307bis)" msgstr "Per defecte: memberuid (rfc2307) / member (rfc2307bis)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:948 +#: sssd-ldap.5.xml:986 msgid "ldap_group_uuid (string)" msgstr "ldap_group_uuid (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:951 +#: sssd-ldap.5.xml:989 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:962 +#: sssd-ldap.5.xml:1000 msgid "ldap_group_objectsid (string)" msgstr "ldap_group_objectsid (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:965 +#: sssd-ldap.5.xml:1003 msgid "" "The LDAP attribute that contains the objectSID of an LDAP group object. This " "is usually only necessary for ActiveDirectory servers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:977 +#: sssd-ldap.5.xml:1015 msgid "ldap_group_modify_timestamp (string)" msgstr "ldap_group_modify_timestamp (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:990 +#: sssd-ldap.5.xml:1028 msgid "ldap_group_type (integer)" msgstr "ldap_group_type (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:993 +#: sssd-ldap.5.xml:1031 msgid "" "The LDAP attribute that contains an integer value indicating the type of the " "group and maybe other flags." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:998 +#: sssd-ldap.5.xml:1036 msgid "" "This attribute is currently only used by the AD provider to determine if a " "group is a domain local groups and has to be filtered out for trusted " @@ -5702,34 +5913,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1004 +#: sssd-ldap.5.xml:1042 msgid "Default: groupType in the AD provider, otherwise not set" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1011 +#: sssd-ldap.5.xml:1049 msgid "ldap_group_external_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1014 +#: sssd-ldap.5.xml:1052 msgid "" "The LDAP attribute that references group members that are defined in an " "external domain. At the moment, only IPA's external members are supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1020 +#: sssd-ldap.5.xml:1058 msgid "Default: ipaExternalMember in the IPA provider, otherwise unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1027 +#: sssd-ldap.5.xml:1065 msgid "ldap_group_nesting_level (integer)" msgstr "ldap_group_nesting_level (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1030 +#: sssd-ldap.5.xml:1068 msgid "" "If ldap_schema is set to a schema format that supports nested groups (e.g. " "RFC2307bis), then this option controls how many levels of nesting SSSD will " @@ -5741,7 +5952,7 @@ msgstr "" "RFC2307." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1037 +#: sssd-ldap.5.xml:1075 msgid "" "Note: This option specifies the guaranteed level of nested groups to be " "processed for any lookup. However, nested groups beyond this limit " @@ -5751,7 +5962,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1046 +#: sssd-ldap.5.xml:1084 msgid "" "If ldap_group_nesting_level is set to 0 then no nested groups are processed " "at all. However, when connected to Active-Directory Server 2008 and later " @@ -5761,178 +5972,178 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1055 +#: sssd-ldap.5.xml:1093 msgid "Default: 2" msgstr "Per defecte: 2" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1064 +#: sssd-ldap.5.xml:1102 msgid "" "This options enables or disables use of Token-Groups attribute when " "performing initgroup for users from Active Directory Server 2008 and later." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1069 +#: sssd-ldap.5.xml:1107 msgid "Default: True for AD and IPA otherwise False." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1075 +#: sssd-ldap.5.xml:1113 msgid "ldap_netgroup_object_class (string)" msgstr "ldap_netgroup_object_class (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1078 +#: sssd-ldap.5.xml:1116 msgid "The object class of a netgroup entry in LDAP." msgstr "La classe d'objecte d'una entrada de netgroup a LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1081 +#: sssd-ldap.5.xml:1119 msgid "In IPA provider, ipa_netgroup_object_class should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1085 +#: sssd-ldap.5.xml:1123 msgid "Default: nisNetgroup" msgstr "Per defecte: nisNetgroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1091 +#: sssd-ldap.5.xml:1129 msgid "ldap_netgroup_name (string)" msgstr "ldap_netgroup_name (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1094 +#: sssd-ldap.5.xml:1132 msgid "The LDAP attribute that corresponds to the netgroup name." msgstr "L'atribut LDAP que es correspon amb el nom del netgroup." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1098 +#: sssd-ldap.5.xml:1136 msgid "In IPA provider, ipa_netgroup_name should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1108 +#: sssd-ldap.5.xml:1146 msgid "ldap_netgroup_member (string)" msgstr "ldap_netgroup_member (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1111 +#: sssd-ldap.5.xml:1149 msgid "The LDAP attribute that contains the names of the netgroup's members." msgstr "L'atribut LDAP que conté els noms dels membres del netgroup." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1115 +#: sssd-ldap.5.xml:1153 msgid "In IPA provider, ipa_netgroup_member should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1119 +#: sssd-ldap.5.xml:1157 msgid "Default: memberNisNetgroup" msgstr "Per defecte: memberNisNetgroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1125 +#: sssd-ldap.5.xml:1163 msgid "ldap_netgroup_triple (string)" msgstr "ldap_netgroup_triple (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1128 +#: sssd-ldap.5.xml:1166 msgid "" "The LDAP attribute that contains the (host, user, domain) netgroup triples." msgstr "" "L'atribut LDAP que conté les tripletes netgroup (maquina, usuari, domini)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1132 sssd-ldap.5.xml:1148 +#: sssd-ldap.5.xml:1170 sssd-ldap.5.xml:1186 msgid "This option is not available in IPA provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1135 +#: sssd-ldap.5.xml:1173 msgid "Default: nisNetgroupTriple" msgstr "Per defecte: nisNetgroupTriple" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1141 +#: sssd-ldap.5.xml:1179 msgid "ldap_netgroup_modify_timestamp (string)" msgstr "ldap_netgroup_modify_timestamp (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1157 +#: sssd-ldap.5.xml:1195 msgid "ldap_host_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1160 +#: sssd-ldap.5.xml:1198 msgid "The object class of a host entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1163 sssd-ldap.5.xml:1272 +#: sssd-ldap.5.xml:1201 sssd-ldap.5.xml:1310 msgid "Default: ipService" msgstr "Per defecte: ipService" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1169 +#: sssd-ldap.5.xml:1207 msgid "ldap_host_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1172 sssd-ldap.5.xml:1198 +#: sssd-ldap.5.xml:1210 sssd-ldap.5.xml:1236 msgid "The LDAP attribute that corresponds to the host's name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1182 +#: sssd-ldap.5.xml:1220 msgid "ldap_host_fqdn (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1185 +#: sssd-ldap.5.xml:1223 msgid "" "The LDAP attribute that corresponds to the host's fully-qualified domain " "name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1189 +#: sssd-ldap.5.xml:1227 msgid "Default: fqdn" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1195 +#: sssd-ldap.5.xml:1233 msgid "ldap_host_serverhostname (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1202 +#: sssd-ldap.5.xml:1240 msgid "Default: serverHostname" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1208 +#: sssd-ldap.5.xml:1246 msgid "ldap_host_member_of (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1211 +#: sssd-ldap.5.xml:1249 msgid "The LDAP attribute that lists the host's group memberships." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1221 +#: sssd-ldap.5.xml:1259 msgid "ldap_host_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1224 +#: sssd-ldap.5.xml:1262 msgid "Optional. Use the given string as search base for host objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1228 sssd-ipa.5.xml:374 sssd-ipa.5.xml:393 +#: sssd-ldap.5.xml:1266 sssd-ipa.5.xml:374 sssd-ipa.5.xml:393 #: sssd-ipa.5.xml:412 sssd-ipa.5.xml:431 msgid "" "See <quote>ldap_search_base</quote> for information about configuring " @@ -5940,95 +6151,95 @@ msgid "" msgstr "" #. type: Content of: <listitem><para> -#: sssd-ldap.5.xml:1233 sssd-ipa.5.xml:379 include/ldap_search_bases.xml:27 +#: sssd-ldap.5.xml:1271 sssd-ipa.5.xml:379 include/ldap_search_bases.xml:27 msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" msgstr "Per defecte: el valor de <emphasis>ldap_search_base</emphasis>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1240 +#: sssd-ldap.5.xml:1278 msgid "ldap_host_ssh_public_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1243 +#: sssd-ldap.5.xml:1281 msgid "The LDAP attribute that contains the host's SSH public keys." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1253 +#: sssd-ldap.5.xml:1291 msgid "ldap_host_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1256 +#: sssd-ldap.5.xml:1294 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP host object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1266 +#: sssd-ldap.5.xml:1304 msgid "ldap_service_object_class (string)" msgstr "ldap_service_object_class (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1269 +#: sssd-ldap.5.xml:1307 msgid "The object class of a service entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1278 +#: sssd-ldap.5.xml:1316 msgid "ldap_service_name (string)" msgstr "ldap_service_name (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1281 +#: sssd-ldap.5.xml:1319 msgid "" "The LDAP attribute that contains the name of service attributes and their " "aliases." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1291 +#: sssd-ldap.5.xml:1329 msgid "ldap_service_port (string)" msgstr "ldap_service_port (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1294 +#: sssd-ldap.5.xml:1332 msgid "The LDAP attribute that contains the port managed by this service." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1298 +#: sssd-ldap.5.xml:1336 msgid "Default: ipServicePort" msgstr "Per defecte: ipServicePort" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1304 +#: sssd-ldap.5.xml:1342 msgid "ldap_service_proto (string)" msgstr "ldap_service_proto (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1307 +#: sssd-ldap.5.xml:1345 msgid "" "The LDAP attribute that contains the protocols understood by this service." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1311 +#: sssd-ldap.5.xml:1349 msgid "Default: ipServiceProtocol" msgstr "Per defecte: ipServiceProtocol" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1317 +#: sssd-ldap.5.xml:1355 msgid "ldap_service_search_base (string)" msgstr "ldap_service_search_base (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1322 +#: sssd-ldap.5.xml:1360 msgid "ldap_search_timeout (integer)" msgstr "ldap_search_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1325 +#: sssd-ldap.5.xml:1363 msgid "" "Specifies the timeout (in seconds) that ldap searches are allowed to run " "before they are cancelled and cached results are returned (and offline mode " @@ -6036,7 +6247,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1331 +#: sssd-ldap.5.xml:1369 msgid "" "Note: this option is subject to change in future versions of the SSSD. It " "will likely be replaced at some point by a series of timeouts for specific " @@ -6044,12 +6255,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1343 +#: sssd-ldap.5.xml:1381 msgid "ldap_enumeration_search_timeout (integer)" msgstr "ldap_enumeration_search_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1346 +#: sssd-ldap.5.xml:1384 msgid "" "Specifies the timeout (in seconds) that ldap searches for user and group " "enumerations are allowed to run before they are cancelled and cached results " @@ -6057,12 +6268,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1359 +#: sssd-ldap.5.xml:1397 msgid "ldap_network_timeout (integer)" msgstr "ldap_network_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1362 +#: sssd-ldap.5.xml:1400 msgid "" "Specifies the timeout (in seconds) after which the <citerefentry> " "<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" @@ -6079,12 +6290,12 @@ msgstr "" "manvolnum></citerefentry> retorna en cas de cap activitat." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1385 +#: sssd-ldap.5.xml:1423 msgid "ldap_opt_timeout (integer)" msgstr "ldap_opt_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1388 +#: sssd-ldap.5.xml:1426 msgid "" "Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " "will abort if no response is received. Also controls the timeout when " @@ -6093,12 +6304,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1403 +#: sssd-ldap.5.xml:1441 msgid "ldap_connection_expire_timeout (integer)" msgstr "ldap_connection_expire_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1406 +#: sssd-ldap.5.xml:1444 msgid "" "Specifies a timeout (in seconds) that a connection to an LDAP server will be " "maintained. After this time, the connection will be re-established. If used " @@ -6107,34 +6318,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1414 sssd-ldap.5.xml:2503 +#: sssd-ldap.5.xml:1452 sssd-ldap.5.xml:2572 msgid "Default: 900 (15 minutes)" msgstr "Per defecte: 900 (15 minuts)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1420 +#: sssd-ldap.5.xml:1458 msgid "ldap_page_size (integer)" msgstr "ldap_page_size (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1423 +#: sssd-ldap.5.xml:1461 msgid "" "Specify the number of records to retrieve from LDAP in a single request. " "Some LDAP servers enforce a maximum limit per-request." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1428 +#: sssd-ldap.5.xml:1466 msgid "Default: 1000" msgstr "Per defecte: 1000" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1434 +#: sssd-ldap.5.xml:1472 msgid "ldap_disable_paging (boolean)" msgstr "ldap_disable_paging (booleà)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1437 +#: sssd-ldap.5.xml:1475 msgid "" "Disable the LDAP paging control. This option should be used if the LDAP " "server reports that it supports the LDAP paging control in its RootDSE but " @@ -6142,14 +6353,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1443 +#: sssd-ldap.5.xml:1481 msgid "" "Example: OpenLDAP servers with the paging control module installed on the " "server but not enabled will report it in the RootDSE but be unable to use it." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1449 +#: sssd-ldap.5.xml:1487 msgid "" "Example: 389 DS has a bug where it can only support a one paging control at " "a time on a single connection. On busy clients, this can result in some " @@ -6157,17 +6368,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1461 +#: sssd-ldap.5.xml:1499 msgid "ldap_disable_range_retrieval (boolean)" msgstr "ldap_disable_range_retrieval (booleà)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1464 +#: sssd-ldap.5.xml:1502 msgid "Disable Active Directory range retrieval." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1467 +#: sssd-ldap.5.xml:1505 msgid "" "Active Directory limits the number of members to be retrieved in a single " "lookup using the MaxValRange policy (which defaults to 1500 members). If a " @@ -6177,12 +6388,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1482 +#: sssd-ldap.5.xml:1520 msgid "ldap_sasl_minssf (integer)" msgstr "ldap_sasl_minssf (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1485 +#: sssd-ldap.5.xml:1523 msgid "" "When communicating with an LDAP server using SASL, specify the minimum " "security level necessary to establish the connection. The values of this " @@ -6190,17 +6401,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1491 +#: sssd-ldap.5.xml:1529 msgid "Default: Use the system default (usually specified by ldap.conf)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1498 +#: sssd-ldap.5.xml:1536 msgid "ldap_deref_threshold (integer)" msgstr "ldap_deref_threshold (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1501 +#: sssd-ldap.5.xml:1539 msgid "" "Specify the number of group members that must be missing from the internal " "cache in order to trigger a dereference lookup. If less members are missing, " @@ -6208,13 +6419,18 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1507 +#: sssd-ldap.5.xml:1545 msgid "" -"You can turn off dereference lookups completely by setting the value to 0." +"You can turn off dereference lookups completely by setting the value to 0. " +"Please note that there are some codepaths in SSSD, like the IPA HBAC " +"provider, that are only implemented using the dereference call, so even with " +"dereference explicitly disabled, those parts will still use dereference if " +"the server supports it and advertises the dereference control in the rootDSE " +"object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1511 +#: sssd-ldap.5.xml:1556 msgid "" "A dereference lookup is a means of fetching all group members in a single " "LDAP call. Different LDAP servers may implement different dereference " @@ -6223,7 +6439,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1519 +#: sssd-ldap.5.xml:1564 msgid "" "<emphasis>Note:</emphasis> If any of the search bases specifies a search " "filter, then the dereference lookup performance enhancement will be disabled " @@ -6231,12 +6447,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1532 +#: sssd-ldap.5.xml:1577 msgid "ldap_tls_reqcert (string)" msgstr "ldap_tls_reqcert (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1535 +#: sssd-ldap.5.xml:1580 msgid "" "Specifies what checks to perform on server certificates in a TLS session, if " "any. It can be specified as one of the following values:" @@ -6246,7 +6462,7 @@ msgstr "" "valors següents:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1541 +#: sssd-ldap.5.xml:1586 msgid "" "<emphasis>never</emphasis> = The client will not request or check any server " "certificate." @@ -6255,7 +6471,7 @@ msgstr "" "certificat del servidor." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1545 +#: sssd-ldap.5.xml:1590 msgid "" "<emphasis>allow</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -6267,7 +6483,7 @@ msgstr "" "normalment." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1552 +#: sssd-ldap.5.xml:1597 msgid "" "<emphasis>try</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -6278,7 +6494,7 @@ msgstr "" "proporciona un certificat dolent, immediatament s'acaba la sessió." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1558 +#: sssd-ldap.5.xml:1603 msgid "" "<emphasis>demand</emphasis> = The server certificate is requested. If no " "certificate is provided, or a bad certificate is provided, the session is " @@ -6289,22 +6505,22 @@ msgstr "" "immediatament s'acaba la sessió." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1564 +#: sssd-ldap.5.xml:1609 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" msgstr "<emphasis>hard</emphasis> = Igual que <quote>demand</quote>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1568 +#: sssd-ldap.5.xml:1613 msgid "Default: hard" msgstr "Per defecte: hard" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1574 +#: sssd-ldap.5.xml:1619 msgid "ldap_tls_cacert (string)" msgstr "ldap_tls_cacert (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1577 +#: sssd-ldap.5.xml:1622 msgid "" "Specifies the file that contains certificates for all of the Certificate " "Authorities that <command>sssd</command> will recognize." @@ -6313,7 +6529,7 @@ msgstr "" "Certificació que reconeixerà l'<command>sssd</command>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1582 sssd-ldap.5.xml:1600 sssd-ldap.5.xml:1641 +#: sssd-ldap.5.xml:1627 sssd-ldap.5.xml:1645 sssd-ldap.5.xml:1686 msgid "" "Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." "conf</filename>" @@ -6322,12 +6538,12 @@ msgstr "" "<filename>/etc/openldap/ldap.conf</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1589 +#: sssd-ldap.5.xml:1634 msgid "ldap_tls_cacertdir (string)" msgstr "ldap_tls_cacertdir (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1592 +#: sssd-ldap.5.xml:1637 msgid "" "Specifies the path of a directory that contains Certificate Authority " "certificates in separate individual files. Typically the file names need to " @@ -6341,32 +6557,32 @@ msgstr "" "correctes." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1607 +#: sssd-ldap.5.xml:1652 msgid "ldap_tls_cert (string)" msgstr "ldap_tls_cert (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1610 +#: sssd-ldap.5.xml:1655 msgid "Specifies the file that contains the certificate for the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1620 +#: sssd-ldap.5.xml:1665 msgid "ldap_tls_key (string)" msgstr "ldap_tls_key (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1623 +#: sssd-ldap.5.xml:1668 msgid "Specifies the file that contains the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1632 +#: sssd-ldap.5.xml:1677 msgid "ldap_tls_cipher_suite (string)" msgstr "ldap_tls_cipher_suite (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1635 +#: sssd-ldap.5.xml:1680 msgid "" "Specifies acceptable cipher suites. Typically this is a colon separated " "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " @@ -6374,12 +6590,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1648 +#: sssd-ldap.5.xml:1693 msgid "ldap_id_use_start_tls (boolean)" msgstr "ldap_id_use_start_tls (booleà)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1651 +#: sssd-ldap.5.xml:1696 msgid "" "Specifies that the id_provider connection must also use <systemitem class=" "\"protocol\">tls</systemitem> to protect the channel." @@ -6388,12 +6604,12 @@ msgstr "" "class=\"protocol\">tls</systemitem> per a protegir el canal." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1661 +#: sssd-ldap.5.xml:1706 msgid "ldap_id_mapping (boolean)" msgstr "ldap_id_mapping (booleà)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1664 +#: sssd-ldap.5.xml:1709 msgid "" "Specifies that SSSD should attempt to map user and group IDs from the " "ldap_user_objectsid and ldap_group_objectsid attributes instead of relying " @@ -6401,17 +6617,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1670 +#: sssd-ldap.5.xml:1715 msgid "Currently this feature supports only ActiveDirectory objectSID mapping." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1680 +#: sssd-ldap.5.xml:1725 msgid "ldap_min_id, ldap_max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1683 +#: sssd-ldap.5.xml:1728 msgid "" "In contrast to the SID based ID mapping which is used if ldap_id_mapping is " "set to true the allowed ID range for ldap_user_uid_number and " @@ -6422,31 +6638,46 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1695 +#: sssd-ldap.5.xml:1740 msgid "Default: not set (both options are set to 0)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1701 +#: sssd-ldap.5.xml:1746 msgid "ldap_sasl_mech (string)" msgstr "ldap_sasl_mech (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1704 +#: sssd-ldap.5.xml:1749 +#, fuzzy +#| msgid "" +#| "Specify the SASL mechanism to use. Currently only GSSAPI is tested and " +#| "supported." msgid "" -"Specify the SASL mechanism to use. Currently only GSSAPI is tested and " -"supported." +"Specify the SASL mechanism to use. Currently only GSSAPI and GSS-SPNEGO are " +"tested and supported." msgstr "" "Especifica el mecanisme SASL a utilitzar. Actualment només GSSAPI és provat " "i suportat." +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1753 +msgid "" +"If the backend supports sub-domains the value of ldap_sasl_mech is " +"automatically inherited to the sub-domains. If a different value is needed " +"for a sub-domain it can be overwritten by setting ldap_sasl_mech for this " +"sub-domain explicitly. Please see TRUSTED DOMAIN SECTION in " +"<citerefentry><refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" +"manvolnum></citerefentry> for details." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1714 +#: sssd-ldap.5.xml:1769 msgid "ldap_sasl_authid (string)" msgstr "ldap_sasl_authid (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ldap.5.xml:1725 +#: sssd-ldap.5.xml:1781 #, no-wrap msgid "" "hostname@REALM\n" @@ -6459,29 +6690,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1717 +#: sssd-ldap.5.xml:1772 msgid "" -"Specify the SASL authorization id to use. When GSSAPI is used, this " -"represents the Kerberos principal used for authentication to the directory. " -"This option can either contain the full principal (for example host/" -"myhost@EXAMPLE.COM) or just the principal name (for example host/myhost). By " -"default, the value is not set and the following principals are used: " -"<placeholder type=\"programlisting\" id=\"0\"/> If none of them are found, " -"the first principal in keytab is returned." +"Specify the SASL authorization id to use. When GSSAPI/GSS-SPNEGO are used, " +"this represents the Kerberos principal used for authentication to the " +"directory. This option can either contain the full principal (for example " +"host/myhost@EXAMPLE.COM) or just the principal name (for example host/" +"myhost). By default, the value is not set and the following principals are " +"used: <placeholder type=\"programlisting\" id=\"0\"/> If none of them are " +"found, the first principal in keytab is returned." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1736 +#: sssd-ldap.5.xml:1792 msgid "Default: host/hostname@REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1742 +#: sssd-ldap.5.xml:1798 msgid "ldap_sasl_realm (string)" msgstr "ldap_sasl_realm (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1745 +#: sssd-ldap.5.xml:1801 msgid "" "Specify the SASL realm to use. When not specified, this option defaults to " "the value of krb5_realm. If the ldap_sasl_authid contains the realm as " @@ -6489,82 +6720,92 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1751 +#: sssd-ldap.5.xml:1807 msgid "Default: the value of krb5_realm." msgstr "Per defecte: el valor de krb5_realm." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1757 +#: sssd-ldap.5.xml:1813 msgid "ldap_sasl_canonicalize (boolean)" msgstr "ldap_sasl_canonicalize (booleà)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1760 +#: sssd-ldap.5.xml:1816 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1765 +#: sssd-ldap.5.xml:1821 msgid "Default: false;" msgstr "Per defecte: false;" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1771 +#: sssd-ldap.5.xml:1827 msgid "ldap_krb5_keytab (string)" msgstr "ldap_krb5_keytab (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1774 -msgid "Specify the keytab to use when using SASL/GSSAPI." +#: sssd-ldap.5.xml:1830 +#, fuzzy +#| msgid "Specify the keytab to use when using SASL/GSSAPI." +msgid "Specify the keytab to use when using SASL/GSSAPI/GSS-SPNEGO." msgstr "Especifica el fitxer keytab a utilitzar quan s'utilitza SASL/GSSAPI." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1777 +#: sssd-ldap.5.xml:1834 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" "Per defecte: Fitxer keytab de sistema, normalment <filename>/etc/krb5." "keytab</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1783 +#: sssd-ldap.5.xml:1840 msgid "ldap_krb5_init_creds (boolean)" msgstr "ldap_krb5_init_creds (booleà)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1786 +#: sssd-ldap.5.xml:1843 +#, fuzzy +#| msgid "" +#| "Specifies that the id_provider should init Kerberos credentials (TGT). " +#| "This action is performed only if SASL is used and the mechanism selected " +#| "is GSSAPI." msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " -"GSSAPI." +"GSSAPI or GSS-SPNEGO." msgstr "" "Especifica que id_provider ha d'iniciar les credencials del Kerberos (TGT). " "Aquesta acció únicament es realitza si s'utilitza SASL i el mecanisme " "seleccionat és GSSAPI." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1798 +#: sssd-ldap.5.xml:1855 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "ldap_krb5_ticket_lifetime (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1801 -msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." +#: sssd-ldap.5.xml:1858 +#, fuzzy +#| msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." +msgid "" +"Specifies the lifetime in seconds of the TGT if GSSAPI or GSS-SPNEGO is used." msgstr "Especifica el temps de vida en segons de la TGT si s'utilitza GSSAPI." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1805 sssd-ad.5.xml:959 +#: sssd-ldap.5.xml:1862 sssd-ad.5.xml:978 msgid "Default: 86400 (24 hours)" msgstr "Per defecte: 86400 (24 hores)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1811 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:1868 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "krb5_server, krb5_backup_server (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1814 +#: sssd-ldap.5.xml:1871 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of preference. " @@ -6576,7 +6817,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1826 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:1883 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -6587,7 +6828,7 @@ msgstr "" "retorna a _tcp si no se'n troba cap." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1831 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1888 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " @@ -6599,41 +6840,43 @@ msgstr "" "<quote>krb5_server</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1840 sssd-ipa.5.xml:443 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1897 sssd-ipa.5.xml:443 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "krb5_realm (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1843 -msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." +#: sssd-ldap.5.xml:1900 +#, fuzzy +#| msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." +msgid "Specify the Kerberos REALM (for SASL/GSSAPI/GSS-SPNEGO auth)." msgstr "Especifica l'àmbit KERBEROS (per a l'autenticació SASL/GSSAPI)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1846 +#: sssd-ldap.5.xml:1904 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" "Per defecte: Paràmetres predeterminats del sistema, vegeu <filename>/etc/" "krb5.conf</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1852 sssd-krb5.5.xml:462 +#: sssd-ldap.5.xml:1910 sssd-krb5.5.xml:462 msgid "krb5_canonicalize (boolean)" msgstr "krb5_canonicalize (booleà)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1855 +#: sssd-ldap.5.xml:1913 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1867 sssd-krb5.5.xml:477 +#: sssd-ldap.5.xml:1925 sssd-krb5.5.xml:477 msgid "krb5_use_kdcinfo (boolean)" msgstr "krb5_use_kdcinfo (booleà)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1870 sssd-krb5.5.xml:480 +#: sssd-ldap.5.xml:1928 sssd-krb5.5.xml:480 msgid "" "Specifies if the SSSD should instruct the Kerberos libraries what realm and " "which KDCs to use. This option is on by default, if you disable it, you need " @@ -6643,7 +6886,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1881 sssd-krb5.5.xml:491 +#: sssd-ldap.5.xml:1939 sssd-krb5.5.xml:491 msgid "" "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more " @@ -6651,12 +6894,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1895 +#: sssd-ldap.5.xml:1953 msgid "ldap_pwd_policy (string)" msgstr "ldap_pwd_policy (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1898 +#: sssd-ldap.5.xml:1956 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" @@ -6665,7 +6908,7 @@ msgstr "" "costat del client. S'admeten els valors següents:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1903 +#: sssd-ldap.5.xml:1961 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." @@ -6674,7 +6917,7 @@ msgstr "" "opció no inhabilita les polítiques de contrasenya de servidor." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1908 +#: sssd-ldap.5.xml:1966 msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " @@ -6682,7 +6925,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1914 +#: sssd-ldap.5.xml:1972 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " @@ -6694,25 +6937,25 @@ msgstr "" "contrasenya." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1923 +#: sssd-ldap.5.xml:1981 msgid "" "<emphasis>Note</emphasis>: if a password policy is configured on server " "side, it always takes precedence over policy set with this option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1931 +#: sssd-ldap.5.xml:1989 msgid "ldap_referrals (boolean)" msgstr "ldap_referrals (booleà)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1934 +#: sssd-ldap.5.xml:1992 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "" "Especifica si el seguiment automàtic del referenciador s'hauria d'habilitar." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1938 +#: sssd-ldap.5.xml:1996 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." @@ -6721,7 +6964,7 @@ msgstr "" "quan es compila amb la versió 2.4.13 o superiors d'OpenLDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1943 +#: sssd-ldap.5.xml:2001 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " @@ -6730,29 +6973,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1957 +#: sssd-ldap.5.xml:2015 msgid "ldap_dns_service_name (string)" msgstr "ldap_dns_service_name (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1960 +#: sssd-ldap.5.xml:2018 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" "Especifica el nom de servei per utilitzar quan està habilitada la detecció " "de serveis." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1964 +#: sssd-ldap.5.xml:2022 msgid "Default: ldap" msgstr "Per defecte: ldap" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1970 +#: sssd-ldap.5.xml:2028 msgid "ldap_chpass_dns_service_name (string)" msgstr "ldap_chpass_dns_service_name (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1973 +#: sssd-ldap.5.xml:2031 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." @@ -6762,30 +7005,30 @@ msgstr "" "dels serveis." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1978 +#: sssd-ldap.5.xml:2036 msgid "Default: not set, i.e. service discovery is disabled" msgstr "" "Defecte: no definit, és a dir, el descobriment de serveis està inhabilitat" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1984 +#: sssd-ldap.5.xml:2042 msgid "ldap_chpass_update_last_change (bool)" msgstr "ldap_chpass_update_last_change (booleà)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1987 +#: sssd-ldap.5.xml:2045 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1999 +#: sssd-ldap.5.xml:2057 msgid "ldap_access_filter (string)" msgstr "ldap_access_filter (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2002 +#: sssd-ldap.5.xml:2060 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -6801,12 +7044,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2022 +#: sssd-ldap.5.xml:2080 msgid "Example:" msgstr "Exemple:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:2025 +#: sssd-ldap.5.xml:2083 #, no-wrap msgid "" "access_provider = ldap\n" @@ -6815,14 +7058,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2029 +#: sssd-ldap.5.xml:2087 msgid "" "This example means that access to this host is restricted to users whose " "employeeType attribute is set to \"admin\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2034 +#: sssd-ldap.5.xml:2092 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -6831,17 +7074,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2042 sssd-ldap.5.xml:2099 +#: sssd-ldap.5.xml:2100 sssd-ldap.5.xml:2157 msgid "Default: Empty" msgstr "Per defecte: Buit" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2048 +#: sssd-ldap.5.xml:2106 msgid "ldap_account_expire_policy (string)" msgstr "ldap_account_expire_policy (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2051 +#: sssd-ldap.5.xml:2109 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." @@ -6850,7 +7093,7 @@ msgstr "" "d'atributs de control d'accés." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2055 +#: sssd-ldap.5.xml:2113 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -6862,12 +7105,12 @@ msgstr "" "contrasenya és correcta." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2062 +#: sssd-ldap.5.xml:2120 msgid "The following values are allowed:" msgstr "S'admeten els valors següents:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2065 +#: sssd-ldap.5.xml:2123 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." @@ -6876,7 +7119,7 @@ msgstr "" "determinar si el compte ha caducat." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2070 +#: sssd-ldap.5.xml:2128 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -6885,7 +7128,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2077 +#: sssd-ldap.5.xml:2135 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " @@ -6893,7 +7136,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2083 +#: sssd-ldap.5.xml:2141 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -6902,7 +7145,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2092 +#: sssd-ldap.5.xml:2150 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>expire</quote> in order for the " @@ -6910,24 +7153,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2105 +#: sssd-ldap.5.xml:2163 msgid "ldap_access_order (string)" msgstr "ldap_access_order (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2108 +#: sssd-ldap.5.xml:2166 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" "Llista separada per comes d'opcions de control d'accés. Els valors permesos " "són:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2112 +#: sssd-ldap.5.xml:2170 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "<emphasis>filter</emphasis>: utilitza ldap_access_filter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2115 +#: sssd-ldap.5.xml:2173 msgid "" "<emphasis>lockout</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -6937,14 +7180,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2125 +#: sssd-ldap.5.xml:2183 msgid "" "<emphasis> Please note that this option is superseded by the <quote>ppolicy</" "quote> option and might be removed in a future release. </emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2132 +#: sssd-ldap.5.xml:2190 msgid "" "<emphasis>ppolicy</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -6957,12 +7200,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2149 +#: sssd-ldap.5.xml:2207 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "<emphasis>expire</emphasis>: utilitza ldap_account_expire_policy" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2153 +#: sssd-ldap.5.xml:2211 msgid "" "<emphasis>pwd_expire_policy_reject, pwd_expire_policy_warn, " "pwd_expire_policy_renew: </emphasis> These options are useful if users are " @@ -6972,7 +7215,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2163 +#: sssd-ldap.5.xml:2221 msgid "" "The difference between these options is the action taken if user password is " "expired: pwd_expire_policy_reject - user is denied to log in, " @@ -6982,20 +7225,20 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2171 +#: sssd-ldap.5.xml:2229 msgid "" "Note If user password is expired no explicit message is prompted by SSSD." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2175 +#: sssd-ldap.5.xml:2233 msgid "" "Please note that 'access_provider = ldap' must be set for this feature to " "work. Also 'ldap_pwd_policy' must be set to an appropriate password policy." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2180 +#: sssd-ldap.5.xml:2238 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" @@ -7004,31 +7247,31 @@ msgstr "" "authorizedService per determinar l'accés" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2185 +#: sssd-ldap.5.xml:2243 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2189 +#: sssd-ldap.5.xml:2247 msgid "" "<emphasis>rhost</emphasis>: use the rhost attribute to determine whether " "remote host can access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2193 +#: sssd-ldap.5.xml:2251 msgid "" "Please note, rhost field in pam is set by application, it is better to check " "what the application sends to pam, before enabling this access control option" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2198 +#: sssd-ldap.5.xml:2256 msgid "Default: filter" msgstr "Per defecte: filter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2201 +#: sssd-ldap.5.xml:2259 msgid "" "Please note that it is a configuration error if a value is used more than " "once." @@ -7037,12 +7280,12 @@ msgstr "" "s'utilitza més d'una vegada." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2208 +#: sssd-ldap.5.xml:2266 msgid "ldap_pwdlockout_dn (string)" msgstr "ldap_pwdlockout_dn (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2211 +#: sssd-ldap.5.xml:2269 msgid "" "This option specifies the DN of password policy entry on LDAP server. Please " "note that absence of this option in sssd.conf in case of enabled account " @@ -7051,22 +7294,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2219 +#: sssd-ldap.5.xml:2277 msgid "Example: cn=ppolicy,ou=policies,dc=example,dc=com" msgstr "Exemple: cn=ppolicy,ou=policies,dc=exemple,dc=com" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2222 +#: sssd-ldap.5.xml:2280 msgid "Default: cn=ppolicy,ou=policies,$ldap_search_base" msgstr "Per defecte: cn=ppolicy,ou=policies,$ldap_search_base" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2228 +#: sssd-ldap.5.xml:2286 msgid "ldap_deref (string)" msgstr "ldap_deref (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2231 +#: sssd-ldap.5.xml:2289 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" @@ -7075,13 +7318,13 @@ msgstr "" "es fa una cerca. S'admeten les opcions següents:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2236 +#: sssd-ldap.5.xml:2294 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "" "<emphasis>never</emphasis>: les referències dels àlies mai són eliminades." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2240 +#: sssd-ldap.5.xml:2298 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." @@ -7091,7 +7334,7 @@ msgstr "" "de la cerca." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2245 +#: sssd-ldap.5.xml:2303 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." @@ -7100,7 +7343,7 @@ msgstr "" "només en localitzar l'objecte base de la cerca." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2250 +#: sssd-ldap.5.xml:2308 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." @@ -7109,7 +7352,7 @@ msgstr "" "en la recerca i en la localització de l'objecte base de la cerca." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2255 +#: sssd-ldap.5.xml:2313 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" @@ -7118,19 +7361,19 @@ msgstr "" "biblioteques de client LDAP)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2263 +#: sssd-ldap.5.xml:2321 msgid "ldap_rfc2307_fallback_to_local_users (boolean)" msgstr "ldap_rfc2307_fallback_to_local_users (booleà)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2266 +#: sssd-ldap.5.xml:2324 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2270 +#: sssd-ldap.5.xml:2328 msgid "" "In some environments where the RFC2307 schema is used, local users are made " "members of LDAP groups by adding their names to the memberUid attribute. " @@ -7141,7 +7384,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2281 +#: sssd-ldap.5.xml:2339 msgid "" "This option falls back to checking if local users are referenced, and caches " "them so that later initgroups() calls will augment the local users with the " @@ -7149,24 +7392,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2293 sssd-ifp.5.xml:136 +#: sssd-ldap.5.xml:2351 sssd-ifp.5.xml:136 msgid "wildcard_limit (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2296 +#: sssd-ldap.5.xml:2354 msgid "" "Specifies an upper limit on the number of entries that are downloaded during " "a wildcard lookup." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2300 +#: sssd-ldap.5.xml:2358 msgid "At the moment, only the InfoPipe responder supports wildcard lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2304 +#: sssd-ldap.5.xml:2362 msgid "Default: 1000 (often the size of one page)" msgstr "" @@ -7187,12 +7430,12 @@ msgstr "" "\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2314 +#: sssd-ldap.5.xml:2372 msgid "SUDO OPTIONS" msgstr "OPCIONS DE SUDO" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2316 +#: sssd-ldap.5.xml:2374 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -7200,317 +7443,327 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2327 +#: sssd-ldap.5.xml:2385 msgid "ldap_sudorule_object_class (string)" msgstr "ldap_sudorule_object_class (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2330 +#: sssd-ldap.5.xml:2388 msgid "The object class of a sudo rule entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2333 +#: sssd-ldap.5.xml:2391 msgid "Default: sudoRole" msgstr "Per defecte: sudoRole" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2339 +#: sssd-ldap.5.xml:2397 msgid "ldap_sudorule_name (string)" msgstr "ldap_sudorule_name (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2342 +#: sssd-ldap.5.xml:2400 msgid "The LDAP attribute that corresponds to the sudo rule name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2352 +#: sssd-ldap.5.xml:2410 msgid "ldap_sudorule_command (string)" msgstr "ldap_sudorule_command (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2355 +#: sssd-ldap.5.xml:2413 msgid "The LDAP attribute that corresponds to the command name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2359 +#: sssd-ldap.5.xml:2417 msgid "Default: sudoCommand" msgstr "Per defecte: sudoCommand" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2365 +#: sssd-ldap.5.xml:2423 msgid "ldap_sudorule_host (string)" msgstr "ldap_sudorule_host (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2368 +#: sssd-ldap.5.xml:2426 msgid "" "The LDAP attribute that corresponds to the host name (or host IP address, " "host IP network, or host netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2373 +#: sssd-ldap.5.xml:2431 msgid "Default: sudoHost" msgstr "Per defecte: sudoHost" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2379 +#: sssd-ldap.5.xml:2437 msgid "ldap_sudorule_user (string)" msgstr "ldap_sudorule_user (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2382 +#: sssd-ldap.5.xml:2440 msgid "" "The LDAP attribute that corresponds to the user name (or UID, group name or " "user's netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2386 +#: sssd-ldap.5.xml:2444 msgid "Default: sudoUser" msgstr "Per defecte: sudoUser" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2392 +#: sssd-ldap.5.xml:2450 msgid "ldap_sudorule_option (string)" msgstr "ldap_sudorule_option (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2395 +#: sssd-ldap.5.xml:2453 msgid "The LDAP attribute that corresponds to the sudo options." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2399 +#: sssd-ldap.5.xml:2457 msgid "Default: sudoOption" msgstr "Per defecte: sudoOption" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2405 +#: sssd-ldap.5.xml:2463 msgid "ldap_sudorule_runasuser (string)" msgstr "ldap_sudorule_runasuser (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2408 +#: sssd-ldap.5.xml:2466 msgid "" "The LDAP attribute that corresponds to the user name that commands may be " "run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2412 +#: sssd-ldap.5.xml:2470 msgid "Default: sudoRunAsUser" msgstr "Per defecte: sudoRunAsUser" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2418 +#: sssd-ldap.5.xml:2476 msgid "ldap_sudorule_runasgroup (string)" msgstr "ldap_sudorule_runasgroup (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2421 +#: sssd-ldap.5.xml:2479 msgid "" "The LDAP attribute that corresponds to the group name or group GID that " "commands may be run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2425 +#: sssd-ldap.5.xml:2483 msgid "Default: sudoRunAsGroup" msgstr "Per defecte: sudoRunAsGroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2431 +#: sssd-ldap.5.xml:2489 msgid "ldap_sudorule_notbefore (string)" msgstr "ldap_sudorule_notbefore (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2434 +#: sssd-ldap.5.xml:2492 msgid "" "The LDAP attribute that corresponds to the start date/time for when the sudo " "rule is valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2438 +#: sssd-ldap.5.xml:2496 msgid "Default: sudoNotBefore" msgstr "Per defecte: sudoNotBefore" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2444 +#: sssd-ldap.5.xml:2502 msgid "ldap_sudorule_notafter (string)" msgstr "ldap_sudorule_notafter (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2447 +#: sssd-ldap.5.xml:2505 msgid "" "The LDAP attribute that corresponds to the expiration date/time, after which " "the sudo rule will no longer be valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2452 +#: sssd-ldap.5.xml:2510 msgid "Default: sudoNotAfter" msgstr "Per defecte: sudoNotAfter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2458 +#: sssd-ldap.5.xml:2516 msgid "ldap_sudorule_order (string)" msgstr "ldap_sudorule_order (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2461 +#: sssd-ldap.5.xml:2519 msgid "The LDAP attribute that corresponds to the ordering index of the rule." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2465 +#: sssd-ldap.5.xml:2523 msgid "Default: sudoOrder" msgstr "Per defecte: sudoOrder" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2471 +#: sssd-ldap.5.xml:2529 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "ldap_sudo_full_refresh_interval (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2474 +#: sssd-ldap.5.xml:2532 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2479 +#: sssd-ldap.5.xml:2537 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </" "emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2484 +#: sssd-ldap.5.xml:2542 msgid "Default: 21600 (6 hours)" msgstr "Per defecte: 21600 (6 hores)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2490 +#: sssd-ldap.5.xml:2548 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "ldap_sudo_smart_refresh_interval (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2493 +#: sssd-ldap.5.xml:2551 msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " -"rules (which downloads all rules that have USN higher than the highest USN " -"of cached rules)." +"rules (which downloads all rules that have USN higher than the highest " +"server USN value that is currently known by SSSD)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2499 +#: sssd-ldap.5.xml:2557 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:2561 +msgid "" +"<emphasis>Note:</emphasis> the highest USN value can be updated by three " +"tasks: 1) By sudo full and smart refresh (if updated rules are found), 2) by " +"enumeration of users and groups (if enabled and updated users or groups are " +"found) and 3) by reconnecting to the server (by default every 15 minutes, " +"see <emphasis>ldap_connection_expire_timeout</emphasis>)." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2509 +#: sssd-ldap.5.xml:2578 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "ldap_sudo_use_host_filter (booleà)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2512 +#: sssd-ldap.5.xml:2581 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2523 +#: sssd-ldap.5.xml:2592 msgid "ldap_sudo_hostnames (string)" msgstr "ldap_sudo_hostnames (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2526 +#: sssd-ldap.5.xml:2595 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2531 +#: sssd-ldap.5.xml:2600 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2536 sssd-ldap.5.xml:2559 sssd-ldap.5.xml:2577 -#: sssd-ldap.5.xml:2595 +#: sssd-ldap.5.xml:2605 sssd-ldap.5.xml:2628 sssd-ldap.5.xml:2646 +#: sssd-ldap.5.xml:2664 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</" "emphasis> then this option has no effect." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2541 sssd-ldap.5.xml:2564 +#: sssd-ldap.5.xml:2610 sssd-ldap.5.xml:2633 msgid "Default: not specified" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2547 +#: sssd-ldap.5.xml:2616 msgid "ldap_sudo_ip (string)" msgstr "ldap_sudo_ip (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2550 +#: sssd-ldap.5.xml:2619 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2555 +#: sssd-ldap.5.xml:2624 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2570 +#: sssd-ldap.5.xml:2639 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "ldap_sudo_include_netgroups (booleà)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2573 +#: sssd-ldap.5.xml:2642 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2588 +#: sssd-ldap.5.xml:2657 msgid "ldap_sudo_include_regexp (boolean)" msgstr "ldap_sudo_include_regexp (booleà)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2591 +#: sssd-ldap.5.xml:2660 msgid "" "If true then SSSD will download every rule that contains a wildcard in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><note><para> -#: sssd-ldap.5.xml:2601 +#: sssd-ldap.5.xml:2670 msgid "" "Using wildcard is an operation that is very costly to evaluate on the LDAP " "server side!" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2613 +#: sssd-ldap.5.xml:2682 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -7519,111 +7772,111 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2623 +#: sssd-ldap.5.xml:2692 msgid "AUTOFS OPTIONS" msgstr "OPCIONS D'AUTOFS" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2625 +#: sssd-ldap.5.xml:2694 msgid "" "Some of the defaults for the parameters below are dependent on the LDAP " "schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2631 +#: sssd-ldap.5.xml:2700 msgid "ldap_autofs_map_master_name (string)" msgstr "ldap_autofs_map_master_name (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2634 +#: sssd-ldap.5.xml:2703 msgid "The name of the automount master map in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2637 +#: sssd-ldap.5.xml:2706 msgid "Default: auto.master" msgstr "Per defecte: auto.master" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2644 +#: sssd-ldap.5.xml:2713 msgid "ldap_autofs_map_object_class (string)" msgstr "ldap_autofs_map_object_class (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2647 +#: sssd-ldap.5.xml:2716 msgid "The object class of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2650 +#: sssd-ldap.5.xml:2719 msgid "Default: nisMap (rfc2307, autofs_provider=ad), otherwise automountMap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2658 +#: sssd-ldap.5.xml:2727 msgid "ldap_autofs_map_name (string)" msgstr "ldap_autofs_map_name (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2661 +#: sssd-ldap.5.xml:2730 msgid "The name of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2664 +#: sssd-ldap.5.xml:2733 msgid "" "Default: nisMapName (rfc2307, autofs_provider=ad), otherwise automountMapName" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2672 +#: sssd-ldap.5.xml:2741 msgid "ldap_autofs_entry_object_class (string)" msgstr "ldap_autofs_entry_object_class (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2675 +#: sssd-ldap.5.xml:2744 msgid "" "The object class of an automount entry in LDAP. The entry usually " "corresponds to a mount point." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2680 +#: sssd-ldap.5.xml:2749 msgid "Default: nisObject (rfc2307, autofs_provider=ad), otherwise automount" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2688 +#: sssd-ldap.5.xml:2757 msgid "ldap_autofs_entry_key (string)" msgstr "ldap_autofs_entry_key (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2691 sssd-ldap.5.xml:2706 +#: sssd-ldap.5.xml:2760 sssd-ldap.5.xml:2775 msgid "" "The key of an automount entry in LDAP. The entry usually corresponds to a " "mount point." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2695 +#: sssd-ldap.5.xml:2764 msgid "Default: cn (rfc2307, autofs_provider=ad), otherwise automountKey" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2703 +#: sssd-ldap.5.xml:2772 msgid "ldap_autofs_entry_value (string)" msgstr "ldap_autofs_entry_value (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2710 +#: sssd-ldap.5.xml:2779 msgid "" "Default: nisMapEntry (rfc2307, autofs_provider=ad), otherwise " "automountInformation" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2629 +#: sssd-ldap.5.xml:2698 msgid "" "<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" "\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " @@ -7632,32 +7885,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2721 +#: sssd-ldap.5.xml:2790 msgid "ADVANCED OPTIONS" msgstr "OPCIONS AVANÇADES" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2728 +#: sssd-ldap.5.xml:2797 msgid "ldap_netgroup_search_base (string)" msgstr "ldap_netgroup_search_base (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2733 +#: sssd-ldap.5.xml:2802 msgid "ldap_user_search_base (string)" msgstr "ldap_user_search_base (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2738 +#: sssd-ldap.5.xml:2807 msgid "ldap_group_search_base (string)" msgstr "ldap_group_search_base (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note> -#: sssd-ldap.5.xml:2743 +#: sssd-ldap.5.xml:2812 msgid "<note>" msgstr "<note>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note><para> -#: sssd-ldap.5.xml:2745 +#: sssd-ldap.5.xml:2814 msgid "" "If the option <quote>ldap_use_tokengroups</quote> is enabled, the searches " "against Active Directory will not be restricted and return all groups " @@ -7666,22 +7919,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist> -#: sssd-ldap.5.xml:2752 +#: sssd-ldap.5.xml:2821 msgid "</note>" msgstr "</note>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2754 +#: sssd-ldap.5.xml:2823 msgid "ldap_sudo_search_base (string)" msgstr "ldap_sudo_search_base (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2759 +#: sssd-ldap.5.xml:2828 msgid "ldap_autofs_search_base (string)" msgstr "ldap_autofs_search_base (cadena)" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2723 +#: sssd-ldap.5.xml:2792 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -7690,14 +7943,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2774 sssd-simple.5.xml:131 sssd-ipa.5.xml:843 -#: sssd-ad.5.xml:1078 sssd-krb5.5.xml:570 sss_rpcidmapd.5.xml:98 +#: sssd-ldap.5.xml:2843 sssd-simple.5.xml:131 sssd-ipa.5.xml:843 +#: sssd-ad.5.xml:1097 sssd-krb5.5.xml:604 sss_rpcidmapd.5.xml:98 #: sssd-files.5.xml:130 sssd-session-recording.5.xml:144 msgid "EXAMPLE" msgstr "EXEMPLE" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2776 +#: sssd-ldap.5.xml:2845 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -7708,7 +7961,7 @@ msgstr "" "replaceable>." #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2782 +#: sssd-ldap.5.xml:2851 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -7721,27 +7974,27 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:2781 sssd-ldap.5.xml:2799 sssd-simple.5.xml:139 -#: sssd-ipa.5.xml:851 sssd-ad.5.xml:1086 sssd-sudo.5.xml:56 sssd-krb5.5.xml:579 +#: sssd-ldap.5.xml:2850 sssd-ldap.5.xml:2868 sssd-simple.5.xml:139 +#: sssd-ipa.5.xml:851 sssd-ad.5.xml:1105 sssd-sudo.5.xml:56 sssd-krb5.5.xml:613 #: sssd-files.5.xml:137 sssd-files.5.xml:148 sssd-session-recording.5.xml:150 #: include/ldap_id_mapping.xml:105 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "<placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2793 +#: sssd-ldap.5.xml:2862 msgid "LDAP ACCESS FILTER EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2795 +#: sssd-ldap.5.xml:2864 msgid "" "The following example assumes that SSSD is correctly configured and to use " "the ldap_access_order=lockout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2800 +#: sssd-ldap.5.xml:2869 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -7757,13 +8010,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2815 sssd_krb5_locator_plugin.8.xml:81 sssd-simple.5.xml:148 -#: sssd-ad.5.xml:1101 sssd.8.xml:257 sss_seed.8.xml:163 +#: sssd-ldap.5.xml:2884 sssd_krb5_locator_plugin.8.xml:83 sssd-simple.5.xml:148 +#: sssd-ad.5.xml:1120 sssd.8.xml:257 sss_seed.8.xml:163 msgid "NOTES" msgstr "NOTES" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2817 +#: sssd-ldap.5.xml:2886 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -8001,17 +8254,15 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: pam_sss.8.xml:211 -#, fuzzy -#| msgid "<option>use_authtok</option>" msgid "<option>try_cert_auth</option>" -msgstr "<option>use_authtok</option>" +msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: pam_sss.8.xml:215 msgid "" "Try to use certificate based authentication, i.e. authentication with a " "Smartcard or similar devices. If a Smartcard is available and the service is " -"allowed for Smartcard authentication the use will be prompted for a PIN and " +"allowed for Smartcard authentication the user will be prompted for a PIN and " "the certificate based authentication will continue" msgstr "" @@ -8024,10 +8275,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: pam_sss.8.xml:231 -#, fuzzy -#| msgid "<option>quiet</option>" msgid "<option>require_cert_auth</option>" -msgstr "<option>quiet</option>" +msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: pam_sss.8.xml:235 @@ -8062,13 +8311,22 @@ msgstr "" "Es proporcionen tots els tipus de mòduls (<option>account</option>, " "<option>auth</option>, <option>password</option> i <option>session</option>)." +#. type: Content of: <reference><refentry><refsect1><para> +#: pam_sss.8.xml:259 +msgid "" +"If SSSD's PAM responder is not running, e.g. if the PAM responder socket is " +"not available, pam_sss will return PAM_USER_UNKNOWN when called as " +"<option>account</option> module to avoid issues with users from other " +"sources during access control." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><title> -#: pam_sss.8.xml:262 +#: pam_sss.8.xml:266 msgid "FILES" msgstr "FITXERS" #. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:263 +#: pam_sss.8.xml:267 msgid "" "If a password reset by root fails, because the corresponding SSSD provider " "does not support password resets, an individual message can be displayed. " @@ -8080,7 +8338,7 @@ msgstr "" "instruccions sobre com es restableix una contrasenya." #. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:268 +#: pam_sss.8.xml:272 msgid "" "The message is read from the file <filename>pam_sss_pw_reset_message.LOC</" "filename> where LOC stands for a locale string returned by <citerefentry> " @@ -8100,7 +8358,7 @@ msgstr "" "únicament han de tenir els permisos de lectura." #. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:278 +#: pam_sss.8.xml:282 msgid "" "These files are searched in the directory <filename>/etc/sssd/customize/" "DOMAIN_NAME/</filename>. If no matching file is present a generic message is " @@ -8153,34 +8411,44 @@ msgstr "" msgid "" "The plugin reads the information about the KDCs of a given realm from a file " "called <filename>kdcinfo.REALM</filename>. The file should contain one or " -"more IP addresses either in dotted-decimal IPv4 notation or the hexadecimal " -"IPv6 notation. An optional port number can be added to the end separated " -"with a colon, the IPv6 address has to be enclosed in squared brackets in " -"this case as usual. Valid entries are:" +"more DNS names or IP addresses either in dotted-decimal IPv4 notation or the " +"hexadecimal IPv6 notation. An optional port number can be added to the end " +"separated with a colon, the IPv6 address has to be enclosed in squared " +"brackets in this case as usual. Valid entries are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> #: sssd_krb5_locator_plugin.8.xml:58 -msgid "1.2.3.4" +msgid "kdc.example.com" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> #: sssd_krb5_locator_plugin.8.xml:59 -msgid "5.6.7.8:99" +msgid "kdc.example.com:321" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> #: sssd_krb5_locator_plugin.8.xml:60 -msgid "2001:db8:85a3::8a2e:370:7334" +msgid "1.2.3.4" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> #: sssd_krb5_locator_plugin.8.xml:61 +msgid "5.6.7.8:99" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd_krb5_locator_plugin.8.xml:62 +msgid "2001:db8:85a3::8a2e:370:7334" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd_krb5_locator_plugin.8.xml:63 msgid "[2001:db8:85a3::8a2e:370:7334]:321" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:63 +#: sssd_krb5_locator_plugin.8.xml:65 msgid "" "SSSD's krb5 auth-provider which is used by the IPA and AD providers as well " "adds the address of the current KDC or domain controller SSSD is using to " @@ -8188,7 +8456,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:68 +#: sssd_krb5_locator_plugin.8.xml:70 msgid "" "In environments with read-only and read-write KDCs where clients are " "expected to use the read-only instances for the general operations and only " @@ -8201,7 +8469,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:83 +#: sssd_krb5_locator_plugin.8.xml:85 msgid "" "Not all Kerberos implementations support the use of plugins. If " "<command>sssd_krb5_locator_plugin</command> is not available on your system " @@ -8213,20 +8481,29 @@ msgstr "" "del Kerberos." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:89 +#: sssd_krb5_locator_plugin.8.xml:91 msgid "" "If the environment variable SSSD_KRB5_LOCATOR_DEBUG is set to any value " "debug messages will be sent to stderr." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:93 +#: sssd_krb5_locator_plugin.8.xml:95 msgid "" "If the environment variable SSSD_KRB5_LOCATOR_DISABLE is set to any value " "the plugin is disabled and will just return KRB5_PLUGIN_NO_HANDLE to the " "caller." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:100 +msgid "" +"If the environment variable SSSD_KRB5_LOCATOR_IGNORE_DNS_FAILURES is set to " +"any value plugin will try to resolve all DNS names in kdcinfo file. By " +"default plugin returns KRB5_PLUGIN_NO_HANDLE to the caller immediately on " +"first DNS resolving failure." +msgstr "" + #. type: Content of: <reference><refentry><refnamediv><refname> #: sssd-simple.5.xml:10 sssd-simple.5.xml:16 msgid "sssd-simple" @@ -9383,7 +9660,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:128 sssd-ad.5.xml:888 +#: sssd-ipa.5.xml:128 sssd-ad.5.xml:907 msgid "dyndns_update (boolean)" msgstr "dyndns_update (booleà)" @@ -9398,7 +9675,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:140 sssd-ad.5.xml:902 +#: sssd-ipa.5.xml:140 sssd-ad.5.xml:921 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" @@ -9413,12 +9690,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:157 sssd-ad.5.xml:913 +#: sssd-ipa.5.xml:157 sssd-ad.5.xml:932 msgid "dyndns_ttl (integer)" msgstr "dyndns_ttl (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:160 sssd-ad.5.xml:916 +#: sssd-ipa.5.xml:160 sssd-ad.5.xml:935 msgid "" "The TTL to apply to the client DNS record when updating it. If " "dyndns_update is false this has no effect. This will override the TTL " @@ -9439,12 +9716,12 @@ msgid "Default: 1200 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:177 sssd-ad.5.xml:927 +#: sssd-ipa.5.xml:177 sssd-ad.5.xml:946 msgid "dyndns_iface (string)" msgstr "dyndns_iface (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:180 sssd-ad.5.xml:930 +#: sssd-ipa.5.xml:180 sssd-ad.5.xml:949 msgid "" "Optional. Applicable only when dyndns_update is true. Choose the interface " "or a list of interfaces whose IP addresses should be used for dynamic DNS " @@ -9468,17 +9745,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:197 sssd-ad.5.xml:941 +#: sssd-ipa.5.xml:197 sssd-ad.5.xml:960 msgid "Example: dyndns_iface = em1, vnet1, vnet2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:203 sssd-ad.5.xml:992 +#: sssd-ipa.5.xml:203 sssd-ad.5.xml:1011 msgid "dyndns_auth (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:206 sssd-ad.5.xml:995 +#: sssd-ipa.5.xml:206 sssd-ad.5.xml:1014 msgid "" "Whether the nsupdate utility should use GSS-TSIG authentication for secure " "updates with the DNS server, insecure updates can be sent by setting this " @@ -9486,7 +9763,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:212 sssd-ad.5.xml:1001 +#: sssd-ipa.5.xml:212 sssd-ad.5.xml:1020 msgid "Default: GSS-TSIG" msgstr "" @@ -9513,7 +9790,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:244 sssd-ad.5.xml:947 +#: sssd-ipa.5.xml:244 sssd-ad.5.xml:966 msgid "dyndns_refresh_interval (integer)" msgstr "dyndns_refresh_interval (enter)" @@ -9526,12 +9803,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:260 sssd-ad.5.xml:965 +#: sssd-ipa.5.xml:260 sssd-ad.5.xml:984 msgid "dyndns_update_ptr (bool)" msgstr "dyndns_update_ptr (booleà)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:263 sssd-ad.5.xml:968 +#: sssd-ipa.5.xml:263 sssd-ad.5.xml:987 msgid "" "Whether the PTR record should also be explicitly updated when updating the " "client's DNS records. Applicable only when dyndns_update is true." @@ -9550,62 +9827,60 @@ msgid "Default: False (disabled)" msgstr "Per defecte: False (inhabilitat)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:280 sssd-ad.5.xml:979 +#: sssd-ipa.5.xml:280 sssd-ad.5.xml:998 msgid "dyndns_force_tcp (bool)" msgstr "dyndns_force_tcp (booleà)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:283 sssd-ad.5.xml:982 +#: sssd-ipa.5.xml:283 sssd-ad.5.xml:1001 msgid "" "Whether the nsupdate utility should default to using TCP for communicating " "with the DNS server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:287 sssd-ad.5.xml:986 +#: sssd-ipa.5.xml:287 sssd-ad.5.xml:1005 msgid "Default: False (let nsupdate choose the protocol)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:293 sssd-ad.5.xml:1007 +#: sssd-ipa.5.xml:293 sssd-ad.5.xml:1026 msgid "dyndns_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:296 sssd-ad.5.xml:1010 +#: sssd-ipa.5.xml:296 sssd-ad.5.xml:1029 msgid "" "The DNS server to use when performing a DNS update. In most setups, it's " "recommended to leave this option unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:301 sssd-ad.5.xml:1015 +#: sssd-ipa.5.xml:301 sssd-ad.5.xml:1034 msgid "" "Setting this option makes sense for environments where the DNS server is " "different from the identity server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:306 sssd-ad.5.xml:1020 +#: sssd-ipa.5.xml:306 sssd-ad.5.xml:1039 msgid "" "Please note that this option will be only used in fallback attempt when " "previous attempt using autodetected settings failed." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:311 sssd-ad.5.xml:1025 +#: sssd-ipa.5.xml:311 sssd-ad.5.xml:1044 msgid "Default: None (let nsupdate choose the server)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:317 sssd-ad.5.xml:1031 -#, fuzzy -#| msgid "dyndns_update (boolean)" +#: sssd-ipa.5.xml:317 sssd-ad.5.xml:1050 msgid "dyndns_update_per_family (boolean)" -msgstr "dyndns_update (booleà)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:320 sssd-ad.5.xml:1034 +#: sssd-ipa.5.xml:320 sssd-ad.5.xml:1053 msgid "" "DNS update is by default performed in two steps - IPv4 update and then IPv6 " "update. In some cases it might be desirable to perform IPv4 and IPv6 update " @@ -9719,26 +9994,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:458 sssd-ad.5.xml:1049 +#: sssd-ipa.5.xml:458 sssd-ad.5.xml:1068 msgid "krb5_confd_path (string)" msgstr "krb5_confd_path (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:461 sssd-ad.5.xml:1052 +#: sssd-ipa.5.xml:461 sssd-ad.5.xml:1071 msgid "" "Absolute path of a directory where SSSD should place Kerberos configuration " "snippets." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:465 sssd-ad.5.xml:1056 +#: sssd-ipa.5.xml:465 sssd-ad.5.xml:1075 msgid "" "To disable the creation of the configuration snippets set the parameter to " "'none'." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:469 sssd-ad.5.xml:1060 +#: sssd-ipa.5.xml:469 sssd-ad.5.xml:1079 msgid "" "Default: not set (krb5.include.d subdirectory of SSSD's pubconf directory)" msgstr "" @@ -9757,7 +10032,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:486 sssd-ipa.5.xml:516 sssd-ipa.5.xml:532 sssd-ad.5.xml:452 +#: sssd-ipa.5.xml:486 sssd-ipa.5.xml:516 sssd-ipa.5.xml:532 sssd-ad.5.xml:471 msgid "Default: 5 (seconds)" msgstr "Per defecte: 5 (segons)" @@ -10068,40 +10343,20 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ipa.5.xml:749 -#, fuzzy -#| msgid "" -#| "These configuration options can be present in a domain configuration " -#| "section, that is, in a section called <quote>[domain/<replaceable>NAME</" -#| "replaceable>]</quote> <placeholder type=\"variablelist\" id=\"0\"/>" msgid "" "Some configuration options can be also set for a trusted domain. A trusted " "domain configuration can either be done using a subsection, for example: " "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" -"Aquestes opcions de configuració poden ser presents a una secció de " -"configuració de domini anomenada <quote>[domain/<replaceable>NAME</" -"replaceable>]</quote> <placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ipa.5.xml:758 -#, fuzzy -#| msgid "" -#| "NOTE: Must be used in conjunction with the <quote>pam_trusted_users</" -#| "quote> and <quote>pam_public_domains</quote> options. Please see the " -#| "<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -#| "manvolnum> </citerefentry> manual page for more information on these two " -#| "PAM responder options." msgid "" "In addition, some options can be set in the parent domain and inherited by " "the trusted domain using the <quote>subdomain_inherit</quote> option. For " "more details, see the <citerefentry> <refentrytitle>sssd.conf</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page." msgstr "" -"NOTA: Ha d'utilitzar-se juntament amb les opcions <quote>pam_trusted_users</" -"quote> i <quote>pam_public_domains</quote>. Si us plau, vegeu la pàgina del " -"manual de <citerefentry> <refentrytitle>sssd.conf</refentrytitle> " -"<manvolnum>5</manvolnum> </citerefentry> per a més informació sobre aquestes " -"dues opcions del contestador del PAM." #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ipa.5.xml:768 @@ -10128,38 +10383,28 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> #: sssd-ipa.5.xml:782 -#, fuzzy -#| msgid "ad_server, ad_backup_server (string)" msgid "ad_backup_server" -msgstr "ad_server, ad_backup_server (cadena)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> #: sssd-ipa.5.xml:785 sssd-ipa.5.xml:812 -#, fuzzy -#| msgid "ad_site (string)" msgid "ad_site" -msgstr "ad_site (cadena)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> #: sssd-ipa.5.xml:788 -#, fuzzy -#| msgid "ldap_search_base (string)" msgid "ldap_search_base" -msgstr "ldap_search_base (cadena)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> #: sssd-ipa.5.xml:791 -#, fuzzy -#| msgid "ldap_user_search_base (string)" msgid "ldap_user_search_base" -msgstr "ldap_user_search_base (cadena)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> #: sssd-ipa.5.xml:794 -#, fuzzy -#| msgid "ldap_group_search_base (string)" msgid "ldap_group_search_base" -msgstr "ldap_group_search_base (cadena)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> #: sssd-ipa.5.xml:803 @@ -10658,10 +10903,8 @@ msgstr "Per defecte: enforcing" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ad.5.xml:421 -#, fuzzy -#| msgid "ad_gpo_map_deny (string)" msgid "ad_gpo_implicit_deny (boolean)" -msgstr "ad_gpo_map_deny (cadena)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:424 @@ -10675,12 +10918,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:442 +#: sssd-ad.5.xml:441 +#, fuzzy +#| msgid "ad_enable_gc (boolean)" +msgid "ad_gpo_ignore_unreadable (boolean)" +msgstr "ad_enable_gc (booleà)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:444 +msgid "" +"Normally when some group policy containers (AD object) of applicable group " +"policy objects are not readable by SSSD then users are denied access. This " +"option allows to ignore group policy containers and with them associated " +"policies if their attributes in group policy containers are not readable for " +"SSSD." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:461 msgid "ad_gpo_cache_timeout (integer)" msgstr "ad_gpo_cache_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:445 +#: sssd-ad.5.xml:464 msgid "" "The amount of time between lookups of GPO policy files against the AD " "server. This will reduce the latency and load on the AD server if there are " @@ -10688,12 +10948,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:458 +#: sssd-ad.5.xml:477 msgid "ad_gpo_map_interactive (string)" msgstr "ad_gpo_map_interactive (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:461 +#: sssd-ad.5.xml:480 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the InteractiveLogonRight and " @@ -10701,14 +10961,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:467 +#: sssd-ad.5.xml:486 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on locally\" and \"Deny log on locally\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:481 +#: sssd-ad.5.xml:500 #, no-wrap msgid "" "ad_gpo_map_interactive = +my_pam_service, -login\n" @@ -10718,7 +10978,7 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:472 +#: sssd-ad.5.xml:491 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -10730,42 +10990,42 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:504 +#: sssd-ad.5.xml:523 msgid "gdm-fingerprint" msgstr "gdm-fingerprint" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:524 +#: sssd-ad.5.xml:543 msgid "lightdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:529 +#: sssd-ad.5.xml:548 msgid "lxdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:534 +#: sssd-ad.5.xml:553 msgid "sddm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:539 +#: sssd-ad.5.xml:558 msgid "unity" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:544 +#: sssd-ad.5.xml:563 msgid "xdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:553 +#: sssd-ad.5.xml:572 msgid "ad_gpo_map_remote_interactive (string)" msgstr "ad_gpo_map_remote_interactive (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:556 +#: sssd-ad.5.xml:575 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the RemoteInteractiveLogonRight and " @@ -10773,7 +11033,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:562 +#: sssd-ad.5.xml:581 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on through Remote Desktop Services\" and \"Deny log on through Remote " @@ -10781,7 +11041,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:577 +#: sssd-ad.5.xml:596 #, no-wrap msgid "" "ad_gpo_map_remote_interactive = +my_pam_service, -sshd\n" @@ -10791,7 +11051,7 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:568 +#: sssd-ad.5.xml:587 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -10803,22 +11063,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:585 +#: sssd-ad.5.xml:604 msgid "sshd" msgstr "sshd" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:590 +#: sssd-ad.5.xml:609 msgid "cockpit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:599 +#: sssd-ad.5.xml:618 msgid "ad_gpo_map_network (string)" msgstr "ad_gpo_map_network (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:602 +#: sssd-ad.5.xml:621 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the NetworkLogonRight and " @@ -10826,7 +11086,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:608 +#: sssd-ad.5.xml:627 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Access " "this computer from the network\" and \"Deny access to this computer from the " @@ -10834,7 +11094,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:623 +#: sssd-ad.5.xml:642 #, no-wrap msgid "" "ad_gpo_map_network = +my_pam_service, -ftp\n" @@ -10844,7 +11104,7 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:614 +#: sssd-ad.5.xml:633 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -10856,22 +11116,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:631 +#: sssd-ad.5.xml:650 msgid "ftp" msgstr "ftp" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:636 +#: sssd-ad.5.xml:655 msgid "samba" msgstr "samba" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:645 +#: sssd-ad.5.xml:664 msgid "ad_gpo_map_batch (string)" msgstr "ad_gpo_map_batch (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:648 +#: sssd-ad.5.xml:667 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the BatchLogonRight and DenyBatchLogonRight " @@ -10879,14 +11139,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:654 +#: sssd-ad.5.xml:673 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a batch job\" and \"Deny log on as a batch job\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:668 +#: sssd-ad.5.xml:687 #, no-wrap msgid "" "ad_gpo_map_batch = +my_pam_service, -crond\n" @@ -10896,7 +11156,7 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:659 +#: sssd-ad.5.xml:678 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -10908,23 +11168,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:671 +#: sssd-ad.5.xml:690 msgid "" "Note: Cron service name may differ depending on Linux distribution used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:677 +#: sssd-ad.5.xml:696 msgid "crond" msgstr "crond" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:686 +#: sssd-ad.5.xml:705 msgid "ad_gpo_map_service (string)" msgstr "ad_gpo_map_service (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:689 +#: sssd-ad.5.xml:708 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the ServiceLogonRight and " @@ -10932,14 +11192,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:695 +#: sssd-ad.5.xml:714 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a service\" and \"Deny log on as a service\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:708 +#: sssd-ad.5.xml:727 #, no-wrap msgid "" "ad_gpo_map_service = +my_pam_service\n" @@ -10949,7 +11209,7 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:700 sssd-ad.5.xml:775 +#: sssd-ad.5.xml:719 sssd-ad.5.xml:794 msgid "" "It is possible to add a PAM service name to the default set by using <quote>" "+service_name</quote>. Since the default set is empty, it is not possible " @@ -10960,19 +11220,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:718 +#: sssd-ad.5.xml:737 msgid "ad_gpo_map_permit (string)" msgstr "ad_gpo_map_permit (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:721 +#: sssd-ad.5.xml:740 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always granted, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:735 +#: sssd-ad.5.xml:754 #, no-wrap msgid "" "ad_gpo_map_permit = +my_pam_service, -sudo\n" @@ -10982,7 +11242,7 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:726 +#: sssd-ad.5.xml:745 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -10994,29 +11254,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:743 +#: sssd-ad.5.xml:762 msgid "polkit-1" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:758 +#: sssd-ad.5.xml:777 msgid "systemd-user" msgstr "systemd-user" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:767 +#: sssd-ad.5.xml:786 msgid "ad_gpo_map_deny (string)" msgstr "ad_gpo_map_deny (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:770 +#: sssd-ad.5.xml:789 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always denied, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:783 +#: sssd-ad.5.xml:802 #, no-wrap msgid "" "ad_gpo_map_deny = +my_pam_service\n" @@ -11026,12 +11286,12 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:793 +#: sssd-ad.5.xml:812 msgid "ad_gpo_default_right (string)" msgstr "ad_gpo_default_right (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:796 +#: sssd-ad.5.xml:815 msgid "" "This option defines how access control is evaluated for PAM service names " "that are not explicitly listed in one of the ad_gpo_map_* options. This " @@ -11044,57 +11304,57 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:809 +#: sssd-ad.5.xml:828 msgid "Supported values for this option include:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:813 +#: sssd-ad.5.xml:832 msgid "interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:818 +#: sssd-ad.5.xml:837 msgid "remote_interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:823 +#: sssd-ad.5.xml:842 msgid "network" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:828 +#: sssd-ad.5.xml:847 msgid "batch" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:833 +#: sssd-ad.5.xml:852 msgid "service" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:838 +#: sssd-ad.5.xml:857 msgid "permit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:843 +#: sssd-ad.5.xml:862 msgid "deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:849 +#: sssd-ad.5.xml:868 msgid "Default: deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:855 +#: sssd-ad.5.xml:874 msgid "ad_maximum_machine_account_password_age (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:858 +#: sssd-ad.5.xml:877 msgid "" "SSSD will check once a day if the machine account password is older than the " "given age in days and try to renew it. A value of 0 will disable the renewal " @@ -11102,17 +11362,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:864 +#: sssd-ad.5.xml:883 msgid "Default: 30 days" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:870 +#: sssd-ad.5.xml:889 msgid "ad_machine_account_password_renewal_opts (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:873 +#: sssd-ad.5.xml:892 msgid "" "This option should only be used to test the machine account renewal task. " "The option expects 2 integers separated by a colon (':'). The first integer " @@ -11122,12 +11382,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:882 +#: sssd-ad.5.xml:901 msgid "Default: 86400:750 (24h and 15m)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:891 +#: sssd-ad.5.xml:910 msgid "" "Optional. This option tells SSSD to automatically update the Active " "Directory DNS server with the IP address of this client. The update is " @@ -11138,19 +11398,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:921 +#: sssd-ad.5.xml:940 msgid "Default: 3600 (seconds)" msgstr "Per defecte: 3600 (segons)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:937 +#: sssd-ad.5.xml:956 msgid "" "Default: Use the IP addresses of the interface which is used for AD LDAP " "connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:950 +#: sssd-ad.5.xml:969 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -11160,12 +11420,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:973 sss_rpcidmapd.5.xml:76 +#: sssd-ad.5.xml:992 sss_rpcidmapd.5.xml:76 msgid "Default: True" msgstr "Per defecte: True" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1080 +#: sssd-ad.5.xml:1099 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -11173,7 +11433,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1087 +#: sssd-ad.5.xml:1106 #, no-wrap msgid "" "[domain/EXAMPLE]\n" @@ -11197,7 +11457,7 @@ msgstr "" "ad_domain = exemple.com\n" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1107 +#: sssd-ad.5.xml:1126 #, no-wrap msgid "" "access_provider = ldap\n" @@ -11209,7 +11469,7 @@ msgstr "" "ldap_account_expire_policy = ad\n" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1103 +#: sssd-ad.5.xml:1122 msgid "" "The AD access control provider checks if the account is expired. It has the " "same effect as the following configuration of the LDAP provider: " @@ -11217,7 +11477,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1113 +#: sssd-ad.5.xml:1132 msgid "" "However, unless the <quote>ad</quote> access control provider is explicitly " "configured, the default access provider is <quote>permit</quote>. Please " @@ -11227,7 +11487,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1121 +#: sssd-ad.5.xml:1140 msgid "" "When the autofs provider is set to <quote>ad</quote>, the RFC2307 schema " "attribute mapping (nisMap, nisObject, ...) is used, because these attributes " @@ -11652,10 +11912,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd.8.xml:169 -#, fuzzy -#| msgid "<option>-c</option>,<option>--config</option>" msgid "<option>-g</option>,<option>--genconf</option>" -msgstr "<option>-c</option>,<option>--config</option>" +msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.8.xml:173 @@ -11666,10 +11924,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd.8.xml:181 -#, fuzzy -#| msgid "<option>-s</option>,<option>--stdin</option>" msgid "<option>-s</option>,<option>--genconf-section</option>" -msgstr "<option>-s</option>,<option>--stdin</option>" +msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.8.xml:185 @@ -12834,23 +13090,79 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-krb5.5.xml:505 +#, fuzzy +#| msgid "krb5_confd_path (string)" +msgid "krb5_kdcinfo_lookahead (string)" +msgstr "krb5_confd_path (cadena)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:508 +#, fuzzy +#| msgid "" +#| "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " +#| "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" +#| "citerefentry> for more information on configuring Kerberos." +msgid "" +"When krb5_use_kdcinfo is set to true, you can limit the amount of servers " +"handed to <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" +"refentrytitle> <manvolnum>8</manvolnum> </citerefentry>. This might be " +"helpful when there are too many servers discovered using SRV record." +msgstr "" +"<quote>krb5</quote> per canviar la contrasenya Kerberos. Vegeu " +"<citerefentry><refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</" +"manvolnum></citerefentry> per a més informació sobre configurar Kerberos." + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:518 +msgid "" +"The krb5_kdcinfo_lookahead option contains two numbers seperated by a colon. " +"The first number represents number of primary servers used and the second " +"number specifies the number of backup servers." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:524 +#, fuzzy +#| msgid "" +#| "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " +#| "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" +#| "citerefentry> for more information on configuring Kerberos." +msgid "" +"For example <emphasis>10:0</emphasis> means that up to 10 primary servers " +"will be handed to <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" +"refentrytitle> <manvolnum>8</manvolnum> </citerefentry>. but no backup " +"servers." +msgstr "" +"<quote>krb5</quote> per canviar la contrasenya Kerberos. Vegeu " +"<citerefentry><refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</" +"manvolnum></citerefentry> per a més informació sobre configurar Kerberos." + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:533 +#, fuzzy +#| msgid "Default: 3" +msgid "Default: 3:1" +msgstr "Per defecte: 3" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-krb5.5.xml:539 msgid "krb5_use_enterprise_principal (boolean)" msgstr "krb5_use_enterprise_principal (booleà)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:508 +#: sssd-krb5.5.xml:542 msgid "" "Specifies if the user principal should be treated as enterprise principal. " "See section 5 of RFC 6806 for more details about enterprise principals." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:514 +#: sssd-krb5.5.xml:548 msgid "Default: false (AD provider: true)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:517 +#: sssd-krb5.5.xml:551 msgid "" "The IPA provider will set to option to 'true' if it detects that the server " "is capable of handling enterprise principals and the option is not set " @@ -12858,12 +13170,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:526 +#: sssd-krb5.5.xml:560 msgid "krb5_map_user (string)" msgstr "krb5_map_user (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:529 +#: sssd-krb5.5.xml:563 msgid "" "The list of mappings is given as a comma-separated list of pairs " "<quote>username:primary</quote> where <quote>username</quote> is a UNIX user " @@ -12873,7 +13185,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-krb5.5.xml:541 +#: sssd-krb5.5.xml:575 #, no-wrap msgid "" "krb5_realm = REALM\n" @@ -12883,7 +13195,7 @@ msgstr "" "krb5_map_user = joe:juser,dick:richard\n" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:546 +#: sssd-krb5.5.xml:580 msgid "" "<quote>joe</quote> and <quote>dick</quote> are UNIX user names and " "<quote>juser</quote> and <quote>richard</quote> are primaries of kerberos " @@ -12903,7 +13215,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:572 +#: sssd-krb5.5.xml:606 msgid "" "The following example assumes that SSSD is correctly configured and FOO is " "one of the domains in the <replaceable>[sssd]</replaceable> section. This " @@ -12912,7 +13224,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-krb5.5.xml:580 +#: sssd-krb5.5.xml:614 #, no-wrap msgid "" "[domain/FOO]\n" @@ -14278,18 +14590,14 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_ssh_knownhostsproxy.1.xml:89 -#, fuzzy -#| msgid "<option>-k</option>,<option>--kick</option>" msgid "<option>-k</option>,<option>--pubkey</option>" -msgstr "<option>-k</option>,<option>--kick</option>" +msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_ssh_knownhostsproxy.1.xml:93 -#, fuzzy -#| msgid "Set the UID of the user to <replaceable>UID</replaceable>." msgid "" "Print the host ssh public keys for host <replaceable>HOST</replaceable>." -msgstr "Estableix l'UID de l'usuari a <replaceable>UID</replaceable>." +msgstr "" #. type: Content of: <reference><refentry><refnamediv><refname> #: idmap_sss.8.xml:10 idmap_sss.8.xml:15 @@ -14440,22 +14748,12 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-files.5.xml:58 -#, fuzzy -#| msgid "" -#| "The skeleton directory, which contains files and directories to be copied " -#| "in the user's home directory, when the home directory is created by " -#| "<citerefentry> <refentrytitle>sss_useradd</refentrytitle> <manvolnum>8</" -#| "manvolnum> </citerefentry>" msgid "" "Please note that some distributions enable the files domain automatically, " "prepending the domain before any explicitly configured domains. See " "enable_files_domain in <citerefentry> <refentrytitle>sssd.conf</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry>." msgstr "" -"El directori esquemàtic que conté els fitxers i els directoris per copiar al " -"directori inicial, quan el directori inicial de l'usuari es crea amb " -"<citerefentry><refentrytitle>sss_useradd</refentrytitle> <manvolnum>8</" -"manvolnum></citerefentry>" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-files.5.xml:67 @@ -17116,21 +17414,13 @@ msgstr "" #. type: Content of: <refsect1><refsect2><title> #: include/ad_modified_defaults.xml:80 -#, fuzzy -#| msgid "NSS configuration options" msgid "NSS configuration" -msgstr "Opcions de configuració de l'NSS" +msgstr "" #. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> #: include/ad_modified_defaults.xml:84 -#, fuzzy -#| msgid "" -#| "fallback_homedir = /home/%u\n" -#| " " msgid "fallback_homedir = /home/%d/%u" msgstr "" -"fallback_homedir = /home/%u\n" -" " #. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> #: include/ad_modified_defaults.xml:87 @@ -17244,10 +17534,3 @@ msgstr "" #: include/ipa_modified_defaults.xml:118 msgid "ldap_group_external_member = ipaExternalMember" msgstr "" - -#~ msgid "" -#~ "PLEASE NOTE ALSO: older version of libpcre only support the Python syntax " -#~ "(?P<name>) to label subpatterns." -#~ msgstr "" -#~ "ATENCIÓ SI US PLAU: una versió més antiga de libpcre només suporta la " -#~ "sintaxi Python (?P <name>) a l'etiqueta subpatterns." diff --git a/src/man/po/cs.po b/src/man/po/cs.po index 2c16e3df0b2..5cee9597ffb 100644 --- a/src/man/po/cs.po +++ b/src/man/po/cs.po @@ -7,9 +7,9 @@ # Zdenek <chmelarz@gmail.com>, 2017. #zanata msgid "" msgstr "" -"Project-Id-Version: sssd-docs 1.16.2\n" +"Project-Id-Version: sssd-docs 2.0.99\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2019-02-27 19:54+0100\n" +"POT-Creation-Date: 2019-06-13 20:34+0200\n" "PO-Revision-Date: 2017-09-11 08:53+0000\n" "Last-Translator: Zdenek <chmelarz@gmail.com>\n" "Language-Team: Czech (http://www.transifex.com/projects/p/sssd/language/" @@ -295,11 +295,11 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:133 sssd.conf.5.xml:579 sssd.conf.5.xml:875 -#: sssd.conf.5.xml:1648 sssd.conf.5.xml:1678 sssd-ldap.5.xml:1792 -#: sssd-ldap.5.xml:1889 sssd-ldap.5.xml:1951 sssd-ldap.5.xml:2517 -#: sssd-ldap.5.xml:2582 sssd-ipa.5.xml:326 sssd-ad.5.xml:227 sssd-ad.5.xml:341 -#: sssd-ad.5.xml:907 sssd-ad.5.xml:1040 sssd-krb5.5.xml:499 +#: sssd.conf.5.xml:133 sssd.conf.5.xml:579 sssd.conf.5.xml:876 +#: sssd.conf.5.xml:1649 sssd.conf.5.xml:1679 sssd-ldap.5.xml:1849 +#: sssd-ldap.5.xml:1947 sssd-ldap.5.xml:2009 sssd-ldap.5.xml:2586 +#: sssd-ldap.5.xml:2651 sssd-ipa.5.xml:326 sssd-ad.5.xml:227 sssd-ad.5.xml:341 +#: sssd-ad.5.xml:926 sssd-ad.5.xml:1059 sssd-krb5.5.xml:499 #: sssd-secrets.5.xml:351 sssd-secrets.5.xml:364 msgid "Default: true" msgstr "" @@ -318,16 +318,16 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:146 sssd.conf.5.xml:576 sssd.conf.5.xml:758 -#: sssd.conf.5.xml:1581 sssd.conf.5.xml:3140 sssd-ldap.5.xml:708 -#: sssd-ldap.5.xml:1655 sssd-ldap.5.xml:1674 sssd-ldap.5.xml:1861 -#: sssd-ldap.5.xml:2287 sssd-ldap.5.xml:2606 sssd-ipa.5.xml:151 +#: sssd.conf.5.xml:1582 sssd.conf.5.xml:3207 sssd-ldap.5.xml:746 +#: sssd-ldap.5.xml:1700 sssd-ldap.5.xml:1719 sssd-ldap.5.xml:1919 +#: sssd-ldap.5.xml:2345 sssd-ldap.5.xml:2675 sssd-ipa.5.xml:151 #: sssd-ipa.5.xml:238 sssd-ipa.5.xml:574 sssd-krb5.5.xml:266 #: sssd-krb5.5.xml:300 sssd-krb5.5.xml:471 msgid "Default: false" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:2325 +#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:2383 #: sssd-systemtap.5.xml:82 sssd-systemtap.5.xml:143 sssd-systemtap.5.xml:210 #: sssd-systemtap.5.xml:248 sssd-systemtap.5.xml:304 msgid "<placeholder type=\"variablelist\" id=\"0\"/>" @@ -352,8 +352,8 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:169 sssd.conf.5.xml:1412 sssd.conf.5.xml:3156 -#: sssd-ldap.5.xml:1526 include/ldap_id_mapping.xml:264 +#: sssd.conf.5.xml:169 sssd.conf.5.xml:1413 sssd.conf.5.xml:3223 +#: sssd-ldap.5.xml:1571 include/ldap_id_mapping.xml:264 msgid "Default: 10" msgstr "" @@ -368,7 +368,7 @@ msgid "The [sssd] section" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:191 sssd.conf.5.xml:3245 +#: sssd.conf.5.xml:191 sssd.conf.5.xml:3312 msgid "Section parameters" msgstr "" @@ -448,7 +448,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:259 sssd.conf.5.xml:2754 +#: sssd.conf.5.xml:259 sssd.conf.5.xml:2755 msgid "re_expression (string)" msgstr "" @@ -468,12 +468,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:276 sssd.conf.5.xml:2802 +#: sssd.conf.5.xml:276 sssd.conf.5.xml:2803 msgid "full_name_format (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:279 sssd.conf.5.xml:2805 +#: sssd.conf.5.xml:279 sssd.conf.5.xml:2806 msgid "" "A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" "manvolnum> </citerefentry>-compatible format that describes how to compose a " @@ -481,39 +481,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:290 sssd.conf.5.xml:2816 +#: sssd.conf.5.xml:290 sssd.conf.5.xml:2817 msgid "%1$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:291 sssd.conf.5.xml:2817 +#: sssd.conf.5.xml:291 sssd.conf.5.xml:2818 msgid "user name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:294 sssd.conf.5.xml:2820 +#: sssd.conf.5.xml:294 sssd.conf.5.xml:2821 msgid "%2$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:297 sssd.conf.5.xml:2823 +#: sssd.conf.5.xml:297 sssd.conf.5.xml:2824 msgid "domain name as specified in the SSSD config file." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:303 sssd.conf.5.xml:2829 +#: sssd.conf.5.xml:303 sssd.conf.5.xml:2830 msgid "%3$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:306 sssd.conf.5.xml:2832 +#: sssd.conf.5.xml:306 sssd.conf.5.xml:2833 msgid "" "domain flat name. Mostly usable for Active Directory domains, both directly " "configured or discovered via IPA trusts." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:287 sssd.conf.5.xml:2813 +#: sssd.conf.5.xml:287 sssd.conf.5.xml:2814 msgid "" "The following expansions are supported: <placeholder type=\"variablelist\" " "id=\"0\"/>" @@ -637,10 +637,10 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:418 sssd.conf.5.xml:1201 sssd-ldap.5.xml:679 -#: sssd-ldap.5.xml:1260 sssd-ldap.5.xml:1614 sssd-ldap.5.xml:1626 -#: sssd-ldap.5.xml:1708 sssd-ad.5.xml:712 sssd-ad.5.xml:787 sssd.8.xml:126 -#: sssd-krb5.5.xml:410 sssd-krb5.5.xml:556 sssd-secrets.5.xml:339 +#: sssd.conf.5.xml:418 sssd.conf.5.xml:1202 sssd-ldap.5.xml:717 +#: sssd-ldap.5.xml:1298 sssd-ldap.5.xml:1659 sssd-ldap.5.xml:1671 +#: sssd-ldap.5.xml:1763 sssd-ad.5.xml:731 sssd-ad.5.xml:806 sssd.8.xml:126 +#: sssd-krb5.5.xml:410 sssd-krb5.5.xml:590 sssd-secrets.5.xml:339 #: sssd-secrets.5.xml:377 sssd-secrets.5.xml:390 sssd-secrets.5.xml:404 #: sssd-secrets.5.xml:415 include/ldap_id_mapping.xml:205 #: include/ldap_id_mapping.xml:216 @@ -783,12 +783,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:533 sssd.conf.5.xml:1397 sssd.conf.5.xml:1703 +#: sssd.conf.5.xml:533 sssd.conf.5.xml:1398 sssd.conf.5.xml:1704 msgid "This man page was generated for the NSS version." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:536 sssd.conf.5.xml:1400 sssd.conf.5.xml:1706 +#: sssd.conf.5.xml:536 sssd.conf.5.xml:1401 sssd.conf.5.xml:1707 msgid "This man page was generated for the OpenSSL version." msgstr "" @@ -872,7 +872,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:624 sssd.conf.5.xml:1424 sssd.conf.5.xml:3206 +#: sssd.conf.5.xml:624 sssd.conf.5.xml:1425 sssd.conf.5.xml:3273 #: sssd-ad.5.xml:164 sssd-ad.5.xml:302 sssd-ad.5.xml:316 msgid "Default: Not set" msgstr "" @@ -948,8 +948,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:692 sssd.conf.5.xml:724 sssd.conf.5.xml:1006 -#: sssd.conf.5.xml:1267 sssd.conf.5.xml:1513 sssd-ldap.5.xml:1353 +#: sssd.conf.5.xml:692 sssd.conf.5.xml:724 sssd.conf.5.xml:1007 +#: sssd.conf.5.xml:1268 sssd.conf.5.xml:1514 sssd-ldap.5.xml:1391 msgid "Default: 60" msgstr "" @@ -1009,8 +1009,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:746 sssd.conf.5.xml:1019 sssd.conf.5.xml:1773 -#: sssd-ldap.5.xml:722 +#: sssd.conf.5.xml:746 sssd.conf.5.xml:1020 sssd.conf.5.xml:1774 +#: sssd-ldap.5.xml:760 msgid "Default: 300" msgstr "" @@ -1087,7 +1087,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:812 sssd.conf.5.xml:1602 +#: sssd.conf.5.xml:812 sssd.conf.5.xml:1603 msgid "Default: 50" msgstr "" @@ -1105,7 +1105,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:826 sssd.conf.5.xml:1626 +#: sssd.conf.5.xml:826 sssd.conf.5.xml:1627 msgid "Default: 15" msgstr "" @@ -1138,11 +1138,11 @@ msgid "" "Exclude certain users or groups from being fetched from the sss NSS " "database. This is particularly useful for system accounts. This option can " "also be set per-domain or include fully-qualified names to filter only users " -"from the particular domain." +"from the particular domain or by a user principal name (UPN)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:855 +#: sssd.conf.5.xml:856 msgid "" "NOTE: The filter_groups option doesn't affect inheritance of nested group " "members, since filtering happens after they are propagated for returning via " @@ -1151,41 +1151,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:863 +#: sssd.conf.5.xml:864 msgid "Default: root" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:868 +#: sssd.conf.5.xml:869 msgid "filter_users_in_groups (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:871 +#: sssd.conf.5.xml:872 msgid "" "If you want filtered user still be group members set this option to false." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:882 +#: sssd.conf.5.xml:883 msgid "fallback_homedir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:885 +#: sssd.conf.5.xml:886 msgid "" "Set a default template for a user's home directory if one is not specified " "explicitly by the domain's data provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:890 +#: sssd.conf.5.xml:891 msgid "" "The available values for this option are the same as for override_homedir." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:896 +#: sssd.conf.5.xml:897 #, no-wrap msgid "" "fallback_homedir = /home/%u\n" @@ -1193,23 +1193,23 @@ msgid "" msgstr "" #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:894 sssd.conf.5.xml:1334 sssd.conf.5.xml:1353 -#: sssd-krb5.5.xml:539 include/override_homedir.xml:59 +#: sssd.conf.5.xml:895 sssd.conf.5.xml:1335 sssd.conf.5.xml:1354 +#: sssd-krb5.5.xml:573 include/override_homedir.xml:59 msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:900 +#: sssd.conf.5.xml:901 msgid "Default: not set (no substitution for unset home directories)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:906 +#: sssd.conf.5.xml:907 msgid "override_shell (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:909 +#: sssd.conf.5.xml:910 msgid "" "Override the login shell for all users. This option supersedes any other " "shell options if it takes effect and can be set either in the [nss] section " @@ -1217,47 +1217,47 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:915 +#: sssd.conf.5.xml:916 msgid "Default: not set (SSSD will use the value retrieved from LDAP)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:921 +#: sssd.conf.5.xml:922 msgid "allowed_shells (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:924 +#: sssd.conf.5.xml:925 msgid "" "Restrict user shell to one of the listed values. The order of evaluation is:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:927 +#: sssd.conf.5.xml:928 msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:931 +#: sssd.conf.5.xml:932 msgid "" "2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</" "quote>, use the value of the shell_fallback parameter." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:936 +#: sssd.conf.5.xml:937 msgid "" "3. If the shell is not in the allowed_shells list and not in <quote>/etc/" "shells</quote>, a nologin shell is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:941 +#: sssd.conf.5.xml:942 msgid "The wildcard (*) can be used to allow any shell." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:944 +#: sssd.conf.5.xml:945 msgid "" "The (*) is useful if you want to use shell_fallback in case that user's " "shell is not in <quote>/etc/shells</quote> and maintaining list of all " @@ -1265,112 +1265,112 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:951 +#: sssd.conf.5.xml:952 msgid "An empty string for shell is passed as-is to libc." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:954 +#: sssd.conf.5.xml:955 msgid "" "The <quote>/etc/shells</quote> is only read on SSSD start up, which means " "that a restart of the SSSD is required in case a new shell is installed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:958 +#: sssd.conf.5.xml:959 msgid "Default: Not set. The user shell is automatically used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:963 +#: sssd.conf.5.xml:964 msgid "vetoed_shells (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:966 +#: sssd.conf.5.xml:967 msgid "Replace any instance of these shells with the shell_fallback" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:971 +#: sssd.conf.5.xml:972 msgid "shell_fallback (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:974 +#: sssd.conf.5.xml:975 msgid "" "The default shell to use if an allowed shell is not installed on the machine." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:978 +#: sssd.conf.5.xml:979 msgid "Default: /bin/sh" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:983 +#: sssd.conf.5.xml:984 msgid "default_shell" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:986 +#: sssd.conf.5.xml:987 msgid "" "The default shell to use if the provider does not return one during lookup. " "This option can be specified globally in the [nss] section or per-domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:992 +#: sssd.conf.5.xml:993 msgid "" "Default: not set (Return NULL if no shell is specified and rely on libc to " "substitute something sensible when necessary, usually /bin/sh)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:999 sssd.conf.5.xml:1260 +#: sssd.conf.5.xml:1000 sssd.conf.5.xml:1261 msgid "get_domains_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1002 sssd.conf.5.xml:1263 +#: sssd.conf.5.xml:1003 sssd.conf.5.xml:1264 msgid "" "Specifies time in seconds for which the list of subdomains will be " "considered valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1011 +#: sssd.conf.5.xml:1012 msgid "memcache_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1014 +#: sssd.conf.5.xml:1015 msgid "" "Specifies time in seconds for which records in the in-memory cache will be " "valid. Setting this option to zero will disable the in-memory cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1022 +#: sssd.conf.5.xml:1023 msgid "" "WARNING: Disabling the in-memory cache will have significant negative impact " "on SSSD's performance and should only be used for testing." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1028 +#: sssd.conf.5.xml:1029 msgid "" "NOTE: If the environment variable SSS_NSS_USE_MEMCACHE is set to \"NO\", " "client applications will not use the fast in-memory cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1036 sssd-ifp.5.xml:74 +#: sssd.conf.5.xml:1037 sssd-ifp.5.xml:74 msgid "user_attributes (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1039 +#: sssd.conf.5.xml:1040 msgid "" "Some of the additional NSS responder requests can return more attributes " "than just the POSIX ones defined by the NSS interface. The list of " @@ -1381,96 +1381,96 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1052 +#: sssd.conf.5.xml:1053 msgid "" "To make configuration more easy the NSS responder will check the InfoPipe " "option if it is not set for the NSS responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1057 +#: sssd.conf.5.xml:1058 msgid "Default: not set, fallback to InfoPipe option" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1062 +#: sssd.conf.5.xml:1063 msgid "pwfield (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1065 +#: sssd.conf.5.xml:1066 msgid "" "The value that NSS operations that return users or groups will return for " "the <quote>password</quote> field." msgstr "" #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:1070 include/override_homedir.xml:56 +#: sssd.conf.5.xml:1071 include/override_homedir.xml:56 msgid "This option can also be set per-domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1073 +#: sssd.conf.5.xml:1074 msgid "" "Default: <quote>*</quote> (remote domains) or <quote>x</quote> (the files " "domain)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1081 +#: sssd.conf.5.xml:1082 msgid "PAM configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1083 +#: sssd.conf.5.xml:1084 msgid "" "These options can be used to configure the Pluggable Authentication Module " "(PAM) service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1088 +#: sssd.conf.5.xml:1089 msgid "offline_credentials_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1091 +#: sssd.conf.5.xml:1092 msgid "" "If the authentication provider is offline, how long should we allow cached " "logins (in days since the last successful online login)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1096 sssd.conf.5.xml:1109 +#: sssd.conf.5.xml:1097 sssd.conf.5.xml:1110 msgid "Default: 0 (No limit)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1102 +#: sssd.conf.5.xml:1103 msgid "offline_failed_login_attempts (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1105 +#: sssd.conf.5.xml:1106 msgid "" "If the authentication provider is offline, how many failed login attempts " "are allowed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1115 +#: sssd.conf.5.xml:1116 msgid "offline_failed_login_delay (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1118 +#: sssd.conf.5.xml:1119 msgid "" "The time in minutes which has to pass after offline_failed_login_attempts " "has been reached before a new login attempt is possible." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1123 +#: sssd.conf.5.xml:1124 msgid "" "If set to 0 the user cannot authenticate offline if " "offline_failed_login_attempts has been reached. Only a successful online " @@ -1478,59 +1478,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1129 sssd.conf.5.xml:1227 +#: sssd.conf.5.xml:1130 sssd.conf.5.xml:1228 msgid "Default: 5" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1135 +#: sssd.conf.5.xml:1136 msgid "pam_verbosity (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1138 +#: sssd.conf.5.xml:1139 msgid "" "Controls what kind of messages are shown to the user during authentication. " "The higher the number to more messages are displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1143 +#: sssd.conf.5.xml:1144 msgid "Currently sssd supports the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1146 +#: sssd.conf.5.xml:1147 msgid "<emphasis>0</emphasis>: do not show any message" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1149 +#: sssd.conf.5.xml:1150 msgid "<emphasis>1</emphasis>: show only important messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1153 +#: sssd.conf.5.xml:1154 msgid "<emphasis>2</emphasis>: show informational messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1156 +#: sssd.conf.5.xml:1157 msgid "<emphasis>3</emphasis>: show all messages and debug information" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1160 sssd.8.xml:63 +#: sssd.conf.5.xml:1161 sssd.8.xml:63 msgid "Default: 1" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1166 +#: sssd.conf.5.xml:1167 msgid "pam_response_filter (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1169 +#: sssd.conf.5.xml:1170 msgid "" "A comma separated list of strings which allows to remove (filter) data sent " "by the PAM responder to pam_sss PAM module. There are different kind of " @@ -1539,61 +1539,61 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1177 +#: sssd.conf.5.xml:1178 msgid "" "While messages already can be controlled with the help of the pam_verbosity " "option this option allows to filter out other kind of responses as well." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1184 +#: sssd.conf.5.xml:1185 msgid "ENV" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1185 +#: sssd.conf.5.xml:1186 msgid "Do not send any environment variables to any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1188 +#: sssd.conf.5.xml:1189 msgid "ENV:var_name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1189 +#: sssd.conf.5.xml:1190 msgid "Do not send environment variable var_name to any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1193 +#: sssd.conf.5.xml:1194 msgid "ENV:var_name:service" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1194 +#: sssd.conf.5.xml:1195 msgid "Do not send environment variable var_name to service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1182 +#: sssd.conf.5.xml:1183 msgid "" "Currently the following filters are supported: <placeholder type=" "\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1204 +#: sssd.conf.5.xml:1205 msgid "Example: ENV:KRB5CCNAME:sudo-i" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1210 +#: sssd.conf.5.xml:1211 msgid "pam_id_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1213 +#: sssd.conf.5.xml:1214 msgid "" "For any PAM request while SSSD is online, the SSSD will attempt to " "immediately update the cached identity information for the user in order to " @@ -1601,7 +1601,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1219 +#: sssd.conf.5.xml:1220 msgid "" "A complete PAM conversation may perform multiple PAM requests, such as " "account management and session opening. This option controls (on a per-" @@ -1610,17 +1610,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1233 +#: sssd.conf.5.xml:1234 msgid "pam_pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1236 sssd.conf.5.xml:2235 +#: sssd.conf.5.xml:1237 sssd.conf.5.xml:2236 msgid "Display a warning N days before the password expires." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1239 +#: sssd.conf.5.xml:1240 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -1628,31 +1628,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1245 sssd.conf.5.xml:2238 +#: sssd.conf.5.xml:1246 sssd.conf.5.xml:2239 msgid "" "If zero is set, then this filter is not applied, i.e. if the expiration " "warning was received from backend server, it will automatically be displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1250 +#: sssd.conf.5.xml:1251 msgid "" "This setting can be overridden by setting <emphasis>pwd_expiration_warning</" "emphasis> for a particular domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1255 sssd.conf.5.xml:3061 sssd.8.xml:79 +#: sssd.conf.5.xml:1256 sssd.conf.5.xml:3069 sssd.8.xml:79 msgid "Default: 0" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1272 +#: sssd.conf.5.xml:1273 msgid "pam_trusted_users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1275 +#: sssd.conf.5.xml:1276 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to run PAM conversations against trusted domains. Users not " @@ -1662,75 +1662,75 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1285 +#: sssd.conf.5.xml:1286 msgid "Default: All users are considered trusted by default" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1289 +#: sssd.conf.5.xml:1290 msgid "" "Please note that UID 0 is always allowed to access the PAM responder even in " "case it is not in the pam_trusted_users list." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1296 +#: sssd.conf.5.xml:1297 msgid "pam_public_domains (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1299 +#: sssd.conf.5.xml:1300 msgid "" "Specifies the comma-separated list of domain names that are accessible even " "to untrusted users." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1303 +#: sssd.conf.5.xml:1304 msgid "Two special values for pam_public_domains option are defined:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1307 +#: sssd.conf.5.xml:1308 msgid "" "all (Untrusted users are allowed to access all domains in PAM responder.)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1311 +#: sssd.conf.5.xml:1312 msgid "" "none (Untrusted users are not allowed to access any domains PAM in " "responder.)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1315 sssd.conf.5.xml:1340 sssd.conf.5.xml:1359 -#: sssd.conf.5.xml:1546 sssd.conf.5.xml:2032 sssd.conf.5.xml:2997 -#: sssd-ldap.5.xml:1920 +#: sssd.conf.5.xml:1316 sssd.conf.5.xml:1341 sssd.conf.5.xml:1360 +#: sssd.conf.5.xml:1547 sssd.conf.5.xml:2033 sssd.conf.5.xml:2998 +#: sssd-ldap.5.xml:1978 msgid "Default: none" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1320 +#: sssd.conf.5.xml:1321 msgid "pam_account_expired_message (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1323 +#: sssd.conf.5.xml:1324 msgid "" "Allows a custom expiration message to be set, replacing the default " "'Permission denied' message." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1328 +#: sssd.conf.5.xml:1329 msgid "" "Note: Please be aware that message is only printed for the SSH service " "unless pam_verbosity is set to 3 (show all messages and debug information)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1336 +#: sssd.conf.5.xml:1337 #, no-wrap msgid "" "pam_account_expired_message = Account expired, please contact help desk.\n" @@ -1738,19 +1738,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1345 +#: sssd.conf.5.xml:1346 msgid "pam_account_locked_message (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1348 +#: sssd.conf.5.xml:1349 msgid "" "Allows a custom lockout message to be set, replacing the default 'Permission " "denied' message." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1355 +#: sssd.conf.5.xml:1356 #, no-wrap msgid "" "pam_account_locked_message = Account locked, please contact help desk.\n" @@ -1758,12 +1758,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1364 +#: sssd.conf.5.xml:1365 msgid "pam_cert_auth (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1367 +#: sssd.conf.5.xml:1368 msgid "" "Enable certificate based Smartcard authentication. Since this requires " "additional communication with the Smartcard which will delay the " @@ -1771,77 +1771,77 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1373 sssd.conf.5.xml:3090 sssd-ldap.5.xml:1455 -#: sssd-ldap.5.xml:1476 sssd-ldap.5.xml:1993 sssd-ad.5.xml:435 +#: sssd.conf.5.xml:1374 sssd-ldap.5.xml:1493 sssd-ldap.5.xml:1514 +#: sssd-ldap.5.xml:2051 sssd-ad.5.xml:435 sssd-ad.5.xml:453 #: include/ldap_id_mapping.xml:244 msgid "Default: False" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1378 +#: sssd.conf.5.xml:1379 msgid "pam_cert_db_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1381 +#: sssd.conf.5.xml:1382 msgid "" "The path to the certificate database which contain the PKCS#11 modules to " "access the Smartcard." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1385 sssd.conf.5.xml:1691 sssd.conf.5.xml:3441 +#: sssd.conf.5.xml:1386 sssd.conf.5.xml:1692 sssd.conf.5.xml:3509 msgid "Default:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1387 sssd.conf.5.xml:1693 +#: sssd.conf.5.xml:1388 sssd.conf.5.xml:1694 msgid "/etc/pki/nssdb (NSS version, path to a NSS database)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1390 sssd.conf.5.xml:1696 +#: sssd.conf.5.xml:1391 sssd.conf.5.xml:1697 msgid "" "/etc/sssd/pki/sssd_auth_ca_db.pem (OpenSSL version, path to a file with " "trusted CA certificates in PEM format)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1405 +#: sssd.conf.5.xml:1406 msgid "p11_child_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1408 +#: sssd.conf.5.xml:1409 msgid "How many seconds will pam_sss wait for p11_child to finish." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1417 +#: sssd.conf.5.xml:1418 msgid "pam_app_services (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1420 +#: sssd.conf.5.xml:1421 msgid "" "Which PAM services are permitted to contact domains of type " "<quote>application</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1429 +#: sssd.conf.5.xml:1430 msgid "pam_p11_allowed_services (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1432 +#: sssd.conf.5.xml:1433 msgid "" "A comma-separated list of PAM service names for which it will be allowed to " "use Smartcards." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1447 +#: sssd.conf.5.xml:1448 #, no-wrap msgid "" "pam_p11_allowed_services = +my_pam_service, -login\n" @@ -1849,7 +1849,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1436 +#: sssd.conf.5.xml:1437 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -1861,63 +1861,63 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1451 sssd-ad.5.xml:485 sssd-ad.5.xml:581 sssd-ad.5.xml:627 -#: sssd-ad.5.xml:673 sssd-ad.5.xml:739 +#: sssd.conf.5.xml:1452 sssd-ad.5.xml:504 sssd-ad.5.xml:600 sssd-ad.5.xml:646 +#: sssd-ad.5.xml:692 sssd-ad.5.xml:758 msgid "Default: the default set of PAM service names includes:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1456 sssd-ad.5.xml:489 +#: sssd.conf.5.xml:1457 sssd-ad.5.xml:508 msgid "login" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1461 sssd-ad.5.xml:494 +#: sssd.conf.5.xml:1462 sssd-ad.5.xml:513 msgid "su" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1466 sssd-ad.5.xml:499 +#: sssd.conf.5.xml:1467 sssd-ad.5.xml:518 msgid "su-l" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1471 sssd-ad.5.xml:514 +#: sssd.conf.5.xml:1472 sssd-ad.5.xml:533 msgid "gdm-smartcard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1476 sssd-ad.5.xml:509 +#: sssd.conf.5.xml:1477 sssd-ad.5.xml:528 msgid "gdm-password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1481 sssd-ad.5.xml:519 +#: sssd.conf.5.xml:1482 sssd-ad.5.xml:538 msgid "kdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1486 sssd-ad.5.xml:748 +#: sssd.conf.5.xml:1487 sssd-ad.5.xml:767 msgid "sudo" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1491 sssd-ad.5.xml:753 +#: sssd.conf.5.xml:1492 sssd-ad.5.xml:772 msgid "sudo-i" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1496 +#: sssd.conf.5.xml:1497 msgid "gnome-screensaver" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1504 +#: sssd.conf.5.xml:1505 msgid "p11_wait_for_card_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1507 +#: sssd.conf.5.xml:1508 msgid "" "If Smartcard authentication is required how many extra seconds in addition " "to p11_child_timeout should the PAM responder wait until a Smartcard is " @@ -1925,23 +1925,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1518 +#: sssd.conf.5.xml:1519 msgid "p11_uri (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1521 +#: sssd.conf.5.xml:1522 msgid "" "PKCS#11 URI (see RFC-7512 for details) which can be used to restrict the " "selection of devices used for Smartcard authentication. By default SSSD's " "p11_child will search for a PKCS#11 slot (reader) where the 'removable' " "flags is set and read the certificates from the inserted token from the " -"first slot found. If multiple readers are connected p11_uri can be use to " +"first slot found. If multiple readers are connected p11_uri can be used to " "tell p11_child to use a specific reader." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1534 +#: sssd.conf.5.xml:1535 #, no-wrap msgid "" "p11_uri = slot-description=My%20Smartcar%20Reader\n" @@ -1949,7 +1949,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1538 +#: sssd.conf.5.xml:1539 #, no-wrap msgid "" "p11_uri = library-description=OpenSC%20smartcard%20framework;slot-id=2\n" @@ -1957,7 +1957,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1532 +#: sssd.conf.5.xml:1533 msgid "" "Example: <placeholder type=\"programlisting\" id=\"0\"/> or <placeholder " "type=\"programlisting\" id=\"1\"/> To find suitable URI please check the " @@ -1966,12 +1966,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1554 +#: sssd.conf.5.xml:1555 msgid "SUDO configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1556 +#: sssd.conf.5.xml:1557 msgid "" "These options can be used to configure the sudo service. The detailed " "instructions for configuration of <citerefentry> <refentrytitle>sudo</" @@ -1982,24 +1982,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1573 +#: sssd.conf.5.xml:1574 msgid "sudo_timed (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1576 +#: sssd.conf.5.xml:1577 msgid "" "Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " "that implement time-dependent sudoers entries." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1588 +#: sssd.conf.5.xml:1589 msgid "sudo_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1591 +#: sssd.conf.5.xml:1592 msgid "" "Maximum number of expired rules that can be refreshed at once. If number of " "expired rules is below threshold, those rules are refreshed with " @@ -2009,22 +2009,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1610 +#: sssd.conf.5.xml:1611 msgid "AUTOFS configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1612 +#: sssd.conf.5.xml:1613 msgid "These options can be used to configure the autofs service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1616 +#: sssd.conf.5.xml:1617 msgid "autofs_negative_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1619 +#: sssd.conf.5.xml:1620 msgid "" "Specifies for how many seconds should the autofs responder negative cache " "hits (that is, queries for invalid map entries, like nonexistent ones) " @@ -2032,51 +2032,51 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1635 +#: sssd.conf.5.xml:1636 msgid "SSH configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1637 +#: sssd.conf.5.xml:1638 msgid "These options can be used to configure the SSH service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1641 +#: sssd.conf.5.xml:1642 msgid "ssh_hash_known_hosts (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1644 +#: sssd.conf.5.xml:1645 msgid "" "Whether or not to hash host names and addresses in the managed known_hosts " "file." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1653 +#: sssd.conf.5.xml:1654 msgid "ssh_known_hosts_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1656 +#: sssd.conf.5.xml:1657 msgid "" "How many seconds to keep a host in the managed known_hosts file after its " "host keys were requested." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1660 +#: sssd.conf.5.xml:1661 msgid "Default: 180" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1665 +#: sssd.conf.5.xml:1666 msgid "ssh_use_certificate_keys (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1668 +#: sssd.conf.5.xml:1669 msgid "" "If set to true the <command>sss_ssh_authorizedkeys</command> will return ssh " "keys derived from the public key of X.509 certificates stored in the user " @@ -2085,24 +2085,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1683 +#: sssd.conf.5.xml:1684 msgid "ca_db (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1686 +#: sssd.conf.5.xml:1687 msgid "" "Path to a storage of trusted CA certificates. The option is used to validate " "user certificates before deriving public ssh keys from them." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1714 +#: sssd.conf.5.xml:1715 msgid "PAC responder configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1716 +#: sssd.conf.5.xml:1717 msgid "" "The PAC responder works together with the authorization data plugin for MIT " "Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the " @@ -2113,7 +2113,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1725 +#: sssd.conf.5.xml:1726 msgid "" "If the remote user does not exist in the cache, it is created. The UID is " "determined with the help of the SID, trusted domains will have UPGs and the " @@ -2124,24 +2124,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1733 +#: sssd.conf.5.xml:1734 msgid "" "If there are SIDs of groups from domains sssd knows about, the user will be " "added to those groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1739 +#: sssd.conf.5.xml:1740 msgid "These options can be used to configure the PAC responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1743 sssd-ifp.5.xml:50 +#: sssd.conf.5.xml:1744 sssd-ifp.5.xml:50 msgid "allowed_uids (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1746 +#: sssd.conf.5.xml:1747 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to access the PAC responder. User names are resolved to UIDs at " @@ -2149,12 +2149,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1752 +#: sssd.conf.5.xml:1753 msgid "Default: 0 (only the root user is allowed to access the PAC responder)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1756 +#: sssd.conf.5.xml:1757 msgid "" "Please note that although the UID 0 is used as the default it will be " "overwritten with this option. If you still want to allow the root user to " @@ -2163,24 +2163,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1765 +#: sssd.conf.5.xml:1766 msgid "pac_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1768 +#: sssd.conf.5.xml:1769 msgid "" "Lifetime of the PAC entry in seconds. As long as the PAC is valid the PAC " "data can be used to determine the group memberships of a user." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1781 +#: sssd.conf.5.xml:1782 msgid "Session recording configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1783 +#: sssd.conf.5.xml:1784 msgid "" "Session recording works in conjunction with <citerefentry> " "<refentrytitle>tlog-rec-session</refentrytitle> <manvolnum>8</manvolnum> </" @@ -2190,66 +2190,66 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1796 +#: sssd.conf.5.xml:1797 msgid "These options can be used to configure session recording." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1800 sssd-session-recording.5.xml:64 +#: sssd.conf.5.xml:1801 sssd-session-recording.5.xml:64 msgid "scope (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1807 sssd-session-recording.5.xml:71 +#: sssd.conf.5.xml:1808 sssd-session-recording.5.xml:71 msgid "\"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1810 sssd-session-recording.5.xml:74 +#: sssd.conf.5.xml:1811 sssd-session-recording.5.xml:74 msgid "No users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1815 sssd-session-recording.5.xml:79 +#: sssd.conf.5.xml:1816 sssd-session-recording.5.xml:79 msgid "\"some\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1818 sssd-session-recording.5.xml:82 +#: sssd.conf.5.xml:1819 sssd-session-recording.5.xml:82 msgid "" "Users/groups specified by <replaceable>users</replaceable> and " "<replaceable>groups</replaceable> options are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1827 sssd-session-recording.5.xml:91 +#: sssd.conf.5.xml:1828 sssd-session-recording.5.xml:91 msgid "\"all\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1830 sssd-session-recording.5.xml:94 +#: sssd.conf.5.xml:1831 sssd-session-recording.5.xml:94 msgid "All users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1803 sssd-session-recording.5.xml:67 +#: sssd.conf.5.xml:1804 sssd-session-recording.5.xml:67 msgid "" "One of the following strings specifying the scope of session recording: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1837 sssd-session-recording.5.xml:101 +#: sssd.conf.5.xml:1838 sssd-session-recording.5.xml:101 msgid "Default: \"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1842 sssd-session-recording.5.xml:106 +#: sssd.conf.5.xml:1843 sssd-session-recording.5.xml:106 msgid "users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1845 sssd-session-recording.5.xml:109 +#: sssd.conf.5.xml:1846 sssd-session-recording.5.xml:109 msgid "" "A comma-separated list of users which should have session recording enabled. " "Matches user names as returned by NSS. I.e. after the possible space " @@ -2257,17 +2257,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1851 sssd-session-recording.5.xml:115 +#: sssd.conf.5.xml:1852 sssd-session-recording.5.xml:115 msgid "Default: Empty. Matches no users." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1856 sssd-session-recording.5.xml:120 +#: sssd.conf.5.xml:1857 sssd-session-recording.5.xml:120 msgid "groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1859 sssd-session-recording.5.xml:123 +#: sssd.conf.5.xml:1860 sssd-session-recording.5.xml:123 msgid "" "A comma-separated list of groups, members of which should have session " "recording enabled. Matches group names as returned by NSS. I.e. after the " @@ -2275,7 +2275,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1865 sssd-session-recording.5.xml:129 +#: sssd.conf.5.xml:1866 sssd-session-recording.5.xml:129 msgid "" "NOTE: using this option (having it set to anything) has a considerable " "performance cost, because each uncached request for a user requires " @@ -2283,22 +2283,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1872 sssd-session-recording.5.xml:136 +#: sssd.conf.5.xml:1873 sssd-session-recording.5.xml:136 msgid "Default: Empty. Matches no groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1882 +#: sssd.conf.5.xml:1883 msgid "DOMAIN SECTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1889 +#: sssd.conf.5.xml:1890 msgid "domain_type (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1892 +#: sssd.conf.5.xml:1893 msgid "" "Specifies whether the domain is meant to be used by POSIX-aware clients such " "as the Name Service Switch or by applications that do not need POSIX data to " @@ -2307,14 +2307,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1900 +#: sssd.conf.5.xml:1901 msgid "" "Allowed values for this option are <quote>posix</quote> and " "<quote>application</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1904 +#: sssd.conf.5.xml:1905 msgid "" "POSIX domains are reachable by all services. Application domains are only " "reachable from the InfoPipe responder (see <citerefentry> " @@ -2323,38 +2323,38 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1912 +#: sssd.conf.5.xml:1913 msgid "" "NOTE: The application domains are currently well tested with " "<quote>id_provider=ldap</quote> only." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1916 +#: sssd.conf.5.xml:1917 msgid "" "For an easy way to configure a non-POSIX domains, please see the " "<quote>Application domains</quote> section." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1920 +#: sssd.conf.5.xml:1921 msgid "Default: posix" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1926 +#: sssd.conf.5.xml:1927 msgid "min_id,max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1929 +#: sssd.conf.5.xml:1930 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1934 +#: sssd.conf.5.xml:1935 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For non-" @@ -2363,24 +2363,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1941 +#: sssd.conf.5.xml:1942 msgid "" "These ID limits affect even saving entries to cache, not only returning them " "by name or ID." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1945 +#: sssd.conf.5.xml:1946 msgid "Default: 1 for min_id, 0 (no limit) for max_id" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1951 +#: sssd.conf.5.xml:1952 msgid "enumerate (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1954 +#: sssd.conf.5.xml:1955 msgid "" "Determines if a domain can be enumerated, that is, whether the domain can " "list all the users and group it contains. Note that it is not required to " @@ -2389,29 +2389,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1962 +#: sssd.conf.5.xml:1963 msgid "TRUE = Users and groups are enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1965 +#: sssd.conf.5.xml:1966 msgid "FALSE = No enumerations for this domain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1968 sssd.conf.5.xml:2190 sssd.conf.5.xml:2365 +#: sssd.conf.5.xml:1969 sssd.conf.5.xml:2191 sssd.conf.5.xml:2366 msgid "Default: FALSE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1971 +#: sssd.conf.5.xml:1972 msgid "" "Enumerating a domain requires SSSD to download and store ALL user and group " "entries from the remote server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1976 +#: sssd.conf.5.xml:1977 msgid "" "Note: Enabling enumeration has a moderate performance impact on SSSD while " "enumeration is running. It may take up to several minutes after SSSD startup " @@ -2425,14 +2425,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1991 +#: sssd.conf.5.xml:1992 msgid "" "While the first enumeration is running, requests for the complete user or " "group lists may return no results until it completes." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1996 +#: sssd.conf.5.xml:1997 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " @@ -2441,39 +2441,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2004 +#: sssd.conf.5.xml:2005 msgid "" "For the reasons cited above, enabling enumeration is not recommended, " "especially in large environments." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2012 +#: sssd.conf.5.xml:2013 msgid "subdomain_enumerate (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2019 +#: sssd.conf.5.xml:2020 msgid "all" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2020 +#: sssd.conf.5.xml:2021 msgid "All discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2023 +#: sssd.conf.5.xml:2024 msgid "none" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2024 +#: sssd.conf.5.xml:2025 msgid "No discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2015 +#: sssd.conf.5.xml:2016 msgid "" "Whether any of autodetected trusted domains should be enumerated. The " "supported values are: <placeholder type=\"variablelist\" id=\"0\"/> " @@ -2482,19 +2482,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2038 +#: sssd.conf.5.xml:2039 msgid "entry_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2041 +#: sssd.conf.5.xml:2042 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2045 +#: sssd.conf.5.xml:2046 msgid "" "The cache expiration timestamps are stored as attributes of individual " "objects in the cache. Therefore, changing the cache timeout only has effect " @@ -2505,151 +2505,151 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2058 +#: sssd.conf.5.xml:2059 msgid "Default: 5400" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2064 +#: sssd.conf.5.xml:2065 msgid "entry_cache_user_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2067 +#: sssd.conf.5.xml:2068 msgid "" "How many seconds should nss_sss consider user entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2071 sssd.conf.5.xml:2084 sssd.conf.5.xml:2097 -#: sssd.conf.5.xml:2110 sssd.conf.5.xml:2123 sssd.conf.5.xml:2137 -#: sssd.conf.5.xml:2151 +#: sssd.conf.5.xml:2072 sssd.conf.5.xml:2085 sssd.conf.5.xml:2098 +#: sssd.conf.5.xml:2111 sssd.conf.5.xml:2124 sssd.conf.5.xml:2138 +#: sssd.conf.5.xml:2152 msgid "Default: entry_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2077 +#: sssd.conf.5.xml:2078 msgid "entry_cache_group_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2080 +#: sssd.conf.5.xml:2081 msgid "" "How many seconds should nss_sss consider group entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2090 +#: sssd.conf.5.xml:2091 msgid "entry_cache_netgroup_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2093 +#: sssd.conf.5.xml:2094 msgid "" "How many seconds should nss_sss consider netgroup entries valid before " "asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2103 +#: sssd.conf.5.xml:2104 msgid "entry_cache_service_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2106 +#: sssd.conf.5.xml:2107 msgid "" "How many seconds should nss_sss consider service entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2116 +#: sssd.conf.5.xml:2117 msgid "entry_cache_sudo_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2119 +#: sssd.conf.5.xml:2120 msgid "" "How many seconds should sudo consider rules valid before asking the backend " "again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2129 +#: sssd.conf.5.xml:2130 msgid "entry_cache_autofs_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2132 +#: sssd.conf.5.xml:2133 msgid "" "How many seconds should the autofs service consider automounter maps valid " "before asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2143 +#: sssd.conf.5.xml:2144 msgid "entry_cache_ssh_host_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2146 +#: sssd.conf.5.xml:2147 msgid "" "How many seconds to keep a host ssh key after refresh. IE how long to cache " "the host key for." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2157 +#: sssd.conf.5.xml:2158 msgid "refresh_expired_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2160 +#: sssd.conf.5.xml:2161 msgid "" "Specifies how many seconds SSSD has to wait before triggering a background " "refresh task which will refresh all expired or nearly expired records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2165 +#: sssd.conf.5.xml:2166 msgid "" "The background refresh will process users, groups and netgroups in the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2169 +#: sssd.conf.5.xml:2170 msgid "You can consider setting this value to 3/4 * entry_cache_timeout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2173 sssd-ldap.5.xml:746 sssd-ipa.5.xml:254 +#: sssd.conf.5.xml:2174 sssd-ldap.5.xml:784 sssd-ipa.5.xml:254 msgid "Default: 0 (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2179 +#: sssd.conf.5.xml:2180 msgid "cache_credentials (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2182 +#: sssd.conf.5.xml:2183 msgid "Determines if user credentials are also cached in the local LDB cache" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2186 +#: sssd.conf.5.xml:2187 msgid "User credentials are stored in a SHA512 hash, not in plaintext" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2196 +#: sssd.conf.5.xml:2197 msgid "cache_credentials_minimal_first_factor_length (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2199 +#: sssd.conf.5.xml:2200 msgid "" "If 2-Factor-Authentication (2FA) is used and credentials should be saved " "this value determines the minimal length the first authentication factor " @@ -2657,24 +2657,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2206 +#: sssd.conf.5.xml:2207 msgid "" "This should avoid that the short PINs of a PIN based 2FA scheme are saved in " "the cache which would make them easy targets for brute-force attacks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2211 +#: sssd.conf.5.xml:2212 msgid "Default: 8" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2217 +#: sssd.conf.5.xml:2218 msgid "account_cache_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2220 +#: sssd.conf.5.xml:2221 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " @@ -2683,17 +2683,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2227 +#: sssd.conf.5.xml:2228 msgid "Default: 0 (unlimited)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2232 +#: sssd.conf.5.xml:2233 msgid "pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2243 +#: sssd.conf.5.xml:2244 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -2702,34 +2702,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2250 +#: sssd.conf.5.xml:2251 msgid "Default: 7 (Kerberos), 0 (LDAP)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2256 +#: sssd.conf.5.xml:2257 msgid "id_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2259 +#: sssd.conf.5.xml:2260 msgid "" "The identification provider used for the domain. Supported ID providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2263 +#: sssd.conf.5.xml:2264 msgid "<quote>proxy</quote>: Support a legacy NSS provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2266 +#: sssd.conf.5.xml:2267 msgid "" "<quote>local</quote>: SSSD internal provider for local users (DEPRECATED)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2270 +#: sssd.conf.5.xml:2271 msgid "" "<quote>files</quote>: FILES provider. See <citerefentry> <refentrytitle>sssd-" "files</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -2737,7 +2737,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2278 +#: sssd.conf.5.xml:2279 msgid "" "<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -2745,8 +2745,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2286 sssd.conf.5.xml:2391 sssd.conf.5.xml:2446 -#: sssd.conf.5.xml:2509 +#: sssd.conf.5.xml:2287 sssd.conf.5.xml:2392 sssd.conf.5.xml:2447 +#: sssd.conf.5.xml:2510 msgid "" "<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management " "provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " @@ -2755,8 +2755,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2295 sssd.conf.5.xml:2400 sssd.conf.5.xml:2455 -#: sssd.conf.5.xml:2518 +#: sssd.conf.5.xml:2296 sssd.conf.5.xml:2401 sssd.conf.5.xml:2456 +#: sssd.conf.5.xml:2519 msgid "" "<quote>ad</quote>: Active Directory provider. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2764,19 +2764,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2306 +#: sssd.conf.5.xml:2307 msgid "use_fully_qualified_names (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2309 +#: sssd.conf.5.xml:2310 msgid "" "Use the full name and domain (as formatted by the domain's full_name_format) " "as the user's login name reported to NSS." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2314 +#: sssd.conf.5.xml:2315 msgid "" "If set to TRUE, all requests to this domain must use fully qualified names. " "For example, if used in LOCAL domain that contains a \"test\" user, " @@ -2785,7 +2785,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2322 +#: sssd.conf.5.xml:2323 msgid "" "NOTE: This option has no effect on netgroup lookups due to their tendency to " "include nested netgroups without qualified names. For netgroups, all domains " @@ -2793,22 +2793,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2329 +#: sssd.conf.5.xml:2330 msgid "Default: FALSE (TRUE if default_domain_suffix is used)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2335 +#: sssd.conf.5.xml:2336 msgid "ignore_group_members (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2338 +#: sssd.conf.5.xml:2339 msgid "Do not return group members for group lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2341 +#: sssd.conf.5.xml:2342 msgid "" "If set to TRUE, the group membership attribute is not requested from the " "ldap server, and group members are not returned when processing group lookup " @@ -2820,7 +2820,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2359 +#: sssd.conf.5.xml:2360 msgid "" "Enabling this option can also make access provider checks for group " "membership significantly faster, especially for groups containing many " @@ -2828,19 +2828,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2370 +#: sssd.conf.5.xml:2371 msgid "auth_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2373 +#: sssd.conf.5.xml:2374 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2377 sssd.conf.5.xml:2439 +#: sssd.conf.5.xml:2378 sssd.conf.5.xml:2440 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2848,7 +2848,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2384 +#: sssd.conf.5.xml:2385 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2856,35 +2856,35 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2408 +#: sssd.conf.5.xml:2409 msgid "" "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2411 +#: sssd.conf.5.xml:2412 msgid "<quote>local</quote>: SSSD internal provider for local users" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2415 +#: sssd.conf.5.xml:2416 msgid "<quote>none</quote> disables authentication explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2418 +#: sssd.conf.5.xml:2419 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2424 +#: sssd.conf.5.xml:2425 msgid "access_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2427 +#: sssd.conf.5.xml:2428 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " @@ -2892,19 +2892,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2433 +#: sssd.conf.5.xml:2434 msgid "" "<quote>permit</quote> always allow access. It's the only permitted access " "provider for a local domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2436 +#: sssd.conf.5.xml:2437 msgid "<quote>deny</quote> always deny access." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2463 +#: sssd.conf.5.xml:2464 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" @@ -2913,7 +2913,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2470 +#: sssd.conf.5.xml:2471 msgid "" "<quote>krb5</quote>: .k5login based access control. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum></" @@ -2921,29 +2921,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2477 +#: sssd.conf.5.xml:2478 msgid "<quote>proxy</quote> for relaying access control to another PAM module." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2480 +#: sssd.conf.5.xml:2481 msgid "Default: <quote>permit</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2485 +#: sssd.conf.5.xml:2486 msgid "chpass_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2488 +#: sssd.conf.5.xml:2489 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2493 +#: sssd.conf.5.xml:2494 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -2951,7 +2951,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2501 +#: sssd.conf.5.xml:2502 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2959,35 +2959,35 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2526 +#: sssd.conf.5.xml:2527 msgid "" "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2530 +#: sssd.conf.5.xml:2531 msgid "<quote>none</quote> disallows password changes explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2533 +#: sssd.conf.5.xml:2534 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2540 +#: sssd.conf.5.xml:2541 msgid "sudo_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2543 +#: sssd.conf.5.xml:2544 msgid "The SUDO provider used for the domain. Supported SUDO providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2547 +#: sssd.conf.5.xml:2548 msgid "" "<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2995,32 +2995,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2555 +#: sssd.conf.5.xml:2556 msgid "" "<quote>ipa</quote> the same as <quote>ldap</quote> but with IPA default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2559 +#: sssd.conf.5.xml:2560 msgid "" "<quote>ad</quote> the same as <quote>ldap</quote> but with AD default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2563 +#: sssd.conf.5.xml:2564 msgid "<quote>none</quote> disables SUDO explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2566 sssd.conf.5.xml:2652 sssd.conf.5.xml:2722 -#: sssd.conf.5.xml:2747 +#: sssd.conf.5.xml:2567 sssd.conf.5.xml:2653 sssd.conf.5.xml:2723 +#: sssd.conf.5.xml:2748 msgid "Default: The value of <quote>id_provider</quote> is used if it is set." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2570 +#: sssd.conf.5.xml:2571 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -3031,7 +3031,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2585 +#: sssd.conf.5.xml:2586 msgid "" "<emphasis>NOTE:</emphasis> Sudo rules are periodically downloaded in the " "background unless the sudo provider is explicitly disabled. Set " @@ -3040,12 +3040,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2595 +#: sssd.conf.5.xml:2596 msgid "selinux_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2598 +#: sssd.conf.5.xml:2599 msgid "" "The provider which should handle loading of selinux settings. Note that this " "provider will be called right after access provider ends. Supported selinux " @@ -3053,7 +3053,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2604 +#: sssd.conf.5.xml:2605 msgid "" "<quote>ipa</quote> to load selinux settings from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3061,31 +3061,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2612 +#: sssd.conf.5.xml:2613 msgid "<quote>none</quote> disallows fetching selinux settings explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2615 +#: sssd.conf.5.xml:2616 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "selinux loading requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2621 +#: sssd.conf.5.xml:2622 msgid "subdomains_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2624 +#: sssd.conf.5.xml:2625 msgid "" "The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider. Supported subdomain providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2630 +#: sssd.conf.5.xml:2631 msgid "" "<quote>ipa</quote> to load a list of subdomains from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3093,7 +3093,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2639 +#: sssd.conf.5.xml:2640 msgid "" "<quote>ad</quote> to load a list of subdomains from an Active Directory " "server. See <citerefentry> <refentrytitle>sssd-ad</refentrytitle> " @@ -3102,17 +3102,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2648 +#: sssd.conf.5.xml:2649 msgid "<quote>none</quote> disallows fetching subdomains explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2658 +#: sssd.conf.5.xml:2659 msgid "session_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2661 +#: sssd.conf.5.xml:2662 msgid "" "The provider which configures and manages user session related tasks. The " "only user session task currently provided is the integration with Fleet " @@ -3120,43 +3120,43 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2668 +#: sssd.conf.5.xml:2669 msgid "<quote>ipa</quote> to allow performing user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2672 +#: sssd.conf.5.xml:2673 msgid "" "<quote>none</quote> does not perform any kind of user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2676 +#: sssd.conf.5.xml:2677 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can perform " "session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2680 +#: sssd.conf.5.xml:2681 msgid "" "<emphasis>NOTE:</emphasis> In order to have this feature working as expected " "SSSD must be running as \"root\" and not as the unprivileged user." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2688 +#: sssd.conf.5.xml:2689 msgid "autofs_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2691 +#: sssd.conf.5.xml:2692 msgid "" "The autofs provider used for the domain. Supported autofs providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2695 +#: sssd.conf.5.xml:2696 msgid "" "<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3164,7 +3164,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2702 +#: sssd.conf.5.xml:2703 msgid "" "<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> " "<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3172,7 +3172,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2710 +#: sssd.conf.5.xml:2711 msgid "" "<quote>ad</quote> to load maps stored in an AD server. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3180,24 +3180,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2719 +#: sssd.conf.5.xml:2720 msgid "<quote>none</quote> disables autofs explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2729 +#: sssd.conf.5.xml:2730 msgid "hostid_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2732 +#: sssd.conf.5.xml:2733 msgid "" "The provider used for retrieving host identity information. Supported " "hostid providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2736 +#: sssd.conf.5.xml:2737 msgid "" "<quote>ipa</quote> to load host identity stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3205,12 +3205,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2744 +#: sssd.conf.5.xml:2745 msgid "<quote>none</quote> disables hostid explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2757 +#: sssd.conf.5.xml:2758 msgid "" "Regular expression for this domain that describes how to parse the string " "containing user name and domain into these components. The \"domain\" can " @@ -3220,7 +3220,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2766 +#: sssd.conf.5.xml:2767 msgid "" "Default for the AD and IPA provider: <quote>(((?P<domain>[^\\\\]+)\\" "\\(?P<name>.+$))|((?P<name>[^@]+)@(?P<domain>.+$))|(^(?" @@ -3230,29 +3230,29 @@ msgstr "" # auto translated by TM merge from project: Fedora Websites, version: fedorahosted.org, DocId: po/fedorahosted #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2771 +#: sssd.conf.5.xml:2772 msgid "username" msgstr "username" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2774 +#: sssd.conf.5.xml:2775 msgid "username@domain.name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2777 +#: sssd.conf.5.xml:2778 msgid "domain\\username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2780 +#: sssd.conf.5.xml:2781 msgid "" "While the first two correspond to the general default the third one is " "introduced to allow easy integration of users from Windows domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2785 +#: sssd.conf.5.xml:2786 msgid "" "Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " "which translates to \"the name is everything up to the <quote>@</quote> " @@ -3260,7 +3260,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2791 +#: sssd.conf.5.xml:2792 msgid "" "NOTE: Some Active Directory groups, typically those used for MS Exchange " "contain an <quote>@</quote> sign in the name, which clashes with the default " @@ -3270,59 +3270,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2842 +#: sssd.conf.5.xml:2843 msgid "Default: <quote>%1$s@%2$s</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2848 +#: sssd.conf.5.xml:2849 msgid "lookup_family_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2851 +#: sssd.conf.5.xml:2852 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2855 +#: sssd.conf.5.xml:2856 msgid "Supported values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2858 +#: sssd.conf.5.xml:2859 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2861 +#: sssd.conf.5.xml:2862 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2864 +#: sssd.conf.5.xml:2865 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2867 +#: sssd.conf.5.xml:2868 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2870 +#: sssd.conf.5.xml:2871 msgid "Default: ipv4_first" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2876 +#: sssd.conf.5.xml:2877 msgid "dns_resolver_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2879 +#: sssd.conf.5.xml:2880 msgid "" "Defines the amount of time (in seconds) to wait for a reply from the " "internal fail over service before assuming that the service is unreachable. " @@ -3331,77 +3331,77 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2886 +#: sssd.conf.5.xml:2887 msgid "" "Please see the section <quote>FAILOVER</quote> for more information about " "the service resolution." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2891 sssd-ldap.5.xml:1337 sssd-ldap.5.xml:1379 -#: sssd-ldap.5.xml:1397 sssd-krb5.5.xml:248 +#: sssd.conf.5.xml:2892 sssd-ldap.5.xml:1375 sssd-ldap.5.xml:1417 +#: sssd-ldap.5.xml:1435 sssd-krb5.5.xml:248 msgid "Default: 6" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2897 +#: sssd.conf.5.xml:2898 msgid "dns_discovery_domain (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2900 +#: sssd.conf.5.xml:2901 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2904 +#: sssd.conf.5.xml:2905 msgid "Default: Use the domain part of machine's hostname" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2910 +#: sssd.conf.5.xml:2911 msgid "override_gid (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2913 +#: sssd.conf.5.xml:2914 msgid "Override the primary GID value with the one specified." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2919 +#: sssd.conf.5.xml:2920 msgid "case_sensitive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2930 +#: sssd.conf.5.xml:2931 msgid "True" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2933 +#: sssd.conf.5.xml:2934 msgid "Case sensitive. This value is invalid for AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2939 +#: sssd.conf.5.xml:2940 msgid "False" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2941 +#: sssd.conf.5.xml:2942 msgid "Case insensitive." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2945 +#: sssd.conf.5.xml:2946 msgid "Preserving" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2948 +#: sssd.conf.5.xml:2949 msgid "" "Same as False (case insensitive), but does not lowercase names in the result " "of NSS operations. Note that name aliases (and in case of services also " @@ -3409,7 +3409,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2922 +#: sssd.conf.5.xml:2923 msgid "" "Treat user and group names as case sensitive. <phrase condition=" "\"enable_local_provider\"> At the moment, this option is not supported in " @@ -3418,17 +3418,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2960 +#: sssd.conf.5.xml:2961 msgid "Default: True (False for AD provider)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2966 +#: sssd.conf.5.xml:2967 msgid "subdomain_inherit (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2969 +#: sssd.conf.5.xml:2970 msgid "" "Specifies a list of configuration parameters that should be inherited by a " "subdomain. Please note that only selected parameters can be inherited. " @@ -3436,34 +3436,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2975 +#: sssd.conf.5.xml:2976 msgid "ignore_group_members" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2978 +#: sssd.conf.5.xml:2979 msgid "ldap_purge_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2981 sssd-ldap.5.xml:1061 +#: sssd.conf.5.xml:2982 sssd-ldap.5.xml:1099 msgid "ldap_use_tokengroups" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2984 +#: sssd.conf.5.xml:2985 msgid "ldap_user_principal" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2987 +#: sssd.conf.5.xml:2988 msgid "" "ldap_krb5_keytab (the value of krb5_keytab will be used if ldap_krb5_keytab " "is not set explicitly)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:2993 +#: sssd.conf.5.xml:2994 #, no-wrap msgid "" "subdomain_inherit = ldap_purge_cache_timeout\n" @@ -3471,32 +3471,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2991 sssd-secrets.5.xml:448 +#: sssd.conf.5.xml:2992 sssd-secrets.5.xml:448 msgid "Example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3000 +#: sssd.conf.5.xml:3001 msgid "Note: This option only works with the IPA and AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3007 +#: sssd.conf.5.xml:3008 msgid "subdomain_homedir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3018 +#: sssd.conf.5.xml:3019 msgid "%F" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3019 +#: sssd.conf.5.xml:3020 msgid "flat (NetBIOS) name of a subdomain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3010 +#: sssd.conf.5.xml:3011 msgid "" "Use this homedir as default value for all subdomains within this domain in " "IPA AD trust. See <emphasis>override_homedir</emphasis> for info about " @@ -3506,47 +3506,55 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3024 +#: sssd.conf.5.xml:3025 msgid "" "The value can be overridden by <emphasis>override_homedir</emphasis> option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3028 +#: sssd.conf.5.xml:3029 msgid "Default: <filename>/home/%d/%u</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3033 +#: sssd.conf.5.xml:3034 msgid "realmd_tags (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3036 +#: sssd.conf.5.xml:3037 msgid "" "Various tags stored by the realmd configuration service for this domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3042 +#: sssd.conf.5.xml:3043 msgid "cached_auth_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3045 +#: sssd.conf.5.xml:3046 msgid "" "Specifies time in seconds since last successful online authentication for " "which user will be authenticated using cached credentials while SSSD is in " -"the online mode." +"the online mode. If the credentials are incorrect, SSSD falls back to online " +"authentication." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3051 +#: sssd.conf.5.xml:3054 +msgid "" +"This option's value is inherited by all trusted domains. At the moment it is " +"not possible to set a different value per trusted domain." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3059 msgid "Special value 0 implies that this feature is disabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3055 +#: sssd.conf.5.xml:3063 msgid "" "Please note that if <quote>cached_auth_timeout</quote> is longer than " "<quote>pam_id_timeout</quote> then the back end could be called to handle " @@ -3554,43 +3562,115 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3066 +#: sssd.conf.5.xml:3074 msgid "auto_private_groups (string)" msgstr "" -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3069 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3080 +msgid "true" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3083 +msgid "" +"Create user's private group unconditionally from user's UID number. The GID " +"number is ignored in this case." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3087 +msgid "" +"NOTE: Because the GID number and the user private group are inferred from " +"the UID number, it is not supported to have multiple entries with the same " +"UID or GID number with this option. In other words, enabling this option " +"enforces uniqueness across the ID space." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3096 +msgid "false" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3099 +msgid "" +"Always use the user's primary GID number. The GID number must refer to a " +"group object in the LDAP database." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3105 +msgid "hybrid" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3108 +msgid "" +"A primary group is autogenerated for user entries whose UID and GID numbers " +"have the same value and at the same time the GID number does not correspond " +"to a real group object in LDAP If the values are the same, but the primary " +"GID in the user entry is also used by a group object, the primary GID of the " +"user resolves to that group object." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3121 msgid "" -"If this option is enabled, SSSD will automatically create user private " -"groups based on user's UID number. The GID number is ignored in this case." +"If the UID and GID of a user are different, then the GID must correspond to " +"a group entry, otherwise the GID is simply not resolvable." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3128 +msgid "" +"This feature is useful for environments that wish to stop maintaining a " +"separate group objects for the user private groups, but also wish to retain " +"the existing user private groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3074 +#: sssd.conf.5.xml:3077 msgid "" -"For POSIX subdomains, setting the option in the main domain is inherited in " -"the subdomain." +"This option takes any of three available values: <placeholder type=" +"\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3078 +#: sssd.conf.5.xml:3140 +msgid "" +"For subdomains, the default value is False for subdomains that use assigned " +"POSIX IDs and True for subdomains that use automatic ID-mapping." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd.conf.5.xml:3148 +#, no-wrap +msgid "" +"[domain/forest.domain/sub.domain]\n" +"auto_private_groups = false\n" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd.conf.5.xml:3154 +#, no-wrap msgid "" -"For ID-mapping subdomains, auto_private_groups is already enabled for the " -"subdomains and setting it to false will not have any effect for the " -"subdomain." +"[domain/forest.domain]\n" +"subdomain_inherit = auto_private_groups\n" +"auto_private_groups = false\n" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3083 +#: sssd.conf.5.xml:3145 msgid "" -"NOTE: Because the GID number and the user private group are inferred from " -"the UID number, it is not supported to have multiple entries with the same " -"UID or GID number with this option. In other words, enabling this option " -"enforces uniqueness across the ID space." +"The value of auto_private_groups can either be set per subdomains in a " +"subsection, for example: <placeholder type=\"programlisting\" id=\"0\"/> or " +"globally for all subdomains in the main domain section using the " +"subdomain_inherit option: <placeholder type=\"programlisting\" id=\"1\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1884 +#: sssd.conf.5.xml:1885 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called <quote>[domain/<replaceable>NAME</" @@ -3598,29 +3678,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3102 +#: sssd.conf.5.xml:3169 msgid "proxy_pam_target (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3105 +#: sssd.conf.5.xml:3172 msgid "The proxy target PAM proxies to." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3108 +#: sssd.conf.5.xml:3175 msgid "" "Default: not set by default, you have to take an existing pam configuration " "or create a new one and add the service name here." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3116 +#: sssd.conf.5.xml:3183 msgid "proxy_lib_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3119 +#: sssd.conf.5.xml:3186 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " @@ -3628,12 +3708,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3129 +#: sssd.conf.5.xml:3196 msgid "proxy_fast_alias (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3132 +#: sssd.conf.5.xml:3199 msgid "" "When a user or group is looked up by name in the proxy provider, a second " "lookup by ID is performed to \"canonicalize\" the name in case the requested " @@ -3642,12 +3722,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3146 +#: sssd.conf.5.xml:3213 msgid "proxy_max_children (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3149 +#: sssd.conf.5.xml:3216 msgid "" "This option specifies the number of pre-forked proxy children. It is useful " "for high-load SSSD environments where sssd may run out of available child " @@ -3655,19 +3735,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3098 +#: sssd.conf.5.xml:3165 msgid "" "Options valid for proxy domains. <placeholder type=\"variablelist\" id=" "\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:3165 +#: sssd.conf.5.xml:3232 msgid "Application domains" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3167 +#: sssd.conf.5.xml:3234 msgid "" "SSSD, with its D-Bus interface (see <citerefentry> <refentrytitle>sssd-ifp</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry>) is appealing to " @@ -3684,7 +3764,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3187 +#: sssd.conf.5.xml:3254 msgid "" "Please note that the application domain must still be explicitly enabled in " "the <quote>domains</quote> parameter so that the lookup order between the " @@ -3692,17 +3772,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:3193 +#: sssd.conf.5.xml:3260 msgid "Application domain parameters" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3195 +#: sssd.conf.5.xml:3262 msgid "inherit_from (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3198 +#: sssd.conf.5.xml:3265 msgid "" "The SSSD POSIX-type domain the application domain inherits all settings " "from. The application domain can moreover add its own settings to the " @@ -3711,7 +3791,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3212 +#: sssd.conf.5.xml:3279 msgid "" "The following example illustrates the use of an application domain. In this " "setup, the POSIX domain is connected to an LDAP server and is used by the OS " @@ -3721,7 +3801,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><programlisting> -#: sssd.conf.5.xml:3220 +#: sssd.conf.5.xml:3287 #, no-wrap msgid "" "[sssd]\n" @@ -3741,12 +3821,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:3238 +#: sssd.conf.5.xml:3305 msgid "The local domain section" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3240 +#: sssd.conf.5.xml:3307 msgid "" "This section contains settings for domain that stores users and groups in " "SSSD native database, that is, a domain that uses " @@ -3754,73 +3834,73 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3247 +#: sssd.conf.5.xml:3314 msgid "default_shell (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3250 +#: sssd.conf.5.xml:3317 msgid "The default shell for users created with SSSD userspace tools." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3254 +#: sssd.conf.5.xml:3321 msgid "Default: <filename>/bin/bash</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3259 +#: sssd.conf.5.xml:3326 msgid "base_directory (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3262 +#: sssd.conf.5.xml:3329 msgid "" "The tools append the login name to <replaceable>base_directory</replaceable> " "and use that as the home directory." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3267 +#: sssd.conf.5.xml:3334 msgid "Default: <filename>/home</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3272 +#: sssd.conf.5.xml:3339 msgid "create_homedir (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3275 +#: sssd.conf.5.xml:3342 msgid "" "Indicate if a home directory should be created by default for new users. " "Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3279 sssd.conf.5.xml:3291 +#: sssd.conf.5.xml:3346 sssd.conf.5.xml:3358 msgid "Default: TRUE" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3284 +#: sssd.conf.5.xml:3351 msgid "remove_homedir (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3287 +#: sssd.conf.5.xml:3354 msgid "" "Indicate if a home directory should be removed by default for deleted " "users. Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3296 +#: sssd.conf.5.xml:3363 msgid "homedir_umask (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3299 +#: sssd.conf.5.xml:3366 msgid "" "Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " @@ -3828,17 +3908,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3307 +#: sssd.conf.5.xml:3374 msgid "Default: 077" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3312 +#: sssd.conf.5.xml:3379 msgid "skel_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3315 +#: sssd.conf.5.xml:3382 msgid "" "The skeleton directory, which contains files and directories to be copied in " "the user's home directory, when the home directory is created by " @@ -3847,17 +3927,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3325 +#: sssd.conf.5.xml:3392 msgid "Default: <filename>/etc/skel</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3330 +#: sssd.conf.5.xml:3397 msgid "mail_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3333 +#: sssd.conf.5.xml:3400 msgid "" "The mail spool directory. This is needed to manipulate the mailbox when its " "corresponding user account is modified or deleted. If not specified, a " @@ -3865,17 +3945,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3340 +#: sssd.conf.5.xml:3407 msgid "Default: <filename>/var/mail</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3345 +#: sssd.conf.5.xml:3412 msgid "userdel_cmd (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3348 +#: sssd.conf.5.xml:3415 msgid "" "The command that is run after a user is removed. The command us passed the " "username of the user being removed as the first and only parameter. The " @@ -3883,17 +3963,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3354 +#: sssd.conf.5.xml:3421 msgid "Default: None, no command is run" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3364 +#: sssd.conf.5.xml:3431 msgid "TRUSTED DOMAIN SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3366 +#: sssd.conf.5.xml:3433 msgid "" "Some options used in the domain section can also be used in the trusted " "domain section, that is, in a section called <quote>[domain/" @@ -3904,64 +3984,69 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3373 +#: sssd.conf.5.xml:3440 msgid "ldap_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3374 +#: sssd.conf.5.xml:3441 msgid "ldap_user_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3375 +#: sssd.conf.5.xml:3442 msgid "ldap_group_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3376 +#: sssd.conf.5.xml:3443 msgid "ldap_netgroup_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3377 +#: sssd.conf.5.xml:3444 msgid "ldap_service_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3378 +#: sssd.conf.5.xml:3445 +msgid "ldap_sasl_mech," +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:3446 msgid "ad_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3379 +#: sssd.conf.5.xml:3447 msgid "ad_backup_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3380 +#: sssd.conf.5.xml:3448 msgid "ad_site," msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3381 sssd-ipa.5.xml:797 +#: sssd.conf.5.xml:3449 sssd-ipa.5.xml:797 msgid "use_fully_qualified_names" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3383 +#: sssd.conf.5.xml:3451 msgid "" "For more details about these options see their individual description in the " "manual page." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3389 +#: sssd.conf.5.xml:3457 msgid "CERTIFICATE MAPPING SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3391 +#: sssd.conf.5.xml:3459 msgid "" "To allow authentication with Smartcards and certificates SSSD must be able " "to map certificates to users. This can be done by adding the full " @@ -3974,7 +4059,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3405 +#: sssd.conf.5.xml:3473 msgid "" "To make the mapping more flexible mapping and matching rules were added to " "SSSD (see <citerefentry> <refentrytitle>sss-certmap</refentrytitle> " @@ -3982,7 +4067,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3414 +#: sssd.conf.5.xml:3482 msgid "" "A mapping and matching rule can be added to the SSSD configuration in a " "section on its own with a name like <quote>[certmap/" @@ -3991,55 +4076,55 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3421 +#: sssd.conf.5.xml:3489 msgid "matchrule (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3424 +#: sssd.conf.5.xml:3492 msgid "" "Only certificates from the Smartcard which matches this rule will be " "processed, all others are ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3428 +#: sssd.conf.5.xml:3496 msgid "" "Default: KRB5:<EKU>clientAuth, i.e. only certificates which have the " "Extended Key Usage <quote>clientAuth</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3435 +#: sssd.conf.5.xml:3503 msgid "maprule (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3438 +#: sssd.conf.5.xml:3506 msgid "Defines how the user is found for a given certificate." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3444 +#: sssd.conf.5.xml:3512 msgid "" "LDAP:(userCertificate;binary={cert!bin}) for LDAP based providers like " "<quote>ldap</quote>, <quote>AD</quote> or <quote>ipa</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3450 +#: sssd.conf.5.xml:3518 msgid "" "The RULE_NAME for the <quote>files</quote> provider which tries to find a " "user with the same name." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3459 +#: sssd.conf.5.xml:3527 msgid "domains (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3462 +#: sssd.conf.5.xml:3530 msgid "" "Comma separated list of domain names the rule should be applied. By default " "a rule is only valid in the domain configured in sssd.conf. If the provider " @@ -4048,17 +4133,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3469 +#: sssd.conf.5.xml:3537 msgid "Default: the configured domain in sssd.conf" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3474 +#: sssd.conf.5.xml:3542 msgid "priority (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3477 +#: sssd.conf.5.xml:3545 msgid "" "Unsigned integer value defining the priority of the rule. The higher the " "number the lower the priority. <quote>0</quote> stands for the highest " @@ -4066,26 +4151,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3483 +#: sssd.conf.5.xml:3551 msgid "Default: the lowest priority" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3489 +#: sssd.conf.5.xml:3557 msgid "" "To make the configuration simple and reduce the amount of configuration " "options the <quote>files</quote> provider has some special properties:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3495 +#: sssd.conf.5.xml:3563 msgid "" "if maprule is not set the RULE_NAME name is assumed to be the name of the " "matching user" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3501 +#: sssd.conf.5.xml:3569 msgid "" "if a maprule is used both a single user name or a template like " "<quote>{subject_rfc822_name.short_name}</quote> must be in braces like e.g. " @@ -4094,17 +4179,127 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3510 +#: sssd.conf.5.xml:3578 msgid "the <quote>domains</quote> option is ignored" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3518 idmap_sss.8.xml:43 +#: sssd.conf.5.xml:3586 +msgid "PROMPTING CONFIGURATION SECTION" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:3588 +msgid "" +"If a special file (<filename>/var/lib/sss/pubconf/pam_preauth_available</" +"filename>) exists SSSD's PAM module pam_sss will ask SSSD to figure out " +"which authentication methods are available for the user trying to log in. " +"Based on the results pam_sss will prompt the user for appropriate " +"credentials." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:3596 +msgid "" +"With the growing number of authentication methods and the possibility that " +"there are multiple ones for a single user the heuristic used by pam_sss to " +"select the prompting might not be suitable for all use cases. To following " +"options should provide a better flexibility here." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3608 +msgid "[prompting/password]" +msgstr "" + +# auto translated by TM merge from project: FreeIPA, version: ipa-4-5, DocId: po/ipa +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3611 +#, fuzzy +#| msgid "password" +msgid "password_prompt" +msgstr "heslo" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3612 +msgid "to change the string of the password prompt" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3610 +msgid "" +"to configure password prompting, allowed options are: <placeholder type=" +"\"variablelist\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3620 +msgid "[prompting/2fa]" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3624 +msgid "first_prompt" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3625 +msgid "to change the string of the prompt for the first factor" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3628 +msgid "second_prompt" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3629 +msgid "to change the string of the prompt for the second factor" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3632 +msgid "single_prompt" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3633 +msgid "" +"boolean value, if True there will be only a single prompt using the value of " +"first_prompt where it is expected that both factor are entered as a single " +"string" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3622 +msgid "" +"to configure two-factor authentication prompting, allowed options are: " +"<placeholder type=\"variablelist\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:3603 +msgid "" +"Each supported authentication method has it's own configuration sub-section " +"under <quote>[prompting/...]</quote>. Currently there are: <placeholder type=" +"\"variablelist\" id=\"0\"/> <placeholder type=\"variablelist\" id=\"1\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:3645 +msgid "" +"It is possible to add a sub-section for specific PAM services like e.g. " +"<quote>[prompting/password/sshd]</quote> to individual change the prompting " +"for this service." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sssd.conf.5.xml:3652 idmap_sss.8.xml:43 msgid "EXAMPLES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3524 +#: sssd.conf.5.xml:3658 #, no-wrap msgid "" "[sssd]\n" @@ -4134,7 +4329,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3520 +#: sssd.conf.5.xml:3654 msgid "" "1. The following example shows a typical SSSD config. It does not describe " "configuration of the domains themselves - refer to documentation on " @@ -4143,7 +4338,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3557 +#: sssd.conf.5.xml:3691 #, no-wrap msgid "" "[domain/ipa.com/child.ad.com]\n" @@ -4151,7 +4346,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3551 +#: sssd.conf.5.xml:3685 msgid "" "2. The following example shows configuration of IPA AD trust where the AD " "forest consists of two domains in a parent-child structure. Suppose IPA " @@ -4162,7 +4357,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3571 +#: sssd.conf.5.xml:3705 #, no-wrap msgid "" "[certmap/my.domain/rule_name]\n" @@ -4176,7 +4371,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3562 +#: sssd.conf.5.xml:3696 msgid "" "3. The following example shows the configuration for two certificate mapping " "rules. The first is valid for the configured domain <quote>my.domain</quote> " @@ -4326,7 +4521,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:662 sssd-ad.5.xml:286 +#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:700 sssd-ad.5.xml:286 #: sss_override.8.xml:137 sss_override.8.xml:234 msgid "Examples:" msgstr "" @@ -4421,124 +4616,163 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:209 -msgid "ldap_default_bind_dn (string)" +msgid "ldap_pwmodify_mode (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:212 +msgid "Specify the operation that is used to modify user password." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:216 +msgid "Two modes are currently supported:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ldap.5.xml:220 +msgid "exop - Password Modify Extended Operation (RFC 3062)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ldap.5.xml:226 +msgid "ldap_modify - Direct modification of userPassword (not recommended)." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:233 +msgid "" +"Note: First, a new connection is established to verify current password by " +"binding as the user that requested password change. If successful, this " +"connection is used to change the password therefore the user must have write " +"access to userPassword attribute." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:241 +msgid "Default: exop" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:247 +msgid "ldap_default_bind_dn (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:250 msgid "The default bind DN to use for performing LDAP operations." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:219 +#: sssd-ldap.5.xml:257 msgid "ldap_default_authtok_type (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:222 +#: sssd-ldap.5.xml:260 msgid "The type of the authentication token of the default bind DN." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:226 +#: sssd-ldap.5.xml:264 msgid "The two mechanisms currently supported are:" msgstr "" # auto translated by TM merge from project: FreeIPA, version: ipa-4-5, DocId: po/ipa #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:229 +#: sssd-ldap.5.xml:267 msgid "password" msgstr "heslo" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:232 +#: sssd-ldap.5.xml:270 msgid "obfuscated_password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:235 +#: sssd-ldap.5.xml:273 msgid "Default: password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:241 +#: sssd-ldap.5.xml:279 msgid "ldap_default_authtok (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:244 +#: sssd-ldap.5.xml:282 msgid "" "The authentication token of the default bind DN. Only clear text passwords " "are currently supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:251 +#: sssd-ldap.5.xml:289 msgid "ldap_user_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:254 +#: sssd-ldap.5.xml:292 msgid "The object class of a user entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:257 +#: sssd-ldap.5.xml:295 msgid "Default: posixAccount" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:263 +#: sssd-ldap.5.xml:301 msgid "ldap_user_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:266 +#: sssd-ldap.5.xml:304 msgid "The LDAP attribute that corresponds to the user's login name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:270 +#: sssd-ldap.5.xml:308 msgid "Default: uid (rfc2307, rfc2307bis and IPA), sAMAccountName (AD)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:277 +#: sssd-ldap.5.xml:315 msgid "ldap_user_uid_number (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:280 +#: sssd-ldap.5.xml:318 msgid "The LDAP attribute that corresponds to the user's id." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:284 +#: sssd-ldap.5.xml:322 msgid "Default: uidNumber" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:290 +#: sssd-ldap.5.xml:328 msgid "ldap_user_gid_number (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:293 +#: sssd-ldap.5.xml:331 msgid "The LDAP attribute that corresponds to the user's primary group id." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:297 sssd-ldap.5.xml:929 +#: sssd-ldap.5.xml:335 sssd-ldap.5.xml:967 msgid "Default: gidNumber" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:303 +#: sssd-ldap.5.xml:341 msgid "ldap_user_primary_group (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:306 +#: sssd-ldap.5.xml:344 msgid "" "Active Directory primary group attribute for ID-mapping. Note that this " "attribute should only be set manually if you are running the <quote>ldap</" @@ -4546,113 +4780,113 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:312 +#: sssd-ldap.5.xml:350 msgid "Default: unset (LDAP), primaryGroupID (AD)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:318 +#: sssd-ldap.5.xml:356 msgid "ldap_user_gecos (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:321 +#: sssd-ldap.5.xml:359 msgid "The LDAP attribute that corresponds to the user's gecos field." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:325 +#: sssd-ldap.5.xml:363 msgid "Default: gecos" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:331 +#: sssd-ldap.5.xml:369 msgid "ldap_user_home_directory (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:334 +#: sssd-ldap.5.xml:372 msgid "The LDAP attribute that contains the name of the user's home directory." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:338 +#: sssd-ldap.5.xml:376 msgid "Default: homeDirectory" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:344 +#: sssd-ldap.5.xml:382 msgid "ldap_user_shell (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:347 +#: sssd-ldap.5.xml:385 msgid "The LDAP attribute that contains the path to the user's default shell." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:351 +#: sssd-ldap.5.xml:389 msgid "Default: loginShell" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:357 +#: sssd-ldap.5.xml:395 msgid "ldap_user_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:360 +#: sssd-ldap.5.xml:398 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:364 sssd-ldap.5.xml:955 +#: sssd-ldap.5.xml:402 sssd-ldap.5.xml:993 msgid "" "Default: not set in the general case, objectGUID for AD and ipaUniqueID for " "IPA" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:371 +#: sssd-ldap.5.xml:409 msgid "ldap_user_objectsid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:374 +#: sssd-ldap.5.xml:412 msgid "" "The LDAP attribute that contains the objectSID of an LDAP user object. This " "is usually only necessary for ActiveDirectory servers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:379 sssd-ldap.5.xml:970 +#: sssd-ldap.5.xml:417 sssd-ldap.5.xml:1008 msgid "Default: objectSid for ActiveDirectory, not set for other servers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:386 +#: sssd-ldap.5.xml:424 msgid "ldap_user_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:389 sssd-ldap.5.xml:980 sssd-ldap.5.xml:1144 +#: sssd-ldap.5.xml:427 sssd-ldap.5.xml:1018 sssd-ldap.5.xml:1182 msgid "" "The LDAP attribute that contains timestamp of the last modification of the " "parent object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:393 sssd-ldap.5.xml:984 sssd-ldap.5.xml:1151 +#: sssd-ldap.5.xml:431 sssd-ldap.5.xml:1022 sssd-ldap.5.xml:1189 msgid "Default: modifyTimestamp" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:399 +#: sssd-ldap.5.xml:437 msgid "ldap_user_shadow_last_change (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:402 +#: sssd-ldap.5.xml:440 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -4661,17 +4895,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:412 +#: sssd-ldap.5.xml:450 msgid "Default: shadowLastChange" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:418 +#: sssd-ldap.5.xml:456 msgid "ldap_user_shadow_min (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:421 +#: sssd-ldap.5.xml:459 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -4680,17 +4914,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:430 +#: sssd-ldap.5.xml:468 msgid "Default: shadowMin" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:436 +#: sssd-ldap.5.xml:474 msgid "ldap_user_shadow_max (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:439 +#: sssd-ldap.5.xml:477 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -4699,17 +4933,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:448 +#: sssd-ldap.5.xml:486 msgid "Default: shadowMax" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:454 +#: sssd-ldap.5.xml:492 msgid "ldap_user_shadow_warning (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:457 +#: sssd-ldap.5.xml:495 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -4718,17 +4952,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:467 +#: sssd-ldap.5.xml:505 msgid "Default: shadowWarning" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:473 +#: sssd-ldap.5.xml:511 msgid "ldap_user_shadow_inactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:476 +#: sssd-ldap.5.xml:514 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -4737,17 +4971,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:486 +#: sssd-ldap.5.xml:524 msgid "Default: shadowInactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:492 +#: sssd-ldap.5.xml:530 msgid "ldap_user_shadow_expire (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:495 +#: sssd-ldap.5.xml:533 msgid "" "When using ldap_pwd_policy=shadow or ldap_account_expire_policy=shadow, this " "parameter contains the name of an LDAP attribute corresponding to its " @@ -4756,17 +4990,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:505 +#: sssd-ldap.5.xml:543 msgid "Default: shadowExpire" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:511 +#: sssd-ldap.5.xml:549 msgid "ldap_user_krb_last_pwd_change (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:514 +#: sssd-ldap.5.xml:552 msgid "" "When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " "an LDAP attribute storing the date and time of last password change in " @@ -4774,155 +5008,155 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:520 +#: sssd-ldap.5.xml:558 msgid "Default: krbLastPwdChange" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:526 +#: sssd-ldap.5.xml:564 msgid "ldap_user_krb_password_expiration (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:529 +#: sssd-ldap.5.xml:567 msgid "" "When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " "an LDAP attribute storing the date and time when current password expires." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:535 +#: sssd-ldap.5.xml:573 msgid "Default: krbPasswordExpiration" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:541 +#: sssd-ldap.5.xml:579 msgid "ldap_user_ad_account_expires (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:544 +#: sssd-ldap.5.xml:582 msgid "" "When using ldap_account_expire_policy=ad, this parameter contains the name " "of an LDAP attribute storing the expiration time of the account." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:549 +#: sssd-ldap.5.xml:587 msgid "Default: accountExpires" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:555 +#: sssd-ldap.5.xml:593 msgid "ldap_user_ad_user_account_control (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:558 +#: sssd-ldap.5.xml:596 msgid "" "When using ldap_account_expire_policy=ad, this parameter contains the name " "of an LDAP attribute storing the user account control bit field." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:563 +#: sssd-ldap.5.xml:601 msgid "Default: userAccountControl" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:569 +#: sssd-ldap.5.xml:607 msgid "ldap_ns_account_lock (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:572 +#: sssd-ldap.5.xml:610 msgid "" "When using ldap_account_expire_policy=rhds or equivalent, this parameter " "determines if access is allowed or not." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:577 +#: sssd-ldap.5.xml:615 msgid "Default: nsAccountLock" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:583 +#: sssd-ldap.5.xml:621 msgid "ldap_user_nds_login_disabled (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:586 +#: sssd-ldap.5.xml:624 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines if " "access is allowed or not." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:590 sssd-ldap.5.xml:604 +#: sssd-ldap.5.xml:628 sssd-ldap.5.xml:642 msgid "Default: loginDisabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:596 +#: sssd-ldap.5.xml:634 msgid "ldap_user_nds_login_expiration_time (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:599 +#: sssd-ldap.5.xml:637 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines until " "which date access is granted." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:610 +#: sssd-ldap.5.xml:648 msgid "ldap_user_nds_login_allowed_time_map (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:613 +#: sssd-ldap.5.xml:651 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines the " "hours of a day in a week when access is granted." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:618 +#: sssd-ldap.5.xml:656 msgid "Default: loginAllowedTimeMap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:624 +#: sssd-ldap.5.xml:662 msgid "ldap_user_principal (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:627 +#: sssd-ldap.5.xml:665 msgid "" "The LDAP attribute that contains the user's Kerberos User Principal Name " "(UPN)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:631 +#: sssd-ldap.5.xml:669 msgid "Default: krbPrincipalName" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:637 +#: sssd-ldap.5.xml:675 msgid "ldap_user_extra_attrs (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:640 +#: sssd-ldap.5.xml:678 msgid "" "Comma-separated list of LDAP attributes that SSSD would fetch along with the " "usual set of user attributes." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:645 +#: sssd-ldap.5.xml:683 msgid "" "The list can either contain LDAP attribute names only, or colon-separated " "tuples of SSSD cache attribute name and LDAP attribute name. In case only " @@ -4932,7 +5166,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:655 +#: sssd-ldap.5.xml:693 msgid "" "Please note that several attribute names are reserved by SSSD, notably the " "<quote>name</quote> attribute. SSSD would report an error if any of the " @@ -4940,51 +5174,51 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:665 +#: sssd-ldap.5.xml:703 msgid "ldap_user_extra_attrs = telephoneNumber" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:668 +#: sssd-ldap.5.xml:706 msgid "" "Save the <quote>telephoneNumber</quote> attribute from LDAP as " "<quote>telephoneNumber</quote> to the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:672 +#: sssd-ldap.5.xml:710 msgid "ldap_user_extra_attrs = phone:telephoneNumber" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:675 +#: sssd-ldap.5.xml:713 msgid "" "Save the <quote>telephoneNumber</quote> attribute from LDAP as <quote>phone</" "quote> to the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:685 +#: sssd-ldap.5.xml:723 msgid "ldap_user_ssh_public_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:688 +#: sssd-ldap.5.xml:726 msgid "The LDAP attribute that contains the user's SSH public keys." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:692 sssd-ldap.5.xml:1247 +#: sssd-ldap.5.xml:730 sssd-ldap.5.xml:1285 msgid "Default: sshPublicKey" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:698 +#: sssd-ldap.5.xml:736 msgid "ldap_force_upper_case_realm (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:701 +#: sssd-ldap.5.xml:739 msgid "" "Some directory servers, for example Active Directory, might deliver the " "realm part of the UPN in lower case, which might cause the authentication to " @@ -4993,24 +5227,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:714 +#: sssd-ldap.5.xml:752 msgid "ldap_enumeration_refresh_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:717 +#: sssd-ldap.5.xml:755 msgid "" "Specifies how many seconds SSSD has to wait before refreshing its cache of " "enumerated records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:728 +#: sssd-ldap.5.xml:766 msgid "ldap_purge_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:731 +#: sssd-ldap.5.xml:769 msgid "" "Determine how often to check the cache for inactive entries (such as groups " "with no members and users who have never logged in) and remove them to save " @@ -5018,7 +5252,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:737 +#: sssd-ldap.5.xml:775 msgid "" "Setting this option to zero will disable the cache cleanup operation. Please " "note that if enumeration is enabled, the cleanup task is required in order " @@ -5027,43 +5261,43 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:752 +#: sssd-ldap.5.xml:790 msgid "ldap_user_fullname (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:755 +#: sssd-ldap.5.xml:793 msgid "The LDAP attribute that corresponds to the user's full name." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:759 sssd-ldap.5.xml:1102 sssd-ldap.5.xml:1176 -#: sssd-ldap.5.xml:1285 sssd-ldap.5.xml:2346 sssd-ipa.5.xml:622 +#: sssd-ldap.5.xml:797 sssd-ldap.5.xml:1140 sssd-ldap.5.xml:1214 +#: sssd-ldap.5.xml:1323 sssd-ldap.5.xml:2404 sssd-ipa.5.xml:622 msgid "Default: cn" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:765 +#: sssd-ldap.5.xml:803 msgid "ldap_user_member_of (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:768 +#: sssd-ldap.5.xml:806 msgid "The LDAP attribute that lists the user's group memberships." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:772 sssd-ldap.5.xml:1215 +#: sssd-ldap.5.xml:810 sssd-ldap.5.xml:1253 msgid "Default: memberOf" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:778 +#: sssd-ldap.5.xml:816 msgid "ldap_user_authorized_service (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:781 +#: sssd-ldap.5.xml:819 msgid "" "If access_provider=ldap and ldap_access_order=authorized_service, SSSD will " "use the presence of the authorizedService attribute in the user's LDAP entry " @@ -5071,14 +5305,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:788 +#: sssd-ldap.5.xml:826 msgid "" "An explicit deny (!svc) is resolved first. Second, SSSD searches for " "explicit allow (svc) and finally for allow_all (*)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:793 +#: sssd-ldap.5.xml:831 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>authorized_service</quote> in order for the " @@ -5086,17 +5320,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:800 +#: sssd-ldap.5.xml:838 msgid "Default: authorizedService" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:806 +#: sssd-ldap.5.xml:844 msgid "ldap_user_authorized_host (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:809 +#: sssd-ldap.5.xml:847 msgid "" "If access_provider=ldap and ldap_access_order=host, SSSD will use the " "presence of the host attribute in the user's LDAP entry to determine access " @@ -5104,14 +5338,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:815 +#: sssd-ldap.5.xml:853 msgid "" "An explicit deny (!host) is resolved first. Second, SSSD searches for " "explicit allow (host) and finally for allow_all (*)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:820 +#: sssd-ldap.5.xml:858 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>host</quote> in order for the " @@ -5119,17 +5353,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:827 +#: sssd-ldap.5.xml:865 msgid "Default: host" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:833 +#: sssd-ldap.5.xml:871 msgid "ldap_user_authorized_rhost (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:836 +#: sssd-ldap.5.xml:874 msgid "" "If access_provider=ldap and ldap_access_order=rhost, SSSD will use the " "presence of the rhost attribute in the user's LDAP entry to determine access " @@ -5137,14 +5371,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:843 +#: sssd-ldap.5.xml:881 msgid "" "An explicit deny (!rhost) is resolved first. Second, SSSD searches for " "explicit allow (rhost) and finally for allow_all (*)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:848 +#: sssd-ldap.5.xml:886 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>rhost</quote> in order for the " @@ -5152,37 +5386,37 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:855 +#: sssd-ldap.5.xml:893 msgid "Default: rhost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:861 +#: sssd-ldap.5.xml:899 msgid "ldap_user_certificate (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:864 +#: sssd-ldap.5.xml:902 msgid "Name of the LDAP attribute containing the X509 certificate of the user." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:868 +#: sssd-ldap.5.xml:906 msgid "Default: userCertificate;binary" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:874 +#: sssd-ldap.5.xml:912 msgid "ldap_user_email (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:877 +#: sssd-ldap.5.xml:915 msgid "Name of the LDAP attribute containing the email address of the user." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:881 +#: sssd-ldap.5.xml:919 msgid "" "Note: If an email address of a user conflicts with an email address or fully " "qualified name of another user, then SSSD will not be able to serve those " @@ -5192,106 +5426,106 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:890 +#: sssd-ldap.5.xml:928 msgid "Default: mail" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:896 +#: sssd-ldap.5.xml:934 msgid "ldap_group_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:899 +#: sssd-ldap.5.xml:937 msgid "The object class of a group entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:902 +#: sssd-ldap.5.xml:940 msgid "Default: posixGroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:908 +#: sssd-ldap.5.xml:946 msgid "ldap_group_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:911 +#: sssd-ldap.5.xml:949 msgid "The LDAP attribute that corresponds to the group name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:915 +#: sssd-ldap.5.xml:953 msgid "Default: cn (rfc2307, rfc2307bis and IPA), sAMAccountName (AD)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:922 +#: sssd-ldap.5.xml:960 msgid "ldap_group_gid_number (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:925 +#: sssd-ldap.5.xml:963 msgid "The LDAP attribute that corresponds to the group's id." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:935 +#: sssd-ldap.5.xml:973 msgid "ldap_group_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:938 +#: sssd-ldap.5.xml:976 msgid "The LDAP attribute that contains the names of the group's members." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:942 +#: sssd-ldap.5.xml:980 msgid "Default: memberuid (rfc2307) / member (rfc2307bis)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:948 +#: sssd-ldap.5.xml:986 msgid "ldap_group_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:951 +#: sssd-ldap.5.xml:989 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:962 +#: sssd-ldap.5.xml:1000 msgid "ldap_group_objectsid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:965 +#: sssd-ldap.5.xml:1003 msgid "" "The LDAP attribute that contains the objectSID of an LDAP group object. This " "is usually only necessary for ActiveDirectory servers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:977 +#: sssd-ldap.5.xml:1015 msgid "ldap_group_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:990 +#: sssd-ldap.5.xml:1028 msgid "ldap_group_type (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:993 +#: sssd-ldap.5.xml:1031 msgid "" "The LDAP attribute that contains an integer value indicating the type of the " "group and maybe other flags." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:998 +#: sssd-ldap.5.xml:1036 msgid "" "This attribute is currently only used by the AD provider to determine if a " "group is a domain local groups and has to be filtered out for trusted " @@ -5299,34 +5533,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1004 +#: sssd-ldap.5.xml:1042 msgid "Default: groupType in the AD provider, otherwise not set" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1011 +#: sssd-ldap.5.xml:1049 msgid "ldap_group_external_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1014 +#: sssd-ldap.5.xml:1052 msgid "" "The LDAP attribute that references group members that are defined in an " "external domain. At the moment, only IPA's external members are supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1020 +#: sssd-ldap.5.xml:1058 msgid "Default: ipaExternalMember in the IPA provider, otherwise unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1027 +#: sssd-ldap.5.xml:1065 msgid "ldap_group_nesting_level (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1030 +#: sssd-ldap.5.xml:1068 msgid "" "If ldap_schema is set to a schema format that supports nested groups (e.g. " "RFC2307bis), then this option controls how many levels of nesting SSSD will " @@ -5334,7 +5568,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1037 +#: sssd-ldap.5.xml:1075 msgid "" "Note: This option specifies the guaranteed level of nested groups to be " "processed for any lookup. However, nested groups beyond this limit " @@ -5344,7 +5578,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1046 +#: sssd-ldap.5.xml:1084 msgid "" "If ldap_group_nesting_level is set to 0 then no nested groups are processed " "at all. However, when connected to Active-Directory Server 2008 and later " @@ -5354,177 +5588,177 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1055 +#: sssd-ldap.5.xml:1093 msgid "Default: 2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1064 +#: sssd-ldap.5.xml:1102 msgid "" "This options enables or disables use of Token-Groups attribute when " "performing initgroup for users from Active Directory Server 2008 and later." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1069 +#: sssd-ldap.5.xml:1107 msgid "Default: True for AD and IPA otherwise False." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1075 +#: sssd-ldap.5.xml:1113 msgid "ldap_netgroup_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1078 +#: sssd-ldap.5.xml:1116 msgid "The object class of a netgroup entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1081 +#: sssd-ldap.5.xml:1119 msgid "In IPA provider, ipa_netgroup_object_class should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1085 +#: sssd-ldap.5.xml:1123 msgid "Default: nisNetgroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1091 +#: sssd-ldap.5.xml:1129 msgid "ldap_netgroup_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1094 +#: sssd-ldap.5.xml:1132 msgid "The LDAP attribute that corresponds to the netgroup name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1098 +#: sssd-ldap.5.xml:1136 msgid "In IPA provider, ipa_netgroup_name should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1108 +#: sssd-ldap.5.xml:1146 msgid "ldap_netgroup_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1111 +#: sssd-ldap.5.xml:1149 msgid "The LDAP attribute that contains the names of the netgroup's members." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1115 +#: sssd-ldap.5.xml:1153 msgid "In IPA provider, ipa_netgroup_member should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1119 +#: sssd-ldap.5.xml:1157 msgid "Default: memberNisNetgroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1125 +#: sssd-ldap.5.xml:1163 msgid "ldap_netgroup_triple (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1128 +#: sssd-ldap.5.xml:1166 msgid "" "The LDAP attribute that contains the (host, user, domain) netgroup triples." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1132 sssd-ldap.5.xml:1148 +#: sssd-ldap.5.xml:1170 sssd-ldap.5.xml:1186 msgid "This option is not available in IPA provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1135 +#: sssd-ldap.5.xml:1173 msgid "Default: nisNetgroupTriple" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1141 +#: sssd-ldap.5.xml:1179 msgid "ldap_netgroup_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1157 +#: sssd-ldap.5.xml:1195 msgid "ldap_host_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1160 +#: sssd-ldap.5.xml:1198 msgid "The object class of a host entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1163 sssd-ldap.5.xml:1272 +#: sssd-ldap.5.xml:1201 sssd-ldap.5.xml:1310 msgid "Default: ipService" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1169 +#: sssd-ldap.5.xml:1207 msgid "ldap_host_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1172 sssd-ldap.5.xml:1198 +#: sssd-ldap.5.xml:1210 sssd-ldap.5.xml:1236 msgid "The LDAP attribute that corresponds to the host's name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1182 +#: sssd-ldap.5.xml:1220 msgid "ldap_host_fqdn (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1185 +#: sssd-ldap.5.xml:1223 msgid "" "The LDAP attribute that corresponds to the host's fully-qualified domain " "name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1189 +#: sssd-ldap.5.xml:1227 msgid "Default: fqdn" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1195 +#: sssd-ldap.5.xml:1233 msgid "ldap_host_serverhostname (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1202 +#: sssd-ldap.5.xml:1240 msgid "Default: serverHostname" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1208 +#: sssd-ldap.5.xml:1246 msgid "ldap_host_member_of (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1211 +#: sssd-ldap.5.xml:1249 msgid "The LDAP attribute that lists the host's group memberships." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1221 +#: sssd-ldap.5.xml:1259 msgid "ldap_host_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1224 +#: sssd-ldap.5.xml:1262 msgid "Optional. Use the given string as search base for host objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1228 sssd-ipa.5.xml:374 sssd-ipa.5.xml:393 +#: sssd-ldap.5.xml:1266 sssd-ipa.5.xml:374 sssd-ipa.5.xml:393 #: sssd-ipa.5.xml:412 sssd-ipa.5.xml:431 msgid "" "See <quote>ldap_search_base</quote> for information about configuring " @@ -5532,95 +5766,95 @@ msgid "" msgstr "" #. type: Content of: <listitem><para> -#: sssd-ldap.5.xml:1233 sssd-ipa.5.xml:379 include/ldap_search_bases.xml:27 +#: sssd-ldap.5.xml:1271 sssd-ipa.5.xml:379 include/ldap_search_bases.xml:27 msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1240 +#: sssd-ldap.5.xml:1278 msgid "ldap_host_ssh_public_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1243 +#: sssd-ldap.5.xml:1281 msgid "The LDAP attribute that contains the host's SSH public keys." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1253 +#: sssd-ldap.5.xml:1291 msgid "ldap_host_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1256 +#: sssd-ldap.5.xml:1294 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP host object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1266 +#: sssd-ldap.5.xml:1304 msgid "ldap_service_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1269 +#: sssd-ldap.5.xml:1307 msgid "The object class of a service entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1278 +#: sssd-ldap.5.xml:1316 msgid "ldap_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1281 +#: sssd-ldap.5.xml:1319 msgid "" "The LDAP attribute that contains the name of service attributes and their " "aliases." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1291 +#: sssd-ldap.5.xml:1329 msgid "ldap_service_port (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1294 +#: sssd-ldap.5.xml:1332 msgid "The LDAP attribute that contains the port managed by this service." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1298 +#: sssd-ldap.5.xml:1336 msgid "Default: ipServicePort" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1304 +#: sssd-ldap.5.xml:1342 msgid "ldap_service_proto (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1307 +#: sssd-ldap.5.xml:1345 msgid "" "The LDAP attribute that contains the protocols understood by this service." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1311 +#: sssd-ldap.5.xml:1349 msgid "Default: ipServiceProtocol" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1317 +#: sssd-ldap.5.xml:1355 msgid "ldap_service_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1322 +#: sssd-ldap.5.xml:1360 msgid "ldap_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1325 +#: sssd-ldap.5.xml:1363 msgid "" "Specifies the timeout (in seconds) that ldap searches are allowed to run " "before they are cancelled and cached results are returned (and offline mode " @@ -5628,7 +5862,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1331 +#: sssd-ldap.5.xml:1369 msgid "" "Note: this option is subject to change in future versions of the SSSD. It " "will likely be replaced at some point by a series of timeouts for specific " @@ -5636,12 +5870,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1343 +#: sssd-ldap.5.xml:1381 msgid "ldap_enumeration_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1346 +#: sssd-ldap.5.xml:1384 msgid "" "Specifies the timeout (in seconds) that ldap searches for user and group " "enumerations are allowed to run before they are cancelled and cached results " @@ -5649,12 +5883,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1359 +#: sssd-ldap.5.xml:1397 msgid "ldap_network_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1362 +#: sssd-ldap.5.xml:1400 msgid "" "Specifies the timeout (in seconds) after which the <citerefentry> " "<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" @@ -5665,12 +5899,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1385 +#: sssd-ldap.5.xml:1423 msgid "ldap_opt_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1388 +#: sssd-ldap.5.xml:1426 msgid "" "Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " "will abort if no response is received. Also controls the timeout when " @@ -5679,12 +5913,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1403 +#: sssd-ldap.5.xml:1441 msgid "ldap_connection_expire_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1406 +#: sssd-ldap.5.xml:1444 msgid "" "Specifies a timeout (in seconds) that a connection to an LDAP server will be " "maintained. After this time, the connection will be re-established. If used " @@ -5693,34 +5927,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1414 sssd-ldap.5.xml:2503 +#: sssd-ldap.5.xml:1452 sssd-ldap.5.xml:2572 msgid "Default: 900 (15 minutes)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1420 +#: sssd-ldap.5.xml:1458 msgid "ldap_page_size (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1423 +#: sssd-ldap.5.xml:1461 msgid "" "Specify the number of records to retrieve from LDAP in a single request. " "Some LDAP servers enforce a maximum limit per-request." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1428 +#: sssd-ldap.5.xml:1466 msgid "Default: 1000" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1434 +#: sssd-ldap.5.xml:1472 msgid "ldap_disable_paging (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1437 +#: sssd-ldap.5.xml:1475 msgid "" "Disable the LDAP paging control. This option should be used if the LDAP " "server reports that it supports the LDAP paging control in its RootDSE but " @@ -5728,14 +5962,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1443 +#: sssd-ldap.5.xml:1481 msgid "" "Example: OpenLDAP servers with the paging control module installed on the " "server but not enabled will report it in the RootDSE but be unable to use it." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1449 +#: sssd-ldap.5.xml:1487 msgid "" "Example: 389 DS has a bug where it can only support a one paging control at " "a time on a single connection. On busy clients, this can result in some " @@ -5743,17 +5977,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1461 +#: sssd-ldap.5.xml:1499 msgid "ldap_disable_range_retrieval (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1464 +#: sssd-ldap.5.xml:1502 msgid "Disable Active Directory range retrieval." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1467 +#: sssd-ldap.5.xml:1505 msgid "" "Active Directory limits the number of members to be retrieved in a single " "lookup using the MaxValRange policy (which defaults to 1500 members). If a " @@ -5763,12 +5997,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1482 +#: sssd-ldap.5.xml:1520 msgid "ldap_sasl_minssf (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1485 +#: sssd-ldap.5.xml:1523 msgid "" "When communicating with an LDAP server using SASL, specify the minimum " "security level necessary to establish the connection. The values of this " @@ -5776,17 +6010,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1491 +#: sssd-ldap.5.xml:1529 msgid "Default: Use the system default (usually specified by ldap.conf)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1498 +#: sssd-ldap.5.xml:1536 msgid "ldap_deref_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1501 +#: sssd-ldap.5.xml:1539 msgid "" "Specify the number of group members that must be missing from the internal " "cache in order to trigger a dereference lookup. If less members are missing, " @@ -5794,13 +6028,18 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1507 +#: sssd-ldap.5.xml:1545 msgid "" -"You can turn off dereference lookups completely by setting the value to 0." +"You can turn off dereference lookups completely by setting the value to 0. " +"Please note that there are some codepaths in SSSD, like the IPA HBAC " +"provider, that are only implemented using the dereference call, so even with " +"dereference explicitly disabled, those parts will still use dereference if " +"the server supports it and advertises the dereference control in the rootDSE " +"object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1511 +#: sssd-ldap.5.xml:1556 msgid "" "A dereference lookup is a means of fetching all group members in a single " "LDAP call. Different LDAP servers may implement different dereference " @@ -5809,7 +6048,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1519 +#: sssd-ldap.5.xml:1564 msgid "" "<emphasis>Note:</emphasis> If any of the search bases specifies a search " "filter, then the dereference lookup performance enhancement will be disabled " @@ -5817,26 +6056,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1532 +#: sssd-ldap.5.xml:1577 msgid "ldap_tls_reqcert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1535 +#: sssd-ldap.5.xml:1580 msgid "" "Specifies what checks to perform on server certificates in a TLS session, if " "any. It can be specified as one of the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1541 +#: sssd-ldap.5.xml:1586 msgid "" "<emphasis>never</emphasis> = The client will not request or check any server " "certificate." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1545 +#: sssd-ldap.5.xml:1590 msgid "" "<emphasis>allow</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -5844,7 +6083,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1552 +#: sssd-ldap.5.xml:1597 msgid "" "<emphasis>try</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -5852,7 +6091,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1558 +#: sssd-ldap.5.xml:1603 msgid "" "<emphasis>demand</emphasis> = The server certificate is requested. If no " "certificate is provided, or a bad certificate is provided, the session is " @@ -5860,41 +6099,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1564 +#: sssd-ldap.5.xml:1609 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1568 +#: sssd-ldap.5.xml:1613 msgid "Default: hard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1574 +#: sssd-ldap.5.xml:1619 msgid "ldap_tls_cacert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1577 +#: sssd-ldap.5.xml:1622 msgid "" "Specifies the file that contains certificates for all of the Certificate " "Authorities that <command>sssd</command> will recognize." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1582 sssd-ldap.5.xml:1600 sssd-ldap.5.xml:1641 +#: sssd-ldap.5.xml:1627 sssd-ldap.5.xml:1645 sssd-ldap.5.xml:1686 msgid "" "Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." "conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1589 +#: sssd-ldap.5.xml:1634 msgid "ldap_tls_cacertdir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1592 +#: sssd-ldap.5.xml:1637 msgid "" "Specifies the path of a directory that contains Certificate Authority " "certificates in separate individual files. Typically the file names need to " @@ -5903,32 +6142,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1607 +#: sssd-ldap.5.xml:1652 msgid "ldap_tls_cert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1610 +#: sssd-ldap.5.xml:1655 msgid "Specifies the file that contains the certificate for the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1620 +#: sssd-ldap.5.xml:1665 msgid "ldap_tls_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1623 +#: sssd-ldap.5.xml:1668 msgid "Specifies the file that contains the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1632 +#: sssd-ldap.5.xml:1677 msgid "ldap_tls_cipher_suite (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1635 +#: sssd-ldap.5.xml:1680 msgid "" "Specifies acceptable cipher suites. Typically this is a colon separated " "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " @@ -5936,24 +6175,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1648 +#: sssd-ldap.5.xml:1693 msgid "ldap_id_use_start_tls (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1651 +#: sssd-ldap.5.xml:1696 msgid "" "Specifies that the id_provider connection must also use <systemitem class=" "\"protocol\">tls</systemitem> to protect the channel." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1661 +#: sssd-ldap.5.xml:1706 msgid "ldap_id_mapping (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1664 +#: sssd-ldap.5.xml:1709 msgid "" "Specifies that SSSD should attempt to map user and group IDs from the " "ldap_user_objectsid and ldap_group_objectsid attributes instead of relying " @@ -5961,17 +6200,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1670 +#: sssd-ldap.5.xml:1715 msgid "Currently this feature supports only ActiveDirectory objectSID mapping." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1680 +#: sssd-ldap.5.xml:1725 msgid "ldap_min_id, ldap_max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1683 +#: sssd-ldap.5.xml:1728 msgid "" "In contrast to the SID based ID mapping which is used if ldap_id_mapping is " "set to true the allowed ID range for ldap_user_uid_number and " @@ -5982,29 +6221,40 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1695 +#: sssd-ldap.5.xml:1740 msgid "Default: not set (both options are set to 0)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1701 +#: sssd-ldap.5.xml:1746 msgid "ldap_sasl_mech (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1704 +#: sssd-ldap.5.xml:1749 msgid "" -"Specify the SASL mechanism to use. Currently only GSSAPI is tested and " -"supported." +"Specify the SASL mechanism to use. Currently only GSSAPI and GSS-SPNEGO are " +"tested and supported." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1753 +msgid "" +"If the backend supports sub-domains the value of ldap_sasl_mech is " +"automatically inherited to the sub-domains. If a different value is needed " +"for a sub-domain it can be overwritten by setting ldap_sasl_mech for this " +"sub-domain explicitly. Please see TRUSTED DOMAIN SECTION in " +"<citerefentry><refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" +"manvolnum></citerefentry> for details." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1714 +#: sssd-ldap.5.xml:1769 msgid "ldap_sasl_authid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ldap.5.xml:1725 +#: sssd-ldap.5.xml:1781 #, no-wrap msgid "" "hostname@REALM\n" @@ -6017,29 +6267,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1717 +#: sssd-ldap.5.xml:1772 msgid "" -"Specify the SASL authorization id to use. When GSSAPI is used, this " -"represents the Kerberos principal used for authentication to the directory. " -"This option can either contain the full principal (for example host/" -"myhost@EXAMPLE.COM) or just the principal name (for example host/myhost). By " -"default, the value is not set and the following principals are used: " -"<placeholder type=\"programlisting\" id=\"0\"/> If none of them are found, " -"the first principal in keytab is returned." +"Specify the SASL authorization id to use. When GSSAPI/GSS-SPNEGO are used, " +"this represents the Kerberos principal used for authentication to the " +"directory. This option can either contain the full principal (for example " +"host/myhost@EXAMPLE.COM) or just the principal name (for example host/" +"myhost). By default, the value is not set and the following principals are " +"used: <placeholder type=\"programlisting\" id=\"0\"/> If none of them are " +"found, the first principal in keytab is returned." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1736 +#: sssd-ldap.5.xml:1792 msgid "Default: host/hostname@REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1742 +#: sssd-ldap.5.xml:1798 msgid "ldap_sasl_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1745 +#: sssd-ldap.5.xml:1801 msgid "" "Specify the SASL realm to use. When not specified, this option defaults to " "the value of krb5_realm. If the ldap_sasl_authid contains the realm as " @@ -6047,77 +6297,78 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1751 +#: sssd-ldap.5.xml:1807 msgid "Default: the value of krb5_realm." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1757 +#: sssd-ldap.5.xml:1813 msgid "ldap_sasl_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1760 +#: sssd-ldap.5.xml:1816 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1765 +#: sssd-ldap.5.xml:1821 msgid "Default: false;" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1771 +#: sssd-ldap.5.xml:1827 msgid "ldap_krb5_keytab (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1774 -msgid "Specify the keytab to use when using SASL/GSSAPI." +#: sssd-ldap.5.xml:1830 +msgid "Specify the keytab to use when using SASL/GSSAPI/GSS-SPNEGO." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1777 +#: sssd-ldap.5.xml:1834 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1783 +#: sssd-ldap.5.xml:1840 msgid "ldap_krb5_init_creds (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1786 +#: sssd-ldap.5.xml:1843 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " -"GSSAPI." +"GSSAPI or GSS-SPNEGO." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1798 +#: sssd-ldap.5.xml:1855 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1801 -msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." +#: sssd-ldap.5.xml:1858 +msgid "" +"Specifies the lifetime in seconds of the TGT if GSSAPI or GSS-SPNEGO is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1805 sssd-ad.5.xml:959 +#: sssd-ldap.5.xml:1862 sssd-ad.5.xml:978 msgid "Default: 86400 (24 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1811 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:1868 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1814 +#: sssd-ldap.5.xml:1871 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of preference. " @@ -6129,7 +6380,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1826 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:1883 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -6137,7 +6388,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1831 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1888 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " @@ -6145,39 +6396,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1840 sssd-ipa.5.xml:443 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1897 sssd-ipa.5.xml:443 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1843 -msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." +#: sssd-ldap.5.xml:1900 +msgid "Specify the Kerberos REALM (for SASL/GSSAPI/GSS-SPNEGO auth)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1846 +#: sssd-ldap.5.xml:1904 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1852 sssd-krb5.5.xml:462 +#: sssd-ldap.5.xml:1910 sssd-krb5.5.xml:462 msgid "krb5_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1855 +#: sssd-ldap.5.xml:1913 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1867 sssd-krb5.5.xml:477 +#: sssd-ldap.5.xml:1925 sssd-krb5.5.xml:477 msgid "krb5_use_kdcinfo (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1870 sssd-krb5.5.xml:480 +#: sssd-ldap.5.xml:1928 sssd-krb5.5.xml:480 msgid "" "Specifies if the SSSD should instruct the Kerberos libraries what realm and " "which KDCs to use. This option is on by default, if you disable it, you need " @@ -6187,7 +6438,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1881 sssd-krb5.5.xml:491 +#: sssd-ldap.5.xml:1939 sssd-krb5.5.xml:491 msgid "" "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more " @@ -6195,26 +6446,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1895 +#: sssd-ldap.5.xml:1953 msgid "ldap_pwd_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1898 +#: sssd-ldap.5.xml:1956 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1903 +#: sssd-ldap.5.xml:1961 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1908 +#: sssd-ldap.5.xml:1966 msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " @@ -6222,7 +6473,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1914 +#: sssd-ldap.5.xml:1972 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " @@ -6230,31 +6481,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1923 +#: sssd-ldap.5.xml:1981 msgid "" "<emphasis>Note</emphasis>: if a password policy is configured on server " "side, it always takes precedence over policy set with this option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1931 +#: sssd-ldap.5.xml:1989 msgid "ldap_referrals (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1934 +#: sssd-ldap.5.xml:1992 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1938 +#: sssd-ldap.5.xml:1996 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1943 +#: sssd-ldap.5.xml:2001 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " @@ -6263,56 +6514,56 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1957 +#: sssd-ldap.5.xml:2015 msgid "ldap_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1960 +#: sssd-ldap.5.xml:2018 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1964 +#: sssd-ldap.5.xml:2022 msgid "Default: ldap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1970 +#: sssd-ldap.5.xml:2028 msgid "ldap_chpass_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1973 +#: sssd-ldap.5.xml:2031 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1978 +#: sssd-ldap.5.xml:2036 msgid "Default: not set, i.e. service discovery is disabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1984 +#: sssd-ldap.5.xml:2042 msgid "ldap_chpass_update_last_change (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1987 +#: sssd-ldap.5.xml:2045 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1999 +#: sssd-ldap.5.xml:2057 msgid "ldap_access_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2002 +#: sssd-ldap.5.xml:2060 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -6328,12 +6579,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2022 +#: sssd-ldap.5.xml:2080 msgid "Example:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:2025 +#: sssd-ldap.5.xml:2083 #, no-wrap msgid "" "access_provider = ldap\n" @@ -6342,14 +6593,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2029 +#: sssd-ldap.5.xml:2087 msgid "" "This example means that access to this host is restricted to users whose " "employeeType attribute is set to \"admin\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2034 +#: sssd-ldap.5.xml:2092 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -6358,24 +6609,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2042 sssd-ldap.5.xml:2099 +#: sssd-ldap.5.xml:2100 sssd-ldap.5.xml:2157 msgid "Default: Empty" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2048 +#: sssd-ldap.5.xml:2106 msgid "ldap_account_expire_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2051 +#: sssd-ldap.5.xml:2109 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2055 +#: sssd-ldap.5.xml:2113 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -6383,19 +6634,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2062 +#: sssd-ldap.5.xml:2120 msgid "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2065 +#: sssd-ldap.5.xml:2123 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2070 +#: sssd-ldap.5.xml:2128 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -6404,7 +6655,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2077 +#: sssd-ldap.5.xml:2135 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " @@ -6412,7 +6663,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2083 +#: sssd-ldap.5.xml:2141 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -6421,7 +6672,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2092 +#: sssd-ldap.5.xml:2150 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>expire</quote> in order for the " @@ -6429,22 +6680,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2105 +#: sssd-ldap.5.xml:2163 msgid "ldap_access_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2108 +#: sssd-ldap.5.xml:2166 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2112 +#: sssd-ldap.5.xml:2170 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2115 +#: sssd-ldap.5.xml:2173 msgid "" "<emphasis>lockout</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -6454,14 +6705,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2125 +#: sssd-ldap.5.xml:2183 msgid "" "<emphasis> Please note that this option is superseded by the <quote>ppolicy</" "quote> option and might be removed in a future release. </emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2132 +#: sssd-ldap.5.xml:2190 msgid "" "<emphasis>ppolicy</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -6474,12 +6725,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2149 +#: sssd-ldap.5.xml:2207 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2153 +#: sssd-ldap.5.xml:2211 msgid "" "<emphasis>pwd_expire_policy_reject, pwd_expire_policy_warn, " "pwd_expire_policy_renew: </emphasis> These options are useful if users are " @@ -6489,7 +6740,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2163 +#: sssd-ldap.5.xml:2221 msgid "" "The difference between these options is the action taken if user password is " "expired: pwd_expire_policy_reject - user is denied to log in, " @@ -6499,63 +6750,63 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2171 +#: sssd-ldap.5.xml:2229 msgid "" "Note If user password is expired no explicit message is prompted by SSSD." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2175 +#: sssd-ldap.5.xml:2233 msgid "" "Please note that 'access_provider = ldap' must be set for this feature to " "work. Also 'ldap_pwd_policy' must be set to an appropriate password policy." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2180 +#: sssd-ldap.5.xml:2238 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2185 +#: sssd-ldap.5.xml:2243 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2189 +#: sssd-ldap.5.xml:2247 msgid "" "<emphasis>rhost</emphasis>: use the rhost attribute to determine whether " "remote host can access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2193 +#: sssd-ldap.5.xml:2251 msgid "" "Please note, rhost field in pam is set by application, it is better to check " "what the application sends to pam, before enabling this access control option" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2198 +#: sssd-ldap.5.xml:2256 msgid "Default: filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2201 +#: sssd-ldap.5.xml:2259 msgid "" "Please note that it is a configuration error if a value is used more than " "once." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2208 +#: sssd-ldap.5.xml:2266 msgid "ldap_pwdlockout_dn (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2211 +#: sssd-ldap.5.xml:2269 msgid "" "This option specifies the DN of password policy entry on LDAP server. Please " "note that absence of this option in sssd.conf in case of enabled account " @@ -6564,74 +6815,74 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2219 +#: sssd-ldap.5.xml:2277 msgid "Example: cn=ppolicy,ou=policies,dc=example,dc=com" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2222 +#: sssd-ldap.5.xml:2280 msgid "Default: cn=ppolicy,ou=policies,$ldap_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2228 +#: sssd-ldap.5.xml:2286 msgid "ldap_deref (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2231 +#: sssd-ldap.5.xml:2289 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2236 +#: sssd-ldap.5.xml:2294 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2240 +#: sssd-ldap.5.xml:2298 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2245 +#: sssd-ldap.5.xml:2303 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2250 +#: sssd-ldap.5.xml:2308 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2255 +#: sssd-ldap.5.xml:2313 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2263 +#: sssd-ldap.5.xml:2321 msgid "ldap_rfc2307_fallback_to_local_users (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2266 +#: sssd-ldap.5.xml:2324 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2270 +#: sssd-ldap.5.xml:2328 msgid "" "In some environments where the RFC2307 schema is used, local users are made " "members of LDAP groups by adding their names to the memberUid attribute. " @@ -6642,7 +6893,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2281 +#: sssd-ldap.5.xml:2339 msgid "" "This option falls back to checking if local users are referenced, and caches " "them so that later initgroups() calls will augment the local users with the " @@ -6650,24 +6901,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2293 sssd-ifp.5.xml:136 +#: sssd-ldap.5.xml:2351 sssd-ifp.5.xml:136 msgid "wildcard_limit (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2296 +#: sssd-ldap.5.xml:2354 msgid "" "Specifies an upper limit on the number of entries that are downloaded during " "a wildcard lookup." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2300 +#: sssd-ldap.5.xml:2358 msgid "At the moment, only the InfoPipe responder supports wildcard lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2304 +#: sssd-ldap.5.xml:2362 msgid "Default: 1000 (often the size of one page)" msgstr "" @@ -6682,12 +6933,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2314 +#: sssd-ldap.5.xml:2372 msgid "SUDO OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2316 +#: sssd-ldap.5.xml:2374 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -6695,317 +6946,327 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2327 +#: sssd-ldap.5.xml:2385 msgid "ldap_sudorule_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2330 +#: sssd-ldap.5.xml:2388 msgid "The object class of a sudo rule entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2333 +#: sssd-ldap.5.xml:2391 msgid "Default: sudoRole" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2339 +#: sssd-ldap.5.xml:2397 msgid "ldap_sudorule_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2342 +#: sssd-ldap.5.xml:2400 msgid "The LDAP attribute that corresponds to the sudo rule name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2352 +#: sssd-ldap.5.xml:2410 msgid "ldap_sudorule_command (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2355 +#: sssd-ldap.5.xml:2413 msgid "The LDAP attribute that corresponds to the command name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2359 +#: sssd-ldap.5.xml:2417 msgid "Default: sudoCommand" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2365 +#: sssd-ldap.5.xml:2423 msgid "ldap_sudorule_host (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2368 +#: sssd-ldap.5.xml:2426 msgid "" "The LDAP attribute that corresponds to the host name (or host IP address, " "host IP network, or host netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2373 +#: sssd-ldap.5.xml:2431 msgid "Default: sudoHost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2379 +#: sssd-ldap.5.xml:2437 msgid "ldap_sudorule_user (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2382 +#: sssd-ldap.5.xml:2440 msgid "" "The LDAP attribute that corresponds to the user name (or UID, group name or " "user's netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2386 +#: sssd-ldap.5.xml:2444 msgid "Default: sudoUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2392 +#: sssd-ldap.5.xml:2450 msgid "ldap_sudorule_option (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2395 +#: sssd-ldap.5.xml:2453 msgid "The LDAP attribute that corresponds to the sudo options." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2399 +#: sssd-ldap.5.xml:2457 msgid "Default: sudoOption" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2405 +#: sssd-ldap.5.xml:2463 msgid "ldap_sudorule_runasuser (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2408 +#: sssd-ldap.5.xml:2466 msgid "" "The LDAP attribute that corresponds to the user name that commands may be " "run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2412 +#: sssd-ldap.5.xml:2470 msgid "Default: sudoRunAsUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2418 +#: sssd-ldap.5.xml:2476 msgid "ldap_sudorule_runasgroup (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2421 +#: sssd-ldap.5.xml:2479 msgid "" "The LDAP attribute that corresponds to the group name or group GID that " "commands may be run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2425 +#: sssd-ldap.5.xml:2483 msgid "Default: sudoRunAsGroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2431 +#: sssd-ldap.5.xml:2489 msgid "ldap_sudorule_notbefore (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2434 +#: sssd-ldap.5.xml:2492 msgid "" "The LDAP attribute that corresponds to the start date/time for when the sudo " "rule is valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2438 +#: sssd-ldap.5.xml:2496 msgid "Default: sudoNotBefore" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2444 +#: sssd-ldap.5.xml:2502 msgid "ldap_sudorule_notafter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2447 +#: sssd-ldap.5.xml:2505 msgid "" "The LDAP attribute that corresponds to the expiration date/time, after which " "the sudo rule will no longer be valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2452 +#: sssd-ldap.5.xml:2510 msgid "Default: sudoNotAfter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2458 +#: sssd-ldap.5.xml:2516 msgid "ldap_sudorule_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2461 +#: sssd-ldap.5.xml:2519 msgid "The LDAP attribute that corresponds to the ordering index of the rule." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2465 +#: sssd-ldap.5.xml:2523 msgid "Default: sudoOrder" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2471 +#: sssd-ldap.5.xml:2529 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2474 +#: sssd-ldap.5.xml:2532 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2479 +#: sssd-ldap.5.xml:2537 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </" "emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2484 +#: sssd-ldap.5.xml:2542 msgid "Default: 21600 (6 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2490 +#: sssd-ldap.5.xml:2548 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2493 +#: sssd-ldap.5.xml:2551 msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " -"rules (which downloads all rules that have USN higher than the highest USN " -"of cached rules)." +"rules (which downloads all rules that have USN higher than the highest " +"server USN value that is currently known by SSSD)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2499 +#: sssd-ldap.5.xml:2557 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:2561 +msgid "" +"<emphasis>Note:</emphasis> the highest USN value can be updated by three " +"tasks: 1) By sudo full and smart refresh (if updated rules are found), 2) by " +"enumeration of users and groups (if enabled and updated users or groups are " +"found) and 3) by reconnecting to the server (by default every 15 minutes, " +"see <emphasis>ldap_connection_expire_timeout</emphasis>)." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2509 +#: sssd-ldap.5.xml:2578 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2512 +#: sssd-ldap.5.xml:2581 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2523 +#: sssd-ldap.5.xml:2592 msgid "ldap_sudo_hostnames (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2526 +#: sssd-ldap.5.xml:2595 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2531 +#: sssd-ldap.5.xml:2600 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2536 sssd-ldap.5.xml:2559 sssd-ldap.5.xml:2577 -#: sssd-ldap.5.xml:2595 +#: sssd-ldap.5.xml:2605 sssd-ldap.5.xml:2628 sssd-ldap.5.xml:2646 +#: sssd-ldap.5.xml:2664 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</" "emphasis> then this option has no effect." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2541 sssd-ldap.5.xml:2564 +#: sssd-ldap.5.xml:2610 sssd-ldap.5.xml:2633 msgid "Default: not specified" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2547 +#: sssd-ldap.5.xml:2616 msgid "ldap_sudo_ip (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2550 +#: sssd-ldap.5.xml:2619 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2555 +#: sssd-ldap.5.xml:2624 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2570 +#: sssd-ldap.5.xml:2639 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2573 +#: sssd-ldap.5.xml:2642 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2588 +#: sssd-ldap.5.xml:2657 msgid "ldap_sudo_include_regexp (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2591 +#: sssd-ldap.5.xml:2660 msgid "" "If true then SSSD will download every rule that contains a wildcard in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><note><para> -#: sssd-ldap.5.xml:2601 +#: sssd-ldap.5.xml:2670 msgid "" "Using wildcard is an operation that is very costly to evaluate on the LDAP " "server side!" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2613 +#: sssd-ldap.5.xml:2682 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -7014,111 +7275,111 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2623 +#: sssd-ldap.5.xml:2692 msgid "AUTOFS OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2625 +#: sssd-ldap.5.xml:2694 msgid "" "Some of the defaults for the parameters below are dependent on the LDAP " "schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2631 +#: sssd-ldap.5.xml:2700 msgid "ldap_autofs_map_master_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2634 +#: sssd-ldap.5.xml:2703 msgid "The name of the automount master map in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2637 +#: sssd-ldap.5.xml:2706 msgid "Default: auto.master" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2644 +#: sssd-ldap.5.xml:2713 msgid "ldap_autofs_map_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2647 +#: sssd-ldap.5.xml:2716 msgid "The object class of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2650 +#: sssd-ldap.5.xml:2719 msgid "Default: nisMap (rfc2307, autofs_provider=ad), otherwise automountMap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2658 +#: sssd-ldap.5.xml:2727 msgid "ldap_autofs_map_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2661 +#: sssd-ldap.5.xml:2730 msgid "The name of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2664 +#: sssd-ldap.5.xml:2733 msgid "" "Default: nisMapName (rfc2307, autofs_provider=ad), otherwise automountMapName" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2672 +#: sssd-ldap.5.xml:2741 msgid "ldap_autofs_entry_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2675 +#: sssd-ldap.5.xml:2744 msgid "" "The object class of an automount entry in LDAP. The entry usually " "corresponds to a mount point." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2680 +#: sssd-ldap.5.xml:2749 msgid "Default: nisObject (rfc2307, autofs_provider=ad), otherwise automount" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2688 +#: sssd-ldap.5.xml:2757 msgid "ldap_autofs_entry_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2691 sssd-ldap.5.xml:2706 +#: sssd-ldap.5.xml:2760 sssd-ldap.5.xml:2775 msgid "" "The key of an automount entry in LDAP. The entry usually corresponds to a " "mount point." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2695 +#: sssd-ldap.5.xml:2764 msgid "Default: cn (rfc2307, autofs_provider=ad), otherwise automountKey" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2703 +#: sssd-ldap.5.xml:2772 msgid "ldap_autofs_entry_value (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2710 +#: sssd-ldap.5.xml:2779 msgid "" "Default: nisMapEntry (rfc2307, autofs_provider=ad), otherwise " "automountInformation" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2629 +#: sssd-ldap.5.xml:2698 msgid "" "<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" "\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " @@ -7127,32 +7388,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2721 +#: sssd-ldap.5.xml:2790 msgid "ADVANCED OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2728 +#: sssd-ldap.5.xml:2797 msgid "ldap_netgroup_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2733 +#: sssd-ldap.5.xml:2802 msgid "ldap_user_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2738 +#: sssd-ldap.5.xml:2807 msgid "ldap_group_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note> -#: sssd-ldap.5.xml:2743 +#: sssd-ldap.5.xml:2812 msgid "<note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note><para> -#: sssd-ldap.5.xml:2745 +#: sssd-ldap.5.xml:2814 msgid "" "If the option <quote>ldap_use_tokengroups</quote> is enabled, the searches " "against Active Directory will not be restricted and return all groups " @@ -7161,22 +7422,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist> -#: sssd-ldap.5.xml:2752 +#: sssd-ldap.5.xml:2821 msgid "</note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2754 +#: sssd-ldap.5.xml:2823 msgid "ldap_sudo_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2759 +#: sssd-ldap.5.xml:2828 msgid "ldap_autofs_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2723 +#: sssd-ldap.5.xml:2792 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -7185,14 +7446,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2774 sssd-simple.5.xml:131 sssd-ipa.5.xml:843 -#: sssd-ad.5.xml:1078 sssd-krb5.5.xml:570 sss_rpcidmapd.5.xml:98 +#: sssd-ldap.5.xml:2843 sssd-simple.5.xml:131 sssd-ipa.5.xml:843 +#: sssd-ad.5.xml:1097 sssd-krb5.5.xml:604 sss_rpcidmapd.5.xml:98 #: sssd-files.5.xml:130 sssd-session-recording.5.xml:144 msgid "EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2776 +#: sssd-ldap.5.xml:2845 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -7200,7 +7461,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2782 +#: sssd-ldap.5.xml:2851 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -7213,27 +7474,27 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:2781 sssd-ldap.5.xml:2799 sssd-simple.5.xml:139 -#: sssd-ipa.5.xml:851 sssd-ad.5.xml:1086 sssd-sudo.5.xml:56 sssd-krb5.5.xml:579 +#: sssd-ldap.5.xml:2850 sssd-ldap.5.xml:2868 sssd-simple.5.xml:139 +#: sssd-ipa.5.xml:851 sssd-ad.5.xml:1105 sssd-sudo.5.xml:56 sssd-krb5.5.xml:613 #: sssd-files.5.xml:137 sssd-files.5.xml:148 sssd-session-recording.5.xml:150 #: include/ldap_id_mapping.xml:105 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2793 +#: sssd-ldap.5.xml:2862 msgid "LDAP ACCESS FILTER EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2795 +#: sssd-ldap.5.xml:2864 msgid "" "The following example assumes that SSSD is correctly configured and to use " "the ldap_access_order=lockout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2800 +#: sssd-ldap.5.xml:2869 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -7249,13 +7510,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2815 sssd_krb5_locator_plugin.8.xml:81 sssd-simple.5.xml:148 -#: sssd-ad.5.xml:1101 sssd.8.xml:257 sss_seed.8.xml:163 +#: sssd-ldap.5.xml:2884 sssd_krb5_locator_plugin.8.xml:83 sssd-simple.5.xml:148 +#: sssd-ad.5.xml:1120 sssd.8.xml:257 sss_seed.8.xml:163 msgid "NOTES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2817 +#: sssd-ldap.5.xml:2886 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -7468,7 +7729,7 @@ msgstr "" msgid "" "Try to use certificate based authentication, i.e. authentication with a " "Smartcard or similar devices. If a Smartcard is available and the service is " -"allowed for Smartcard authentication the use will be prompted for a PIN and " +"allowed for Smartcard authentication the user will be prompted for a PIN and " "the certificate based authentication will continue" msgstr "" @@ -7515,13 +7776,22 @@ msgid "" "<option>password</option> and <option>session</option>) are provided." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para> +#: pam_sss.8.xml:259 +msgid "" +"If SSSD's PAM responder is not running, e.g. if the PAM responder socket is " +"not available, pam_sss will return PAM_USER_UNKNOWN when called as " +"<option>account</option> module to avoid issues with users from other " +"sources during access control." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><title> -#: pam_sss.8.xml:262 +#: pam_sss.8.xml:266 msgid "FILES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:263 +#: pam_sss.8.xml:267 msgid "" "If a password reset by root fails, because the corresponding SSSD provider " "does not support password resets, an individual message can be displayed. " @@ -7529,7 +7799,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:268 +#: pam_sss.8.xml:272 msgid "" "The message is read from the file <filename>pam_sss_pw_reset_message.LOC</" "filename> where LOC stands for a locale string returned by <citerefentry> " @@ -7541,7 +7811,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:278 +#: pam_sss.8.xml:282 msgid "" "These files are searched in the directory <filename>/etc/sssd/customize/" "DOMAIN_NAME/</filename>. If no matching file is present a generic message is " @@ -7591,34 +7861,44 @@ msgstr "" msgid "" "The plugin reads the information about the KDCs of a given realm from a file " "called <filename>kdcinfo.REALM</filename>. The file should contain one or " -"more IP addresses either in dotted-decimal IPv4 notation or the hexadecimal " -"IPv6 notation. An optional port number can be added to the end separated " -"with a colon, the IPv6 address has to be enclosed in squared brackets in " -"this case as usual. Valid entries are:" +"more DNS names or IP addresses either in dotted-decimal IPv4 notation or the " +"hexadecimal IPv6 notation. An optional port number can be added to the end " +"separated with a colon, the IPv6 address has to be enclosed in squared " +"brackets in this case as usual. Valid entries are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> #: sssd_krb5_locator_plugin.8.xml:58 -msgid "1.2.3.4" +msgid "kdc.example.com" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> #: sssd_krb5_locator_plugin.8.xml:59 -msgid "5.6.7.8:99" +msgid "kdc.example.com:321" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> #: sssd_krb5_locator_plugin.8.xml:60 -msgid "2001:db8:85a3::8a2e:370:7334" +msgid "1.2.3.4" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> #: sssd_krb5_locator_plugin.8.xml:61 +msgid "5.6.7.8:99" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd_krb5_locator_plugin.8.xml:62 +msgid "2001:db8:85a3::8a2e:370:7334" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd_krb5_locator_plugin.8.xml:63 msgid "[2001:db8:85a3::8a2e:370:7334]:321" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:63 +#: sssd_krb5_locator_plugin.8.xml:65 msgid "" "SSSD's krb5 auth-provider which is used by the IPA and AD providers as well " "adds the address of the current KDC or domain controller SSSD is using to " @@ -7626,7 +7906,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:68 +#: sssd_krb5_locator_plugin.8.xml:70 msgid "" "In environments with read-only and read-write KDCs where clients are " "expected to use the read-only instances for the general operations and only " @@ -7639,7 +7919,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:83 +#: sssd_krb5_locator_plugin.8.xml:85 msgid "" "Not all Kerberos implementations support the use of plugins. If " "<command>sssd_krb5_locator_plugin</command> is not available on your system " @@ -7647,20 +7927,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:89 +#: sssd_krb5_locator_plugin.8.xml:91 msgid "" "If the environment variable SSSD_KRB5_LOCATOR_DEBUG is set to any value " "debug messages will be sent to stderr." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:93 +#: sssd_krb5_locator_plugin.8.xml:95 msgid "" "If the environment variable SSSD_KRB5_LOCATOR_DISABLE is set to any value " "the plugin is disabled and will just return KRB5_PLUGIN_NO_HANDLE to the " "caller." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:100 +msgid "" +"If the environment variable SSSD_KRB5_LOCATOR_IGNORE_DNS_FAILURES is set to " +"any value plugin will try to resolve all DNS names in kdcinfo file. By " +"default plugin returns KRB5_PLUGIN_NO_HANDLE to the caller immediately on " +"first DNS resolving failure." +msgstr "" + #. type: Content of: <reference><refentry><refnamediv><refname> #: sssd-simple.5.xml:10 sssd-simple.5.xml:16 msgid "sssd-simple" @@ -8757,7 +9046,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:128 sssd-ad.5.xml:888 +#: sssd-ipa.5.xml:128 sssd-ad.5.xml:907 msgid "dyndns_update (boolean)" msgstr "" @@ -8772,7 +9061,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:140 sssd-ad.5.xml:902 +#: sssd-ipa.5.xml:140 sssd-ad.5.xml:921 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" @@ -8787,12 +9076,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:157 sssd-ad.5.xml:913 +#: sssd-ipa.5.xml:157 sssd-ad.5.xml:932 msgid "dyndns_ttl (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:160 sssd-ad.5.xml:916 +#: sssd-ipa.5.xml:160 sssd-ad.5.xml:935 msgid "" "The TTL to apply to the client DNS record when updating it. If " "dyndns_update is false this has no effect. This will override the TTL " @@ -8813,12 +9102,12 @@ msgid "Default: 1200 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:177 sssd-ad.5.xml:927 +#: sssd-ipa.5.xml:177 sssd-ad.5.xml:946 msgid "dyndns_iface (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:180 sssd-ad.5.xml:930 +#: sssd-ipa.5.xml:180 sssd-ad.5.xml:949 msgid "" "Optional. Applicable only when dyndns_update is true. Choose the interface " "or a list of interfaces whose IP addresses should be used for dynamic DNS " @@ -8842,17 +9131,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:197 sssd-ad.5.xml:941 +#: sssd-ipa.5.xml:197 sssd-ad.5.xml:960 msgid "Example: dyndns_iface = em1, vnet1, vnet2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:203 sssd-ad.5.xml:992 +#: sssd-ipa.5.xml:203 sssd-ad.5.xml:1011 msgid "dyndns_auth (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:206 sssd-ad.5.xml:995 +#: sssd-ipa.5.xml:206 sssd-ad.5.xml:1014 msgid "" "Whether the nsupdate utility should use GSS-TSIG authentication for secure " "updates with the DNS server, insecure updates can be sent by setting this " @@ -8860,7 +9149,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:212 sssd-ad.5.xml:1001 +#: sssd-ipa.5.xml:212 sssd-ad.5.xml:1020 msgid "Default: GSS-TSIG" msgstr "" @@ -8887,7 +9176,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:244 sssd-ad.5.xml:947 +#: sssd-ipa.5.xml:244 sssd-ad.5.xml:966 msgid "dyndns_refresh_interval (integer)" msgstr "" @@ -8900,12 +9189,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:260 sssd-ad.5.xml:965 +#: sssd-ipa.5.xml:260 sssd-ad.5.xml:984 msgid "dyndns_update_ptr (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:263 sssd-ad.5.xml:968 +#: sssd-ipa.5.xml:263 sssd-ad.5.xml:987 msgid "" "Whether the PTR record should also be explicitly updated when updating the " "client's DNS records. Applicable only when dyndns_update is true." @@ -8924,60 +9213,60 @@ msgid "Default: False (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:280 sssd-ad.5.xml:979 +#: sssd-ipa.5.xml:280 sssd-ad.5.xml:998 msgid "dyndns_force_tcp (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:283 sssd-ad.5.xml:982 +#: sssd-ipa.5.xml:283 sssd-ad.5.xml:1001 msgid "" "Whether the nsupdate utility should default to using TCP for communicating " "with the DNS server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:287 sssd-ad.5.xml:986 +#: sssd-ipa.5.xml:287 sssd-ad.5.xml:1005 msgid "Default: False (let nsupdate choose the protocol)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:293 sssd-ad.5.xml:1007 +#: sssd-ipa.5.xml:293 sssd-ad.5.xml:1026 msgid "dyndns_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:296 sssd-ad.5.xml:1010 +#: sssd-ipa.5.xml:296 sssd-ad.5.xml:1029 msgid "" "The DNS server to use when performing a DNS update. In most setups, it's " "recommended to leave this option unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:301 sssd-ad.5.xml:1015 +#: sssd-ipa.5.xml:301 sssd-ad.5.xml:1034 msgid "" "Setting this option makes sense for environments where the DNS server is " "different from the identity server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:306 sssd-ad.5.xml:1020 +#: sssd-ipa.5.xml:306 sssd-ad.5.xml:1039 msgid "" "Please note that this option will be only used in fallback attempt when " "previous attempt using autodetected settings failed." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:311 sssd-ad.5.xml:1025 +#: sssd-ipa.5.xml:311 sssd-ad.5.xml:1044 msgid "Default: None (let nsupdate choose the server)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:317 sssd-ad.5.xml:1031 +#: sssd-ipa.5.xml:317 sssd-ad.5.xml:1050 msgid "dyndns_update_per_family (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:320 sssd-ad.5.xml:1034 +#: sssd-ipa.5.xml:320 sssd-ad.5.xml:1053 msgid "" "DNS update is by default performed in two steps - IPv4 update and then IPv6 " "update. In some cases it might be desirable to perform IPv4 and IPv6 update " @@ -9091,26 +9380,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:458 sssd-ad.5.xml:1049 +#: sssd-ipa.5.xml:458 sssd-ad.5.xml:1068 msgid "krb5_confd_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:461 sssd-ad.5.xml:1052 +#: sssd-ipa.5.xml:461 sssd-ad.5.xml:1071 msgid "" "Absolute path of a directory where SSSD should place Kerberos configuration " "snippets." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:465 sssd-ad.5.xml:1056 +#: sssd-ipa.5.xml:465 sssd-ad.5.xml:1075 msgid "" "To disable the creation of the configuration snippets set the parameter to " "'none'." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:469 sssd-ad.5.xml:1060 +#: sssd-ipa.5.xml:469 sssd-ad.5.xml:1079 msgid "" "Default: not set (krb5.include.d subdirectory of SSSD's pubconf directory)" msgstr "" @@ -9129,7 +9418,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:486 sssd-ipa.5.xml:516 sssd-ipa.5.xml:532 sssd-ad.5.xml:452 +#: sssd-ipa.5.xml:486 sssd-ipa.5.xml:516 sssd-ipa.5.xml:532 sssd-ad.5.xml:471 msgid "Default: 5 (seconds)" msgstr "" @@ -10005,12 +10294,27 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:442 +#: sssd-ad.5.xml:441 +msgid "ad_gpo_ignore_unreadable (boolean)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:444 +msgid "" +"Normally when some group policy containers (AD object) of applicable group " +"policy objects are not readable by SSSD then users are denied access. This " +"option allows to ignore group policy containers and with them associated " +"policies if their attributes in group policy containers are not readable for " +"SSSD." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:461 msgid "ad_gpo_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:445 +#: sssd-ad.5.xml:464 msgid "" "The amount of time between lookups of GPO policy files against the AD " "server. This will reduce the latency and load on the AD server if there are " @@ -10018,12 +10322,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:458 +#: sssd-ad.5.xml:477 msgid "ad_gpo_map_interactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:461 +#: sssd-ad.5.xml:480 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the InteractiveLogonRight and " @@ -10031,14 +10335,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:467 +#: sssd-ad.5.xml:486 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on locally\" and \"Deny log on locally\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:481 +#: sssd-ad.5.xml:500 #, no-wrap msgid "" "ad_gpo_map_interactive = +my_pam_service, -login\n" @@ -10046,7 +10350,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:472 +#: sssd-ad.5.xml:491 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -10058,42 +10362,42 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:504 +#: sssd-ad.5.xml:523 msgid "gdm-fingerprint" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:524 +#: sssd-ad.5.xml:543 msgid "lightdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:529 +#: sssd-ad.5.xml:548 msgid "lxdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:534 +#: sssd-ad.5.xml:553 msgid "sddm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:539 +#: sssd-ad.5.xml:558 msgid "unity" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:544 +#: sssd-ad.5.xml:563 msgid "xdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:553 +#: sssd-ad.5.xml:572 msgid "ad_gpo_map_remote_interactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:556 +#: sssd-ad.5.xml:575 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the RemoteInteractiveLogonRight and " @@ -10101,7 +10405,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:562 +#: sssd-ad.5.xml:581 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on through Remote Desktop Services\" and \"Deny log on through Remote " @@ -10109,7 +10413,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:577 +#: sssd-ad.5.xml:596 #, no-wrap msgid "" "ad_gpo_map_remote_interactive = +my_pam_service, -sshd\n" @@ -10117,7 +10421,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:568 +#: sssd-ad.5.xml:587 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -10129,22 +10433,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:585 +#: sssd-ad.5.xml:604 msgid "sshd" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:590 +#: sssd-ad.5.xml:609 msgid "cockpit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:599 +#: sssd-ad.5.xml:618 msgid "ad_gpo_map_network (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:602 +#: sssd-ad.5.xml:621 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the NetworkLogonRight and " @@ -10152,7 +10456,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:608 +#: sssd-ad.5.xml:627 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Access " "this computer from the network\" and \"Deny access to this computer from the " @@ -10160,7 +10464,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:623 +#: sssd-ad.5.xml:642 #, no-wrap msgid "" "ad_gpo_map_network = +my_pam_service, -ftp\n" @@ -10168,7 +10472,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:614 +#: sssd-ad.5.xml:633 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -10180,22 +10484,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:631 +#: sssd-ad.5.xml:650 msgid "ftp" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:636 +#: sssd-ad.5.xml:655 msgid "samba" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:645 +#: sssd-ad.5.xml:664 msgid "ad_gpo_map_batch (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:648 +#: sssd-ad.5.xml:667 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the BatchLogonRight and DenyBatchLogonRight " @@ -10203,14 +10507,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:654 +#: sssd-ad.5.xml:673 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a batch job\" and \"Deny log on as a batch job\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:668 +#: sssd-ad.5.xml:687 #, no-wrap msgid "" "ad_gpo_map_batch = +my_pam_service, -crond\n" @@ -10218,7 +10522,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:659 +#: sssd-ad.5.xml:678 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -10230,23 +10534,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:671 +#: sssd-ad.5.xml:690 msgid "" "Note: Cron service name may differ depending on Linux distribution used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:677 +#: sssd-ad.5.xml:696 msgid "crond" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:686 +#: sssd-ad.5.xml:705 msgid "ad_gpo_map_service (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:689 +#: sssd-ad.5.xml:708 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the ServiceLogonRight and " @@ -10254,14 +10558,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:695 +#: sssd-ad.5.xml:714 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a service\" and \"Deny log on as a service\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:708 +#: sssd-ad.5.xml:727 #, no-wrap msgid "" "ad_gpo_map_service = +my_pam_service\n" @@ -10269,7 +10573,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:700 sssd-ad.5.xml:775 +#: sssd-ad.5.xml:719 sssd-ad.5.xml:794 msgid "" "It is possible to add a PAM service name to the default set by using <quote>" "+service_name</quote>. Since the default set is empty, it is not possible " @@ -10280,19 +10584,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:718 +#: sssd-ad.5.xml:737 msgid "ad_gpo_map_permit (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:721 +#: sssd-ad.5.xml:740 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always granted, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:735 +#: sssd-ad.5.xml:754 #, no-wrap msgid "" "ad_gpo_map_permit = +my_pam_service, -sudo\n" @@ -10300,7 +10604,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:726 +#: sssd-ad.5.xml:745 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -10312,29 +10616,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:743 +#: sssd-ad.5.xml:762 msgid "polkit-1" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:758 +#: sssd-ad.5.xml:777 msgid "systemd-user" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:767 +#: sssd-ad.5.xml:786 msgid "ad_gpo_map_deny (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:770 +#: sssd-ad.5.xml:789 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always denied, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:783 +#: sssd-ad.5.xml:802 #, no-wrap msgid "" "ad_gpo_map_deny = +my_pam_service\n" @@ -10342,12 +10646,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:793 +#: sssd-ad.5.xml:812 msgid "ad_gpo_default_right (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:796 +#: sssd-ad.5.xml:815 msgid "" "This option defines how access control is evaluated for PAM service names " "that are not explicitly listed in one of the ad_gpo_map_* options. This " @@ -10360,57 +10664,57 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:809 +#: sssd-ad.5.xml:828 msgid "Supported values for this option include:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:813 +#: sssd-ad.5.xml:832 msgid "interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:818 +#: sssd-ad.5.xml:837 msgid "remote_interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:823 +#: sssd-ad.5.xml:842 msgid "network" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:828 +#: sssd-ad.5.xml:847 msgid "batch" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:833 +#: sssd-ad.5.xml:852 msgid "service" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:838 +#: sssd-ad.5.xml:857 msgid "permit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:843 +#: sssd-ad.5.xml:862 msgid "deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:849 +#: sssd-ad.5.xml:868 msgid "Default: deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:855 +#: sssd-ad.5.xml:874 msgid "ad_maximum_machine_account_password_age (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:858 +#: sssd-ad.5.xml:877 msgid "" "SSSD will check once a day if the machine account password is older than the " "given age in days and try to renew it. A value of 0 will disable the renewal " @@ -10418,17 +10722,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:864 +#: sssd-ad.5.xml:883 msgid "Default: 30 days" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:870 +#: sssd-ad.5.xml:889 msgid "ad_machine_account_password_renewal_opts (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:873 +#: sssd-ad.5.xml:892 msgid "" "This option should only be used to test the machine account renewal task. " "The option expects 2 integers separated by a colon (':'). The first integer " @@ -10438,12 +10742,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:882 +#: sssd-ad.5.xml:901 msgid "Default: 86400:750 (24h and 15m)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:891 +#: sssd-ad.5.xml:910 msgid "" "Optional. This option tells SSSD to automatically update the Active " "Directory DNS server with the IP address of this client. The update is " @@ -10454,19 +10758,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:921 +#: sssd-ad.5.xml:940 msgid "Default: 3600 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:937 +#: sssd-ad.5.xml:956 msgid "" "Default: Use the IP addresses of the interface which is used for AD LDAP " "connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:950 +#: sssd-ad.5.xml:969 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -10476,12 +10780,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:973 sss_rpcidmapd.5.xml:76 +#: sssd-ad.5.xml:992 sss_rpcidmapd.5.xml:76 msgid "Default: True" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1080 +#: sssd-ad.5.xml:1099 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -10489,7 +10793,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1087 +#: sssd-ad.5.xml:1106 #, no-wrap msgid "" "[domain/EXAMPLE]\n" @@ -10504,7 +10808,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1107 +#: sssd-ad.5.xml:1126 #, no-wrap msgid "" "access_provider = ldap\n" @@ -10513,7 +10817,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1103 +#: sssd-ad.5.xml:1122 msgid "" "The AD access control provider checks if the account is expired. It has the " "same effect as the following configuration of the LDAP provider: " @@ -10521,7 +10825,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1113 +#: sssd-ad.5.xml:1132 msgid "" "However, unless the <quote>ad</quote> access control provider is explicitly " "configured, the default access provider is <quote>permit</quote>. Please " @@ -10531,7 +10835,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1121 +#: sssd-ad.5.xml:1140 msgid "" "When the autofs provider is set to <quote>ad</quote>, the RFC2307 schema " "attribute mapping (nisMap, nisObject, ...) is used, because these attributes " @@ -10917,10 +11221,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd.8.xml:169 -#, fuzzy -#| msgid "<option>-h</option>,<option>--help</option>" msgid "<option>-g</option>,<option>--genconf</option>" -msgstr "<option>-h</option>,<option>--help</option>" +msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.8.xml:173 @@ -10931,10 +11233,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd.8.xml:181 -#, fuzzy -#| msgid "<option>-h</option>,<option>--help</option>" msgid "<option>-s</option>,<option>--genconf-section</option>" -msgstr "<option>-h</option>,<option>--help</option>" +msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.8.xml:185 @@ -12019,23 +12319,59 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-krb5.5.xml:505 -msgid "krb5_use_enterprise_principal (boolean)" +msgid "krb5_kdcinfo_lookahead (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:508 msgid "" +"When krb5_use_kdcinfo is set to true, you can limit the amount of servers " +"handed to <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" +"refentrytitle> <manvolnum>8</manvolnum> </citerefentry>. This might be " +"helpful when there are too many servers discovered using SRV record." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:518 +msgid "" +"The krb5_kdcinfo_lookahead option contains two numbers seperated by a colon. " +"The first number represents number of primary servers used and the second " +"number specifies the number of backup servers." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:524 +msgid "" +"For example <emphasis>10:0</emphasis> means that up to 10 primary servers " +"will be handed to <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" +"refentrytitle> <manvolnum>8</manvolnum> </citerefentry>. but no backup " +"servers." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:533 +msgid "Default: 3:1" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-krb5.5.xml:539 +msgid "krb5_use_enterprise_principal (boolean)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:542 +msgid "" "Specifies if the user principal should be treated as enterprise principal. " "See section 5 of RFC 6806 for more details about enterprise principals." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:514 +#: sssd-krb5.5.xml:548 msgid "Default: false (AD provider: true)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:517 +#: sssd-krb5.5.xml:551 msgid "" "The IPA provider will set to option to 'true' if it detects that the server " "is capable of handling enterprise principals and the option is not set " @@ -12043,12 +12379,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:526 +#: sssd-krb5.5.xml:560 msgid "krb5_map_user (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:529 +#: sssd-krb5.5.xml:563 msgid "" "The list of mappings is given as a comma-separated list of pairs " "<quote>username:primary</quote> where <quote>username</quote> is a UNIX user " @@ -12058,7 +12394,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-krb5.5.xml:541 +#: sssd-krb5.5.xml:575 #, no-wrap msgid "" "krb5_realm = REALM\n" @@ -12066,7 +12402,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:546 +#: sssd-krb5.5.xml:580 msgid "" "<quote>joe</quote> and <quote>dick</quote> are UNIX user names and " "<quote>juser</quote> and <quote>richard</quote> are primaries of kerberos " @@ -12086,7 +12422,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:572 +#: sssd-krb5.5.xml:606 msgid "" "The following example assumes that SSSD is correctly configured and FOO is " "one of the domains in the <replaceable>[sssd]</replaceable> section. This " @@ -12095,7 +12431,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-krb5.5.xml:580 +#: sssd-krb5.5.xml:614 #, no-wrap msgid "" "[domain/FOO]\n" @@ -13273,10 +13609,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_ssh_knownhostsproxy.1.xml:89 -#, fuzzy -#| msgid "<option>-h</option>,<option>--help</option>" msgid "<option>-k</option>,<option>--pubkey</option>" -msgstr "<option>-h</option>,<option>--help</option>" +msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_ssh_knownhostsproxy.1.xml:93 diff --git a/src/man/po/de.po b/src/man/po/de.po index bfb1305b6f2..771cac97203 100644 --- a/src/man/po/de.po +++ b/src/man/po/de.po @@ -8,9 +8,9 @@ # Mario Blättermann <mario.blaettermann@gmail.com>, 2014 msgid "" msgstr "" -"Project-Id-Version: sssd-docs 1.16.2\n" +"Project-Id-Version: sssd-docs 2.0.99\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2019-02-27 19:54+0100\n" +"POT-Creation-Date: 2019-06-13 20:34+0200\n" "PO-Revision-Date: 2014-12-14 11:53+0000\n" "Last-Translator: Copied by Zanata <copied-by-zanata@zanata.org>\n" "Language-Team: German (http://www.transifex.com/projects/p/sssd/language/" @@ -322,11 +322,11 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:133 sssd.conf.5.xml:579 sssd.conf.5.xml:875 -#: sssd.conf.5.xml:1648 sssd.conf.5.xml:1678 sssd-ldap.5.xml:1792 -#: sssd-ldap.5.xml:1889 sssd-ldap.5.xml:1951 sssd-ldap.5.xml:2517 -#: sssd-ldap.5.xml:2582 sssd-ipa.5.xml:326 sssd-ad.5.xml:227 sssd-ad.5.xml:341 -#: sssd-ad.5.xml:907 sssd-ad.5.xml:1040 sssd-krb5.5.xml:499 +#: sssd.conf.5.xml:133 sssd.conf.5.xml:579 sssd.conf.5.xml:876 +#: sssd.conf.5.xml:1649 sssd.conf.5.xml:1679 sssd-ldap.5.xml:1849 +#: sssd-ldap.5.xml:1947 sssd-ldap.5.xml:2009 sssd-ldap.5.xml:2586 +#: sssd-ldap.5.xml:2651 sssd-ipa.5.xml:326 sssd-ad.5.xml:227 sssd-ad.5.xml:341 +#: sssd-ad.5.xml:926 sssd-ad.5.xml:1059 sssd-krb5.5.xml:499 #: sssd-secrets.5.xml:351 sssd-secrets.5.xml:364 msgid "Default: true" msgstr "Voreinstellung: »true«" @@ -345,16 +345,16 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:146 sssd.conf.5.xml:576 sssd.conf.5.xml:758 -#: sssd.conf.5.xml:1581 sssd.conf.5.xml:3140 sssd-ldap.5.xml:708 -#: sssd-ldap.5.xml:1655 sssd-ldap.5.xml:1674 sssd-ldap.5.xml:1861 -#: sssd-ldap.5.xml:2287 sssd-ldap.5.xml:2606 sssd-ipa.5.xml:151 +#: sssd.conf.5.xml:1582 sssd.conf.5.xml:3207 sssd-ldap.5.xml:746 +#: sssd-ldap.5.xml:1700 sssd-ldap.5.xml:1719 sssd-ldap.5.xml:1919 +#: sssd-ldap.5.xml:2345 sssd-ldap.5.xml:2675 sssd-ipa.5.xml:151 #: sssd-ipa.5.xml:238 sssd-ipa.5.xml:574 sssd-krb5.5.xml:266 #: sssd-krb5.5.xml:300 sssd-krb5.5.xml:471 msgid "Default: false" msgstr "Voreinstellung: »false«" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:2325 +#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:2383 #: sssd-systemtap.5.xml:82 sssd-systemtap.5.xml:143 sssd-systemtap.5.xml:210 #: sssd-systemtap.5.xml:248 sssd-systemtap.5.xml:304 msgid "<placeholder type=\"variablelist\" id=\"0\"/>" @@ -379,8 +379,8 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:169 sssd.conf.5.xml:1412 sssd.conf.5.xml:3156 -#: sssd-ldap.5.xml:1526 include/ldap_id_mapping.xml:264 +#: sssd.conf.5.xml:169 sssd.conf.5.xml:1413 sssd.conf.5.xml:3223 +#: sssd-ldap.5.xml:1571 include/ldap_id_mapping.xml:264 msgid "Default: 10" msgstr "Voreinstellung: 10" @@ -395,7 +395,7 @@ msgid "The [sssd] section" msgstr "Der Abschnitt [sssd]" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:191 sssd.conf.5.xml:3245 +#: sssd.conf.5.xml:191 sssd.conf.5.xml:3312 msgid "Section parameters" msgstr "Abschnittsparameter" @@ -484,7 +484,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:259 sssd.conf.5.xml:2754 +#: sssd.conf.5.xml:259 sssd.conf.5.xml:2755 msgid "re_expression (string)" msgstr "re_expression (Zeichenkette)" @@ -507,12 +507,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:276 sssd.conf.5.xml:2802 +#: sssd.conf.5.xml:276 sssd.conf.5.xml:2803 msgid "full_name_format (string)" msgstr "full_name_format (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:279 sssd.conf.5.xml:2805 +#: sssd.conf.5.xml:279 sssd.conf.5.xml:2806 msgid "" "A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" "manvolnum> </citerefentry>-compatible format that describes how to compose a " @@ -524,32 +524,32 @@ msgstr "" "zusammengestellt wird." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:290 sssd.conf.5.xml:2816 +#: sssd.conf.5.xml:290 sssd.conf.5.xml:2817 msgid "%1$s" msgstr "%1$s" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:291 sssd.conf.5.xml:2817 +#: sssd.conf.5.xml:291 sssd.conf.5.xml:2818 msgid "user name" msgstr "Benutzername" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:294 sssd.conf.5.xml:2820 +#: sssd.conf.5.xml:294 sssd.conf.5.xml:2821 msgid "%2$s" msgstr "%2$s" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:297 sssd.conf.5.xml:2823 +#: sssd.conf.5.xml:297 sssd.conf.5.xml:2824 msgid "domain name as specified in the SSSD config file." msgstr "Domain-Name, wie er durch die SSSD-Konfigurationsdatei angegeben wird" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:303 sssd.conf.5.xml:2829 +#: sssd.conf.5.xml:303 sssd.conf.5.xml:2830 msgid "%3$s" msgstr "%3$s" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:306 sssd.conf.5.xml:2832 +#: sssd.conf.5.xml:306 sssd.conf.5.xml:2833 msgid "" "domain flat name. Mostly usable for Active Directory domains, both directly " "configured or discovered via IPA trusts." @@ -558,7 +558,7 @@ msgstr "" "direkt konfiguriert als auch über IPA-Trust" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:287 sssd.conf.5.xml:2813 +#: sssd.conf.5.xml:287 sssd.conf.5.xml:2814 msgid "" "The following expansions are supported: <placeholder type=\"variablelist\" " "id=\"0\"/>" @@ -712,10 +712,10 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:418 sssd.conf.5.xml:1201 sssd-ldap.5.xml:679 -#: sssd-ldap.5.xml:1260 sssd-ldap.5.xml:1614 sssd-ldap.5.xml:1626 -#: sssd-ldap.5.xml:1708 sssd-ad.5.xml:712 sssd-ad.5.xml:787 sssd.8.xml:126 -#: sssd-krb5.5.xml:410 sssd-krb5.5.xml:556 sssd-secrets.5.xml:339 +#: sssd.conf.5.xml:418 sssd.conf.5.xml:1202 sssd-ldap.5.xml:717 +#: sssd-ldap.5.xml:1298 sssd-ldap.5.xml:1659 sssd-ldap.5.xml:1671 +#: sssd-ldap.5.xml:1763 sssd-ad.5.xml:731 sssd-ad.5.xml:806 sssd.8.xml:126 +#: sssd-krb5.5.xml:410 sssd-krb5.5.xml:590 sssd-secrets.5.xml:339 #: sssd-secrets.5.xml:377 sssd-secrets.5.xml:390 sssd-secrets.5.xml:404 #: sssd-secrets.5.xml:415 include/ldap_id_mapping.xml:205 #: include/ldap_id_mapping.xml:216 @@ -833,38 +833,21 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:509 -#, fuzzy -#| msgid "" -#| "<quote>ipa</quote> to load maps stored in an IPA server. See " -#| "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" -#| "manvolnum> </citerefentry> for more information on configuring IPA." msgid "" "(NSS Version) This option is ignored, please see <citerefentry> " "<refentrytitle>crlutil</refentrytitle> <manvolnum>1</manvolnum> </" "citerefentry> how to import a Certificate Revocation List (CRL) into a NSS " "database." msgstr "" -"»ipa«, um auf einem IPA-Server gespeicherte Abbilder zu laden. Weitere " -"Informationen über die Konfiguration von IPA finden Sie unter <citerefentry> " -"<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry>." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:518 -#, fuzzy -#| msgid "" -#| "Please refer to the <quote>dns_discovery_domain</quote> parameter in the " -#| "<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -#| "manvolnum> </citerefentry> manual page for more details." msgid "" "(OpenSSL Version) Use the Certificate Revocation List (CRL) from the given " "file during the verification of the certificate. The CRL must be given in " "PEM format, see <citerefentry> <refentrytitle>crl</refentrytitle> " "<manvolnum>1ssl</manvolnum> </citerefentry> for details." msgstr "" -"Weitere Einzelheiten finden Sie in der Handbuchseite <citerefentry> " -"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> beim Parameter »dns_discovery_domain«." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:451 @@ -875,12 +858,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:533 sssd.conf.5.xml:1397 sssd.conf.5.xml:1703 +#: sssd.conf.5.xml:533 sssd.conf.5.xml:1398 sssd.conf.5.xml:1704 msgid "This man page was generated for the NSS version." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:536 sssd.conf.5.xml:1400 sssd.conf.5.xml:1706 +#: sssd.conf.5.xml:536 sssd.conf.5.xml:1401 sssd.conf.5.xml:1707 msgid "This man page was generated for the OpenSSL version." msgstr "" @@ -964,7 +947,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:624 sssd.conf.5.xml:1424 sssd.conf.5.xml:3206 +#: sssd.conf.5.xml:624 sssd.conf.5.xml:1425 sssd.conf.5.xml:3273 #: sssd-ad.5.xml:164 sssd-ad.5.xml:302 sssd-ad.5.xml:316 msgid "Default: Not set" msgstr "Voreinstellung: Nicht gesetzt" @@ -1056,8 +1039,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:692 sssd.conf.5.xml:724 sssd.conf.5.xml:1006 -#: sssd.conf.5.xml:1267 sssd.conf.5.xml:1513 sssd-ldap.5.xml:1353 +#: sssd.conf.5.xml:692 sssd.conf.5.xml:724 sssd.conf.5.xml:1007 +#: sssd.conf.5.xml:1268 sssd.conf.5.xml:1514 sssd-ldap.5.xml:1391 msgid "Default: 60" msgstr "Voreinstellung: 60" @@ -1117,8 +1100,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:746 sssd.conf.5.xml:1019 sssd.conf.5.xml:1773 -#: sssd-ldap.5.xml:722 +#: sssd.conf.5.xml:746 sssd.conf.5.xml:1020 sssd.conf.5.xml:1774 +#: sssd-ldap.5.xml:760 msgid "Default: 300" msgstr "Voreinstellung: 300" @@ -1214,7 +1197,7 @@ msgstr "" "Sekunden senken. (0 schaltet diese Funktionalität aus.)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:812 sssd.conf.5.xml:1602 +#: sssd.conf.5.xml:812 sssd.conf.5.xml:1603 msgid "Default: 50" msgstr "Voreinstellung: 50" @@ -1236,7 +1219,7 @@ msgstr "" "Backend erneut gefragt wird)." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:826 sssd.conf.5.xml:1626 +#: sssd.conf.5.xml:826 sssd.conf.5.xml:1627 msgid "Default: 15" msgstr "Voreinstellung: 15" @@ -1269,11 +1252,11 @@ msgid "" "Exclude certain users or groups from being fetched from the sss NSS " "database. This is particularly useful for system accounts. This option can " "also be set per-domain or include fully-qualified names to filter only users " -"from the particular domain." +"from the particular domain or by a user principal name (UPN)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:855 +#: sssd.conf.5.xml:856 msgid "" "NOTE: The filter_groups option doesn't affect inheritance of nested group " "members, since filtering happens after they are propagated for returning via " @@ -1282,17 +1265,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:863 +#: sssd.conf.5.xml:864 msgid "Default: root" msgstr "Voreinstellung: root" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:868 +#: sssd.conf.5.xml:869 msgid "filter_users_in_groups (bool)" msgstr "filter_users_in_groups (Boolesch)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:871 +#: sssd.conf.5.xml:872 msgid "" "If you want filtered user still be group members set this option to false." msgstr "" @@ -1300,12 +1283,12 @@ msgstr "" "setzen Sie diese Option auf »false«." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:882 +#: sssd.conf.5.xml:883 msgid "fallback_homedir (string)" msgstr "fallback_homedir (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:885 +#: sssd.conf.5.xml:886 msgid "" "Set a default template for a user's home directory if one is not specified " "explicitly by the domain's data provider." @@ -1314,7 +1297,7 @@ msgstr "" "es nicht explizit durch den Datenanbieter der Domain angegeben wurde." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:890 +#: sssd.conf.5.xml:891 msgid "" "The available values for this option are the same as for override_homedir." msgstr "" @@ -1322,7 +1305,7 @@ msgstr "" "»override_homedir«." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:896 +#: sssd.conf.5.xml:897 #, no-wrap msgid "" "fallback_homedir = /home/%u\n" @@ -1332,25 +1315,25 @@ msgstr "" " " #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:894 sssd.conf.5.xml:1334 sssd.conf.5.xml:1353 -#: sssd-krb5.5.xml:539 include/override_homedir.xml:59 +#: sssd.conf.5.xml:895 sssd.conf.5.xml:1335 sssd.conf.5.xml:1354 +#: sssd-krb5.5.xml:573 include/override_homedir.xml:59 msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "Beispiel: <placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:900 +#: sssd.conf.5.xml:901 msgid "Default: not set (no substitution for unset home directories)" msgstr "" "Voreinstellung: nicht gesetzt (kein Ersetzen nicht gesetzter Home-" "Verzeichnisse)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:906 +#: sssd.conf.5.xml:907 msgid "override_shell (string)" msgstr "override_shell (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:909 +#: sssd.conf.5.xml:910 msgid "" "Override the login shell for all users. This option supersedes any other " "shell options if it takes effect and can be set either in the [nss] section " @@ -1361,19 +1344,19 @@ msgstr "" "entweder im Abschnitt [nss] oder für jede Domain gesetzt werden." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:915 +#: sssd.conf.5.xml:916 msgid "Default: not set (SSSD will use the value retrieved from LDAP)" msgstr "" "Voreinstellung: nicht gesetzt (SSSD wird den von LDAP erhaltenen Wert " "benutzen)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:921 +#: sssd.conf.5.xml:922 msgid "allowed_shells (string)" msgstr "allowed_shells (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:924 +#: sssd.conf.5.xml:925 msgid "" "Restrict user shell to one of the listed values. The order of evaluation is:" msgstr "" @@ -1381,12 +1364,12 @@ msgstr "" "Reihenfolge der Auswertung ist:" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:927 +#: sssd.conf.5.xml:928 msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used." msgstr "1. Falls die Shell in »/etc/shells« vorhanden ist, wird sie benutzt." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:931 +#: sssd.conf.5.xml:932 msgid "" "2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</" "quote>, use the value of the shell_fallback parameter." @@ -1395,7 +1378,7 @@ msgstr "" "shells« steht, wird der Wert des Parameters »shell_fallback« verwendet." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:936 +#: sssd.conf.5.xml:937 msgid "" "3. If the shell is not in the allowed_shells list and not in <quote>/etc/" "shells</quote>, a nologin shell is used." @@ -1404,12 +1387,12 @@ msgstr "" "steht, wird eine Nicht-Login-Shell benutzt." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:941 +#: sssd.conf.5.xml:942 msgid "The wildcard (*) can be used to allow any shell." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:944 +#: sssd.conf.5.xml:945 msgid "" "The (*) is useful if you want to use shell_fallback in case that user's " "shell is not in <quote>/etc/shells</quote> and maintaining list of all " @@ -1417,13 +1400,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:951 +#: sssd.conf.5.xml:952 msgid "An empty string for shell is passed as-is to libc." msgstr "" "Eine leere Zeichenkette als Shell wird, so wie sie ist, an Libc übergeben." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:954 +#: sssd.conf.5.xml:955 msgid "" "The <quote>/etc/shells</quote> is only read on SSSD start up, which means " "that a restart of the SSSD is required in case a new shell is installed." @@ -1432,28 +1415,28 @@ msgstr "" "Fall einer neu installierten Shell ein Neustart von SSSD nötig ist." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:958 +#: sssd.conf.5.xml:959 msgid "Default: Not set. The user shell is automatically used." msgstr "" "Voreinstellung: nicht gesetzt. Die Benutzer-Shell wird automatisch verwendet." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:963 +#: sssd.conf.5.xml:964 msgid "vetoed_shells (string)" msgstr "vetoed_shells (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:966 +#: sssd.conf.5.xml:967 msgid "Replace any instance of these shells with the shell_fallback" msgstr "ersetzt jedwede Instanz dieser Shells durch die aus »shell_fallback«." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:971 +#: sssd.conf.5.xml:972 msgid "shell_fallback (string)" msgstr "shell_fallback (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:974 +#: sssd.conf.5.xml:975 msgid "" "The default shell to use if an allowed shell is not installed on the machine." msgstr "" @@ -1461,17 +1444,17 @@ msgstr "" "auf dem Rechner installiert ist." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:978 +#: sssd.conf.5.xml:979 msgid "Default: /bin/sh" msgstr "Voreinstellung: /bin/sh" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:983 +#: sssd.conf.5.xml:984 msgid "default_shell" msgstr "default_shell" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:986 +#: sssd.conf.5.xml:987 msgid "" "The default shell to use if the provider does not return one during lookup. " "This option can be specified globally in the [nss] section or per-domain." @@ -1481,7 +1464,7 @@ msgstr "" "jede Domain gesetzt werden." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:992 +#: sssd.conf.5.xml:993 msgid "" "Default: not set (Return NULL if no shell is specified and rely on libc to " "substitute something sensible when necessary, usually /bin/sh)" @@ -1491,12 +1474,12 @@ msgstr "" "Vernünftiges, üblicherweise /bin/sh, ersetzt.)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:999 sssd.conf.5.xml:1260 +#: sssd.conf.5.xml:1000 sssd.conf.5.xml:1261 msgid "get_domains_timeout (int)" msgstr "get_domains_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1002 sssd.conf.5.xml:1263 +#: sssd.conf.5.xml:1003 sssd.conf.5.xml:1264 msgid "" "Specifies time in seconds for which the list of subdomains will be " "considered valid." @@ -1505,38 +1488,38 @@ msgstr "" "gültig erachtet wird." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1011 +#: sssd.conf.5.xml:1012 msgid "memcache_timeout (int)" msgstr "memcache_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1014 +#: sssd.conf.5.xml:1015 msgid "" "Specifies time in seconds for which records in the in-memory cache will be " "valid. Setting this option to zero will disable the in-memory cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1022 +#: sssd.conf.5.xml:1023 msgid "" "WARNING: Disabling the in-memory cache will have significant negative impact " "on SSSD's performance and should only be used for testing." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1028 +#: sssd.conf.5.xml:1029 msgid "" "NOTE: If the environment variable SSS_NSS_USE_MEMCACHE is set to \"NO\", " "client applications will not use the fast in-memory cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1036 sssd-ifp.5.xml:74 +#: sssd.conf.5.xml:1037 sssd-ifp.5.xml:74 msgid "user_attributes (string)" msgstr "user_attributes (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1039 +#: sssd.conf.5.xml:1040 msgid "" "Some of the additional NSS responder requests can return more attributes " "than just the POSIX ones defined by the NSS interface. The list of " @@ -1547,48 +1530,48 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1052 +#: sssd.conf.5.xml:1053 msgid "" "To make configuration more easy the NSS responder will check the InfoPipe " "option if it is not set for the NSS responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1057 +#: sssd.conf.5.xml:1058 msgid "Default: not set, fallback to InfoPipe option" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1062 +#: sssd.conf.5.xml:1063 msgid "pwfield (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1065 +#: sssd.conf.5.xml:1066 msgid "" "The value that NSS operations that return users or groups will return for " "the <quote>password</quote> field." msgstr "" #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:1070 include/override_homedir.xml:56 +#: sssd.conf.5.xml:1071 include/override_homedir.xml:56 msgid "This option can also be set per-domain." msgstr "Diese Option kann auch pro Domain gesetzt werden." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1073 +#: sssd.conf.5.xml:1074 msgid "" "Default: <quote>*</quote> (remote domains) or <quote>x</quote> (the files " "domain)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1081 +#: sssd.conf.5.xml:1082 msgid "PAM configuration options" msgstr "PAM-Konfigurationsoptionen" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1083 +#: sssd.conf.5.xml:1084 msgid "" "These options can be used to configure the Pluggable Authentication Module " "(PAM) service." @@ -1597,12 +1580,12 @@ msgstr "" "Authentication Module« (PAM) einzurichten." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1088 +#: sssd.conf.5.xml:1089 msgid "offline_credentials_expiration (integer)" msgstr "offline_credentials_expiration (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1091 +#: sssd.conf.5.xml:1092 msgid "" "If the authentication provider is offline, how long should we allow cached " "logins (in days since the last successful online login)." @@ -1612,17 +1595,17 @@ msgstr "" "erfolgreichen Anmeldung)?" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1096 sssd.conf.5.xml:1109 +#: sssd.conf.5.xml:1097 sssd.conf.5.xml:1110 msgid "Default: 0 (No limit)" msgstr "Voreinstellung: 0 (unbegrenzt)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1102 +#: sssd.conf.5.xml:1103 msgid "offline_failed_login_attempts (integer)" msgstr "offline_failed_login_attempts (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1105 +#: sssd.conf.5.xml:1106 msgid "" "If the authentication provider is offline, how many failed login attempts " "are allowed." @@ -1631,12 +1614,12 @@ msgstr "" "Authentifizierungsanbieter offline ist?" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1115 +#: sssd.conf.5.xml:1116 msgid "offline_failed_login_delay (integer)" msgstr "offline_failed_login_delay (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1118 +#: sssd.conf.5.xml:1119 msgid "" "The time in minutes which has to pass after offline_failed_login_attempts " "has been reached before a new login attempt is possible." @@ -1646,7 +1629,7 @@ msgstr "" "Anmeldeversuch möglich ist." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1123 +#: sssd.conf.5.xml:1124 msgid "" "If set to 0 the user cannot authenticate offline if " "offline_failed_login_attempts has been reached. Only a successful online " @@ -1658,17 +1641,17 @@ msgstr "" "Authentifizierung reaktivieren." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1129 sssd.conf.5.xml:1227 +#: sssd.conf.5.xml:1130 sssd.conf.5.xml:1228 msgid "Default: 5" msgstr "Voreinstellung: 5" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1135 +#: sssd.conf.5.xml:1136 msgid "pam_verbosity (integer)" msgstr "pam_verbosity (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1138 +#: sssd.conf.5.xml:1139 msgid "" "Controls what kind of messages are shown to the user during authentication. " "The higher the number to more messages are displayed." @@ -1677,43 +1660,43 @@ msgstr "" "angezeigt werden. Je höher die Zahl, desto mehr Nachrichten werden angezeigt." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1143 +#: sssd.conf.5.xml:1144 msgid "Currently sssd supports the following values:" msgstr "Derzeit unterstützt SSSD folgende Werte:" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1146 +#: sssd.conf.5.xml:1147 msgid "<emphasis>0</emphasis>: do not show any message" msgstr "<emphasis>0</emphasis>: keine Nachricht anzeigen" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1149 +#: sssd.conf.5.xml:1150 msgid "<emphasis>1</emphasis>: show only important messages" msgstr "<emphasis>1</emphasis>: nur wichtige Nachrichten anzeigen" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1153 +#: sssd.conf.5.xml:1154 msgid "<emphasis>2</emphasis>: show informational messages" msgstr "<emphasis>2</emphasis>: nur informative Nachrichten anzeigen" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1156 +#: sssd.conf.5.xml:1157 msgid "<emphasis>3</emphasis>: show all messages and debug information" msgstr "" "<emphasis>3</emphasis>: alle Nachrichten und Debug-Informationen anzeigen" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1160 sssd.8.xml:63 +#: sssd.conf.5.xml:1161 sssd.8.xml:63 msgid "Default: 1" msgstr "Voreinstellung: 1" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1166 +#: sssd.conf.5.xml:1167 msgid "pam_response_filter (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1169 +#: sssd.conf.5.xml:1170 msgid "" "A comma separated list of strings which allows to remove (filter) data sent " "by the PAM responder to pam_sss PAM module. There are different kind of " @@ -1722,61 +1705,61 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1177 +#: sssd.conf.5.xml:1178 msgid "" "While messages already can be controlled with the help of the pam_verbosity " "option this option allows to filter out other kind of responses as well." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1184 +#: sssd.conf.5.xml:1185 msgid "ENV" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1185 +#: sssd.conf.5.xml:1186 msgid "Do not send any environment variables to any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1188 +#: sssd.conf.5.xml:1189 msgid "ENV:var_name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1189 +#: sssd.conf.5.xml:1190 msgid "Do not send environment variable var_name to any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1193 +#: sssd.conf.5.xml:1194 msgid "ENV:var_name:service" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1194 +#: sssd.conf.5.xml:1195 msgid "Do not send environment variable var_name to service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1182 +#: sssd.conf.5.xml:1183 msgid "" "Currently the following filters are supported: <placeholder type=" "\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1204 +#: sssd.conf.5.xml:1205 msgid "Example: ENV:KRB5CCNAME:sudo-i" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1210 +#: sssd.conf.5.xml:1211 msgid "pam_id_timeout (integer)" msgstr "pam_id_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1213 +#: sssd.conf.5.xml:1214 msgid "" "For any PAM request while SSSD is online, the SSSD will attempt to " "immediately update the cached identity information for the user in order to " @@ -1788,7 +1771,7 @@ msgstr "" "den neusten Informationen erfolgt." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1219 +#: sssd.conf.5.xml:1220 msgid "" "A complete PAM conversation may perform multiple PAM requests, such as " "account management and session opening. This option controls (on a per-" @@ -1802,17 +1785,17 @@ msgstr "" "viele Abfragen der Identitätsanbieter zu vermeiden." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1233 +#: sssd.conf.5.xml:1234 msgid "pam_pwd_expiration_warning (integer)" msgstr "pam_pwd_expiration_warning (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1236 sssd.conf.5.xml:2235 +#: sssd.conf.5.xml:1237 sssd.conf.5.xml:2236 msgid "Display a warning N days before the password expires." msgstr "zeigt N Tage vor Ablauf des Passworts eine Warnung an." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1239 +#: sssd.conf.5.xml:1240 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -1823,7 +1806,7 @@ msgstr "" "SSSD keine Warnung anzeigen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1245 sssd.conf.5.xml:2238 +#: sssd.conf.5.xml:1246 sssd.conf.5.xml:2239 msgid "" "If zero is set, then this filter is not applied, i.e. if the expiration " "warning was received from backend server, it will automatically be displayed." @@ -1833,7 +1816,7 @@ msgstr "" "automatisch angezeigt." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1250 +#: sssd.conf.5.xml:1251 msgid "" "This setting can be overridden by setting <emphasis>pwd_expiration_warning</" "emphasis> for a particular domain." @@ -1842,17 +1825,17 @@ msgstr "" "emphasis> für eine bestimmte Domain außer Kraft gesetzt werden." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1255 sssd.conf.5.xml:3061 sssd.8.xml:79 +#: sssd.conf.5.xml:1256 sssd.conf.5.xml:3069 sssd.8.xml:79 msgid "Default: 0" msgstr "Voreinstellung: 0" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1272 +#: sssd.conf.5.xml:1273 msgid "pam_trusted_users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1275 +#: sssd.conf.5.xml:1276 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to run PAM conversations against trusted domains. Users not " @@ -1862,75 +1845,75 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1285 +#: sssd.conf.5.xml:1286 msgid "Default: All users are considered trusted by default" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1289 +#: sssd.conf.5.xml:1290 msgid "" "Please note that UID 0 is always allowed to access the PAM responder even in " "case it is not in the pam_trusted_users list." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1296 +#: sssd.conf.5.xml:1297 msgid "pam_public_domains (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1299 +#: sssd.conf.5.xml:1300 msgid "" "Specifies the comma-separated list of domain names that are accessible even " "to untrusted users." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1303 +#: sssd.conf.5.xml:1304 msgid "Two special values for pam_public_domains option are defined:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1307 +#: sssd.conf.5.xml:1308 msgid "" "all (Untrusted users are allowed to access all domains in PAM responder.)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1311 +#: sssd.conf.5.xml:1312 msgid "" "none (Untrusted users are not allowed to access any domains PAM in " "responder.)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1315 sssd.conf.5.xml:1340 sssd.conf.5.xml:1359 -#: sssd.conf.5.xml:1546 sssd.conf.5.xml:2032 sssd.conf.5.xml:2997 -#: sssd-ldap.5.xml:1920 +#: sssd.conf.5.xml:1316 sssd.conf.5.xml:1341 sssd.conf.5.xml:1360 +#: sssd.conf.5.xml:1547 sssd.conf.5.xml:2033 sssd.conf.5.xml:2998 +#: sssd-ldap.5.xml:1978 msgid "Default: none" msgstr "Voreinstellung: none" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1320 +#: sssd.conf.5.xml:1321 msgid "pam_account_expired_message (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1323 +#: sssd.conf.5.xml:1324 msgid "" "Allows a custom expiration message to be set, replacing the default " "'Permission denied' message." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1328 +#: sssd.conf.5.xml:1329 msgid "" "Note: Please be aware that message is only printed for the SSH service " "unless pam_verbosity is set to 3 (show all messages and debug information)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1336 +#: sssd.conf.5.xml:1337 #, no-wrap msgid "" "pam_account_expired_message = Account expired, please contact help desk.\n" @@ -1938,19 +1921,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1345 +#: sssd.conf.5.xml:1346 msgid "pam_account_locked_message (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1348 +#: sssd.conf.5.xml:1349 msgid "" "Allows a custom lockout message to be set, replacing the default 'Permission " "denied' message." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1355 +#: sssd.conf.5.xml:1356 #, no-wrap msgid "" "pam_account_locked_message = Account locked, please contact help desk.\n" @@ -1958,12 +1941,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1364 +#: sssd.conf.5.xml:1365 msgid "pam_cert_auth (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1367 +#: sssd.conf.5.xml:1368 msgid "" "Enable certificate based Smartcard authentication. Since this requires " "additional communication with the Smartcard which will delay the " @@ -1971,101 +1954,85 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1373 sssd.conf.5.xml:3090 sssd-ldap.5.xml:1455 -#: sssd-ldap.5.xml:1476 sssd-ldap.5.xml:1993 sssd-ad.5.xml:435 +#: sssd.conf.5.xml:1374 sssd-ldap.5.xml:1493 sssd-ldap.5.xml:1514 +#: sssd-ldap.5.xml:2051 sssd-ad.5.xml:435 sssd-ad.5.xml:453 #: include/ldap_id_mapping.xml:244 msgid "Default: False" msgstr "Voreinstellung: False" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1378 +#: sssd.conf.5.xml:1379 msgid "pam_cert_db_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1381 +#: sssd.conf.5.xml:1382 msgid "" "The path to the certificate database which contain the PKCS#11 modules to " "access the Smartcard." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1385 sssd.conf.5.xml:1691 sssd.conf.5.xml:3441 +#: sssd.conf.5.xml:1386 sssd.conf.5.xml:1692 sssd.conf.5.xml:3509 msgid "Default:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1387 sssd.conf.5.xml:1693 +#: sssd.conf.5.xml:1388 sssd.conf.5.xml:1694 msgid "/etc/pki/nssdb (NSS version, path to a NSS database)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1390 sssd.conf.5.xml:1696 +#: sssd.conf.5.xml:1391 sssd.conf.5.xml:1697 msgid "" "/etc/sssd/pki/sssd_auth_ca_db.pem (OpenSSL version, path to a file with " "trusted CA certificates in PEM format)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1405 +#: sssd.conf.5.xml:1406 msgid "p11_child_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1408 +#: sssd.conf.5.xml:1409 msgid "How many seconds will pam_sss wait for p11_child to finish." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1417 +#: sssd.conf.5.xml:1418 msgid "pam_app_services (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1420 +#: sssd.conf.5.xml:1421 msgid "" "Which PAM services are permitted to contact domains of type " "<quote>application</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1429 -#, fuzzy -#| msgid "ldap_page_size (integer)" +#: sssd.conf.5.xml:1430 msgid "pam_p11_allowed_services (integer)" -msgstr "ldap_page_size (Ganzzahl)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1432 -#, fuzzy -#| msgid "Comma separated list of users who are allowed to log in." +#: sssd.conf.5.xml:1433 msgid "" "A comma-separated list of PAM service names for which it will be allowed to " "use Smartcards." -msgstr "Durch Kommata getrennte Liste von Benutzern, die sich anmelden dürfen." +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1447 -#, fuzzy, no-wrap -#| msgid "" -#| "user_attributes = +telephoneNumber, -loginShell\n" -#| " " +#: sssd.conf.5.xml:1448 +#, no-wrap msgid "" "pam_p11_allowed_services = +my_pam_service, -login\n" " " msgstr "" -"user_attributes = +telephoneNumber, -loginShell\n" -" " #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1436 -#, fuzzy -#| msgid "" -#| "It is possible to add another attribute to this set by using <quote>" -#| "+attr_name</quote> or explicitly remove an attribute using <quote>-" -#| "attr_name</quote>. For example, to allow <quote>telephoneNumber</quote> " -#| "but deny <quote>loginShell</quote>, you would use the following " -#| "configuration: <placeholder type=\"programlisting\" id=\"0\"/>" +#: sssd.conf.5.xml:1437 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -2075,73 +2042,65 @@ msgid "" "<quote>my_pam_service</quote>), you would use the following configuration: " "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" -"Es ist möglich, ein weiteres Attribut zu diesem Satz hinzuzufügen, indem Sie " -"<quote>+attr_name</quote> verwenden. Explizit entfernen lässt sich ein " -"Attribut mit <quote>-attr_name</quote>. Um beispielsweise " -"<quote>telephoneNumber</quote> zu erlauben, aber <quote>loginShell</quote> " -"abzuweisen, können Sie folgende Konfiguration verwenden: <placeholder type=" -"\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1451 sssd-ad.5.xml:485 sssd-ad.5.xml:581 sssd-ad.5.xml:627 -#: sssd-ad.5.xml:673 sssd-ad.5.xml:739 +#: sssd.conf.5.xml:1452 sssd-ad.5.xml:504 sssd-ad.5.xml:600 sssd-ad.5.xml:646 +#: sssd-ad.5.xml:692 sssd-ad.5.xml:758 msgid "Default: the default set of PAM service names includes:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1456 sssd-ad.5.xml:489 +#: sssd.conf.5.xml:1457 sssd-ad.5.xml:508 msgid "login" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1461 sssd-ad.5.xml:494 +#: sssd.conf.5.xml:1462 sssd-ad.5.xml:513 msgid "su" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1466 sssd-ad.5.xml:499 +#: sssd.conf.5.xml:1467 sssd-ad.5.xml:518 msgid "su-l" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1471 sssd-ad.5.xml:514 +#: sssd.conf.5.xml:1472 sssd-ad.5.xml:533 msgid "gdm-smartcard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1476 sssd-ad.5.xml:509 +#: sssd.conf.5.xml:1477 sssd-ad.5.xml:528 msgid "gdm-password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1481 sssd-ad.5.xml:519 +#: sssd.conf.5.xml:1482 sssd-ad.5.xml:538 msgid "kdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1486 sssd-ad.5.xml:748 +#: sssd.conf.5.xml:1487 sssd-ad.5.xml:767 msgid "sudo" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1491 sssd-ad.5.xml:753 +#: sssd.conf.5.xml:1492 sssd-ad.5.xml:772 msgid "sudo-i" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1496 +#: sssd.conf.5.xml:1497 msgid "gnome-screensaver" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1504 -#, fuzzy -#| msgid "pam_id_timeout (integer)" +#: sssd.conf.5.xml:1505 msgid "p11_wait_for_card_timeout (integer)" -msgstr "pam_id_timeout (Ganzzahl)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1507 +#: sssd.conf.5.xml:1508 msgid "" "If Smartcard authentication is required how many extra seconds in addition " "to p11_child_timeout should the PAM responder wait until a Smartcard is " @@ -2149,25 +2108,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1518 -#, fuzzy -#| msgid "ldap_sudo_ip (string)" +#: sssd.conf.5.xml:1519 msgid "p11_uri (string)" -msgstr "ldap_sudo_ip (Zeichenkette)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1521 +#: sssd.conf.5.xml:1522 msgid "" "PKCS#11 URI (see RFC-7512 for details) which can be used to restrict the " "selection of devices used for Smartcard authentication. By default SSSD's " "p11_child will search for a PKCS#11 slot (reader) where the 'removable' " "flags is set and read the certificates from the inserted token from the " -"first slot found. If multiple readers are connected p11_uri can be use to " +"first slot found. If multiple readers are connected p11_uri can be used to " "tell p11_child to use a specific reader." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1534 +#: sssd.conf.5.xml:1535 #, no-wrap msgid "" "p11_uri = slot-description=My%20Smartcar%20Reader\n" @@ -2175,7 +2132,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1538 +#: sssd.conf.5.xml:1539 #, no-wrap msgid "" "p11_uri = library-description=OpenSC%20smartcard%20framework;slot-id=2\n" @@ -2183,7 +2140,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1532 +#: sssd.conf.5.xml:1533 msgid "" "Example: <placeholder type=\"programlisting\" id=\"0\"/> or <placeholder " "type=\"programlisting\" id=\"1\"/> To find suitable URI please check the " @@ -2192,12 +2149,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1554 +#: sssd.conf.5.xml:1555 msgid "SUDO configuration options" msgstr "Sudo-Konfigurationsoptionen" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1556 +#: sssd.conf.5.xml:1557 msgid "" "These options can be used to configure the sudo service. The detailed " "instructions for configuration of <citerefentry> <refentrytitle>sudo</" @@ -2215,12 +2172,12 @@ msgstr "" "manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1573 +#: sssd.conf.5.xml:1574 msgid "sudo_timed (bool)" msgstr "sudo_timed (Boolesch)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1576 +#: sssd.conf.5.xml:1577 msgid "" "Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " "that implement time-dependent sudoers entries." @@ -2230,12 +2187,12 @@ msgstr "" "nicht." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1588 +#: sssd.conf.5.xml:1589 msgid "sudo_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1591 +#: sssd.conf.5.xml:1592 msgid "" "Maximum number of expired rules that can be refreshed at once. If number of " "expired rules is below threshold, those rules are refreshed with " @@ -2245,23 +2202,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1610 +#: sssd.conf.5.xml:1611 msgid "AUTOFS configuration options" msgstr "AUTOFS-Konfigurationsoptionen" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1612 +#: sssd.conf.5.xml:1613 msgid "These options can be used to configure the autofs service." msgstr "" "Diese Optionen können zum Konfigurieren des Dienstes »autofs« benutzt werden." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1616 +#: sssd.conf.5.xml:1617 msgid "autofs_negative_timeout (integer)" msgstr "autofs_negative_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1619 +#: sssd.conf.5.xml:1620 msgid "" "Specifies for how many seconds should the autofs responder negative cache " "hits (that is, queries for invalid map entries, like nonexistent ones) " @@ -2272,23 +2229,23 @@ msgstr "" "nicht existierende), bevor das Backend erneut befragt wird." #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1635 +#: sssd.conf.5.xml:1636 msgid "SSH configuration options" msgstr "SSH-Konfigurationsoptionen" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1637 +#: sssd.conf.5.xml:1638 msgid "These options can be used to configure the SSH service." msgstr "" "Diese Optionen können zum Konfigurieren des SSH-Dienstes benutzt werden." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1641 +#: sssd.conf.5.xml:1642 msgid "ssh_hash_known_hosts (bool)" msgstr "ssh_hash_known_hosts (Boolesch)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1644 +#: sssd.conf.5.xml:1645 msgid "" "Whether or not to hash host names and addresses in the managed known_hosts " "file." @@ -2297,12 +2254,12 @@ msgstr "" "»known_hosts« zusammengemischt werden oder nicht." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1653 +#: sssd.conf.5.xml:1654 msgid "ssh_known_hosts_timeout (integer)" msgstr "ssh_known_hosts_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1656 +#: sssd.conf.5.xml:1657 msgid "" "How many seconds to keep a host in the managed known_hosts file after its " "host keys were requested." @@ -2311,17 +2268,17 @@ msgstr "" "»known_hosts« behalten wird, bevor seine Rechnerschlüssel abgefragt werden." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1660 +#: sssd.conf.5.xml:1661 msgid "Default: 180" msgstr "Voreinstellung: 180" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1665 +#: sssd.conf.5.xml:1666 msgid "ssh_use_certificate_keys (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1668 +#: sssd.conf.5.xml:1669 msgid "" "If set to true the <command>sss_ssh_authorizedkeys</command> will return ssh " "keys derived from the public key of X.509 certificates stored in the user " @@ -2330,24 +2287,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1683 +#: sssd.conf.5.xml:1684 msgid "ca_db (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1686 +#: sssd.conf.5.xml:1687 msgid "" "Path to a storage of trusted CA certificates. The option is used to validate " "user certificates before deriving public ssh keys from them." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1714 +#: sssd.conf.5.xml:1715 msgid "PAC responder configuration options" msgstr "PAC-Responder-Konfigurationsoptionen" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1716 +#: sssd.conf.5.xml:1717 msgid "" "The PAC responder works together with the authorization data plugin for MIT " "Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the " @@ -2358,7 +2315,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1725 +#: sssd.conf.5.xml:1726 msgid "" "If the remote user does not exist in the cache, it is created. The UID is " "determined with the help of the SID, trusted domains will have UPGs and the " @@ -2369,7 +2326,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1733 +#: sssd.conf.5.xml:1734 msgid "" "If there are SIDs of groups from domains sssd knows about, the user will be " "added to those groups." @@ -2378,18 +2335,18 @@ msgstr "" "diesen Gruppen hinzugefügt." #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1739 +#: sssd.conf.5.xml:1740 msgid "These options can be used to configure the PAC responder." msgstr "" "Diese Optionen können zur Konfiguration des PAC-Responders verwendet werden." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1743 sssd-ifp.5.xml:50 +#: sssd.conf.5.xml:1744 sssd-ifp.5.xml:50 msgid "allowed_uids (string)" msgstr "allowed_uids (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1746 +#: sssd.conf.5.xml:1747 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to access the PAC responder. User names are resolved to UIDs at " @@ -2400,14 +2357,14 @@ msgstr "" "beim Starten zu UIDs aufgelöst." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1752 +#: sssd.conf.5.xml:1753 msgid "Default: 0 (only the root user is allowed to access the PAC responder)" msgstr "" "Voreinstellung: 0 (Nur dem Benutzer Root ist der Zugriff auf den PAC-" "Responder gestattet.)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1756 +#: sssd.conf.5.xml:1757 msgid "" "Please note that although the UID 0 is used as the default it will be " "overwritten with this option. If you still want to allow the root user to " @@ -2420,24 +2377,24 @@ msgstr "" "der Liste der erlaubten UIDs auch die 0 hinzufügen." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1765 +#: sssd.conf.5.xml:1766 msgid "pac_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1768 +#: sssd.conf.5.xml:1769 msgid "" "Lifetime of the PAC entry in seconds. As long as the PAC is valid the PAC " "data can be used to determine the group memberships of a user." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1781 +#: sssd.conf.5.xml:1782 msgid "Session recording configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1783 +#: sssd.conf.5.xml:1784 msgid "" "Session recording works in conjunction with <citerefentry> " "<refentrytitle>tlog-rec-session</refentrytitle> <manvolnum>8</manvolnum> </" @@ -2447,66 +2404,66 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1796 +#: sssd.conf.5.xml:1797 msgid "These options can be used to configure session recording." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1800 sssd-session-recording.5.xml:64 +#: sssd.conf.5.xml:1801 sssd-session-recording.5.xml:64 msgid "scope (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1807 sssd-session-recording.5.xml:71 +#: sssd.conf.5.xml:1808 sssd-session-recording.5.xml:71 msgid "\"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1810 sssd-session-recording.5.xml:74 +#: sssd.conf.5.xml:1811 sssd-session-recording.5.xml:74 msgid "No users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1815 sssd-session-recording.5.xml:79 +#: sssd.conf.5.xml:1816 sssd-session-recording.5.xml:79 msgid "\"some\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1818 sssd-session-recording.5.xml:82 +#: sssd.conf.5.xml:1819 sssd-session-recording.5.xml:82 msgid "" "Users/groups specified by <replaceable>users</replaceable> and " "<replaceable>groups</replaceable> options are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1827 sssd-session-recording.5.xml:91 +#: sssd.conf.5.xml:1828 sssd-session-recording.5.xml:91 msgid "\"all\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1830 sssd-session-recording.5.xml:94 +#: sssd.conf.5.xml:1831 sssd-session-recording.5.xml:94 msgid "All users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1803 sssd-session-recording.5.xml:67 +#: sssd.conf.5.xml:1804 sssd-session-recording.5.xml:67 msgid "" "One of the following strings specifying the scope of session recording: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1837 sssd-session-recording.5.xml:101 +#: sssd.conf.5.xml:1838 sssd-session-recording.5.xml:101 msgid "Default: \"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1842 sssd-session-recording.5.xml:106 +#: sssd.conf.5.xml:1843 sssd-session-recording.5.xml:106 msgid "users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1845 sssd-session-recording.5.xml:109 +#: sssd.conf.5.xml:1846 sssd-session-recording.5.xml:109 msgid "" "A comma-separated list of users which should have session recording enabled. " "Matches user names as returned by NSS. I.e. after the possible space " @@ -2514,17 +2471,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1851 sssd-session-recording.5.xml:115 +#: sssd.conf.5.xml:1852 sssd-session-recording.5.xml:115 msgid "Default: Empty. Matches no users." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1856 sssd-session-recording.5.xml:120 +#: sssd.conf.5.xml:1857 sssd-session-recording.5.xml:120 msgid "groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1859 sssd-session-recording.5.xml:123 +#: sssd.conf.5.xml:1860 sssd-session-recording.5.xml:123 msgid "" "A comma-separated list of groups, members of which should have session " "recording enabled. Matches group names as returned by NSS. I.e. after the " @@ -2532,7 +2489,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1865 sssd-session-recording.5.xml:129 +#: sssd.conf.5.xml:1866 sssd-session-recording.5.xml:129 msgid "" "NOTE: using this option (having it set to anything) has a considerable " "performance cost, because each uncached request for a user requires " @@ -2540,22 +2497,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1872 sssd-session-recording.5.xml:136 +#: sssd.conf.5.xml:1873 sssd-session-recording.5.xml:136 msgid "Default: Empty. Matches no groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1882 +#: sssd.conf.5.xml:1883 msgid "DOMAIN SECTIONS" msgstr "DOMAIN-ABSCHNITTE" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1889 +#: sssd.conf.5.xml:1890 msgid "domain_type (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1892 +#: sssd.conf.5.xml:1893 msgid "" "Specifies whether the domain is meant to be used by POSIX-aware clients such " "as the Name Service Switch or by applications that do not need POSIX data to " @@ -2564,14 +2521,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1900 +#: sssd.conf.5.xml:1901 msgid "" "Allowed values for this option are <quote>posix</quote> and " "<quote>application</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1904 +#: sssd.conf.5.xml:1905 msgid "" "POSIX domains are reachable by all services. Application domains are only " "reachable from the InfoPipe responder (see <citerefentry> " @@ -2580,31 +2537,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1912 +#: sssd.conf.5.xml:1913 msgid "" "NOTE: The application domains are currently well tested with " "<quote>id_provider=ldap</quote> only." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1916 +#: sssd.conf.5.xml:1917 msgid "" "For an easy way to configure a non-POSIX domains, please see the " "<quote>Application domains</quote> section." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1920 +#: sssd.conf.5.xml:1921 msgid "Default: posix" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1926 +#: sssd.conf.5.xml:1927 msgid "min_id,max_id (integer)" msgstr "min_id,max_id (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1929 +#: sssd.conf.5.xml:1930 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." @@ -2613,7 +2570,7 @@ msgstr "" "enthält, der jenseits dieser Beschränkungen liegt, wird er ignoriert." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1934 +#: sssd.conf.5.xml:1935 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For non-" @@ -2626,7 +2583,7 @@ msgstr "" "werden jene, die im Bereich liegen, wie erwartet gemeldet." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1941 +#: sssd.conf.5.xml:1942 msgid "" "These ID limits affect even saving entries to cache, not only returning them " "by name or ID." @@ -2635,17 +2592,17 @@ msgstr "" "den Zwischenspeicher und nicht nur ihre Rückgabe über Name oder ID." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1945 +#: sssd.conf.5.xml:1946 msgid "Default: 1 for min_id, 0 (no limit) for max_id" msgstr "Voreinstellung: 1 für »min_id«, 0 (keine Beschränkung) für »max_id«" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1951 +#: sssd.conf.5.xml:1952 msgid "enumerate (bool)" msgstr "enumerate (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1954 +#: sssd.conf.5.xml:1955 msgid "" "Determines if a domain can be enumerated, that is, whether the domain can " "list all the users and group it contains. Note that it is not required to " @@ -2654,29 +2611,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1962 +#: sssd.conf.5.xml:1963 msgid "TRUE = Users and groups are enumerated" msgstr "TRUE = Benutzer und Gruppen werden aufgezählt." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1965 +#: sssd.conf.5.xml:1966 msgid "FALSE = No enumerations for this domain" msgstr "FALSE = keine Aufzählungen für diese Domain" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1968 sssd.conf.5.xml:2190 sssd.conf.5.xml:2365 +#: sssd.conf.5.xml:1969 sssd.conf.5.xml:2191 sssd.conf.5.xml:2366 msgid "Default: FALSE" msgstr "Voreinstellung: FALSE" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1971 +#: sssd.conf.5.xml:1972 msgid "" "Enumerating a domain requires SSSD to download and store ALL user and group " "entries from the remote server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1976 +#: sssd.conf.5.xml:1977 msgid "" "Note: Enabling enumeration has a moderate performance impact on SSSD while " "enumeration is running. It may take up to several minutes after SSSD startup " @@ -2690,7 +2647,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1991 +#: sssd.conf.5.xml:1992 msgid "" "While the first enumeration is running, requests for the complete user or " "group lists may return no results until it completes." @@ -2700,7 +2657,7 @@ msgstr "" "Ergebnisse zurück." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1996 +#: sssd.conf.5.xml:1997 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " @@ -2715,7 +2672,7 @@ msgstr "" "benutzten »id_provider«." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2004 +#: sssd.conf.5.xml:2005 msgid "" "For the reasons cited above, enabling enumeration is not recommended, " "especially in large environments." @@ -2724,32 +2681,32 @@ msgstr "" "insbesondere in großen Umgebungen, nicht empfohlen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2012 +#: sssd.conf.5.xml:2013 msgid "subdomain_enumerate (string)" msgstr "subdomain_enumerate (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2019 +#: sssd.conf.5.xml:2020 msgid "all" msgstr "all" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2020 +#: sssd.conf.5.xml:2021 msgid "All discovered trusted domains will be enumerated" msgstr "Alle entdeckten vertrauenswürdigen Domains werden aufgezählt." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2023 +#: sssd.conf.5.xml:2024 msgid "none" msgstr "none" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2024 +#: sssd.conf.5.xml:2025 msgid "No discovered trusted domains will be enumerated" msgstr "Keine der entdeckten vertrauenswürdigen Domains wird aufgezählt." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2015 +#: sssd.conf.5.xml:2016 msgid "" "Whether any of autodetected trusted domains should be enumerated. The " "supported values are: <placeholder type=\"variablelist\" id=\"0\"/> " @@ -2763,12 +2720,12 @@ msgstr "" "Domains aktivieren." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2038 +#: sssd.conf.5.xml:2039 msgid "entry_cache_timeout (integer)" msgstr "entry_cache_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2041 +#: sssd.conf.5.xml:2042 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" @@ -2777,7 +2734,7 @@ msgstr "" "soll, bevor das Backend erneut abgefragt wird." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2045 +#: sssd.conf.5.xml:2046 msgid "" "The cache expiration timestamps are stored as attributes of individual " "objects in the cache. Therefore, changing the cache timeout only has effect " @@ -2795,17 +2752,17 @@ msgstr "" "wurden." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2058 +#: sssd.conf.5.xml:2059 msgid "Default: 5400" msgstr "Voreinstellung: 5400" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2064 +#: sssd.conf.5.xml:2065 msgid "entry_cache_user_timeout (integer)" msgstr "entry_cache_user_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2067 +#: sssd.conf.5.xml:2068 msgid "" "How many seconds should nss_sss consider user entries valid before asking " "the backend again" @@ -2814,19 +2771,19 @@ msgstr "" "betrachten soll, bevor das Backend erneut abgefragt wird." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2071 sssd.conf.5.xml:2084 sssd.conf.5.xml:2097 -#: sssd.conf.5.xml:2110 sssd.conf.5.xml:2123 sssd.conf.5.xml:2137 -#: sssd.conf.5.xml:2151 +#: sssd.conf.5.xml:2072 sssd.conf.5.xml:2085 sssd.conf.5.xml:2098 +#: sssd.conf.5.xml:2111 sssd.conf.5.xml:2124 sssd.conf.5.xml:2138 +#: sssd.conf.5.xml:2152 msgid "Default: entry_cache_timeout" msgstr "Voreinstellung: entry_cache_timeout" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2077 +#: sssd.conf.5.xml:2078 msgid "entry_cache_group_timeout (integer)" msgstr "entry_cache_group_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2080 +#: sssd.conf.5.xml:2081 msgid "" "How many seconds should nss_sss consider group entries valid before asking " "the backend again" @@ -2835,12 +2792,12 @@ msgstr "" "betrachten soll, bevor das Backend erneut abgefragt wird." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2090 +#: sssd.conf.5.xml:2091 msgid "entry_cache_netgroup_timeout (integer)" msgstr "entry_cache_netgroup_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2093 +#: sssd.conf.5.xml:2094 msgid "" "How many seconds should nss_sss consider netgroup entries valid before " "asking the backend again" @@ -2849,12 +2806,12 @@ msgstr "" "betrachten soll, bevor das Backend erneut abgefragt wird." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2103 +#: sssd.conf.5.xml:2104 msgid "entry_cache_service_timeout (integer)" msgstr "entry_cache_service_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2106 +#: sssd.conf.5.xml:2107 msgid "" "How many seconds should nss_sss consider service entries valid before asking " "the backend again" @@ -2863,12 +2820,12 @@ msgstr "" "betrachten soll, bevor das Backend erneut abgefragt wird." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2116 +#: sssd.conf.5.xml:2117 msgid "entry_cache_sudo_timeout (integer)" msgstr "entry_cache_sudo_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2119 +#: sssd.conf.5.xml:2120 msgid "" "How many seconds should sudo consider rules valid before asking the backend " "again" @@ -2877,12 +2834,12 @@ msgstr "" "bevor das Backend erneut abgefragt wird." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2129 +#: sssd.conf.5.xml:2130 msgid "entry_cache_autofs_timeout (integer)" msgstr "entry_cache_autofs_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2132 +#: sssd.conf.5.xml:2133 msgid "" "How many seconds should the autofs service consider automounter maps valid " "before asking the backend again" @@ -2892,24 +2849,24 @@ msgstr "" "wird." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2143 +#: sssd.conf.5.xml:2144 msgid "entry_cache_ssh_host_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2146 +#: sssd.conf.5.xml:2147 msgid "" "How many seconds to keep a host ssh key after refresh. IE how long to cache " "the host key for." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2157 +#: sssd.conf.5.xml:2158 msgid "refresh_expired_interval (integer)" msgstr "refresh_expired_interval (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2160 +#: sssd.conf.5.xml:2161 msgid "" "Specifies how many seconds SSSD has to wait before triggering a background " "refresh task which will refresh all expired or nearly expired records." @@ -2919,49 +2876,49 @@ msgstr "" "abgelaufenen oder beinahe abgelaufenen Daten aktualisiert werden." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2165 +#: sssd.conf.5.xml:2166 msgid "" "The background refresh will process users, groups and netgroups in the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2169 +#: sssd.conf.5.xml:2170 msgid "You can consider setting this value to 3/4 * entry_cache_timeout." msgstr "" "Sie können in Betracht ziehen, diesen Wert auf 3/4 * entry_cache_timeout zu " "setzen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2173 sssd-ldap.5.xml:746 sssd-ipa.5.xml:254 +#: sssd.conf.5.xml:2174 sssd-ldap.5.xml:784 sssd-ipa.5.xml:254 msgid "Default: 0 (disabled)" msgstr "Voreinstellung: 0 (deaktiviert)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2179 +#: sssd.conf.5.xml:2180 msgid "cache_credentials (bool)" msgstr "cache_credentials (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2182 +#: sssd.conf.5.xml:2183 msgid "Determines if user credentials are also cached in the local LDB cache" msgstr "" "bestimmt, ob auch Benutzerberechtigungen im lokalen LDB-Zwischenspeicher " "zwischengespeichert werden." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2186 +#: sssd.conf.5.xml:2187 msgid "User credentials are stored in a SHA512 hash, not in plaintext" msgstr "" "Benutzerberechtigungen werden in einem SHA512-Hash, nicht im Klartext " "gespeichert." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2196 +#: sssd.conf.5.xml:2197 msgid "cache_credentials_minimal_first_factor_length (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2199 +#: sssd.conf.5.xml:2200 msgid "" "If 2-Factor-Authentication (2FA) is used and credentials should be saved " "this value determines the minimal length the first authentication factor " @@ -2969,24 +2926,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2206 +#: sssd.conf.5.xml:2207 msgid "" "This should avoid that the short PINs of a PIN based 2FA scheme are saved in " "the cache which would make them easy targets for brute-force attacks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2211 +#: sssd.conf.5.xml:2212 msgid "Default: 8" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2217 +#: sssd.conf.5.xml:2218 msgid "account_cache_expiration (integer)" msgstr "account_cache_expiration (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2220 +#: sssd.conf.5.xml:2221 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " @@ -2999,17 +2956,17 @@ msgstr "" "Parameters muss größer oder gleich »offline_credentials_expiration« sein." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2227 +#: sssd.conf.5.xml:2228 msgid "Default: 0 (unlimited)" msgstr "Voreinstellung: 0 (unbegrenzt)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2232 +#: sssd.conf.5.xml:2233 msgid "pwd_expiration_warning (integer)" msgstr "pwd_expiration_warning (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2243 +#: sssd.conf.5.xml:2244 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -3022,17 +2979,17 @@ msgstr "" "Authentifizierungsanbieter konfiguriert werden." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2250 +#: sssd.conf.5.xml:2251 msgid "Default: 7 (Kerberos), 0 (LDAP)" msgstr "Voreinstellung: 7 (Kerberos), 0 (LDAP)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2256 +#: sssd.conf.5.xml:2257 msgid "id_provider (string)" msgstr "id_provider (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2259 +#: sssd.conf.5.xml:2260 msgid "" "The identification provider used for the domain. Supported ID providers are:" msgstr "" @@ -3040,18 +2997,18 @@ msgstr "" "werden unterstützt:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2263 +#: sssd.conf.5.xml:2264 msgid "<quote>proxy</quote>: Support a legacy NSS provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2266 +#: sssd.conf.5.xml:2267 msgid "" "<quote>local</quote>: SSSD internal provider for local users (DEPRECATED)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2270 +#: sssd.conf.5.xml:2271 msgid "" "<quote>files</quote>: FILES provider. See <citerefentry> <refentrytitle>sssd-" "files</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -3059,7 +3016,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2278 +#: sssd.conf.5.xml:2279 msgid "" "<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -3070,8 +3027,8 @@ msgstr "" "<manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2286 sssd.conf.5.xml:2391 sssd.conf.5.xml:2446 -#: sssd.conf.5.xml:2509 +#: sssd.conf.5.xml:2287 sssd.conf.5.xml:2392 sssd.conf.5.xml:2447 +#: sssd.conf.5.xml:2510 msgid "" "<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management " "provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " @@ -3084,8 +3041,8 @@ msgstr "" "manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2295 sssd.conf.5.xml:2400 sssd.conf.5.xml:2455 -#: sssd.conf.5.xml:2518 +#: sssd.conf.5.xml:2296 sssd.conf.5.xml:2401 sssd.conf.5.xml:2456 +#: sssd.conf.5.xml:2519 msgid "" "<quote>ad</quote>: Active Directory provider. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3097,12 +3054,12 @@ msgstr "" "citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2306 +#: sssd.conf.5.xml:2307 msgid "use_fully_qualified_names (bool)" msgstr "use_fully_qualified_names (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2309 +#: sssd.conf.5.xml:2310 msgid "" "Use the full name and domain (as formatted by the domain's full_name_format) " "as the user's login name reported to NSS." @@ -3112,7 +3069,7 @@ msgstr "" "Benutzers, der an NSS gemeldet wird." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2314 +#: sssd.conf.5.xml:2315 msgid "" "If set to TRUE, all requests to this domain must use fully qualified names. " "For example, if used in LOCAL domain that contains a \"test\" user, " @@ -3126,7 +3083,7 @@ msgstr "" "test@LOCAL</command> würde ihn hingegen finden." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2322 +#: sssd.conf.5.xml:2323 msgid "" "NOTE: This option has no effect on netgroup lookups due to their tendency to " "include nested netgroups without qualified names. For netgroups, all domains " @@ -3138,22 +3095,22 @@ msgstr "" "nicht voll qualifizierter Name angefragt wird." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2329 +#: sssd.conf.5.xml:2330 msgid "Default: FALSE (TRUE if default_domain_suffix is used)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2335 +#: sssd.conf.5.xml:2336 msgid "ignore_group_members (bool)" msgstr "ignore_group_members (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2338 +#: sssd.conf.5.xml:2339 msgid "Do not return group members for group lookups." msgstr "gibt beim Nachschlagen der Gruppe nicht die Gruppenmitglieder zurück." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2341 +#: sssd.conf.5.xml:2342 msgid "" "If set to TRUE, the group membership attribute is not requested from the " "ldap server, and group members are not returned when processing group lookup " @@ -3165,7 +3122,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2359 +#: sssd.conf.5.xml:2360 msgid "" "Enabling this option can also make access provider checks for group " "membership significantly faster, especially for groups containing many " @@ -3173,12 +3130,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2370 +#: sssd.conf.5.xml:2371 msgid "auth_provider (string)" msgstr "auth_provider (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2373 +#: sssd.conf.5.xml:2374 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" @@ -3187,7 +3144,7 @@ msgstr "" "Authentifizierungsanbieter werden unterstützt:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2377 sssd.conf.5.xml:2439 +#: sssd.conf.5.xml:2378 sssd.conf.5.xml:2440 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3198,7 +3155,7 @@ msgstr "" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2384 +#: sssd.conf.5.xml:2385 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3210,24 +3167,24 @@ msgstr "" "citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2408 +#: sssd.conf.5.xml:2409 msgid "" "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "" "»proxy« zur Weitergabe der Authentifizierung an irgendein anderes PAM-Ziel" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2411 +#: sssd.conf.5.xml:2412 msgid "<quote>local</quote>: SSSD internal provider for local users" msgstr "»local«: SSSDs interner Anbieter für lokale Benutzer" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2415 +#: sssd.conf.5.xml:2416 msgid "<quote>none</quote> disables authentication explicitly." msgstr "»none« deaktiviert explizit die Authentifizierung." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2418 +#: sssd.conf.5.xml:2419 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." @@ -3236,12 +3193,12 @@ msgstr "" "mit Authentifizierungsanfragen umgehen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2424 +#: sssd.conf.5.xml:2425 msgid "access_provider (string)" msgstr "access_provider (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2427 +#: sssd.conf.5.xml:2428 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " @@ -3252,7 +3209,7 @@ msgstr "" "Backends enthalten sind). Interne Spezialanbieter sind:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2433 +#: sssd.conf.5.xml:2434 msgid "" "<quote>permit</quote> always allow access. It's the only permitted access " "provider for a local domain." @@ -3261,12 +3218,12 @@ msgstr "" "für eine lokale Domain." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2436 +#: sssd.conf.5.xml:2437 msgid "<quote>deny</quote> always deny access." msgstr "»deny« verweigert dem Zugriff immer." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2463 +#: sssd.conf.5.xml:2464 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" @@ -3279,7 +3236,7 @@ msgstr "" "simple</refentrytitle> <manvolnum>5</manvolnum></citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2470 +#: sssd.conf.5.xml:2471 msgid "" "<quote>krb5</quote>: .k5login based access control. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum></" @@ -3287,22 +3244,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2477 +#: sssd.conf.5.xml:2478 msgid "<quote>proxy</quote> for relaying access control to another PAM module." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2480 +#: sssd.conf.5.xml:2481 msgid "Default: <quote>permit</quote>" msgstr "Voreinstellung: »permit«" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2485 +#: sssd.conf.5.xml:2486 msgid "chpass_provider (string)" msgstr "chpass_provider (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2488 +#: sssd.conf.5.xml:2489 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" @@ -3311,7 +3268,7 @@ msgstr "" "Folgende Anbieter von Passwortänderungen werden unterstützt:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2493 +#: sssd.conf.5.xml:2494 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -3319,7 +3276,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2501 +#: sssd.conf.5.xml:2502 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3331,19 +3288,19 @@ msgstr "" "citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2526 +#: sssd.conf.5.xml:2527 msgid "" "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "" "»proxy« zur Weitergabe der Passwortänderung an irgendein anderes PAM-Ziel" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2530 +#: sssd.conf.5.xml:2531 msgid "<quote>none</quote> disallows password changes explicitly." msgstr "»none« verbietet explizit Passwortänderungen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2533 +#: sssd.conf.5.xml:2534 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." @@ -3352,19 +3309,19 @@ msgstr "" "kann mit Passwortänderungsanfragen umgehen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2540 +#: sssd.conf.5.xml:2541 msgid "sudo_provider (string)" msgstr "sudo_provider (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2543 +#: sssd.conf.5.xml:2544 msgid "The SUDO provider used for the domain. Supported SUDO providers are:" msgstr "" "der für diese Domain benutzte Sudo-Anbieter. Folgende Sudo-Anbieter werden " "unterstützt:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2547 +#: sssd.conf.5.xml:2548 msgid "" "<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3375,7 +3332,7 @@ msgstr "" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2555 +#: sssd.conf.5.xml:2556 msgid "" "<quote>ipa</quote> the same as <quote>ldap</quote> but with IPA default " "settings." @@ -3384,7 +3341,7 @@ msgstr "" "Vorgabeeinstellungen für IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2559 +#: sssd.conf.5.xml:2560 msgid "" "<quote>ad</quote> the same as <quote>ldap</quote> but with AD default " "settings." @@ -3393,19 +3350,19 @@ msgstr "" "Vorgabeeinstellungen für AD." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2563 +#: sssd.conf.5.xml:2564 msgid "<quote>none</quote> disables SUDO explicitly." msgstr "»none« deaktiviert explizit Sudo." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2566 sssd.conf.5.xml:2652 sssd.conf.5.xml:2722 -#: sssd.conf.5.xml:2747 +#: sssd.conf.5.xml:2567 sssd.conf.5.xml:2653 sssd.conf.5.xml:2723 +#: sssd.conf.5.xml:2748 msgid "Default: The value of <quote>id_provider</quote> is used if it is set." msgstr "" "Voreinstellung: Falls gesetzt, wird der Wert von »id_provider« benutzt." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2570 +#: sssd.conf.5.xml:2571 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -3422,7 +3379,7 @@ msgstr "" "<manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2585 +#: sssd.conf.5.xml:2586 msgid "" "<emphasis>NOTE:</emphasis> Sudo rules are periodically downloaded in the " "background unless the sudo provider is explicitly disabled. Set " @@ -3431,12 +3388,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2595 +#: sssd.conf.5.xml:2596 msgid "selinux_provider (string)" msgstr "selinux_provider (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2598 +#: sssd.conf.5.xml:2599 msgid "" "The provider which should handle loading of selinux settings. Note that this " "provider will be called right after access provider ends. Supported selinux " @@ -3447,7 +3404,7 @@ msgstr "" "Zugriffsanbieter beendet hat. Folgende SELinux-Anbieter werden unterstützt:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2604 +#: sssd.conf.5.xml:2605 msgid "" "<quote>ipa</quote> to load selinux settings from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3459,12 +3416,12 @@ msgstr "" "manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2612 +#: sssd.conf.5.xml:2613 msgid "<quote>none</quote> disallows fetching selinux settings explicitly." msgstr "»none« verbietet explizit das Abholen von SELinux-Einstellungen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2615 +#: sssd.conf.5.xml:2616 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "selinux loading requests." @@ -3473,12 +3430,12 @@ msgstr "" "kann SELinux-Ladeanfragen handhaben." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2621 +#: sssd.conf.5.xml:2622 msgid "subdomains_provider (string)" msgstr "subdomains_provider (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2624 +#: sssd.conf.5.xml:2625 msgid "" "The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider. Supported subdomain providers are:" @@ -3488,7 +3445,7 @@ msgstr "" "werden unterstützt:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2630 +#: sssd.conf.5.xml:2631 msgid "" "<quote>ipa</quote> to load a list of subdomains from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3500,7 +3457,7 @@ msgstr "" "citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2639 +#: sssd.conf.5.xml:2640 msgid "" "<quote>ad</quote> to load a list of subdomains from an Active Directory " "server. See <citerefentry> <refentrytitle>sssd-ad</refentrytitle> " @@ -3509,17 +3466,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2648 +#: sssd.conf.5.xml:2649 msgid "<quote>none</quote> disallows fetching subdomains explicitly." msgstr "»none« deaktiviert explizit das Abholen von Subdomains." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2658 +#: sssd.conf.5.xml:2659 msgid "session_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2661 +#: sssd.conf.5.xml:2662 msgid "" "The provider which configures and manages user session related tasks. The " "only user session task currently provided is the integration with Fleet " @@ -3527,37 +3484,37 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2668 +#: sssd.conf.5.xml:2669 msgid "<quote>ipa</quote> to allow performing user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2672 +#: sssd.conf.5.xml:2673 msgid "" "<quote>none</quote> does not perform any kind of user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2676 +#: sssd.conf.5.xml:2677 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can perform " "session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2680 +#: sssd.conf.5.xml:2681 msgid "" "<emphasis>NOTE:</emphasis> In order to have this feature working as expected " "SSSD must be running as \"root\" and not as the unprivileged user." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2688 +#: sssd.conf.5.xml:2689 msgid "autofs_provider (string)" msgstr "autofs_provider (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2691 +#: sssd.conf.5.xml:2692 msgid "" "The autofs provider used for the domain. Supported autofs providers are:" msgstr "" @@ -3565,7 +3522,7 @@ msgstr "" "»autofs« werden unterstützt:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2695 +#: sssd.conf.5.xml:2696 msgid "" "<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3577,7 +3534,7 @@ msgstr "" "citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2702 +#: sssd.conf.5.xml:2703 msgid "" "<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> " "<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3589,7 +3546,7 @@ msgstr "" "citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2710 +#: sssd.conf.5.xml:2711 msgid "" "<quote>ad</quote> to load maps stored in an AD server. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3597,17 +3554,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2719 +#: sssd.conf.5.xml:2720 msgid "<quote>none</quote> disables autofs explicitly." msgstr "»none« deaktiviert explizit »autofs«." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2729 +#: sssd.conf.5.xml:2730 msgid "hostid_provider (string)" msgstr "hostid_provider (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2732 +#: sssd.conf.5.xml:2733 msgid "" "The provider used for retrieving host identity information. Supported " "hostid providers are:" @@ -3616,7 +3573,7 @@ msgstr "" "wird. Folgende Anbieter von »hostid« werden unterstützt:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2736 +#: sssd.conf.5.xml:2737 msgid "" "<quote>ipa</quote> to load host identity stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3628,12 +3585,12 @@ msgstr "" "manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2744 +#: sssd.conf.5.xml:2745 msgid "<quote>none</quote> disables hostid explicitly." msgstr "»none« deaktiviert explizit »hostid«." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2757 +#: sssd.conf.5.xml:2758 msgid "" "Regular expression for this domain that describes how to parse the string " "containing user name and domain into these components. The \"domain\" can " @@ -3648,7 +3605,7 @@ msgstr "" "(NetBIOS-) Namen der Domain entsprechen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2766 +#: sssd.conf.5.xml:2767 msgid "" "Default for the AD and IPA provider: <quote>(((?P<domain>[^\\\\]+)\\" "\\(?P<name>.+$))|((?P<name>[^@]+)@(?P<domain>.+$))|(^(?" @@ -3660,22 +3617,22 @@ msgstr "" "P<Name>[^@\\\\]+)$))« " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2771 +#: sssd.conf.5.xml:2772 msgid "username" msgstr "Benutzername" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2774 +#: sssd.conf.5.xml:2775 msgid "username@domain.name" msgstr "Benutzername@Domain.Name" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2777 +#: sssd.conf.5.xml:2778 msgid "domain\\username" msgstr "Domain\\Benutzername" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2780 +#: sssd.conf.5.xml:2781 msgid "" "While the first two correspond to the general default the third one is " "introduced to allow easy integration of users from Windows domains." @@ -3685,7 +3642,7 @@ msgstr "" "Windows-Domains zu ermöglichen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2785 +#: sssd.conf.5.xml:2786 msgid "" "Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " "which translates to \"the name is everything up to the <quote>@</quote> " @@ -3695,7 +3652,7 @@ msgstr "" "bedeutet »der Name ist alles bis zum »@«-Zeichen, die Domain alles danach«" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2791 +#: sssd.conf.5.xml:2792 msgid "" "NOTE: Some Active Directory groups, typically those used for MS Exchange " "contain an <quote>@</quote> sign in the name, which clashes with the default " @@ -3705,17 +3662,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2842 +#: sssd.conf.5.xml:2843 msgid "Default: <quote>%1$s@%2$s</quote>." msgstr "Voreinstellung: »%1$s@%2$s«" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2848 +#: sssd.conf.5.xml:2849 msgid "lookup_family_order (string)" msgstr "lookup_family_order (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2851 +#: sssd.conf.5.xml:2852 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." @@ -3723,46 +3680,46 @@ msgstr "" "ermöglicht es, die bei DNS-Abfragen zu bevorzugende Adressfamilie zu wählen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2855 +#: sssd.conf.5.xml:2856 msgid "Supported values:" msgstr "unterstützte Werte:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2858 +#: sssd.conf.5.xml:2859 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" msgstr "" "ipv4_first: versucht die IPv4- und, falls dies fehlschlägt, die IPv6-Adresse " "nachzuschlagen" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2861 +#: sssd.conf.5.xml:2862 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." msgstr "ipv4_only: versucht, nur Rechnernamen zu IPv4-Adressen aufzulösen" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2864 +#: sssd.conf.5.xml:2865 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" msgstr "" "ipv6_first: versucht die IPv6- und, falls dies fehlschlägt, die IPv4-Adresse " "nachzuschlagen" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2867 +#: sssd.conf.5.xml:2868 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." msgstr "ipv6_only: versucht, nur Rechnernamen zu IPv6-Adressen aufzulösen" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2870 +#: sssd.conf.5.xml:2871 msgid "Default: ipv4_first" msgstr "Voreinstellung: ipv4_first" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2876 +#: sssd.conf.5.xml:2877 msgid "dns_resolver_timeout (integer)" msgstr "dns_resolver_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2879 +#: sssd.conf.5.xml:2880 msgid "" "Defines the amount of time (in seconds) to wait for a reply from the " "internal fail over service before assuming that the service is unreachable. " @@ -3771,25 +3728,25 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2886 +#: sssd.conf.5.xml:2887 msgid "" "Please see the section <quote>FAILOVER</quote> for more information about " "the service resolution." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2891 sssd-ldap.5.xml:1337 sssd-ldap.5.xml:1379 -#: sssd-ldap.5.xml:1397 sssd-krb5.5.xml:248 +#: sssd.conf.5.xml:2892 sssd-ldap.5.xml:1375 sssd-ldap.5.xml:1417 +#: sssd-ldap.5.xml:1435 sssd-krb5.5.xml:248 msgid "Default: 6" msgstr "Voreinstellung: 6" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2897 +#: sssd.conf.5.xml:2898 msgid "dns_discovery_domain (string)" msgstr "dns_discovery_domain (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2900 +#: sssd.conf.5.xml:2901 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." @@ -3798,52 +3755,52 @@ msgstr "" "DNS-Dienstabfrage an." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2904 +#: sssd.conf.5.xml:2905 msgid "Default: Use the domain part of machine's hostname" msgstr "Voreinstellung: Der Domain-Teil des Rechnernamens wird benutzt." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2910 +#: sssd.conf.5.xml:2911 msgid "override_gid (integer)" msgstr "override_gid (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2913 +#: sssd.conf.5.xml:2914 msgid "Override the primary GID value with the one specified." msgstr "überschreibt die Haupt-GID mit der angegebenen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2919 +#: sssd.conf.5.xml:2920 msgid "case_sensitive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2930 +#: sssd.conf.5.xml:2931 msgid "True" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2933 +#: sssd.conf.5.xml:2934 msgid "Case sensitive. This value is invalid for AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2939 +#: sssd.conf.5.xml:2940 msgid "False" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2941 +#: sssd.conf.5.xml:2942 msgid "Case insensitive." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2945 +#: sssd.conf.5.xml:2946 msgid "Preserving" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2948 +#: sssd.conf.5.xml:2949 msgid "" "Same as False (case insensitive), but does not lowercase names in the result " "of NSS operations. Note that name aliases (and in case of services also " @@ -3851,7 +3808,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2922 +#: sssd.conf.5.xml:2923 msgid "" "Treat user and group names as case sensitive. <phrase condition=" "\"enable_local_provider\"> At the moment, this option is not supported in " @@ -3860,17 +3817,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2960 +#: sssd.conf.5.xml:2961 msgid "Default: True (False for AD provider)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2966 +#: sssd.conf.5.xml:2967 msgid "subdomain_inherit (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2969 +#: sssd.conf.5.xml:2970 msgid "" "Specifies a list of configuration parameters that should be inherited by a " "subdomain. Please note that only selected parameters can be inherited. " @@ -3878,34 +3835,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2975 +#: sssd.conf.5.xml:2976 msgid "ignore_group_members" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2978 +#: sssd.conf.5.xml:2979 msgid "ldap_purge_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2981 sssd-ldap.5.xml:1061 +#: sssd.conf.5.xml:2982 sssd-ldap.5.xml:1099 msgid "ldap_use_tokengroups" msgstr "ldap_use_tokengroups" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2984 +#: sssd.conf.5.xml:2985 msgid "ldap_user_principal" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2987 +#: sssd.conf.5.xml:2988 msgid "" "ldap_krb5_keytab (the value of krb5_keytab will be used if ldap_krb5_keytab " "is not set explicitly)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:2993 +#: sssd.conf.5.xml:2994 #, no-wrap msgid "" "subdomain_inherit = ldap_purge_cache_timeout\n" @@ -3913,32 +3870,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2991 sssd-secrets.5.xml:448 +#: sssd.conf.5.xml:2992 sssd-secrets.5.xml:448 msgid "Example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3000 +#: sssd.conf.5.xml:3001 msgid "Note: This option only works with the IPA and AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3007 +#: sssd.conf.5.xml:3008 msgid "subdomain_homedir (string)" msgstr "subdomain_homedir (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3018 +#: sssd.conf.5.xml:3019 msgid "%F" msgstr "%F" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3019 +#: sssd.conf.5.xml:3020 msgid "flat (NetBIOS) name of a subdomain." msgstr "flacher (NetBIOS-) Name einer Subdomain" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3010 +#: sssd.conf.5.xml:3011 msgid "" "Use this homedir as default value for all subdomains within this domain in " "IPA AD trust. See <emphasis>override_homedir</emphasis> for info about " @@ -3953,7 +3910,7 @@ msgstr "" "verwendet werden. <placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3024 +#: sssd.conf.5.xml:3025 msgid "" "The value can be overridden by <emphasis>override_homedir</emphasis> option." msgstr "" @@ -3961,17 +3918,17 @@ msgstr "" "überschrieben werden." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3028 +#: sssd.conf.5.xml:3029 msgid "Default: <filename>/home/%d/%u</filename>" msgstr "Voreinstellung: <filename>/home/%d/%u</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3033 +#: sssd.conf.5.xml:3034 msgid "realmd_tags (string)" msgstr "realmd_tags (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3036 +#: sssd.conf.5.xml:3037 msgid "" "Various tags stored by the realmd configuration service for this domain." msgstr "" @@ -3979,25 +3936,33 @@ msgstr "" "Kennzeichnungen" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3042 +#: sssd.conf.5.xml:3043 msgid "cached_auth_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3045 +#: sssd.conf.5.xml:3046 msgid "" "Specifies time in seconds since last successful online authentication for " "which user will be authenticated using cached credentials while SSSD is in " -"the online mode." +"the online mode. If the credentials are incorrect, SSSD falls back to online " +"authentication." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3051 +#: sssd.conf.5.xml:3054 +msgid "" +"This option's value is inherited by all trusted domains. At the moment it is " +"not possible to set a different value per trusted domain." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3059 msgid "Special value 0 implies that this feature is disabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3055 +#: sssd.conf.5.xml:3063 msgid "" "Please note that if <quote>cached_auth_timeout</quote> is longer than " "<quote>pam_id_timeout</quote> then the back end could be called to handle " @@ -4005,43 +3970,121 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3066 +#: sssd.conf.5.xml:3074 msgid "auto_private_groups (string)" msgstr "" -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3069 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3080 +msgid "true" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3083 +msgid "" +"Create user's private group unconditionally from user's UID number. The GID " +"number is ignored in this case." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3087 +msgid "" +"NOTE: Because the GID number and the user private group are inferred from " +"the UID number, it is not supported to have multiple entries with the same " +"UID or GID number with this option. In other words, enabling this option " +"enforces uniqueness across the ID space." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3096 +msgid "false" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3099 +msgid "" +"Always use the user's primary GID number. The GID number must refer to a " +"group object in the LDAP database." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3105 +msgid "hybrid" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3108 msgid "" -"If this option is enabled, SSSD will automatically create user private " -"groups based on user's UID number. The GID number is ignored in this case." +"A primary group is autogenerated for user entries whose UID and GID numbers " +"have the same value and at the same time the GID number does not correspond " +"to a real group object in LDAP If the values are the same, but the primary " +"GID in the user entry is also used by a group object, the primary GID of the " +"user resolves to that group object." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3121 +msgid "" +"If the UID and GID of a user are different, then the GID must correspond to " +"a group entry, otherwise the GID is simply not resolvable." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3128 +msgid "" +"This feature is useful for environments that wish to stop maintaining a " +"separate group objects for the user private groups, but also wish to retain " +"the existing user private groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3074 +#: sssd.conf.5.xml:3077 +#, fuzzy +#| msgid "" +#| "Options valid for proxy domains. <placeholder type=\"variablelist\" id=" +#| "\"0\"/>" msgid "" -"For POSIX subdomains, setting the option in the main domain is inherited in " -"the subdomain." +"This option takes any of three available values: <placeholder type=" +"\"variablelist\" id=\"0\"/>" msgstr "" +"gültige Optionen für Proxy-Domains. <placeholder type=\"variablelist\" id=" +"\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3078 +#: sssd.conf.5.xml:3140 +msgid "" +"For subdomains, the default value is False for subdomains that use assigned " +"POSIX IDs and True for subdomains that use automatic ID-mapping." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd.conf.5.xml:3148 +#, no-wrap +msgid "" +"[domain/forest.domain/sub.domain]\n" +"auto_private_groups = false\n" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd.conf.5.xml:3154 +#, no-wrap msgid "" -"For ID-mapping subdomains, auto_private_groups is already enabled for the " -"subdomains and setting it to false will not have any effect for the " -"subdomain." +"[domain/forest.domain]\n" +"subdomain_inherit = auto_private_groups\n" +"auto_private_groups = false\n" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3083 +#: sssd.conf.5.xml:3145 msgid "" -"NOTE: Because the GID number and the user private group are inferred from " -"the UID number, it is not supported to have multiple entries with the same " -"UID or GID number with this option. In other words, enabling this option " -"enforces uniqueness across the ID space." +"The value of auto_private_groups can either be set per subdomains in a " +"subsection, for example: <placeholder type=\"programlisting\" id=\"0\"/> or " +"globally for all subdomains in the main domain section using the " +"subdomain_inherit option: <placeholder type=\"programlisting\" id=\"1\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1884 +#: sssd.conf.5.xml:1885 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called <quote>[domain/<replaceable>NAME</" @@ -4053,17 +4096,17 @@ msgstr "" "\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3102 +#: sssd.conf.5.xml:3169 msgid "proxy_pam_target (string)" msgstr "proxy_pam_target (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3105 +#: sssd.conf.5.xml:3172 msgid "The proxy target PAM proxies to." msgstr "das Proxy-Ziel, an das PAM weiterleitet" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3108 +#: sssd.conf.5.xml:3175 msgid "" "Default: not set by default, you have to take an existing pam configuration " "or create a new one and add the service name here." @@ -4073,12 +4116,12 @@ msgstr "" "hinzufügen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3116 +#: sssd.conf.5.xml:3183 msgid "proxy_lib_name (string)" msgstr "proxy_lib_name (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3119 +#: sssd.conf.5.xml:3186 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " @@ -4089,12 +4132,12 @@ msgstr "" "$(libName)_$(function)«, zum Beispiel »_nss_files_getpwent«." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3129 +#: sssd.conf.5.xml:3196 msgid "proxy_fast_alias (boolean)" msgstr "proxy_fast_alias (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3132 +#: sssd.conf.5.xml:3199 msgid "" "When a user or group is looked up by name in the proxy provider, a second " "lookup by ID is performed to \"canonicalize\" the name in case the requested " @@ -4108,12 +4151,12 @@ msgstr "" "veranlassen, die ID im Zwischenspeicher nachzuschlagen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3146 +#: sssd.conf.5.xml:3213 msgid "proxy_max_children (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3149 +#: sssd.conf.5.xml:3216 msgid "" "This option specifies the number of pre-forked proxy children. It is useful " "for high-load SSSD environments where sssd may run out of available child " @@ -4121,7 +4164,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3098 +#: sssd.conf.5.xml:3165 msgid "" "Options valid for proxy domains. <placeholder type=\"variablelist\" id=" "\"0\"/>" @@ -4130,12 +4173,12 @@ msgstr "" "\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:3165 +#: sssd.conf.5.xml:3232 msgid "Application domains" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3167 +#: sssd.conf.5.xml:3234 msgid "" "SSSD, with its D-Bus interface (see <citerefentry> <refentrytitle>sssd-ifp</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry>) is appealing to " @@ -4152,7 +4195,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3187 +#: sssd.conf.5.xml:3254 msgid "" "Please note that the application domain must still be explicitly enabled in " "the <quote>domains</quote> parameter so that the lookup order between the " @@ -4160,17 +4203,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:3193 +#: sssd.conf.5.xml:3260 msgid "Application domain parameters" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3195 +#: sssd.conf.5.xml:3262 msgid "inherit_from (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3198 +#: sssd.conf.5.xml:3265 msgid "" "The SSSD POSIX-type domain the application domain inherits all settings " "from. The application domain can moreover add its own settings to the " @@ -4179,7 +4222,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3212 +#: sssd.conf.5.xml:3279 msgid "" "The following example illustrates the use of an application domain. In this " "setup, the POSIX domain is connected to an LDAP server and is used by the OS " @@ -4189,7 +4232,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><programlisting> -#: sssd.conf.5.xml:3220 +#: sssd.conf.5.xml:3287 #, no-wrap msgid "" "[sssd]\n" @@ -4209,12 +4252,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:3238 +#: sssd.conf.5.xml:3305 msgid "The local domain section" msgstr "Der Abschnitt lokale Domain" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3240 +#: sssd.conf.5.xml:3307 msgid "" "This section contains settings for domain that stores users and groups in " "SSSD native database, that is, a domain that uses " @@ -4225,29 +4268,29 @@ msgstr "" "<replaceable>ID_Anbieter=lokal</replaceable> benutzt." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3247 +#: sssd.conf.5.xml:3314 msgid "default_shell (string)" msgstr "default_shell (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3250 +#: sssd.conf.5.xml:3317 msgid "The default shell for users created with SSSD userspace tools." msgstr "" "die Standard-Shell für Anwender, die mit den SSSD-Werkzeugen für den " "Benutzerbereich erstellt wurde." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3254 +#: sssd.conf.5.xml:3321 msgid "Default: <filename>/bin/bash</filename>" msgstr "Voreinstellung: <filename>/bin/bash</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3259 +#: sssd.conf.5.xml:3326 msgid "base_directory (string)" msgstr "base_directory (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3262 +#: sssd.conf.5.xml:3329 msgid "" "The tools append the login name to <replaceable>base_directory</replaceable> " "and use that as the home directory." @@ -4256,17 +4299,17 @@ msgstr "" "replaceable> und benutzen dies als Home-Verzeichnis." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3267 +#: sssd.conf.5.xml:3334 msgid "Default: <filename>/home</filename>" msgstr "Voreinstellung: <filename>/home</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3272 +#: sssd.conf.5.xml:3339 msgid "create_homedir (bool)" msgstr "create_homedir (Boolesch)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3275 +#: sssd.conf.5.xml:3342 msgid "" "Indicate if a home directory should be created by default for new users. " "Can be overridden on command line." @@ -4275,17 +4318,17 @@ msgstr "" "werden soll; kann auf der Befehlszeile überschrieben werden" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3279 sssd.conf.5.xml:3291 +#: sssd.conf.5.xml:3346 sssd.conf.5.xml:3358 msgid "Default: TRUE" msgstr "Voreinstellung: TRUE" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3284 +#: sssd.conf.5.xml:3351 msgid "remove_homedir (bool)" msgstr "remove_homedir (Boolesch)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3287 +#: sssd.conf.5.xml:3354 msgid "" "Indicate if a home directory should be removed by default for deleted " "users. Can be overridden on command line." @@ -4294,12 +4337,12 @@ msgstr "" "entfernt werden soll; kann auf der Befehlszeile überschrieben werden" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3296 +#: sssd.conf.5.xml:3363 msgid "homedir_umask (integer)" msgstr "homedir_umask (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3299 +#: sssd.conf.5.xml:3366 msgid "" "Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " @@ -4310,17 +4353,17 @@ msgstr "" "Standardzugriffsrechte für ein neu erstelltes Home-Verzeichnis anzugeben." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3307 +#: sssd.conf.5.xml:3374 msgid "Default: 077" msgstr "Voreinstellung: 077" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3312 +#: sssd.conf.5.xml:3379 msgid "skel_dir (string)" msgstr "skel_dir (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3315 +#: sssd.conf.5.xml:3382 msgid "" "The skeleton directory, which contains files and directories to be copied in " "the user's home directory, when the home directory is created by " @@ -4333,17 +4376,17 @@ msgstr "" "<manvolnum>8</manvolnum> </citerefentry> erstellt wird" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3325 +#: sssd.conf.5.xml:3392 msgid "Default: <filename>/etc/skel</filename>" msgstr "Voreinstellung: <filename>/etc/skel</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3330 +#: sssd.conf.5.xml:3397 msgid "mail_dir (string)" msgstr "mail_dir (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3333 +#: sssd.conf.5.xml:3400 msgid "" "The mail spool directory. This is needed to manipulate the mailbox when its " "corresponding user account is modified or deleted. If not specified, a " @@ -4354,17 +4397,17 @@ msgstr "" "wurde. Ist dies nicht angegeben wird ein Standardwert verwendet." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3340 +#: sssd.conf.5.xml:3407 msgid "Default: <filename>/var/mail</filename>" msgstr "Voreinstellung: <filename>/var/mail</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3345 +#: sssd.conf.5.xml:3412 msgid "userdel_cmd (string)" msgstr "userdel_cmd (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3348 +#: sssd.conf.5.xml:3415 msgid "" "The command that is run after a user is removed. The command us passed the " "username of the user being removed as the first and only parameter. The " @@ -4376,17 +4419,17 @@ msgstr "" "berücksichtigt." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3354 +#: sssd.conf.5.xml:3421 msgid "Default: None, no command is run" msgstr "Voreinstellung: keine, es wird kein Befehl ausgeführt" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3364 +#: sssd.conf.5.xml:3431 msgid "TRUSTED DOMAIN SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3366 +#: sssd.conf.5.xml:3433 msgid "" "Some options used in the domain section can also be used in the trusted " "domain section, that is, in a section called <quote>[domain/" @@ -4397,64 +4440,71 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3373 +#: sssd.conf.5.xml:3440 msgid "ldap_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3374 +#: sssd.conf.5.xml:3441 msgid "ldap_user_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3375 +#: sssd.conf.5.xml:3442 msgid "ldap_group_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3376 +#: sssd.conf.5.xml:3443 msgid "ldap_netgroup_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3377 +#: sssd.conf.5.xml:3444 msgid "ldap_service_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3378 +#: sssd.conf.5.xml:3445 +#, fuzzy +#| msgid "ldap_sasl_mech (string)" +msgid "ldap_sasl_mech," +msgstr "ldap_sasl_mech (Zeichenkette)" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:3446 msgid "ad_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3379 +#: sssd.conf.5.xml:3447 msgid "ad_backup_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3380 +#: sssd.conf.5.xml:3448 msgid "ad_site," msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3381 sssd-ipa.5.xml:797 +#: sssd.conf.5.xml:3449 sssd-ipa.5.xml:797 msgid "use_fully_qualified_names" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3383 +#: sssd.conf.5.xml:3451 msgid "" "For more details about these options see their individual description in the " "manual page." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3389 +#: sssd.conf.5.xml:3457 msgid "CERTIFICATE MAPPING SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3391 +#: sssd.conf.5.xml:3459 msgid "" "To allow authentication with Smartcards and certificates SSSD must be able " "to map certificates to users. This can be done by adding the full " @@ -4467,25 +4517,15 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3405 -#, fuzzy -#| msgid "" -#| "This manual page only describes attribute name mapping. For detailed " -#| "explanation of sudo related attribute semantics, see <citerefentry> " -#| "<refentrytitle>sudoers.ldap</refentrytitle><manvolnum>5</manvolnum> </" -#| "citerefentry>" +#: sssd.conf.5.xml:3473 msgid "" "To make the mapping more flexible mapping and matching rules were added to " "SSSD (see <citerefentry> <refentrytitle>sss-certmap</refentrytitle> " "<manvolnum>5</manvolnum> </citerefentry> for details)." msgstr "" -"Diese Handbuchseite beschreibt nur das Abbilden von Attributnamen. Eine " -"umfassende Erklärung der Sudo-bezogenen Attributsemantik finden Sie unter " -"<citerefentry> <refentrytitle>sudoers.ldap</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3414 +#: sssd.conf.5.xml:3482 msgid "" "A mapping and matching rule can be added to the SSSD configuration in a " "section on its own with a name like <quote>[certmap/" @@ -4494,61 +4534,55 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3421 -#, fuzzy -#| msgid "auth_provider (string)" +#: sssd.conf.5.xml:3489 msgid "matchrule (string)" -msgstr "auth_provider (Zeichenkette)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3424 +#: sssd.conf.5.xml:3492 msgid "" "Only certificates from the Smartcard which matches this rule will be " "processed, all others are ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3428 +#: sssd.conf.5.xml:3496 msgid "" "Default: KRB5:<EKU>clientAuth, i.e. only certificates which have the " "Extended Key Usage <quote>clientAuth</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3435 -#, fuzzy -#| msgid "ldap_deref (string)" +#: sssd.conf.5.xml:3503 msgid "maprule (string)" -msgstr "ldap_deref (Zeichenkette)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3438 +#: sssd.conf.5.xml:3506 msgid "Defines how the user is found for a given certificate." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3444 +#: sssd.conf.5.xml:3512 msgid "" "LDAP:(userCertificate;binary={cert!bin}) for LDAP based providers like " "<quote>ldap</quote>, <quote>AD</quote> or <quote>ipa</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3450 +#: sssd.conf.5.xml:3518 msgid "" "The RULE_NAME for the <quote>files</quote> provider which tries to find a " "user with the same name." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3459 -#, fuzzy -#| msgid "ad_domain (string)" +#: sssd.conf.5.xml:3527 msgid "domains (string)" -msgstr "ad_domain (Zeichenkette)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3462 +#: sssd.conf.5.xml:3530 msgid "" "Comma separated list of domain names the rule should be applied. By default " "a rule is only valid in the domain configured in sssd.conf. If the provider " @@ -4557,19 +4591,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3469 +#: sssd.conf.5.xml:3537 msgid "Default: the configured domain in sssd.conf" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3474 -#, fuzzy -#| msgid "pam_verbosity (integer)" +#: sssd.conf.5.xml:3542 msgid "priority (integer)" -msgstr "pam_verbosity (Ganzzahl)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3477 +#: sssd.conf.5.xml:3545 msgid "" "Unsigned integer value defining the priority of the rule. The higher the " "number the lower the priority. <quote>0</quote> stands for the highest " @@ -4577,28 +4609,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3483 -#, fuzzy -#| msgid "Default: homeDirectory" +#: sssd.conf.5.xml:3551 msgid "Default: the lowest priority" -msgstr "Voreinstellung: homeDirectory" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3489 +#: sssd.conf.5.xml:3557 msgid "" "To make the configuration simple and reduce the amount of configuration " "options the <quote>files</quote> provider has some special properties:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3495 +#: sssd.conf.5.xml:3563 msgid "" "if maprule is not set the RULE_NAME name is assumed to be the name of the " "matching user" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3501 +#: sssd.conf.5.xml:3569 msgid "" "if a maprule is used both a single user name or a template like " "<quote>{subject_rfc822_name.short_name}</quote> must be in braces like e.g. " @@ -4607,17 +4637,140 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3510 +#: sssd.conf.5.xml:3578 msgid "the <quote>domains</quote> option is ignored" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3518 idmap_sss.8.xml:43 +#: sssd.conf.5.xml:3586 +#, fuzzy +#| msgid "CONFIGURATION OPTIONS" +msgid "PROMPTING CONFIGURATION SECTION" +msgstr "KONFIGURATIONSOPTIONEN" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:3588 +msgid "" +"If a special file (<filename>/var/lib/sss/pubconf/pam_preauth_available</" +"filename>) exists SSSD's PAM module pam_sss will ask SSSD to figure out " +"which authentication methods are available for the user trying to log in. " +"Based on the results pam_sss will prompt the user for appropriate " +"credentials." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:3596 +msgid "" +"With the growing number of authentication methods and the possibility that " +"there are multiple ones for a single user the heuristic used by pam_sss to " +"select the prompting might not be suitable for all use cases. To following " +"options should provide a better flexibility here." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3608 +msgid "[prompting/password]" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3611 +#, fuzzy +#| msgid "password" +msgid "password_prompt" +msgstr "password" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3612 +msgid "to change the string of the password prompt" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3610 +#, fuzzy +#| msgid "" +#| "Options valid for proxy domains. <placeholder type=\"variablelist\" id=" +#| "\"0\"/>" +msgid "" +"to configure password prompting, allowed options are: <placeholder type=" +"\"variablelist\" id=\"0\"/>" +msgstr "" +"gültige Optionen für Proxy-Domains. <placeholder type=\"variablelist\" id=" +"\"0\"/>" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3620 +msgid "[prompting/2fa]" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3624 +msgid "first_prompt" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3625 +msgid "to change the string of the prompt for the first factor" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3628 +msgid "second_prompt" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3629 +msgid "to change the string of the prompt for the second factor" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3632 +msgid "single_prompt" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3633 +msgid "" +"boolean value, if True there will be only a single prompt using the value of " +"first_prompt where it is expected that both factor are entered as a single " +"string" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3622 +#, fuzzy +#| msgid "" +#| "Options valid for proxy domains. <placeholder type=\"variablelist\" id=" +#| "\"0\"/>" +msgid "" +"to configure two-factor authentication prompting, allowed options are: " +"<placeholder type=\"variablelist\" id=\"0\"/>" +msgstr "" +"gültige Optionen für Proxy-Domains. <placeholder type=\"variablelist\" id=" +"\"0\"/>" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:3603 +msgid "" +"Each supported authentication method has it's own configuration sub-section " +"under <quote>[prompting/...]</quote>. Currently there are: <placeholder type=" +"\"variablelist\" id=\"0\"/> <placeholder type=\"variablelist\" id=\"1\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:3645 +msgid "" +"It is possible to add a sub-section for specific PAM services like e.g. " +"<quote>[prompting/password/sshd]</quote> to individual change the prompting " +"for this service." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sssd.conf.5.xml:3652 idmap_sss.8.xml:43 msgid "EXAMPLES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3524 +#: sssd.conf.5.xml:3658 #, no-wrap msgid "" "[sssd]\n" @@ -4671,7 +4824,7 @@ msgstr "" "enumerate = False\n" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3520 +#: sssd.conf.5.xml:3654 msgid "" "1. The following example shows a typical SSSD config. It does not describe " "configuration of the domains themselves - refer to documentation on " @@ -4680,7 +4833,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3557 +#: sssd.conf.5.xml:3691 #, no-wrap msgid "" "[domain/ipa.com/child.ad.com]\n" @@ -4688,7 +4841,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3551 +#: sssd.conf.5.xml:3685 msgid "" "2. The following example shows configuration of IPA AD trust where the AD " "forest consists of two domains in a parent-child structure. Suppose IPA " @@ -4699,7 +4852,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3571 +#: sssd.conf.5.xml:3705 #, no-wrap msgid "" "[certmap/my.domain/rule_name]\n" @@ -4713,7 +4866,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3562 +#: sssd.conf.5.xml:3696 msgid "" "3. The following example shows the configuration for two certificate mapping " "rules. The first is valid for the configured domain <quote>my.domain</quote> " @@ -4900,7 +5053,7 @@ msgstr "" "rfc/rfc2254.txt spezifiziert, sein." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:662 sssd-ad.5.xml:286 +#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:700 sssd-ad.5.xml:286 #: sss_override.8.xml:137 sss_override.8.xml:234 msgid "Examples:" msgstr "Beispiele:" @@ -5020,53 +5173,98 @@ msgstr "Voreinstellung: rfc2307" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:209 +#, fuzzy +#| msgid "ldap_group_modify_timestamp (string)" +msgid "ldap_pwmodify_mode (string)" +msgstr "ldap_group_modify_timestamp (Zeichenkette)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:212 +msgid "Specify the operation that is used to modify user password." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:216 +#, fuzzy +#| msgid "Four schema types are currently supported:" +msgid "Two modes are currently supported:" +msgstr "Derzeit werden vier Schematypen unterstützt:" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ldap.5.xml:220 +msgid "exop - Password Modify Extended Operation (RFC 3062)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ldap.5.xml:226 +msgid "ldap_modify - Direct modification of userPassword (not recommended)." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:233 +msgid "" +"Note: First, a new connection is established to verify current password by " +"binding as the user that requested password change. If successful, this " +"connection is used to change the password therefore the user must have write " +"access to userPassword attribute." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:241 +#, fuzzy +#| msgid "Default: gecos" +msgid "Default: exop" +msgstr "Voreinstellung: gecos" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:247 msgid "ldap_default_bind_dn (string)" msgstr "ldap_default_bind_dn (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:212 +#: sssd-ldap.5.xml:250 msgid "The default bind DN to use for performing LDAP operations." msgstr "" "der Standard-Bind-Domain-Name, der zum Durchführen von LDAP-Aktionen benutzt " "wird" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:219 +#: sssd-ldap.5.xml:257 msgid "ldap_default_authtok_type (string)" msgstr "ldap_default_authtok_type (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:222 +#: sssd-ldap.5.xml:260 msgid "The type of the authentication token of the default bind DN." msgstr "der Typ des Authentifizierungs-Tokens des Standard-Bind-Domain-Namens" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:226 +#: sssd-ldap.5.xml:264 msgid "The two mechanisms currently supported are:" msgstr "Die beiden derzeit unterstützten Mechanismen sind:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:229 +#: sssd-ldap.5.xml:267 msgid "password" msgstr "password" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:232 +#: sssd-ldap.5.xml:270 msgid "obfuscated_password" msgstr "obfuscated_password" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:235 +#: sssd-ldap.5.xml:273 msgid "Default: password" msgstr "Voreinstellung: password" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:241 +#: sssd-ldap.5.xml:279 msgid "ldap_default_authtok (string)" msgstr "ldap_default_authtok (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:244 +#: sssd-ldap.5.xml:282 msgid "" "The authentication token of the default bind DN. Only clear text passwords " "are currently supported." @@ -5075,72 +5273,72 @@ msgstr "" "nur Klartextpasswörter unterstützt." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:251 +#: sssd-ldap.5.xml:289 msgid "ldap_user_object_class (string)" msgstr "ldap_user_object_class (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:254 +#: sssd-ldap.5.xml:292 msgid "The object class of a user entry in LDAP." msgstr "die Objektklasse eines Benutzereintrags in LDAP" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:257 +#: sssd-ldap.5.xml:295 msgid "Default: posixAccount" msgstr "Voreinstellung: posixAccount" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:263 +#: sssd-ldap.5.xml:301 msgid "ldap_user_name (string)" msgstr "ldap_user_name (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:266 +#: sssd-ldap.5.xml:304 msgid "The LDAP attribute that corresponds to the user's login name." msgstr "das LDAP-Attribut, das zum Anmeldenamen des Benutzers gehört" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:270 +#: sssd-ldap.5.xml:308 msgid "Default: uid (rfc2307, rfc2307bis and IPA), sAMAccountName (AD)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:277 +#: sssd-ldap.5.xml:315 msgid "ldap_user_uid_number (string)" msgstr "ldap_user_uid_number (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:280 +#: sssd-ldap.5.xml:318 msgid "The LDAP attribute that corresponds to the user's id." msgstr "das LDAP-Attribut, das zu der ID des Benutzers gehört" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:284 +#: sssd-ldap.5.xml:322 msgid "Default: uidNumber" msgstr "Voreinstellung: uidNumber" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:290 +#: sssd-ldap.5.xml:328 msgid "ldap_user_gid_number (string)" msgstr "ldap_user_gid_number (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:293 +#: sssd-ldap.5.xml:331 msgid "The LDAP attribute that corresponds to the user's primary group id." msgstr "das LDAP-Attribut, das zu der Hauptgruppen-ID des Benutzers gehört" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:297 sssd-ldap.5.xml:929 +#: sssd-ldap.5.xml:335 sssd-ldap.5.xml:967 msgid "Default: gidNumber" msgstr "Voreinstellung: gidNumber" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:303 +#: sssd-ldap.5.xml:341 msgid "ldap_user_primary_group (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:306 +#: sssd-ldap.5.xml:344 msgid "" "Active Directory primary group attribute for ID-mapping. Note that this " "attribute should only be set manually if you are running the <quote>ldap</" @@ -5148,82 +5346,82 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:312 +#: sssd-ldap.5.xml:350 msgid "Default: unset (LDAP), primaryGroupID (AD)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:318 +#: sssd-ldap.5.xml:356 msgid "ldap_user_gecos (string)" msgstr "ldap_user_gecos (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:321 +#: sssd-ldap.5.xml:359 msgid "The LDAP attribute that corresponds to the user's gecos field." msgstr "das LDAP-Attribut, das zum Gecos-Feld des Benutzers gehört" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:325 +#: sssd-ldap.5.xml:363 msgid "Default: gecos" msgstr "Voreinstellung: gecos" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:331 +#: sssd-ldap.5.xml:369 msgid "ldap_user_home_directory (string)" msgstr "ldap_user_home_directory (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:334 +#: sssd-ldap.5.xml:372 msgid "The LDAP attribute that contains the name of the user's home directory." msgstr "" "das LDAP-Attribut, das den Namen des Home-Verzeichnisses des Benutzers " "enthält" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:338 +#: sssd-ldap.5.xml:376 msgid "Default: homeDirectory" msgstr "Voreinstellung: homeDirectory" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:344 +#: sssd-ldap.5.xml:382 msgid "ldap_user_shell (string)" msgstr "ldap_user_shell (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:347 +#: sssd-ldap.5.xml:385 msgid "The LDAP attribute that contains the path to the user's default shell." msgstr "" "das LDAP-Attribut, das den Pfad zur Standard-Shell des Benutzers enthält" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:351 +#: sssd-ldap.5.xml:389 msgid "Default: loginShell" msgstr "Voreinstellung: loginShell" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:357 +#: sssd-ldap.5.xml:395 msgid "ldap_user_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:360 +#: sssd-ldap.5.xml:398 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:364 sssd-ldap.5.xml:955 +#: sssd-ldap.5.xml:402 sssd-ldap.5.xml:993 msgid "" "Default: not set in the general case, objectGUID for AD and ipaUniqueID for " "IPA" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:371 +#: sssd-ldap.5.xml:409 msgid "ldap_user_objectsid (string)" msgstr "ldap_user_objectsid (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:374 +#: sssd-ldap.5.xml:412 msgid "" "The LDAP attribute that contains the objectSID of an LDAP user object. This " "is usually only necessary for ActiveDirectory servers." @@ -5232,17 +5430,17 @@ msgstr "" "Dies wird normalerweise nur für Active-Directory-Server benötigt." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:379 sssd-ldap.5.xml:970 +#: sssd-ldap.5.xml:417 sssd-ldap.5.xml:1008 msgid "Default: objectSid for ActiveDirectory, not set for other servers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:386 +#: sssd-ldap.5.xml:424 msgid "ldap_user_modify_timestamp (string)" msgstr "ldap_user_modify_timestamp (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:389 sssd-ldap.5.xml:980 sssd-ldap.5.xml:1144 +#: sssd-ldap.5.xml:427 sssd-ldap.5.xml:1018 sssd-ldap.5.xml:1182 msgid "" "The LDAP attribute that contains timestamp of the last modification of the " "parent object." @@ -5251,17 +5449,17 @@ msgstr "" "übergeordneten Objekt enthält" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:393 sssd-ldap.5.xml:984 sssd-ldap.5.xml:1151 +#: sssd-ldap.5.xml:431 sssd-ldap.5.xml:1022 sssd-ldap.5.xml:1189 msgid "Default: modifyTimestamp" msgstr "Voreinstellung: modifyTimestamp" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:399 +#: sssd-ldap.5.xml:437 msgid "ldap_user_shadow_last_change (string)" msgstr "ldap_user_shadow_last_change (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:402 +#: sssd-ldap.5.xml:440 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -5274,17 +5472,17 @@ msgstr "" "manvolnum> </citerefentry> (Datum der letzten Passwortänderung) gehört." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:412 +#: sssd-ldap.5.xml:450 msgid "Default: shadowLastChange" msgstr "Voreinstellung: shadowLastChange" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:418 +#: sssd-ldap.5.xml:456 msgid "ldap_user_shadow_min (string)" msgstr "ldap_user_shadow_min (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:421 +#: sssd-ldap.5.xml:459 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -5297,17 +5495,17 @@ msgstr "" "manvolnum> </citerefentry> (Mindestpasswortalter) gehört." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:430 +#: sssd-ldap.5.xml:468 msgid "Default: shadowMin" msgstr "Voreinstellung: shadowMin" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:436 +#: sssd-ldap.5.xml:474 msgid "ldap_user_shadow_max (string)" msgstr "ldap_user_shadow_max (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:439 +#: sssd-ldap.5.xml:477 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -5320,17 +5518,17 @@ msgstr "" "manvolnum> </citerefentry> (maximales Passwortalter) gehört." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:448 +#: sssd-ldap.5.xml:486 msgid "Default: shadowMax" msgstr "Voreinstellung: shadowMax" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:454 +#: sssd-ldap.5.xml:492 msgid "ldap_user_shadow_warning (string)" msgstr "ldap_user_shadow_warning (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:457 +#: sssd-ldap.5.xml:495 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -5343,17 +5541,17 @@ msgstr "" "manvolnum> </citerefentry> (Passwortwarnperiode) gehört." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:467 +#: sssd-ldap.5.xml:505 msgid "Default: shadowWarning" msgstr "Voreinstellung: shadowWarning" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:473 +#: sssd-ldap.5.xml:511 msgid "ldap_user_shadow_inactive (string)" msgstr "ldap_user_shadow_inactive (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:476 +#: sssd-ldap.5.xml:514 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -5366,17 +5564,17 @@ msgstr "" "manvolnum> </citerefentry> (Passwortinaktivitätsperiode) gehört." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:486 +#: sssd-ldap.5.xml:524 msgid "Default: shadowInactive" msgstr "Voreinstellung: shadowInactive" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:492 +#: sssd-ldap.5.xml:530 msgid "ldap_user_shadow_expire (string)" msgstr "ldap_user_shadow_expire (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:495 +#: sssd-ldap.5.xml:533 msgid "" "When using ldap_pwd_policy=shadow or ldap_account_expire_policy=shadow, this " "parameter contains the name of an LDAP attribute corresponding to its " @@ -5389,17 +5587,17 @@ msgstr "" "manvolnum> </citerefentry> (Ablaufdatum des Kontos) gehört." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:505 +#: sssd-ldap.5.xml:543 msgid "Default: shadowExpire" msgstr "Voreinstellung: shadowExpire" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:511 +#: sssd-ldap.5.xml:549 msgid "ldap_user_krb_last_pwd_change (string)" msgstr "ldap_user_krb_last_pwd_change (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:514 +#: sssd-ldap.5.xml:552 msgid "" "When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " "an LDAP attribute storing the date and time of last password change in " @@ -5410,17 +5608,17 @@ msgstr "" "Passwortänderung in Kerberos gespeichert sind." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:520 +#: sssd-ldap.5.xml:558 msgid "Default: krbLastPwdChange" msgstr "Voreinstellung: krbLastPwdChange" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:526 +#: sssd-ldap.5.xml:564 msgid "ldap_user_krb_password_expiration (string)" msgstr "ldap_user_krb_password_expiration (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:529 +#: sssd-ldap.5.xml:567 msgid "" "When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " "an LDAP attribute storing the date and time when current password expires." @@ -5430,17 +5628,17 @@ msgstr "" "das aktuelle Passwort erlischt." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:535 +#: sssd-ldap.5.xml:573 msgid "Default: krbPasswordExpiration" msgstr "Voreinstellung: krbPasswordExpiration" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:541 +#: sssd-ldap.5.xml:579 msgid "ldap_user_ad_account_expires (string)" msgstr "ldap_user_ad_account_expires (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:544 +#: sssd-ldap.5.xml:582 msgid "" "When using ldap_account_expire_policy=ad, this parameter contains the name " "of an LDAP attribute storing the expiration time of the account." @@ -5450,17 +5648,17 @@ msgstr "" "Konto erlischt." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:549 +#: sssd-ldap.5.xml:587 msgid "Default: accountExpires" msgstr "Voreinstellung: accountExpires" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:555 +#: sssd-ldap.5.xml:593 msgid "ldap_user_ad_user_account_control (string)" msgstr "ldap_user_ad_user_account_control (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:558 +#: sssd-ldap.5.xml:596 msgid "" "When using ldap_account_expire_policy=ad, this parameter contains the name " "of an LDAP attribute storing the user account control bit field." @@ -5470,17 +5668,17 @@ msgstr "" "Benutzerkontos gespeichert ist." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:563 +#: sssd-ldap.5.xml:601 msgid "Default: userAccountControl" msgstr "Voreinstellung: userAccountControl" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:569 +#: sssd-ldap.5.xml:607 msgid "ldap_ns_account_lock (string)" msgstr "ldap_ns_account_lock (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:572 +#: sssd-ldap.5.xml:610 msgid "" "When using ldap_account_expire_policy=rhds or equivalent, this parameter " "determines if access is allowed or not." @@ -5489,17 +5687,17 @@ msgstr "" "legt dieser Parameter fest, ob Zugriff gewährt wird oder nicht." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:577 +#: sssd-ldap.5.xml:615 msgid "Default: nsAccountLock" msgstr "Voreinstellung: nsAccountLock" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:583 +#: sssd-ldap.5.xml:621 msgid "ldap_user_nds_login_disabled (string)" msgstr "ldap_user_nds_login_disabled (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:586 +#: sssd-ldap.5.xml:624 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines if " "access is allowed or not." @@ -5508,17 +5706,17 @@ msgstr "" "fest, ob Zugriff gewährt wird oder nicht." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:590 sssd-ldap.5.xml:604 +#: sssd-ldap.5.xml:628 sssd-ldap.5.xml:642 msgid "Default: loginDisabled" msgstr "Voreinstellung: loginDisabled" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:596 +#: sssd-ldap.5.xml:634 msgid "ldap_user_nds_login_expiration_time (string)" msgstr "ldap_user_nds_login_expiration_time (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:599 +#: sssd-ldap.5.xml:637 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines until " "which date access is granted." @@ -5527,12 +5725,12 @@ msgstr "" "fest, bis zu welchem Datum Zugriff gewährt wird." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:610 +#: sssd-ldap.5.xml:648 msgid "ldap_user_nds_login_allowed_time_map (string)" msgstr "ldap_user_nds_login_allowed_time_map (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:613 +#: sssd-ldap.5.xml:651 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines the " "hours of a day in a week when access is granted." @@ -5541,17 +5739,17 @@ msgstr "" "Stunden eines Wochentages fest, in denen Zugriff gewährt wird." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:618 +#: sssd-ldap.5.xml:656 msgid "Default: loginAllowedTimeMap" msgstr "Voreinstellung: loginAllowedTimeMap" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:624 +#: sssd-ldap.5.xml:662 msgid "ldap_user_principal (string)" msgstr "ldap_user_principal (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:627 +#: sssd-ldap.5.xml:665 msgid "" "The LDAP attribute that contains the user's Kerberos User Principal Name " "(UPN)." @@ -5560,17 +5758,17 @@ msgstr "" "Hauptbenutzername) enthält." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:631 +#: sssd-ldap.5.xml:669 msgid "Default: krbPrincipalName" msgstr "Voreinstellung: krbPrincipalName" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:637 +#: sssd-ldap.5.xml:675 msgid "ldap_user_extra_attrs (string)" msgstr "ldap_user_extra_attrs (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:640 +#: sssd-ldap.5.xml:678 msgid "" "Comma-separated list of LDAP attributes that SSSD would fetch along with the " "usual set of user attributes." @@ -5579,7 +5777,7 @@ msgstr "" "üblichen Benutzerattributen holen soll." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:645 +#: sssd-ldap.5.xml:683 msgid "" "The list can either contain LDAP attribute names only, or colon-separated " "tuples of SSSD cache attribute name and LDAP attribute name. In case only " @@ -5596,7 +5794,7 @@ msgstr "" "unterschiedlichen LDAP-Schemata eingerichtet sind." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:655 +#: sssd-ldap.5.xml:693 msgid "" "Please note that several attribute names are reserved by SSSD, notably the " "<quote>name</quote> attribute. SSSD would report an error if any of the " @@ -5608,12 +5806,12 @@ msgstr "" "verwendet wird." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:665 +#: sssd-ldap.5.xml:703 msgid "ldap_user_extra_attrs = telephoneNumber" msgstr "ldap_user_extra_attrs = telephoneNumber" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:668 +#: sssd-ldap.5.xml:706 msgid "" "Save the <quote>telephoneNumber</quote> attribute from LDAP as " "<quote>telephoneNumber</quote> to the cache." @@ -5622,12 +5820,12 @@ msgstr "" "<quote>telephoneNumber</quote> im Zwischenspeicher." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:672 +#: sssd-ldap.5.xml:710 msgid "ldap_user_extra_attrs = phone:telephoneNumber" msgstr "ldap_user_extra_attrs = phone:telephoneNumber" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:675 +#: sssd-ldap.5.xml:713 msgid "" "Save the <quote>telephoneNumber</quote> attribute from LDAP as <quote>phone</" "quote> to the cache." @@ -5636,28 +5834,28 @@ msgstr "" "<quote>phone</quote> im Zwischenspeicher." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:685 +#: sssd-ldap.5.xml:723 msgid "ldap_user_ssh_public_key (string)" msgstr "ldap_user_ssh_public_key (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:688 +#: sssd-ldap.5.xml:726 msgid "The LDAP attribute that contains the user's SSH public keys." msgstr "" "das LDAP-Attribut, das die öffentlichen SSH-Schlüssel des Benutzers enthält" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:692 sssd-ldap.5.xml:1247 +#: sssd-ldap.5.xml:730 sssd-ldap.5.xml:1285 msgid "Default: sshPublicKey" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:698 +#: sssd-ldap.5.xml:736 msgid "ldap_force_upper_case_realm (boolean)" msgstr "ldap_force_upper_case_realm (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:701 +#: sssd-ldap.5.xml:739 msgid "" "Some directory servers, for example Active Directory, might deliver the " "realm part of the UPN in lower case, which might cause the authentication to " @@ -5670,12 +5868,12 @@ msgstr "" "ungleich Null, falls Sie einen Realm in Großbuchstaben wünschen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:714 +#: sssd-ldap.5.xml:752 msgid "ldap_enumeration_refresh_timeout (integer)" msgstr "ldap_enumeration_refresh_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:717 +#: sssd-ldap.5.xml:755 msgid "" "Specifies how many seconds SSSD has to wait before refreshing its cache of " "enumerated records." @@ -5684,12 +5882,12 @@ msgstr "" "Zwischenspeicher aufgezählter Datensätze aktualisiert." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:728 +#: sssd-ldap.5.xml:766 msgid "ldap_purge_cache_timeout (integer)" msgstr "ldap_purge_cache_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:731 +#: sssd-ldap.5.xml:769 msgid "" "Determine how often to check the cache for inactive entries (such as groups " "with no members and users who have never logged in) and remove them to save " @@ -5700,7 +5898,7 @@ msgstr "" "haben) und diese entfernt werden, um Platz zu sparen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:737 +#: sssd-ldap.5.xml:775 msgid "" "Setting this option to zero will disable the cache cleanup operation. Please " "note that if enumeration is enabled, the cleanup task is required in order " @@ -5709,44 +5907,44 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:752 +#: sssd-ldap.5.xml:790 msgid "ldap_user_fullname (string)" msgstr "ldap_user_fullname (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:755 +#: sssd-ldap.5.xml:793 msgid "The LDAP attribute that corresponds to the user's full name." msgstr "das LDAP-Attribut, das dem vollständigen Benutzernamen entspricht" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:759 sssd-ldap.5.xml:1102 sssd-ldap.5.xml:1176 -#: sssd-ldap.5.xml:1285 sssd-ldap.5.xml:2346 sssd-ipa.5.xml:622 +#: sssd-ldap.5.xml:797 sssd-ldap.5.xml:1140 sssd-ldap.5.xml:1214 +#: sssd-ldap.5.xml:1323 sssd-ldap.5.xml:2404 sssd-ipa.5.xml:622 msgid "Default: cn" msgstr "Voreinstellung: cn" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:765 +#: sssd-ldap.5.xml:803 msgid "ldap_user_member_of (string)" msgstr "ldap_user_member_of (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:768 +#: sssd-ldap.5.xml:806 msgid "The LDAP attribute that lists the user's group memberships." msgstr "" "das LDAP-Attribut, das die Gruppenmitgliedschaften des Benutzers aufführt" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:772 sssd-ldap.5.xml:1215 +#: sssd-ldap.5.xml:810 sssd-ldap.5.xml:1253 msgid "Default: memberOf" msgstr "Voreinstellung: memberOf" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:778 +#: sssd-ldap.5.xml:816 msgid "ldap_user_authorized_service (string)" msgstr "ldap_user_authorized_service (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:781 +#: sssd-ldap.5.xml:819 msgid "" "If access_provider=ldap and ldap_access_order=authorized_service, SSSD will " "use the presence of the authorizedService attribute in the user's LDAP entry " @@ -5757,7 +5955,7 @@ msgstr "" "im LDAP-Eintrag den Benutzers nutzen, um die Zugriffsrechte zu bestimmen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:788 +#: sssd-ldap.5.xml:826 msgid "" "An explicit deny (!svc) is resolved first. Second, SSSD searches for " "explicit allow (svc) and finally for allow_all (*)." @@ -5766,7 +5964,7 @@ msgstr "" "SSSD eine explizite Erlaubnis (»svc«) und zuletzt nach »allow_all« (*)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:793 +#: sssd-ldap.5.xml:831 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>authorized_service</quote> in order for the " @@ -5777,17 +5975,17 @@ msgstr "" "»ldap_user_authorized_service« funktioniert." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:800 +#: sssd-ldap.5.xml:838 msgid "Default: authorizedService" msgstr "Voreinstellung: authorizedService" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:806 +#: sssd-ldap.5.xml:844 msgid "ldap_user_authorized_host (string)" msgstr "ldap_user_authorized_host (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:809 +#: sssd-ldap.5.xml:847 msgid "" "If access_provider=ldap and ldap_access_order=host, SSSD will use the " "presence of the host attribute in the user's LDAP entry to determine access " @@ -5798,7 +5996,7 @@ msgstr "" "verwenden, um die Zugriffsrechte zu bestimmen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:815 +#: sssd-ldap.5.xml:853 msgid "" "An explicit deny (!host) is resolved first. Second, SSSD searches for " "explicit allow (host) and finally for allow_all (*)." @@ -5807,7 +6005,7 @@ msgstr "" "SSSD eine explizite Erlaubnis (»host«) und zuletzt nach »allow_all« (*)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:820 +#: sssd-ldap.5.xml:858 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>host</quote> in order for the " @@ -5818,17 +6016,17 @@ msgstr "" "»ldap_user_authorized_host« funktioniert." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:827 +#: sssd-ldap.5.xml:865 msgid "Default: host" msgstr "Voreinstellung: host" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:833 +#: sssd-ldap.5.xml:871 msgid "ldap_user_authorized_rhost (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:836 +#: sssd-ldap.5.xml:874 msgid "" "If access_provider=ldap and ldap_access_order=rhost, SSSD will use the " "presence of the rhost attribute in the user's LDAP entry to determine access " @@ -5836,14 +6034,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:843 +#: sssd-ldap.5.xml:881 msgid "" "An explicit deny (!rhost) is resolved first. Second, SSSD searches for " "explicit allow (rhost) and finally for allow_all (*)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:848 +#: sssd-ldap.5.xml:886 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>rhost</quote> in order for the " @@ -5851,37 +6049,37 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:855 +#: sssd-ldap.5.xml:893 msgid "Default: rhost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:861 +#: sssd-ldap.5.xml:899 msgid "ldap_user_certificate (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:864 +#: sssd-ldap.5.xml:902 msgid "Name of the LDAP attribute containing the X509 certificate of the user." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:868 +#: sssd-ldap.5.xml:906 msgid "Default: userCertificate;binary" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:874 +#: sssd-ldap.5.xml:912 msgid "ldap_user_email (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:877 +#: sssd-ldap.5.xml:915 msgid "Name of the LDAP attribute containing the email address of the user." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:881 +#: sssd-ldap.5.xml:919 msgid "" "Note: If an email address of a user conflicts with an email address or fully " "qualified name of another user, then SSSD will not be able to serve those " @@ -5891,82 +6089,82 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:890 +#: sssd-ldap.5.xml:928 msgid "Default: mail" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:896 +#: sssd-ldap.5.xml:934 msgid "ldap_group_object_class (string)" msgstr "ldap_group_object_class (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:899 +#: sssd-ldap.5.xml:937 msgid "The object class of a group entry in LDAP." msgstr "die Objektklasse eines Gruppeneintrags in LDAP" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:902 +#: sssd-ldap.5.xml:940 msgid "Default: posixGroup" msgstr "Voreinstellung: posixGroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:908 +#: sssd-ldap.5.xml:946 msgid "ldap_group_name (string)" msgstr "ldap_group_name (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:911 +#: sssd-ldap.5.xml:949 msgid "The LDAP attribute that corresponds to the group name." msgstr "das LDAP-Attribut, das dem Gruppennamen entspricht" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:915 +#: sssd-ldap.5.xml:953 msgid "Default: cn (rfc2307, rfc2307bis and IPA), sAMAccountName (AD)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:922 +#: sssd-ldap.5.xml:960 msgid "ldap_group_gid_number (string)" msgstr "ldap_group_gid_number (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:925 +#: sssd-ldap.5.xml:963 msgid "The LDAP attribute that corresponds to the group's id." msgstr "das LDAP-Attribut, das der Gruppen-ID entspricht" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:935 +#: sssd-ldap.5.xml:973 msgid "ldap_group_member (string)" msgstr "ldap_group_member (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:938 +#: sssd-ldap.5.xml:976 msgid "The LDAP attribute that contains the names of the group's members." msgstr "das LDAP-Attribut, das die Namen der Gruppenmitglieder enthält" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:942 +#: sssd-ldap.5.xml:980 msgid "Default: memberuid (rfc2307) / member (rfc2307bis)" msgstr "Voreinstellung: memberuid (rfc2307) / member (rfc2307bis)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:948 +#: sssd-ldap.5.xml:986 msgid "ldap_group_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:951 +#: sssd-ldap.5.xml:989 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:962 +#: sssd-ldap.5.xml:1000 msgid "ldap_group_objectsid (string)" msgstr "ldap_group_objectsid (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:965 +#: sssd-ldap.5.xml:1003 msgid "" "The LDAP attribute that contains the objectSID of an LDAP group object. This " "is usually only necessary for ActiveDirectory servers." @@ -5975,17 +6173,17 @@ msgstr "" "wird normalerweise nur für Active-Directory-Server benötigt." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:977 +#: sssd-ldap.5.xml:1015 msgid "ldap_group_modify_timestamp (string)" msgstr "ldap_group_modify_timestamp (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:990 +#: sssd-ldap.5.xml:1028 msgid "ldap_group_type (integer)" msgstr "ldap_group_type (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:993 +#: sssd-ldap.5.xml:1031 msgid "" "The LDAP attribute that contains an integer value indicating the type of the " "group and maybe other flags." @@ -5994,7 +6192,7 @@ msgstr "" "eventuell weitere Flags enthält." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:998 +#: sssd-ldap.5.xml:1036 msgid "" "This attribute is currently only used by the AD provider to determine if a " "group is a domain local groups and has to be filtered out for trusted " @@ -6005,34 +6203,34 @@ msgstr "" "Domains herausgefiltert werden sollte." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1004 +#: sssd-ldap.5.xml:1042 msgid "Default: groupType in the AD provider, otherwise not set" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1011 +#: sssd-ldap.5.xml:1049 msgid "ldap_group_external_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1014 +#: sssd-ldap.5.xml:1052 msgid "" "The LDAP attribute that references group members that are defined in an " "external domain. At the moment, only IPA's external members are supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1020 +#: sssd-ldap.5.xml:1058 msgid "Default: ipaExternalMember in the IPA provider, otherwise unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1027 +#: sssd-ldap.5.xml:1065 msgid "ldap_group_nesting_level (integer)" msgstr "ldap_group_nesting_level (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1030 +#: sssd-ldap.5.xml:1068 msgid "" "If ldap_schema is set to a schema format that supports nested groups (e.g. " "RFC2307bis), then this option controls how many levels of nesting SSSD will " @@ -6044,7 +6242,7 @@ msgstr "" "das Schema RFC2307." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1037 +#: sssd-ldap.5.xml:1075 msgid "" "Note: This option specifies the guaranteed level of nested groups to be " "processed for any lookup. However, nested groups beyond this limit " @@ -6061,7 +6259,7 @@ msgstr "" "erfolgt." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1046 +#: sssd-ldap.5.xml:1084 msgid "" "If ldap_group_nesting_level is set to 0 then no nested groups are processed " "at all. However, when connected to Active-Directory Server 2008 and later " @@ -6071,12 +6269,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1055 +#: sssd-ldap.5.xml:1093 msgid "Default: 2" msgstr "Voreinstellung: 2" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1064 +#: sssd-ldap.5.xml:1102 msgid "" "This options enables or disables use of Token-Groups attribute when " "performing initgroup for users from Active Directory Server 2008 and later." @@ -6086,76 +6284,76 @@ msgstr "" "und neuere Versionen ausgeführt wird." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1069 +#: sssd-ldap.5.xml:1107 msgid "Default: True for AD and IPA otherwise False." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1075 +#: sssd-ldap.5.xml:1113 msgid "ldap_netgroup_object_class (string)" msgstr "ldap_netgroup_object_class (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1078 +#: sssd-ldap.5.xml:1116 msgid "The object class of a netgroup entry in LDAP." msgstr "die Objektklasse eines Netzgruppeneintrags in LDAP" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1081 +#: sssd-ldap.5.xml:1119 msgid "In IPA provider, ipa_netgroup_object_class should be used instead." msgstr "" "Beim IPA-Anbieter sollte stattdessen »ipa_netgroup_object_class« benutzt " "werden." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1085 +#: sssd-ldap.5.xml:1123 msgid "Default: nisNetgroup" msgstr "Voreinstellung: nisNetgroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1091 +#: sssd-ldap.5.xml:1129 msgid "ldap_netgroup_name (string)" msgstr "ldap_netgroup_name (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1094 +#: sssd-ldap.5.xml:1132 msgid "The LDAP attribute that corresponds to the netgroup name." msgstr "das LDAP-Attribut, das dem Netzgruppennamen entspricht" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1098 +#: sssd-ldap.5.xml:1136 msgid "In IPA provider, ipa_netgroup_name should be used instead." msgstr "" "Beim IPA-Anbieter sollte stattdessen »ipa_netgroup_name« benutzt werden." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1108 +#: sssd-ldap.5.xml:1146 msgid "ldap_netgroup_member (string)" msgstr "ldap_netgroup_member (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1111 +#: sssd-ldap.5.xml:1149 msgid "The LDAP attribute that contains the names of the netgroup's members." msgstr "das LDAP-Attribut, das die Namen der Netzgruppenmitglieder enthält" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1115 +#: sssd-ldap.5.xml:1153 msgid "In IPA provider, ipa_netgroup_member should be used instead." msgstr "" "Beim IPA-Anbieter sollte stattdessen »ipa_netgroup_member« benutzt werden." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1119 +#: sssd-ldap.5.xml:1157 msgid "Default: memberNisNetgroup" msgstr "Voreinstellung: memberNisNetgroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1125 +#: sssd-ldap.5.xml:1163 msgid "ldap_netgroup_triple (string)" msgstr "ldap_netgroup_triple (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1128 +#: sssd-ldap.5.xml:1166 msgid "" "The LDAP attribute that contains the (host, user, domain) netgroup triples." msgstr "" @@ -6163,96 +6361,96 @@ msgstr "" "enthält" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1132 sssd-ldap.5.xml:1148 +#: sssd-ldap.5.xml:1170 sssd-ldap.5.xml:1186 msgid "This option is not available in IPA provider." msgstr "Diese Option ist für IPA-Anbieter nicht verfügbar." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1135 +#: sssd-ldap.5.xml:1173 msgid "Default: nisNetgroupTriple" msgstr "Voreinstellung: nisNetgroupTriple" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1141 +#: sssd-ldap.5.xml:1179 msgid "ldap_netgroup_modify_timestamp (string)" msgstr "ldap_netgroup_modify_timestamp (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1157 +#: sssd-ldap.5.xml:1195 msgid "ldap_host_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1160 +#: sssd-ldap.5.xml:1198 msgid "The object class of a host entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1163 sssd-ldap.5.xml:1272 +#: sssd-ldap.5.xml:1201 sssd-ldap.5.xml:1310 msgid "Default: ipService" msgstr "Voreinstellung: ipService" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1169 +#: sssd-ldap.5.xml:1207 msgid "ldap_host_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1172 sssd-ldap.5.xml:1198 +#: sssd-ldap.5.xml:1210 sssd-ldap.5.xml:1236 msgid "The LDAP attribute that corresponds to the host's name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1182 +#: sssd-ldap.5.xml:1220 msgid "ldap_host_fqdn (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1185 +#: sssd-ldap.5.xml:1223 msgid "" "The LDAP attribute that corresponds to the host's fully-qualified domain " "name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1189 +#: sssd-ldap.5.xml:1227 msgid "Default: fqdn" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1195 +#: sssd-ldap.5.xml:1233 msgid "ldap_host_serverhostname (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1202 +#: sssd-ldap.5.xml:1240 msgid "Default: serverHostname" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1208 +#: sssd-ldap.5.xml:1246 msgid "ldap_host_member_of (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1211 +#: sssd-ldap.5.xml:1249 msgid "The LDAP attribute that lists the host's group memberships." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1221 +#: sssd-ldap.5.xml:1259 msgid "ldap_host_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1224 +#: sssd-ldap.5.xml:1262 msgid "Optional. Use the given string as search base for host objects." msgstr "" "optional, verwendet die angegebene Zeichenkette als Suchgrundlage für " "Rechnerobjekte" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1228 sssd-ipa.5.xml:374 sssd-ipa.5.xml:393 +#: sssd-ldap.5.xml:1266 sssd-ipa.5.xml:374 sssd-ipa.5.xml:393 #: sssd-ipa.5.xml:412 sssd-ipa.5.xml:431 msgid "" "See <quote>ldap_search_base</quote> for information about configuring " @@ -6262,47 +6460,47 @@ msgstr "" "unter »ldap_search_base«." #. type: Content of: <listitem><para> -#: sssd-ldap.5.xml:1233 sssd-ipa.5.xml:379 include/ldap_search_bases.xml:27 +#: sssd-ldap.5.xml:1271 sssd-ipa.5.xml:379 include/ldap_search_bases.xml:27 msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" msgstr "Voreinstellung: der Wert von <emphasis>ldap_search_base</emphasis>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1240 +#: sssd-ldap.5.xml:1278 msgid "ldap_host_ssh_public_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1243 +#: sssd-ldap.5.xml:1281 msgid "The LDAP attribute that contains the host's SSH public keys." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1253 +#: sssd-ldap.5.xml:1291 msgid "ldap_host_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1256 +#: sssd-ldap.5.xml:1294 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP host object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1266 +#: sssd-ldap.5.xml:1304 msgid "ldap_service_object_class (string)" msgstr "ldap_service_object_class (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1269 +#: sssd-ldap.5.xml:1307 msgid "The object class of a service entry in LDAP." msgstr "die Objektklasse eines Diensteintrags in LDAP" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1278 +#: sssd-ldap.5.xml:1316 msgid "ldap_service_name (string)" msgstr "ldap_service_name (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1281 +#: sssd-ldap.5.xml:1319 msgid "" "The LDAP attribute that contains the name of service attributes and their " "aliases." @@ -6310,49 +6508,49 @@ msgstr "" "das LDAP-Attribut, das die Namen von Dienstattributen und ihre Alias enthält" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1291 +#: sssd-ldap.5.xml:1329 msgid "ldap_service_port (string)" msgstr "ldap_service_port (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1294 +#: sssd-ldap.5.xml:1332 msgid "The LDAP attribute that contains the port managed by this service." msgstr "das LDAP-Attribut, das den von diesem Dienst verwalteten Port enthält" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1298 +#: sssd-ldap.5.xml:1336 msgid "Default: ipServicePort" msgstr "Voreinstellung: ipServicePort" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1304 +#: sssd-ldap.5.xml:1342 msgid "ldap_service_proto (string)" msgstr "ldap_service_proto (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1307 +#: sssd-ldap.5.xml:1345 msgid "" "The LDAP attribute that contains the protocols understood by this service." msgstr "" "das LDAP-Attribut, das die von diesem Dienst verstandenen Protokolle enthält" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1311 +#: sssd-ldap.5.xml:1349 msgid "Default: ipServiceProtocol" msgstr "Voreinstellung: ipServiceProtocol" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1317 +#: sssd-ldap.5.xml:1355 msgid "ldap_service_search_base (string)" msgstr "ldap_service_search_base (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1322 +#: sssd-ldap.5.xml:1360 msgid "ldap_search_timeout (integer)" msgstr "ldap_search_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1325 +#: sssd-ldap.5.xml:1363 msgid "" "Specifies the timeout (in seconds) that ldap searches are allowed to run " "before they are cancelled and cached results are returned (and offline mode " @@ -6363,7 +6561,7 @@ msgstr "" "Ergebnisse zurückgegeben werden (und in den Offline-Modus gegangen wird)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1331 +#: sssd-ldap.5.xml:1369 msgid "" "Note: this option is subject to change in future versions of the SSSD. It " "will likely be replaced at some point by a series of timeouts for specific " @@ -6374,12 +6572,12 @@ msgstr "" "Zeitüberschreitungspunkten für spezielle Nachschlagetypen ersetzt." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1343 +#: sssd-ldap.5.xml:1381 msgid "ldap_enumeration_search_timeout (integer)" msgstr "ldap_enumeration_search_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1346 +#: sssd-ldap.5.xml:1384 msgid "" "Specifies the timeout (in seconds) that ldap searches for user and group " "enumerations are allowed to run before they are cancelled and cached results " @@ -6391,12 +6589,12 @@ msgstr "" "(und in den Offline-Modus gegangen wird)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1359 +#: sssd-ldap.5.xml:1397 msgid "ldap_network_timeout (integer)" msgstr "ldap_network_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1362 +#: sssd-ldap.5.xml:1400 msgid "" "Specifies the timeout (in seconds) after which the <citerefentry> " "<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" @@ -6413,12 +6611,12 @@ msgstr "" "citerefentry> zurückkehrt, falls keine Aktivität stattfindet." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1385 +#: sssd-ldap.5.xml:1423 msgid "ldap_opt_timeout (integer)" msgstr "ldap_opt_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1388 +#: sssd-ldap.5.xml:1426 msgid "" "Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " "will abort if no response is received. Also controls the timeout when " @@ -6427,12 +6625,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1403 +#: sssd-ldap.5.xml:1441 msgid "ldap_connection_expire_timeout (integer)" msgstr "ldap_connection_expire_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1406 +#: sssd-ldap.5.xml:1444 msgid "" "Specifies a timeout (in seconds) that a connection to an LDAP server will be " "maintained. After this time, the connection will be re-established. If used " @@ -6446,17 +6644,17 @@ msgstr "" "Lebensdauer) verwendet." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1414 sssd-ldap.5.xml:2503 +#: sssd-ldap.5.xml:1452 sssd-ldap.5.xml:2572 msgid "Default: 900 (15 minutes)" msgstr "Voreinstellung: 900 (15 Minuten)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1420 +#: sssd-ldap.5.xml:1458 msgid "ldap_page_size (integer)" msgstr "ldap_page_size (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1423 +#: sssd-ldap.5.xml:1461 msgid "" "Specify the number of records to retrieve from LDAP in a single request. " "Some LDAP servers enforce a maximum limit per-request." @@ -6466,17 +6664,17 @@ msgstr "" "pro Anfrage." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1428 +#: sssd-ldap.5.xml:1466 msgid "Default: 1000" msgstr "Voreinstellung: 1000" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1434 +#: sssd-ldap.5.xml:1472 msgid "ldap_disable_paging (boolean)" msgstr "ldap_disable_paging (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1437 +#: sssd-ldap.5.xml:1475 msgid "" "Disable the LDAP paging control. This option should be used if the LDAP " "server reports that it supports the LDAP paging control in its RootDSE but " @@ -6488,7 +6686,7 @@ msgstr "" "deaktiviert ist oder sich nicht ordnungsgemäß verhält." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1443 +#: sssd-ldap.5.xml:1481 msgid "" "Example: OpenLDAP servers with the paging control module installed on the " "server but not enabled will report it in the RootDSE but be unable to use it." @@ -6498,7 +6696,7 @@ msgstr "" "aber nicht in der Lage, es zu benutzen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1449 +#: sssd-ldap.5.xml:1487 msgid "" "Example: 389 DS has a bug where it can only support a one paging control at " "a time on a single connection. On busy clients, this can result in some " @@ -6510,17 +6708,17 @@ msgstr "" "abgelehnt werden." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1461 +#: sssd-ldap.5.xml:1499 msgid "ldap_disable_range_retrieval (boolean)" msgstr "ldap_disable_range_retrieval (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1464 +#: sssd-ldap.5.xml:1502 msgid "Disable Active Directory range retrieval." msgstr "deaktiviert die Bereichsabfrage von Active Directory" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1467 +#: sssd-ldap.5.xml:1505 msgid "" "Active Directory limits the number of members to be retrieved in a single " "lookup using the MaxValRange policy (which defaults to 1500 members). If a " @@ -6536,12 +6734,12 @@ msgstr "" "es so aussehen, als ob große Gruppen keine Mitglieder hätten." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1482 +#: sssd-ldap.5.xml:1520 msgid "ldap_sasl_minssf (integer)" msgstr "ldap_sasl_minssf (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1485 +#: sssd-ldap.5.xml:1523 msgid "" "When communicating with an LDAP server using SASL, specify the minimum " "security level necessary to establish the connection. The values of this " @@ -6552,19 +6750,19 @@ msgstr "" "Werte dieser Option werden durch OpenLDAP definiert." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1491 +#: sssd-ldap.5.xml:1529 msgid "Default: Use the system default (usually specified by ldap.conf)" msgstr "" "Voreinstellung: verwendet die Voreinstellungen des System (normalerweise in " "»ldap.conf« angegeben)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1498 +#: sssd-ldap.5.xml:1536 msgid "ldap_deref_threshold (integer)" msgstr "ldap_deref_threshold (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1501 +#: sssd-ldap.5.xml:1539 msgid "" "Specify the number of group members that must be missing from the internal " "cache in order to trigger a dereference lookup. If less members are missing, " @@ -6576,15 +6774,18 @@ msgstr "" "nachgeschlagen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1507 +#: sssd-ldap.5.xml:1545 msgid "" -"You can turn off dereference lookups completely by setting the value to 0." +"You can turn off dereference lookups completely by setting the value to 0. " +"Please note that there are some codepaths in SSSD, like the IPA HBAC " +"provider, that are only implemented using the dereference call, so even with " +"dereference explicitly disabled, those parts will still use dereference if " +"the server supports it and advertises the dereference control in the rootDSE " +"object." msgstr "" -"Sie können dereferenzierendes Nachschlagen komplett ausschalten, indem Sie " -"den Wert auf 0 setzen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1511 +#: sssd-ldap.5.xml:1556 msgid "" "A dereference lookup is a means of fetching all group members in a single " "LDAP call. Different LDAP servers may implement different dereference " @@ -6597,7 +6798,7 @@ msgstr "" "unterstützten Server sind 389/RHDS, OpenLDAP und Active Directory." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1519 +#: sssd-ldap.5.xml:1564 msgid "" "<emphasis>Note:</emphasis> If any of the search bases specifies a search " "filter, then the dereference lookup performance enhancement will be disabled " @@ -6608,12 +6809,12 @@ msgstr "" "Nachschlagen ohne Rücksicht auf die Einstellung deaktiviert." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1532 +#: sssd-ldap.5.xml:1577 msgid "ldap_tls_reqcert (string)" msgstr "ldap_tls_reqcert (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1535 +#: sssd-ldap.5.xml:1580 msgid "" "Specifies what checks to perform on server certificates in a TLS session, if " "any. It can be specified as one of the following values:" @@ -6623,7 +6824,7 @@ msgstr "" "Werte angegeben werden:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1541 +#: sssd-ldap.5.xml:1586 msgid "" "<emphasis>never</emphasis> = The client will not request or check any server " "certificate." @@ -6632,7 +6833,7 @@ msgstr "" "oder anfordern." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1545 +#: sssd-ldap.5.xml:1590 msgid "" "<emphasis>allow</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -6644,7 +6845,7 @@ msgstr "" "Sitzung fährt normal fort." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1552 +#: sssd-ldap.5.xml:1597 msgid "" "<emphasis>try</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -6655,7 +6856,7 @@ msgstr "" "ungültiges Zertifikat bereitgestellt wird, wird die Sitzung sofort beendet." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1558 +#: sssd-ldap.5.xml:1603 msgid "" "<emphasis>demand</emphasis> = The server certificate is requested. If no " "certificate is provided, or a bad certificate is provided, the session is " @@ -6666,22 +6867,22 @@ msgstr "" "sofort beendet." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1564 +#: sssd-ldap.5.xml:1609 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" msgstr "<emphasis>hard</emphasis> = entspricht »demand«" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1568 +#: sssd-ldap.5.xml:1613 msgid "Default: hard" msgstr "Voreinstellung: hard" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1574 +#: sssd-ldap.5.xml:1619 msgid "ldap_tls_cacert (string)" msgstr "ldap_tls_cacert (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1577 +#: sssd-ldap.5.xml:1622 msgid "" "Specifies the file that contains certificates for all of the Certificate " "Authorities that <command>sssd</command> will recognize." @@ -6690,7 +6891,7 @@ msgstr "" "die <command>sssd</command> erkennen wird." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1582 sssd-ldap.5.xml:1600 sssd-ldap.5.xml:1641 +#: sssd-ldap.5.xml:1627 sssd-ldap.5.xml:1645 sssd-ldap.5.xml:1686 msgid "" "Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." "conf</filename>" @@ -6699,12 +6900,12 @@ msgstr "" "<filename>/etc/openldap/ldap.conf</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1589 +#: sssd-ldap.5.xml:1634 msgid "ldap_tls_cacertdir (string)" msgstr "ldap_tls_cacertdir (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1592 +#: sssd-ldap.5.xml:1637 msgid "" "Specifies the path of a directory that contains Certificate Authority " "certificates in separate individual files. Typically the file names need to " @@ -6718,33 +6919,33 @@ msgstr "" "Erstellen der korrekten Namen verwendet werden." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1607 +#: sssd-ldap.5.xml:1652 msgid "ldap_tls_cert (string)" msgstr "ldap_tls_cert (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1610 +#: sssd-ldap.5.xml:1655 msgid "Specifies the file that contains the certificate for the client's key." msgstr "" "gibt die Datei an, die das Zertifikat für den Schlüssel des Clients enthält." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1620 +#: sssd-ldap.5.xml:1665 msgid "ldap_tls_key (string)" msgstr "ldap_tls_key (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1623 +#: sssd-ldap.5.xml:1668 msgid "Specifies the file that contains the client's key." msgstr "gibt die Datei an, die den Schlüssel des Clients enthält." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1632 +#: sssd-ldap.5.xml:1677 msgid "ldap_tls_cipher_suite (string)" msgstr "ldap_tls_cipher_suite (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1635 +#: sssd-ldap.5.xml:1680 msgid "" "Specifies acceptable cipher suites. Typically this is a colon separated " "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " @@ -6752,12 +6953,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1648 +#: sssd-ldap.5.xml:1693 msgid "ldap_id_use_start_tls (boolean)" msgstr "ldap_id_use_start_tls (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1651 +#: sssd-ldap.5.xml:1696 msgid "" "Specifies that the id_provider connection must also use <systemitem class=" "\"protocol\">tls</systemitem> to protect the channel." @@ -6766,12 +6967,12 @@ msgstr "" "\">tls</systemitem> benutzen muss, um den Kanal abzusichern." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1661 +#: sssd-ldap.5.xml:1706 msgid "ldap_id_mapping (boolean)" msgstr "ldap_id_mapping (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1664 +#: sssd-ldap.5.xml:1709 msgid "" "Specifies that SSSD should attempt to map user and group IDs from the " "ldap_user_objectsid and ldap_group_objectsid attributes instead of relying " @@ -6783,19 +6984,19 @@ msgstr "" "verlassen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1670 +#: sssd-ldap.5.xml:1715 msgid "Currently this feature supports only ActiveDirectory objectSID mapping." msgstr "" "Derzeit unterstützt diese Funktionalität nur das Abbilden von Active-" "Directory-ObjectSIDs." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1680 +#: sssd-ldap.5.xml:1725 msgid "ldap_min_id, ldap_max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1683 +#: sssd-ldap.5.xml:1728 msgid "" "In contrast to the SID based ID mapping which is used if ldap_id_mapping is " "set to true the allowed ID range for ldap_user_uid_number and " @@ -6814,31 +7015,46 @@ msgstr "" "Abbildung von IDs wählen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1695 +#: sssd-ldap.5.xml:1740 msgid "Default: not set (both options are set to 0)" msgstr "Voreinstellung: nicht gesetzt (beide Optionen sind auf 0 gesetzt)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1701 +#: sssd-ldap.5.xml:1746 msgid "ldap_sasl_mech (string)" msgstr "ldap_sasl_mech (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1704 +#: sssd-ldap.5.xml:1749 +#, fuzzy +#| msgid "" +#| "Specify the SASL mechanism to use. Currently only GSSAPI is tested and " +#| "supported." msgid "" -"Specify the SASL mechanism to use. Currently only GSSAPI is tested and " -"supported." +"Specify the SASL mechanism to use. Currently only GSSAPI and GSS-SPNEGO are " +"tested and supported." msgstr "" "gibt an, welcher SASL-Mechanismus benutzt werden soll. Derzeit ist nur " "GSSAPI getestet und wird unterstützt." +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1753 +msgid "" +"If the backend supports sub-domains the value of ldap_sasl_mech is " +"automatically inherited to the sub-domains. If a different value is needed " +"for a sub-domain it can be overwritten by setting ldap_sasl_mech for this " +"sub-domain explicitly. Please see TRUSTED DOMAIN SECTION in " +"<citerefentry><refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" +"manvolnum></citerefentry> for details." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1714 +#: sssd-ldap.5.xml:1769 msgid "ldap_sasl_authid (string)" msgstr "ldap_sasl_authid (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ldap.5.xml:1725 +#: sssd-ldap.5.xml:1781 #, no-wrap msgid "" "hostname@REALM\n" @@ -6851,42 +7067,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1717 -#, fuzzy -#| msgid "" -#| "Specify the SASL authorization id to use. When GSSAPI is used, this " -#| "represents the Kerberos principal used for authentication to the " -#| "directory. This option can either contain the full principal (for " -#| "example host/myhost@EXAMPLE.COM) or just the principal name (for example " -#| "host/myhost)." -msgid "" -"Specify the SASL authorization id to use. When GSSAPI is used, this " -"represents the Kerberos principal used for authentication to the directory. " -"This option can either contain the full principal (for example host/" -"myhost@EXAMPLE.COM) or just the principal name (for example host/myhost). By " -"default, the value is not set and the following principals are used: " -"<placeholder type=\"programlisting\" id=\"0\"/> If none of them are found, " -"the first principal in keytab is returned." -msgstr "" -"gibt an, welche SASL-Berechtigungs-ID benutzt werden soll. Wenn GSSAPI " -"verwendet wird, steht dies für den Kerberos-Principal, der für die " -"Authentifizierung zum Verzeichnis benutzt wird. Diese Option kann entweder " -"den vollständigen Principal (zum Beispiel Rechner/MeinRechner@EXAMPLE.COM) " -"oder nur den Namen des Principals (zum Beispiel Rechner/MeinRechner) " -"enthalten." - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1736 +#: sssd-ldap.5.xml:1772 +msgid "" +"Specify the SASL authorization id to use. When GSSAPI/GSS-SPNEGO are used, " +"this represents the Kerberos principal used for authentication to the " +"directory. This option can either contain the full principal (for example " +"host/myhost@EXAMPLE.COM) or just the principal name (for example host/" +"myhost). By default, the value is not set and the following principals are " +"used: <placeholder type=\"programlisting\" id=\"0\"/> If none of them are " +"found, the first principal in keytab is returned." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1792 msgid "Default: host/hostname@REALM" msgstr "Voreinstellung Rechner/MeinRechner@BEREICH" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1742 +#: sssd-ldap.5.xml:1798 msgid "ldap_sasl_realm (string)" msgstr "ldap_sasl_realm (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1745 +#: sssd-ldap.5.xml:1801 msgid "" "Specify the SASL realm to use. When not specified, this option defaults to " "the value of krb5_realm. If the ldap_sasl_authid contains the realm as " @@ -6897,17 +7100,17 @@ msgstr "" "»ldap_sasl_authid« ebenfalls den Realm enthält, wird diese Option ignoriert." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1751 +#: sssd-ldap.5.xml:1807 msgid "Default: the value of krb5_realm." msgstr "Voreinstellung: der Wert von »krb5_realm«" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1757 +#: sssd-ldap.5.xml:1813 msgid "ldap_sasl_canonicalize (boolean)" msgstr "ldap_sasl_canonicalize (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1760 +#: sssd-ldap.5.xml:1816 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." @@ -6917,66 +7120,76 @@ msgstr "" "Bind in eine kanonische Form zu bringen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1765 +#: sssd-ldap.5.xml:1821 msgid "Default: false;" msgstr "Voreinstellung: false;" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1771 +#: sssd-ldap.5.xml:1827 msgid "ldap_krb5_keytab (string)" msgstr "ldap_krb5_keytab (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1774 -msgid "Specify the keytab to use when using SASL/GSSAPI." +#: sssd-ldap.5.xml:1830 +#, fuzzy +#| msgid "Specify the keytab to use when using SASL/GSSAPI." +msgid "Specify the keytab to use when using SASL/GSSAPI/GSS-SPNEGO." msgstr "gibt die Keytab an, wenn SASL/GSSAPI benutzt wird." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1777 +#: sssd-ldap.5.xml:1834 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" "Voreinstellung: Keytab des Systems, normalerweise <filename>/etc/krb5." "keytab</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1783 +#: sssd-ldap.5.xml:1840 msgid "ldap_krb5_init_creds (boolean)" msgstr "ldap_krb5_init_creds (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1786 +#: sssd-ldap.5.xml:1843 +#, fuzzy +#| msgid "" +#| "Specifies that the id_provider should init Kerberos credentials (TGT). " +#| "This action is performed only if SASL is used and the mechanism selected " +#| "is GSSAPI." msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " -"GSSAPI." +"GSSAPI or GSS-SPNEGO." msgstr "" "gibt an, dass der »id_provider« Kerberos-Anmeldedaten (TGT) initialisieren " "soll. Diese Aktion wird nur durchgeführt, falls SASL benutzt wird und der " "ausgewählte Mechnaismus GSSAPI ist." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1798 +#: sssd-ldap.5.xml:1855 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "ldap_krb5_ticket_lifetime (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1801 -msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." +#: sssd-ldap.5.xml:1858 +#, fuzzy +#| msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." +msgid "" +"Specifies the lifetime in seconds of the TGT if GSSAPI or GSS-SPNEGO is used." msgstr "" "gibt die Lebensdauer eines TGT in Sekunden an, falls GSSAPI benutzt wird." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1805 sssd-ad.5.xml:959 +#: sssd-ldap.5.xml:1862 sssd-ad.5.xml:978 msgid "Default: 86400 (24 hours)" msgstr "Voreinstellung: 86400 (24 Stunden)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1811 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:1868 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "krb5_server, krb5_backup_server (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1814 +#: sssd-ldap.5.xml:1871 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of preference. " @@ -6995,7 +7208,7 @@ msgstr "" "Weitere Informationen finden Sie im Abschnitt »DIENSTSUCHE«." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1826 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:1883 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -7006,7 +7219,7 @@ msgstr "" "Protokoll angeben. Falls keine gefunden werden, weicht es auf _tcp aus." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1831 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1888 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " @@ -7018,29 +7231,31 @@ msgstr "" "migrieren." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1840 sssd-ipa.5.xml:443 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1897 sssd-ipa.5.xml:443 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "krb5_realm (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1843 -msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." +#: sssd-ldap.5.xml:1900 +#, fuzzy +#| msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." +msgid "Specify the Kerberos REALM (for SASL/GSSAPI/GSS-SPNEGO auth)." msgstr "gibt den Kerberos-REALM an (für SASL/GSSAPI-Authentifizierung)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1846 +#: sssd-ldap.5.xml:1904 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" "Voreinstellung: Systemvoreinstellungen, siehe <filename>/etc/krb5.conf</" "filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1852 sssd-krb5.5.xml:462 +#: sssd-ldap.5.xml:1910 sssd-krb5.5.xml:462 msgid "krb5_canonicalize (boolean)" msgstr "krb5_canonicalize (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1855 +#: sssd-ldap.5.xml:1913 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" @@ -7050,12 +7265,12 @@ msgstr "" "Kerberos >= 1.7 verfügbar." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1867 sssd-krb5.5.xml:477 +#: sssd-ldap.5.xml:1925 sssd-krb5.5.xml:477 msgid "krb5_use_kdcinfo (boolean)" msgstr "krb5_use_kdcinfo (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1870 sssd-krb5.5.xml:480 +#: sssd-ldap.5.xml:1928 sssd-krb5.5.xml:480 msgid "" "Specifies if the SSSD should instruct the Kerberos libraries what realm and " "which KDCs to use. This option is on by default, if you disable it, you need " @@ -7071,7 +7286,7 @@ msgstr "" "manvolnum> </citerefentry> einrichten." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1881 sssd-krb5.5.xml:491 +#: sssd-ldap.5.xml:1939 sssd-krb5.5.xml:491 msgid "" "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more " @@ -7082,12 +7297,12 @@ msgstr "" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1895 +#: sssd-ldap.5.xml:1953 msgid "ldap_pwd_policy (string)" msgstr "ldap_pwd_policy (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1898 +#: sssd-ldap.5.xml:1956 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" @@ -7096,7 +7311,7 @@ msgstr "" "Passworts abgeschätzt werden soll. Die folgenden Werte sind erlaubt:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1903 +#: sssd-ldap.5.xml:1961 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." @@ -7105,7 +7320,7 @@ msgstr "" "kann keine Server-seitigen Passwortregelwerke deaktivieren." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1908 +#: sssd-ldap.5.xml:1966 msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " @@ -7116,7 +7331,7 @@ msgstr "" "manvolnum></citerefentry>, um abzuschätzen, ob das Passwort erloschen ist." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1914 +#: sssd-ldap.5.xml:1972 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " @@ -7128,7 +7343,7 @@ msgstr "" "Passwort geändert wurde." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1923 +#: sssd-ldap.5.xml:1981 msgid "" "<emphasis>Note</emphasis>: if a password policy is configured on server " "side, it always takes precedence over policy set with this option." @@ -7138,17 +7353,17 @@ msgstr "" "festgelegten Regel." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1931 +#: sssd-ldap.5.xml:1989 msgid "ldap_referrals (boolean)" msgstr "ldap_referrals (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1934 +#: sssd-ldap.5.xml:1992 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "gibt an, ob automatische Verweisverfolgung aktiviert werden soll." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1938 +#: sssd-ldap.5.xml:1996 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." @@ -7157,7 +7372,7 @@ msgstr "" "mit OpenLDAP Version 2.4.13 oder höher kompiliert wurde." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1943 +#: sssd-ldap.5.xml:2001 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " @@ -7171,28 +7386,28 @@ msgstr "" "merkliche Leistungsverbesserung bringen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1957 +#: sssd-ldap.5.xml:2015 msgid "ldap_dns_service_name (string)" msgstr "ldap_dns_service_name (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1960 +#: sssd-ldap.5.xml:2018 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" "gibt an, welcher Dienstname bei aktivierter Dienstsuche benutzt werden soll." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1964 +#: sssd-ldap.5.xml:2022 msgid "Default: ldap" msgstr "Voreinstellung: ldap" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1970 +#: sssd-ldap.5.xml:2028 msgid "ldap_chpass_dns_service_name (string)" msgstr "ldap_chpass_dns_service_name (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1973 +#: sssd-ldap.5.xml:2031 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." @@ -7201,17 +7416,17 @@ msgstr "" "soll, der Passwortänderungen bei aktivierter Dienstsuche ermöglicht." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1978 +#: sssd-ldap.5.xml:2036 msgid "Default: not set, i.e. service discovery is disabled" msgstr "Voreinstellung: nicht gesetzt, d.h. Dienstsuche ist deaktiviert" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1984 +#: sssd-ldap.5.xml:2042 msgid "ldap_chpass_update_last_change (bool)" msgstr "ldap_chpass_update_last_change (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1987 +#: sssd-ldap.5.xml:2045 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." @@ -7220,12 +7435,12 @@ msgstr "" "Passwortänderung mit Unix-Zeit geändert wird." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1999 +#: sssd-ldap.5.xml:2057 msgid "ldap_access_filter (string)" msgstr "ldap_access_filter (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2002 +#: sssd-ldap.5.xml:2060 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -7255,12 +7470,12 @@ msgstr "" "refentrytitle><manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2022 +#: sssd-ldap.5.xml:2080 msgid "Example:" msgstr "Beispiel:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:2025 +#: sssd-ldap.5.xml:2083 #, no-wrap msgid "" "access_provider = ldap\n" @@ -7272,7 +7487,7 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2029 +#: sssd-ldap.5.xml:2087 msgid "" "This example means that access to this host is restricted to users whose " "employeeType attribute is set to \"admin\"." @@ -7281,7 +7496,7 @@ msgstr "" "beschränkt, deren employeeType-Attribut auf »admin« gesetzt ist." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2034 +#: sssd-ldap.5.xml:2092 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -7290,17 +7505,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2042 sssd-ldap.5.xml:2099 +#: sssd-ldap.5.xml:2100 sssd-ldap.5.xml:2157 msgid "Default: Empty" msgstr "Voreinstellung: leer" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2048 +#: sssd-ldap.5.xml:2106 msgid "ldap_account_expire_policy (string)" msgstr "ldap_account_expire_policy (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2051 +#: sssd-ldap.5.xml:2109 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." @@ -7309,7 +7524,7 @@ msgstr "" "Zugriffssteuerungsattribute aktiviert werden." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2055 +#: sssd-ldap.5.xml:2113 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -7320,12 +7535,12 @@ msgstr "" "einem geeigneten Fehlercode zurückweisen, wenn das Passwort korrekt ist." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2062 +#: sssd-ldap.5.xml:2120 msgid "The following values are allowed:" msgstr "Die folgenden Werte sind erlaubt:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2065 +#: sssd-ldap.5.xml:2123 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." @@ -7334,7 +7549,7 @@ msgstr "" "»ldap_user_shadow_expire«, um zu bestimmen, ob das Konto abgelaufen ist." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2070 +#: sssd-ldap.5.xml:2128 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -7347,7 +7562,7 @@ msgstr "" "gewährt. Außerdem wird die Ablaufzeit des Kontos geprüft." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2077 +#: sssd-ldap.5.xml:2135 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " @@ -7358,7 +7573,7 @@ msgstr "" "Zugriff erlaubt wird oder nicht." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2083 +#: sssd-ldap.5.xml:2141 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -7371,7 +7586,7 @@ msgstr "" "Zugriff gewährt wird. Falls diese Attribute fehlen, wird Zugriff erteilt." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2092 +#: sssd-ldap.5.xml:2150 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>expire</quote> in order for the " @@ -7382,24 +7597,24 @@ msgstr "" "»ldap_account_expire_policy« funktioniert." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2105 +#: sssd-ldap.5.xml:2163 msgid "ldap_access_order (string)" msgstr "ldap_access_order (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2108 +#: sssd-ldap.5.xml:2166 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" "durch Kommata getrennte Liste von Zugriffssteuerungsoptionen. Folgende Werte " "sind erlaubt:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2112 +#: sssd-ldap.5.xml:2170 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "<emphasis>filter</emphasis>: verwendet »ldap_access_filter«." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2115 +#: sssd-ldap.5.xml:2173 msgid "" "<emphasis>lockout</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -7409,14 +7624,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2125 +#: sssd-ldap.5.xml:2183 msgid "" "<emphasis> Please note that this option is superseded by the <quote>ppolicy</" "quote> option and might be removed in a future release. </emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2132 +#: sssd-ldap.5.xml:2190 msgid "" "<emphasis>ppolicy</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -7429,12 +7644,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2149 +#: sssd-ldap.5.xml:2207 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "<emphasis>expire</emphasis>: verwendet »ldap_account_expire_policy«." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2153 +#: sssd-ldap.5.xml:2211 msgid "" "<emphasis>pwd_expire_policy_reject, pwd_expire_policy_warn, " "pwd_expire_policy_renew: </emphasis> These options are useful if users are " @@ -7444,7 +7659,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2163 +#: sssd-ldap.5.xml:2221 msgid "" "The difference between these options is the action taken if user password is " "expired: pwd_expire_policy_reject - user is denied to log in, " @@ -7454,20 +7669,20 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2171 +#: sssd-ldap.5.xml:2229 msgid "" "Note If user password is expired no explicit message is prompted by SSSD." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2175 +#: sssd-ldap.5.xml:2233 msgid "" "Please note that 'access_provider = ldap' must be set for this feature to " "work. Also 'ldap_pwd_policy' must be set to an appropriate password policy." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2180 +#: sssd-ldap.5.xml:2238 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" @@ -7476,33 +7691,33 @@ msgstr "" "»authorizedService«, um zu bestimmen, ob Zugriff gewährt wird." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2185 +#: sssd-ldap.5.xml:2243 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" "<emphasis>host</emphasis>: verwendet das Attribut »host«, um zu bestimmen, " "ob Zugriff gewährt wird." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2189 +#: sssd-ldap.5.xml:2247 msgid "" "<emphasis>rhost</emphasis>: use the rhost attribute to determine whether " "remote host can access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2193 +#: sssd-ldap.5.xml:2251 msgid "" "Please note, rhost field in pam is set by application, it is better to check " "what the application sends to pam, before enabling this access control option" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2198 +#: sssd-ldap.5.xml:2256 msgid "Default: filter" msgstr "Voreinstellung: filter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2201 +#: sssd-ldap.5.xml:2259 msgid "" "Please note that it is a configuration error if a value is used more than " "once." @@ -7511,12 +7726,12 @@ msgstr "" "mehr als einmal benutzt wird." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2208 +#: sssd-ldap.5.xml:2266 msgid "ldap_pwdlockout_dn (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2211 +#: sssd-ldap.5.xml:2269 msgid "" "This option specifies the DN of password policy entry on LDAP server. Please " "note that absence of this option in sssd.conf in case of enabled account " @@ -7525,22 +7740,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2219 +#: sssd-ldap.5.xml:2277 msgid "Example: cn=ppolicy,ou=policies,dc=example,dc=com" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2222 +#: sssd-ldap.5.xml:2280 msgid "Default: cn=ppolicy,ou=policies,$ldap_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2228 +#: sssd-ldap.5.xml:2286 msgid "ldap_deref (string)" msgstr "ldap_deref (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2231 +#: sssd-ldap.5.xml:2289 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" @@ -7549,12 +7764,12 @@ msgstr "" "folgenden Optionen sind erlaubt:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2236 +#: sssd-ldap.5.xml:2294 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "<emphasis>never</emphasis>: Alias werden nie dereferenziert." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2240 +#: sssd-ldap.5.xml:2298 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." @@ -7564,7 +7779,7 @@ msgstr "" "Suche." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2245 +#: sssd-ldap.5.xml:2303 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." @@ -7573,7 +7788,7 @@ msgstr "" "der Suche dereferenziert." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2250 +#: sssd-ldap.5.xml:2308 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." @@ -7582,7 +7797,7 @@ msgstr "" "Orten des Basisobjekts der Suche dereferenziert." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2255 +#: sssd-ldap.5.xml:2313 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" @@ -7591,12 +7806,12 @@ msgstr "" "<emphasis>never</emphasis> gehandhabt.)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2263 +#: sssd-ldap.5.xml:2321 msgid "ldap_rfc2307_fallback_to_local_users (boolean)" msgstr "ldap_rfc2307_fallback_to_local_users (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2266 +#: sssd-ldap.5.xml:2324 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." @@ -7605,7 +7820,7 @@ msgstr "" "beizubehalten, die das Schema RFC2307 benutzen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2270 +#: sssd-ldap.5.xml:2328 msgid "" "In some environments where the RFC2307 schema is used, local users are made " "members of LDAP groups by adding their names to the memberUid attribute. " @@ -7623,7 +7838,7 @@ msgstr "" "getpw*() oder initgroups() abzurufen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2281 +#: sssd-ldap.5.xml:2339 msgid "" "This option falls back to checking if local users are referenced, and caches " "them so that later initgroups() calls will augment the local users with the " @@ -7634,24 +7849,24 @@ msgstr "" "die lokalen Benutzer um zusätzliche LDAP-Gruppen erweitert werden." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2293 sssd-ifp.5.xml:136 +#: sssd-ldap.5.xml:2351 sssd-ifp.5.xml:136 msgid "wildcard_limit (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2296 +#: sssd-ldap.5.xml:2354 msgid "" "Specifies an upper limit on the number of entries that are downloaded during " "a wildcard lookup." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2300 +#: sssd-ldap.5.xml:2358 msgid "At the moment, only the InfoPipe responder supports wildcard lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2304 +#: sssd-ldap.5.xml:2362 msgid "Default: 1000 (often the size of one page)" msgstr "" @@ -7671,12 +7886,12 @@ msgstr "" "type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2314 +#: sssd-ldap.5.xml:2372 msgid "SUDO OPTIONS" msgstr "SUDO-OPTIONEN" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2316 +#: sssd-ldap.5.xml:2374 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -7687,52 +7902,52 @@ msgstr "" "<manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2327 +#: sssd-ldap.5.xml:2385 msgid "ldap_sudorule_object_class (string)" msgstr "ldap_sudorule_object_class (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2330 +#: sssd-ldap.5.xml:2388 msgid "The object class of a sudo rule entry in LDAP." msgstr "die Objektklasse eines Sudo-Regeleintrags in LDAP" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2333 +#: sssd-ldap.5.xml:2391 msgid "Default: sudoRole" msgstr "Voreinstellung: sudoRole" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2339 +#: sssd-ldap.5.xml:2397 msgid "ldap_sudorule_name (string)" msgstr "ldap_sudorule_name (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2342 +#: sssd-ldap.5.xml:2400 msgid "The LDAP attribute that corresponds to the sudo rule name." msgstr "das LDAP-Attribut, das dem Namen der Sudo-Regel entspricht" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2352 +#: sssd-ldap.5.xml:2410 msgid "ldap_sudorule_command (string)" msgstr "ldap_sudorule_command (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2355 +#: sssd-ldap.5.xml:2413 msgid "The LDAP attribute that corresponds to the command name." msgstr "das LDAP-Attribut, das dem Namen des Befehls entspricht" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2359 +#: sssd-ldap.5.xml:2417 msgid "Default: sudoCommand" msgstr "Voreinstellung: sudoCommand" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2365 +#: sssd-ldap.5.xml:2423 msgid "ldap_sudorule_host (string)" msgstr "ldap_sudorule_host (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2368 +#: sssd-ldap.5.xml:2426 msgid "" "The LDAP attribute that corresponds to the host name (or host IP address, " "host IP network, or host netgroup)" @@ -7741,17 +7956,17 @@ msgstr "" "Netzwerk oder des Netzwerkgruppe des Rechners) entspricht" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2373 +#: sssd-ldap.5.xml:2431 msgid "Default: sudoHost" msgstr "Voreinstellung: sudoHost" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2379 +#: sssd-ldap.5.xml:2437 msgid "ldap_sudorule_user (string)" msgstr "ldap_sudorule_user (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2382 +#: sssd-ldap.5.xml:2440 msgid "" "The LDAP attribute that corresponds to the user name (or UID, group name or " "user's netgroup)" @@ -7760,32 +7975,32 @@ msgstr "" "oder der Netzwerkgruppe des Benutzers) entspricht" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2386 +#: sssd-ldap.5.xml:2444 msgid "Default: sudoUser" msgstr "Voreinstellung: sudoUser" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2392 +#: sssd-ldap.5.xml:2450 msgid "ldap_sudorule_option (string)" msgstr "ldap_sudorule_option (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2395 +#: sssd-ldap.5.xml:2453 msgid "The LDAP attribute that corresponds to the sudo options." msgstr "das LDAP-Attribut, das den Sudo-Optionen entspricht" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2399 +#: sssd-ldap.5.xml:2457 msgid "Default: sudoOption" msgstr "Voreinstellung: sudoOption" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2405 +#: sssd-ldap.5.xml:2463 msgid "ldap_sudorule_runasuser (string)" msgstr "ldap_sudorule_runasuser (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2408 +#: sssd-ldap.5.xml:2466 msgid "" "The LDAP attribute that corresponds to the user name that commands may be " "run as." @@ -7794,17 +8009,17 @@ msgstr "" "ausgeführt werden können" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2412 +#: sssd-ldap.5.xml:2470 msgid "Default: sudoRunAsUser" msgstr "Voreinstellung: sudoRunAsUser" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2418 +#: sssd-ldap.5.xml:2476 msgid "ldap_sudorule_runasgroup (string)" msgstr "ldap_sudorule_runasgroup (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2421 +#: sssd-ldap.5.xml:2479 msgid "" "The LDAP attribute that corresponds to the group name or group GID that " "commands may be run as." @@ -7813,17 +8028,17 @@ msgstr "" "worunter Befehle ausgeführt werden können" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2425 +#: sssd-ldap.5.xml:2483 msgid "Default: sudoRunAsGroup" msgstr "Voreinstellung: sudoRunAsGroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2431 +#: sssd-ldap.5.xml:2489 msgid "ldap_sudorule_notbefore (string)" msgstr "ldap_sudorule_notbefore (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2434 +#: sssd-ldap.5.xml:2492 msgid "" "The LDAP attribute that corresponds to the start date/time for when the sudo " "rule is valid." @@ -7832,17 +8047,17 @@ msgstr "" "Sudo-Regel gültig wird." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2438 +#: sssd-ldap.5.xml:2496 msgid "Default: sudoNotBefore" msgstr "Voreinstellung: sudoNotBefore" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2444 +#: sssd-ldap.5.xml:2502 msgid "ldap_sudorule_notafter (string)" msgstr "ldap_sudorule_notafter (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2447 +#: sssd-ldap.5.xml:2505 msgid "" "The LDAP attribute that corresponds to the expiration date/time, after which " "the sudo rule will no longer be valid." @@ -7851,32 +8066,32 @@ msgstr "" "der die Sudo-Regel nicht länger gültig ist." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2452 +#: sssd-ldap.5.xml:2510 msgid "Default: sudoNotAfter" msgstr "Voreinstellung: sudoNotAfter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2458 +#: sssd-ldap.5.xml:2516 msgid "ldap_sudorule_order (string)" msgstr "ldap_sudorule_order (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2461 +#: sssd-ldap.5.xml:2519 msgid "The LDAP attribute that corresponds to the ordering index of the rule." msgstr "das LDAP-Attribut, das dem Reihenfolgenindex der Regel entspricht" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2465 +#: sssd-ldap.5.xml:2523 msgid "Default: sudoOrder" msgstr "Voreinstellung: sudoOrder" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2471 +#: sssd-ldap.5.xml:2529 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "ldap_sudo_full_refresh_interval (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2474 +#: sssd-ldap.5.xml:2532 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." @@ -7886,7 +8101,7 @@ msgstr "" "heruntergeladen werden)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2479 +#: sssd-ldap.5.xml:2537 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </" "emphasis>" @@ -7895,28 +8110,33 @@ msgstr "" "emphasis> sein." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2484 +#: sssd-ldap.5.xml:2542 msgid "Default: 21600 (6 hours)" msgstr "Voreinstellung: 21600 (6 Stunden)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2490 +#: sssd-ldap.5.xml:2548 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "ldap_sudo_smart_refresh_interval (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2493 +#: sssd-ldap.5.xml:2551 +#, fuzzy +#| msgid "" +#| "How many seconds SSSD has to wait before executing a smart refresh of " +#| "sudo rules (which downloads all rules that have USN higher than the " +#| "highest USN of cached rules)." msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " -"rules (which downloads all rules that have USN higher than the highest USN " -"of cached rules)." +"rules (which downloads all rules that have USN higher than the highest " +"server USN value that is currently known by SSSD)." msgstr "" "wie viele Sekunden SSSD warten soll, bevor ein kluges Aktualisieren der Sudo-" "Regeln ausgeführt wird (wodurch alle Regeln, die eine höhere USN als die " "höchste USN der zwischengespeicherten Regeln haben, heruntergeladen werden)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2499 +#: sssd-ldap.5.xml:2557 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." @@ -7924,13 +8144,23 @@ msgstr "" "Falls vom Server keine USN-Attribute unterstützt werden, wird stattdessen " "das Attribut »modifyTimestamp« benutzt." +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:2561 +msgid "" +"<emphasis>Note:</emphasis> the highest USN value can be updated by three " +"tasks: 1) By sudo full and smart refresh (if updated rules are found), 2) by " +"enumeration of users and groups (if enabled and updated users or groups are " +"found) and 3) by reconnecting to the server (by default every 15 minutes, " +"see <emphasis>ldap_connection_expire_timeout</emphasis>)." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2509 +#: sssd-ldap.5.xml:2578 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "ldap_sudo_use_host_filter (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2512 +#: sssd-ldap.5.xml:2581 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." @@ -7940,12 +8170,12 @@ msgstr "" "Netzwerkadressen und Rechnernamen)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2523 +#: sssd-ldap.5.xml:2592 msgid "ldap_sudo_hostnames (string)" msgstr "ldap_sudo_hostnames (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2526 +#: sssd-ldap.5.xml:2595 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." @@ -7954,7 +8184,7 @@ msgstr "" "Domain-Namen, die zum Filtern der Regeln benutzt werden sollen" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2531 +#: sssd-ldap.5.xml:2600 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." @@ -7963,8 +8193,8 @@ msgstr "" "voll qualifizierten Domain-Namen automatisch herauszufinden." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2536 sssd-ldap.5.xml:2559 sssd-ldap.5.xml:2577 -#: sssd-ldap.5.xml:2595 +#: sssd-ldap.5.xml:2605 sssd-ldap.5.xml:2628 sssd-ldap.5.xml:2646 +#: sssd-ldap.5.xml:2664 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</" "emphasis> then this option has no effect." @@ -7973,17 +8203,17 @@ msgstr "" "emphasis> ist, hat diese Option keine Auswirkungen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2541 sssd-ldap.5.xml:2564 +#: sssd-ldap.5.xml:2610 sssd-ldap.5.xml:2633 msgid "Default: not specified" msgstr "Voreinstellung: nicht angegeben" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2547 +#: sssd-ldap.5.xml:2616 msgid "ldap_sudo_ip (string)" msgstr "ldap_sudo_ip (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2550 +#: sssd-ldap.5.xml:2619 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." @@ -7992,7 +8222,7 @@ msgstr "" "Netzwerkadressen, die zum Filtern der Regeln benutzt werden sollen" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2555 +#: sssd-ldap.5.xml:2624 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." @@ -8001,12 +8231,12 @@ msgstr "" "herauszufinden." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2570 +#: sssd-ldap.5.xml:2639 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "ldap_sudo_include_netgroups (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2573 +#: sssd-ldap.5.xml:2642 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." @@ -8015,12 +8245,12 @@ msgstr "" "eine Netzgruppe im Attribut »sudoHost« enthält." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2588 +#: sssd-ldap.5.xml:2657 msgid "ldap_sudo_include_regexp (boolean)" msgstr "ldap_sudo_include_regexp (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2591 +#: sssd-ldap.5.xml:2660 msgid "" "If true then SSSD will download every rule that contains a wildcard in " "sudoHost attribute." @@ -8029,14 +8259,14 @@ msgstr "" "einen Platzhalter im Attribut »sudoHost« enthält." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><note><para> -#: sssd-ldap.5.xml:2601 +#: sssd-ldap.5.xml:2670 msgid "" "Using wildcard is an operation that is very costly to evaluate on the LDAP " "server side!" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2613 +#: sssd-ldap.5.xml:2682 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -8049,87 +8279,87 @@ msgstr "" "manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2623 +#: sssd-ldap.5.xml:2692 msgid "AUTOFS OPTIONS" msgstr "AUTOFS-OPTIONEN" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2625 +#: sssd-ldap.5.xml:2694 msgid "" "Some of the defaults for the parameters below are dependent on the LDAP " "schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2631 +#: sssd-ldap.5.xml:2700 msgid "ldap_autofs_map_master_name (string)" msgstr "ldap_autofs_map_master_name (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2634 +#: sssd-ldap.5.xml:2703 msgid "The name of the automount master map in LDAP." msgstr "Der Name der Automount-Master-Abbildung in LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2637 +#: sssd-ldap.5.xml:2706 msgid "Default: auto.master" msgstr "Voreinstellung: auto.master" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2644 +#: sssd-ldap.5.xml:2713 msgid "ldap_autofs_map_object_class (string)" msgstr "ldap_autofs_map_object_class (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2647 +#: sssd-ldap.5.xml:2716 msgid "The object class of an automount map entry in LDAP." msgstr "die Objektklasse eines Automount-Abbildungseintrags in LDAP" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2650 +#: sssd-ldap.5.xml:2719 msgid "Default: nisMap (rfc2307, autofs_provider=ad), otherwise automountMap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2658 +#: sssd-ldap.5.xml:2727 msgid "ldap_autofs_map_name (string)" msgstr "ldap_autofs_map_name (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2661 +#: sssd-ldap.5.xml:2730 msgid "The name of an automount map entry in LDAP." msgstr "der Name eines Automount-Abbildungseintrags in LDAP" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2664 +#: sssd-ldap.5.xml:2733 msgid "" "Default: nisMapName (rfc2307, autofs_provider=ad), otherwise automountMapName" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2672 +#: sssd-ldap.5.xml:2741 msgid "ldap_autofs_entry_object_class (string)" msgstr "ldap_autofs_entry_object_class (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2675 +#: sssd-ldap.5.xml:2744 msgid "" "The object class of an automount entry in LDAP. The entry usually " "corresponds to a mount point." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2680 +#: sssd-ldap.5.xml:2749 msgid "Default: nisObject (rfc2307, autofs_provider=ad), otherwise automount" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2688 +#: sssd-ldap.5.xml:2757 msgid "ldap_autofs_entry_key (string)" msgstr "ldap_autofs_entry_key (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2691 sssd-ldap.5.xml:2706 +#: sssd-ldap.5.xml:2760 sssd-ldap.5.xml:2775 msgid "" "The key of an automount entry in LDAP. The entry usually corresponds to a " "mount point." @@ -8138,24 +8368,24 @@ msgstr "" "Eintrag einem Einhängepunkt." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2695 +#: sssd-ldap.5.xml:2764 msgid "Default: cn (rfc2307, autofs_provider=ad), otherwise automountKey" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2703 +#: sssd-ldap.5.xml:2772 msgid "ldap_autofs_entry_value (string)" msgstr "ldap_autofs_entry_value (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2710 +#: sssd-ldap.5.xml:2779 msgid "" "Default: nisMapEntry (rfc2307, autofs_provider=ad), otherwise " "automountInformation" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2629 +#: sssd-ldap.5.xml:2698 msgid "" "<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" "\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " @@ -8168,32 +8398,32 @@ msgstr "" "\"variablelist\" id=\"4\"/> <placeholder type=\"variablelist\" id=\"5\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2721 +#: sssd-ldap.5.xml:2790 msgid "ADVANCED OPTIONS" msgstr "ERWEITERTE OPTIONEN" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2728 +#: sssd-ldap.5.xml:2797 msgid "ldap_netgroup_search_base (string)" msgstr "ldap_netgroup_search_base (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2733 +#: sssd-ldap.5.xml:2802 msgid "ldap_user_search_base (string)" msgstr "ldap_user_search_base (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2738 +#: sssd-ldap.5.xml:2807 msgid "ldap_group_search_base (string)" msgstr "ldap_group_search_base (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note> -#: sssd-ldap.5.xml:2743 +#: sssd-ldap.5.xml:2812 msgid "<note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note><para> -#: sssd-ldap.5.xml:2745 +#: sssd-ldap.5.xml:2814 msgid "" "If the option <quote>ldap_use_tokengroups</quote> is enabled, the searches " "against Active Directory will not be restricted and return all groups " @@ -8202,22 +8432,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist> -#: sssd-ldap.5.xml:2752 +#: sssd-ldap.5.xml:2821 msgid "</note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2754 +#: sssd-ldap.5.xml:2823 msgid "ldap_sudo_search_base (string)" msgstr "ldap_sudo_search_base (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2759 +#: sssd-ldap.5.xml:2828 msgid "ldap_autofs_search_base (string)" msgstr "ldap_autofs_search_base (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2723 +#: sssd-ldap.5.xml:2792 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -8226,14 +8456,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2774 sssd-simple.5.xml:131 sssd-ipa.5.xml:843 -#: sssd-ad.5.xml:1078 sssd-krb5.5.xml:570 sss_rpcidmapd.5.xml:98 +#: sssd-ldap.5.xml:2843 sssd-simple.5.xml:131 sssd-ipa.5.xml:843 +#: sssd-ad.5.xml:1097 sssd-krb5.5.xml:604 sss_rpcidmapd.5.xml:98 #: sssd-files.5.xml:130 sssd-session-recording.5.xml:144 msgid "EXAMPLE" msgstr "BEISPIEL" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2776 +#: sssd-ldap.5.xml:2845 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -8244,7 +8474,7 @@ msgstr "" "gesetzt ist." #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2782 +#: sssd-ldap.5.xml:2851 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -8257,27 +8487,27 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:2781 sssd-ldap.5.xml:2799 sssd-simple.5.xml:139 -#: sssd-ipa.5.xml:851 sssd-ad.5.xml:1086 sssd-sudo.5.xml:56 sssd-krb5.5.xml:579 +#: sssd-ldap.5.xml:2850 sssd-ldap.5.xml:2868 sssd-simple.5.xml:139 +#: sssd-ipa.5.xml:851 sssd-ad.5.xml:1105 sssd-sudo.5.xml:56 sssd-krb5.5.xml:613 #: sssd-files.5.xml:137 sssd-files.5.xml:148 sssd-session-recording.5.xml:150 #: include/ldap_id_mapping.xml:105 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "<placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2793 +#: sssd-ldap.5.xml:2862 msgid "LDAP ACCESS FILTER EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2795 +#: sssd-ldap.5.xml:2864 msgid "" "The following example assumes that SSSD is correctly configured and to use " "the ldap_access_order=lockout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2800 +#: sssd-ldap.5.xml:2869 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -8293,13 +8523,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2815 sssd_krb5_locator_plugin.8.xml:81 sssd-simple.5.xml:148 -#: sssd-ad.5.xml:1101 sssd.8.xml:257 sss_seed.8.xml:163 +#: sssd-ldap.5.xml:2884 sssd_krb5_locator_plugin.8.xml:83 sssd-simple.5.xml:148 +#: sssd-ad.5.xml:1120 sssd.8.xml:257 sss_seed.8.xml:163 msgid "NOTES" msgstr "ANMERKUNGEN" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2817 +#: sssd-ldap.5.xml:2886 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -8534,17 +8764,15 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: pam_sss.8.xml:211 -#, fuzzy -#| msgid "<option>use_authtok</option>" msgid "<option>try_cert_auth</option>" -msgstr "<option>use_authtok</option>" +msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: pam_sss.8.xml:215 msgid "" "Try to use certificate based authentication, i.e. authentication with a " "Smartcard or similar devices. If a Smartcard is available and the service is " -"allowed for Smartcard authentication the use will be prompted for a PIN and " +"allowed for Smartcard authentication the user will be prompted for a PIN and " "the certificate based authentication will continue" msgstr "" @@ -8557,10 +8785,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: pam_sss.8.xml:231 -#, fuzzy -#| msgid "<option>quiet</option>" msgid "<option>require_cert_auth</option>" -msgstr "<option>quiet</option>" +msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: pam_sss.8.xml:235 @@ -8596,13 +8822,22 @@ msgstr "" "<option>password</option> und <option>session</option>) werden " "bereitgestellt." +#. type: Content of: <reference><refentry><refsect1><para> +#: pam_sss.8.xml:259 +msgid "" +"If SSSD's PAM responder is not running, e.g. if the PAM responder socket is " +"not available, pam_sss will return PAM_USER_UNKNOWN when called as " +"<option>account</option> module to avoid issues with users from other " +"sources during access control." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><title> -#: pam_sss.8.xml:262 +#: pam_sss.8.xml:266 msgid "FILES" msgstr "DATEIEN" #. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:263 +#: pam_sss.8.xml:267 msgid "" "If a password reset by root fails, because the corresponding SSSD provider " "does not support password resets, an individual message can be displayed. " @@ -8614,7 +8849,7 @@ msgstr "" "Anweisungen enthalten, wie ein Passwort zurückgesetzt wird." #. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:268 +#: pam_sss.8.xml:272 msgid "" "The message is read from the file <filename>pam_sss_pw_reset_message.LOC</" "filename> where LOC stands for a locale string returned by <citerefentry> " @@ -8634,7 +8869,7 @@ msgstr "" "Leserechte haben dürfen." #. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:278 +#: pam_sss.8.xml:282 msgid "" "These files are searched in the directory <filename>/etc/sssd/customize/" "DOMAIN_NAME/</filename>. If no matching file is present a generic message is " @@ -8687,34 +8922,44 @@ msgstr "" msgid "" "The plugin reads the information about the KDCs of a given realm from a file " "called <filename>kdcinfo.REALM</filename>. The file should contain one or " -"more IP addresses either in dotted-decimal IPv4 notation or the hexadecimal " -"IPv6 notation. An optional port number can be added to the end separated " -"with a colon, the IPv6 address has to be enclosed in squared brackets in " -"this case as usual. Valid entries are:" +"more DNS names or IP addresses either in dotted-decimal IPv4 notation or the " +"hexadecimal IPv6 notation. An optional port number can be added to the end " +"separated with a colon, the IPv6 address has to be enclosed in squared " +"brackets in this case as usual. Valid entries are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> #: sssd_krb5_locator_plugin.8.xml:58 -msgid "1.2.3.4" +msgid "kdc.example.com" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> #: sssd_krb5_locator_plugin.8.xml:59 -msgid "5.6.7.8:99" +msgid "kdc.example.com:321" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> #: sssd_krb5_locator_plugin.8.xml:60 -msgid "2001:db8:85a3::8a2e:370:7334" +msgid "1.2.3.4" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> #: sssd_krb5_locator_plugin.8.xml:61 +msgid "5.6.7.8:99" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd_krb5_locator_plugin.8.xml:62 +msgid "2001:db8:85a3::8a2e:370:7334" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd_krb5_locator_plugin.8.xml:63 msgid "[2001:db8:85a3::8a2e:370:7334]:321" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:63 +#: sssd_krb5_locator_plugin.8.xml:65 msgid "" "SSSD's krb5 auth-provider which is used by the IPA and AD providers as well " "adds the address of the current KDC or domain controller SSSD is using to " @@ -8722,7 +8967,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:68 +#: sssd_krb5_locator_plugin.8.xml:70 msgid "" "In environments with read-only and read-write KDCs where clients are " "expected to use the read-only instances for the general operations and only " @@ -8735,7 +8980,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:83 +#: sssd_krb5_locator_plugin.8.xml:85 msgid "" "Not all Kerberos implementations support the use of plugins. If " "<command>sssd_krb5_locator_plugin</command> is not available on your system " @@ -8747,7 +8992,7 @@ msgstr "" "Ihre Kerberos-Einrichtung widerspiegelt." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:89 +#: sssd_krb5_locator_plugin.8.xml:91 msgid "" "If the environment variable SSSD_KRB5_LOCATOR_DEBUG is set to any value " "debug messages will be sent to stderr." @@ -8756,13 +9001,22 @@ msgstr "" "gesetzt ist, werden Debug-Nachrichten an »stderr« gesandt." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:93 +#: sssd_krb5_locator_plugin.8.xml:95 msgid "" "If the environment variable SSSD_KRB5_LOCATOR_DISABLE is set to any value " "the plugin is disabled and will just return KRB5_PLUGIN_NO_HANDLE to the " "caller." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:100 +msgid "" +"If the environment variable SSSD_KRB5_LOCATOR_IGNORE_DNS_FAILURES is set to " +"any value plugin will try to resolve all DNS names in kdcinfo file. By " +"default plugin returns KRB5_PLUGIN_NO_HANDLE to the caller immediately on " +"first DNS resolving failure." +msgstr "" + #. type: Content of: <reference><refentry><refnamediv><refname> #: sssd-simple.5.xml:10 sssd-simple.5.xml:16 msgid "sssd-simple" @@ -9927,7 +10181,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:128 sssd-ad.5.xml:888 +#: sssd-ipa.5.xml:128 sssd-ad.5.xml:907 msgid "dyndns_update (boolean)" msgstr "dyndns_update (Boolesch)" @@ -9942,7 +10196,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:140 sssd-ad.5.xml:902 +#: sssd-ipa.5.xml:140 sssd-ad.5.xml:921 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" @@ -9964,12 +10218,12 @@ msgstr "" "Konfigurationsdatei migrieren." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:157 sssd-ad.5.xml:913 +#: sssd-ipa.5.xml:157 sssd-ad.5.xml:932 msgid "dyndns_ttl (integer)" msgstr "dyndns_ttl (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:160 sssd-ad.5.xml:916 +#: sssd-ipa.5.xml:160 sssd-ad.5.xml:935 msgid "" "The TTL to apply to the client DNS record when updating it. If " "dyndns_update is false this has no effect. This will override the TTL " @@ -9998,12 +10252,12 @@ msgid "Default: 1200 (seconds)" msgstr "Voreinstellung: 1200 (Sekunden)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:177 sssd-ad.5.xml:927 +#: sssd-ipa.5.xml:177 sssd-ad.5.xml:946 msgid "dyndns_iface (string)" msgstr "dyndns_iface (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:180 sssd-ad.5.xml:930 +#: sssd-ipa.5.xml:180 sssd-ad.5.xml:949 msgid "" "Optional. Applicable only when dyndns_update is true. Choose the interface " "or a list of interfaces whose IP addresses should be used for dynamic DNS " @@ -10031,17 +10285,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:197 sssd-ad.5.xml:941 +#: sssd-ipa.5.xml:197 sssd-ad.5.xml:960 msgid "Example: dyndns_iface = em1, vnet1, vnet2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:203 sssd-ad.5.xml:992 +#: sssd-ipa.5.xml:203 sssd-ad.5.xml:1011 msgid "dyndns_auth (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:206 sssd-ad.5.xml:995 +#: sssd-ipa.5.xml:206 sssd-ad.5.xml:1014 msgid "" "Whether the nsupdate utility should use GSS-TSIG authentication for secure " "updates with the DNS server, insecure updates can be sent by setting this " @@ -10049,7 +10303,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:212 sssd-ad.5.xml:1001 +#: sssd-ipa.5.xml:212 sssd-ad.5.xml:1020 msgid "Default: GSS-TSIG" msgstr "" @@ -10084,7 +10338,7 @@ msgstr "" "gefundenen als Sicherungsserver." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:244 sssd-ad.5.xml:947 +#: sssd-ipa.5.xml:244 sssd-ad.5.xml:966 msgid "dyndns_refresh_interval (integer)" msgstr "dyndns_refresh_interval (Ganzzahl)" @@ -10100,12 +10354,12 @@ msgstr "" "Diese Option ist optional und nur anwendbar, wenn »dyndns_update« »true« ist." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:260 sssd-ad.5.xml:965 +#: sssd-ipa.5.xml:260 sssd-ad.5.xml:984 msgid "dyndns_update_ptr (bool)" msgstr "dyndns_update_ptr (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:263 sssd-ad.5.xml:968 +#: sssd-ipa.5.xml:263 sssd-ad.5.xml:987 msgid "" "Whether the PTR record should also be explicitly updated when updating the " "client's DNS records. Applicable only when dyndns_update is true." @@ -10130,12 +10384,12 @@ msgid "Default: False (disabled)" msgstr "Voreinstellung: False (deaktiviert)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:280 sssd-ad.5.xml:979 +#: sssd-ipa.5.xml:280 sssd-ad.5.xml:998 msgid "dyndns_force_tcp (bool)" msgstr "dyndns_force_tcp (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:283 sssd-ad.5.xml:982 +#: sssd-ipa.5.xml:283 sssd-ad.5.xml:1001 msgid "" "Whether the nsupdate utility should default to using TCP for communicating " "with the DNS server." @@ -10144,50 +10398,48 @@ msgstr "" "DNS-Server verwenden soll" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:287 sssd-ad.5.xml:986 +#: sssd-ipa.5.xml:287 sssd-ad.5.xml:1005 msgid "Default: False (let nsupdate choose the protocol)" msgstr "Voreinstellung: False (lässt Nsupdate das Protokoll auswählen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:293 sssd-ad.5.xml:1007 +#: sssd-ipa.5.xml:293 sssd-ad.5.xml:1026 msgid "dyndns_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:296 sssd-ad.5.xml:1010 +#: sssd-ipa.5.xml:296 sssd-ad.5.xml:1029 msgid "" "The DNS server to use when performing a DNS update. In most setups, it's " "recommended to leave this option unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:301 sssd-ad.5.xml:1015 +#: sssd-ipa.5.xml:301 sssd-ad.5.xml:1034 msgid "" "Setting this option makes sense for environments where the DNS server is " "different from the identity server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:306 sssd-ad.5.xml:1020 +#: sssd-ipa.5.xml:306 sssd-ad.5.xml:1039 msgid "" "Please note that this option will be only used in fallback attempt when " "previous attempt using autodetected settings failed." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:311 sssd-ad.5.xml:1025 +#: sssd-ipa.5.xml:311 sssd-ad.5.xml:1044 msgid "Default: None (let nsupdate choose the server)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:317 sssd-ad.5.xml:1031 -#, fuzzy -#| msgid "dyndns_update (boolean)" +#: sssd-ipa.5.xml:317 sssd-ad.5.xml:1050 msgid "dyndns_update_per_family (boolean)" -msgstr "dyndns_update (Boolesch)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:320 sssd-ad.5.xml:1034 +#: sssd-ipa.5.xml:320 sssd-ad.5.xml:1053 msgid "" "DNS update is by default performed in two steps - IPv4 update and then IPv6 " "update. In some cases it might be desirable to perform IPv4 and IPv6 update " @@ -10314,26 +10566,26 @@ msgstr "" "zu verwenden." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:458 sssd-ad.5.xml:1049 +#: sssd-ipa.5.xml:458 sssd-ad.5.xml:1068 msgid "krb5_confd_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:461 sssd-ad.5.xml:1052 +#: sssd-ipa.5.xml:461 sssd-ad.5.xml:1071 msgid "" "Absolute path of a directory where SSSD should place Kerberos configuration " "snippets." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:465 sssd-ad.5.xml:1056 +#: sssd-ipa.5.xml:465 sssd-ad.5.xml:1075 msgid "" "To disable the creation of the configuration snippets set the parameter to " "'none'." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:469 sssd-ad.5.xml:1060 +#: sssd-ipa.5.xml:469 sssd-ad.5.xml:1079 msgid "" "Default: not set (krb5.include.d subdirectory of SSSD's pubconf directory)" msgstr "" @@ -10352,7 +10604,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:486 sssd-ipa.5.xml:516 sssd-ipa.5.xml:532 sssd-ad.5.xml:452 +#: sssd-ipa.5.xml:486 sssd-ipa.5.xml:516 sssd-ipa.5.xml:532 sssd-ad.5.xml:471 msgid "Default: 5 (seconds)" msgstr "Voreinstellung: 5 (Sekunden)" @@ -10681,37 +10933,20 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ipa.5.xml:749 -#, fuzzy -#| msgid "" -#| "These configuration options can be present in a domain configuration " -#| "section, that is, in a section called <quote>[domain/<replaceable>NAME</" -#| "replaceable>]</quote> <placeholder type=\"variablelist\" id=\"0\"/>" msgid "" "Some configuration options can be also set for a trusted domain. A trusted " "domain configuration can either be done using a subsection, for example: " "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" -"Diese Konfigurationsoptionen können in einem Abschnitt einer Domain-" -"Konfiguration vorhanden sein, das heißt, in einem Abschnitt namens " -"<quote>[domain/<replaceable>NAME</replaceable>]</quote> <placeholder type=" -"\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ipa.5.xml:758 -#, fuzzy -#| msgid "" -#| "Please refer to the <quote>dns_discovery_domain</quote> parameter in the " -#| "<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -#| "manvolnum> </citerefentry> manual page for more details." msgid "" "In addition, some options can be set in the parent domain and inherited by " "the trusted domain using the <quote>subdomain_inherit</quote> option. For " "more details, see the <citerefentry> <refentrytitle>sssd.conf</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page." msgstr "" -"Weitere Einzelheiten finden Sie in der Handbuchseite <citerefentry> " -"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> beim Parameter »dns_discovery_domain«." #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ipa.5.xml:768 @@ -10738,10 +10973,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> #: sssd-ipa.5.xml:782 -#, fuzzy -#| msgid "ad_server, ad_backup_server (string)" msgid "ad_backup_server" -msgstr "ad_server, ad_backup_server (Zeichenkette)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> #: sssd-ipa.5.xml:785 sssd-ipa.5.xml:812 @@ -10750,24 +10983,18 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> #: sssd-ipa.5.xml:788 -#, fuzzy -#| msgid "ldap_search_base (string)" msgid "ldap_search_base" -msgstr "ldap_search_base (Zeichenkette)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> #: sssd-ipa.5.xml:791 -#, fuzzy -#| msgid "ldap_user_search_base (string)" msgid "ldap_user_search_base" -msgstr "ldap_user_search_base (Zeichenkette)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> #: sssd-ipa.5.xml:794 -#, fuzzy -#| msgid "ldap_group_search_base (string)" msgid "ldap_group_search_base" -msgstr "ldap_group_search_base (Zeichenkette)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> #: sssd-ipa.5.xml:803 @@ -11349,10 +11576,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ad.5.xml:421 -#, fuzzy -#| msgid "ldap_id_mapping (boolean)" msgid "ad_gpo_implicit_deny (boolean)" -msgstr "ldap_id_mapping (Boolesch)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:424 @@ -11366,12 +11591,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:442 +#: sssd-ad.5.xml:441 +#, fuzzy +#| msgid "ad_enable_gc (boolean)" +msgid "ad_gpo_ignore_unreadable (boolean)" +msgstr "ad_enable_gc (Boolesch)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:444 +msgid "" +"Normally when some group policy containers (AD object) of applicable group " +"policy objects are not readable by SSSD then users are denied access. This " +"option allows to ignore group policy containers and with them associated " +"policies if their attributes in group policy containers are not readable for " +"SSSD." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:461 msgid "ad_gpo_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:445 +#: sssd-ad.5.xml:464 msgid "" "The amount of time between lookups of GPO policy files against the AD " "server. This will reduce the latency and load on the AD server if there are " @@ -11379,12 +11621,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:458 +#: sssd-ad.5.xml:477 msgid "ad_gpo_map_interactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:461 +#: sssd-ad.5.xml:480 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the InteractiveLogonRight and " @@ -11392,14 +11634,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:467 +#: sssd-ad.5.xml:486 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on locally\" and \"Deny log on locally\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:481 +#: sssd-ad.5.xml:500 #, no-wrap msgid "" "ad_gpo_map_interactive = +my_pam_service, -login\n" @@ -11407,7 +11649,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:472 +#: sssd-ad.5.xml:491 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -11419,42 +11661,42 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:504 +#: sssd-ad.5.xml:523 msgid "gdm-fingerprint" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:524 +#: sssd-ad.5.xml:543 msgid "lightdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:529 +#: sssd-ad.5.xml:548 msgid "lxdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:534 +#: sssd-ad.5.xml:553 msgid "sddm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:539 +#: sssd-ad.5.xml:558 msgid "unity" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:544 +#: sssd-ad.5.xml:563 msgid "xdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:553 +#: sssd-ad.5.xml:572 msgid "ad_gpo_map_remote_interactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:556 +#: sssd-ad.5.xml:575 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the RemoteInteractiveLogonRight and " @@ -11462,7 +11704,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:562 +#: sssd-ad.5.xml:581 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on through Remote Desktop Services\" and \"Deny log on through Remote " @@ -11470,7 +11712,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:577 +#: sssd-ad.5.xml:596 #, no-wrap msgid "" "ad_gpo_map_remote_interactive = +my_pam_service, -sshd\n" @@ -11478,7 +11720,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:568 +#: sssd-ad.5.xml:587 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -11490,22 +11732,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:585 +#: sssd-ad.5.xml:604 msgid "sshd" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:590 +#: sssd-ad.5.xml:609 msgid "cockpit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:599 +#: sssd-ad.5.xml:618 msgid "ad_gpo_map_network (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:602 +#: sssd-ad.5.xml:621 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the NetworkLogonRight and " @@ -11513,7 +11755,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:608 +#: sssd-ad.5.xml:627 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Access " "this computer from the network\" and \"Deny access to this computer from the " @@ -11521,7 +11763,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:623 +#: sssd-ad.5.xml:642 #, no-wrap msgid "" "ad_gpo_map_network = +my_pam_service, -ftp\n" @@ -11529,7 +11771,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:614 +#: sssd-ad.5.xml:633 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -11541,22 +11783,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:631 +#: sssd-ad.5.xml:650 msgid "ftp" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:636 +#: sssd-ad.5.xml:655 msgid "samba" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:645 +#: sssd-ad.5.xml:664 msgid "ad_gpo_map_batch (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:648 +#: sssd-ad.5.xml:667 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the BatchLogonRight and DenyBatchLogonRight " @@ -11564,14 +11806,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:654 +#: sssd-ad.5.xml:673 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a batch job\" and \"Deny log on as a batch job\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:668 +#: sssd-ad.5.xml:687 #, no-wrap msgid "" "ad_gpo_map_batch = +my_pam_service, -crond\n" @@ -11579,7 +11821,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:659 +#: sssd-ad.5.xml:678 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -11591,23 +11833,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:671 +#: sssd-ad.5.xml:690 msgid "" "Note: Cron service name may differ depending on Linux distribution used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:677 +#: sssd-ad.5.xml:696 msgid "crond" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:686 +#: sssd-ad.5.xml:705 msgid "ad_gpo_map_service (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:689 +#: sssd-ad.5.xml:708 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the ServiceLogonRight and " @@ -11615,14 +11857,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:695 +#: sssd-ad.5.xml:714 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a service\" and \"Deny log on as a service\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:708 +#: sssd-ad.5.xml:727 #, no-wrap msgid "" "ad_gpo_map_service = +my_pam_service\n" @@ -11630,7 +11872,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:700 sssd-ad.5.xml:775 +#: sssd-ad.5.xml:719 sssd-ad.5.xml:794 msgid "" "It is possible to add a PAM service name to the default set by using <quote>" "+service_name</quote>. Since the default set is empty, it is not possible " @@ -11641,19 +11883,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:718 +#: sssd-ad.5.xml:737 msgid "ad_gpo_map_permit (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:721 +#: sssd-ad.5.xml:740 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always granted, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:735 +#: sssd-ad.5.xml:754 #, no-wrap msgid "" "ad_gpo_map_permit = +my_pam_service, -sudo\n" @@ -11661,7 +11903,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:726 +#: sssd-ad.5.xml:745 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -11673,29 +11915,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:743 +#: sssd-ad.5.xml:762 msgid "polkit-1" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:758 +#: sssd-ad.5.xml:777 msgid "systemd-user" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:767 +#: sssd-ad.5.xml:786 msgid "ad_gpo_map_deny (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:770 +#: sssd-ad.5.xml:789 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always denied, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:783 +#: sssd-ad.5.xml:802 #, no-wrap msgid "" "ad_gpo_map_deny = +my_pam_service\n" @@ -11703,12 +11945,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:793 +#: sssd-ad.5.xml:812 msgid "ad_gpo_default_right (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:796 +#: sssd-ad.5.xml:815 msgid "" "This option defines how access control is evaluated for PAM service names " "that are not explicitly listed in one of the ad_gpo_map_* options. This " @@ -11721,57 +11963,57 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:809 +#: sssd-ad.5.xml:828 msgid "Supported values for this option include:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:813 +#: sssd-ad.5.xml:832 msgid "interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:818 +#: sssd-ad.5.xml:837 msgid "remote_interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:823 +#: sssd-ad.5.xml:842 msgid "network" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:828 +#: sssd-ad.5.xml:847 msgid "batch" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:833 +#: sssd-ad.5.xml:852 msgid "service" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:838 +#: sssd-ad.5.xml:857 msgid "permit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:843 +#: sssd-ad.5.xml:862 msgid "deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:849 +#: sssd-ad.5.xml:868 msgid "Default: deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:855 +#: sssd-ad.5.xml:874 msgid "ad_maximum_machine_account_password_age (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:858 +#: sssd-ad.5.xml:877 msgid "" "SSSD will check once a day if the machine account password is older than the " "given age in days and try to renew it. A value of 0 will disable the renewal " @@ -11779,17 +12021,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:864 +#: sssd-ad.5.xml:883 msgid "Default: 30 days" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:870 +#: sssd-ad.5.xml:889 msgid "ad_machine_account_password_renewal_opts (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:873 +#: sssd-ad.5.xml:892 msgid "" "This option should only be used to test the machine account renewal task. " "The option expects 2 integers separated by a colon (':'). The first integer " @@ -11799,12 +12041,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:882 +#: sssd-ad.5.xml:901 msgid "Default: 86400:750 (24h and 15m)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:891 +#: sssd-ad.5.xml:910 msgid "" "Optional. This option tells SSSD to automatically update the Active " "Directory DNS server with the IP address of this client. The update is " @@ -11822,19 +12064,19 @@ msgstr "" "»dyndns_iface« angegeben wurde." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:921 +#: sssd-ad.5.xml:940 msgid "Default: 3600 (seconds)" msgstr "Voreinstellung: 3600 (Sekunden)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:937 +#: sssd-ad.5.xml:956 msgid "" "Default: Use the IP addresses of the interface which is used for AD LDAP " "connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:950 +#: sssd-ad.5.xml:969 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -11844,12 +12086,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:973 sss_rpcidmapd.5.xml:76 +#: sssd-ad.5.xml:992 sss_rpcidmapd.5.xml:76 msgid "Default: True" msgstr "Voreinstellung: True" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1080 +#: sssd-ad.5.xml:1099 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -11861,7 +12103,7 @@ msgstr "" "Optionen von AD." #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1087 +#: sssd-ad.5.xml:1106 #, no-wrap msgid "" "[domain/EXAMPLE]\n" @@ -11885,7 +12127,7 @@ msgstr "" "ad_domain = example.com\n" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1107 +#: sssd-ad.5.xml:1126 #, no-wrap msgid "" "access_provider = ldap\n" @@ -11897,7 +12139,7 @@ msgstr "" "ldap_account_expire_policy = ad\n" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1103 +#: sssd-ad.5.xml:1122 msgid "" "The AD access control provider checks if the account is expired. It has the " "same effect as the following configuration of the LDAP provider: " @@ -11908,7 +12150,7 @@ msgstr "" "<placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1113 +#: sssd-ad.5.xml:1132 msgid "" "However, unless the <quote>ad</quote> access control provider is explicitly " "configured, the default access provider is <quote>permit</quote>. Please " @@ -11918,7 +12160,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1121 +#: sssd-ad.5.xml:1140 msgid "" "When the autofs provider is set to <quote>ad</quote>, the RFC2307 schema " "attribute mapping (nisMap, nisObject, ...) is used, because these attributes " @@ -12408,10 +12650,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd.8.xml:169 -#, fuzzy -#| msgid "<option>-c</option>,<option>--config</option>" msgid "<option>-g</option>,<option>--genconf</option>" -msgstr "<option>-c</option>,<option>--config</option>" +msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.8.xml:173 @@ -12422,10 +12662,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd.8.xml:181 -#, fuzzy -#| msgid "<option>-s</option>,<option>--stdin</option>" msgid "<option>-s</option>,<option>--genconf-section</option>" -msgstr "<option>-s</option>,<option>--stdin</option>" +msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.8.xml:185 @@ -13711,11 +13949,67 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-krb5.5.xml:505 +#, fuzzy +#| msgid "krb5_ccachedir (string)" +msgid "krb5_kdcinfo_lookahead (string)" +msgstr "krb5_ccachedir (Zeichenkette)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:508 +#, fuzzy +#| msgid "" +#| "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" +#| "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for " +#| "more information on the locator plugin." +msgid "" +"When krb5_use_kdcinfo is set to true, you can limit the amount of servers " +"handed to <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" +"refentrytitle> <manvolnum>8</manvolnum> </citerefentry>. This might be " +"helpful when there are too many servers discovered using SRV record." +msgstr "" +"Weitere Informationen über die Locator-Erweiterung finden Sie auf der " +"Handbuchseite <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" +"refentrytitle> <manvolnum>8</manvolnum> </citerefentry>." + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:518 +msgid "" +"The krb5_kdcinfo_lookahead option contains two numbers seperated by a colon. " +"The first number represents number of primary servers used and the second " +"number specifies the number of backup servers." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:524 +#, fuzzy +#| msgid "" +#| "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" +#| "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for " +#| "more information on the locator plugin." +msgid "" +"For example <emphasis>10:0</emphasis> means that up to 10 primary servers " +"will be handed to <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" +"refentrytitle> <manvolnum>8</manvolnum> </citerefentry>. but no backup " +"servers." +msgstr "" +"Weitere Informationen über die Locator-Erweiterung finden Sie auf der " +"Handbuchseite <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" +"refentrytitle> <manvolnum>8</manvolnum> </citerefentry>." + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:533 +#, fuzzy +#| msgid "Default: 3" +msgid "Default: 3:1" +msgstr "Voreinstellung: 3" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-krb5.5.xml:539 msgid "krb5_use_enterprise_principal (boolean)" msgstr "krb5_use_enterprise_principal (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:508 +#: sssd-krb5.5.xml:542 msgid "" "Specifies if the user principal should be treated as enterprise principal. " "See section 5 of RFC 6806 for more details about enterprise principals." @@ -13725,12 +14019,12 @@ msgstr "" "Abschnitt 5 von RFC 6806." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:514 +#: sssd-krb5.5.xml:548 msgid "Default: false (AD provider: true)" msgstr "Voreinstellung: falsch (AD-Anbieter: wahr)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:517 +#: sssd-krb5.5.xml:551 msgid "" "The IPA provider will set to option to 'true' if it detects that the server " "is capable of handling enterprise principals and the option is not set " @@ -13738,12 +14032,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:526 +#: sssd-krb5.5.xml:560 msgid "krb5_map_user (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:529 +#: sssd-krb5.5.xml:563 msgid "" "The list of mappings is given as a comma-separated list of pairs " "<quote>username:primary</quote> where <quote>username</quote> is a UNIX user " @@ -13753,7 +14047,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-krb5.5.xml:541 +#: sssd-krb5.5.xml:575 #, no-wrap msgid "" "krb5_realm = REALM\n" @@ -13761,7 +14055,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:546 +#: sssd-krb5.5.xml:580 msgid "" "<quote>joe</quote> and <quote>dick</quote> are UNIX user names and " "<quote>juser</quote> and <quote>richard</quote> are primaries of kerberos " @@ -13787,7 +14081,7 @@ msgstr "" "id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:572 +#: sssd-krb5.5.xml:606 msgid "" "The following example assumes that SSSD is correctly configured and FOO is " "one of the domains in the <replaceable>[sssd]</replaceable> section. This " @@ -13800,7 +14094,7 @@ msgstr "" "keine Identitätsanbieter." #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-krb5.5.xml:580 +#: sssd-krb5.5.xml:614 #, no-wrap msgid "" "[domain/FOO]\n" @@ -15160,22 +15454,14 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_ssh_knownhostsproxy.1.xml:89 -#, fuzzy -#| msgid "<option>-k</option>,<option>--kick</option>" msgid "<option>-k</option>,<option>--pubkey</option>" -msgstr "<option>-k</option>,<option>--kick</option>" +msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_ssh_knownhostsproxy.1.xml:93 -#, fuzzy -#| msgid "" -#| "Search for host public keys in SSSD domain <replaceable>DOMAIN</" -#| "replaceable>." msgid "" "Print the host ssh public keys for host <replaceable>HOST</replaceable>." msgstr "" -"sucht in der SSSD-Domain nach <replaceable>DOMAIN</replaceable> öffentlichen " -"Schlüsseln für den Rechner." #. type: Content of: <reference><refentry><refnamediv><refname> #: idmap_sss.8.xml:10 idmap_sss.8.xml:15 @@ -15326,20 +15612,12 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-files.5.xml:58 -#, fuzzy -#| msgid "" -#| "The detailed instructions for configuration of sudo_provider are in the " -#| "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " -#| "<manvolnum>5</manvolnum> </citerefentry>." msgid "" "Please note that some distributions enable the files domain automatically, " "prepending the domain before any explicitly configured domains. See " "enable_files_domain in <citerefentry> <refentrytitle>sssd.conf</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry>." msgstr "" -"Detaillierte Anweisungen zur Konfiguration von sudo_provider finden Sie in " -"der Handbuchseite zu <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " -"<manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para> #: sssd-files.5.xml:67 @@ -18173,21 +18451,13 @@ msgstr "" #. type: Content of: <refsect1><refsect2><title> #: include/ad_modified_defaults.xml:80 -#, fuzzy -#| msgid "NSS configuration options" msgid "NSS configuration" -msgstr "NSS-Konfigurationsoptionen" +msgstr "" #. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> #: include/ad_modified_defaults.xml:84 -#, fuzzy -#| msgid "" -#| "fallback_homedir = /home/%u\n" -#| " " msgid "fallback_homedir = /home/%d/%u" msgstr "" -"fallback_homedir = /home/%u\n" -" " #. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> #: include/ad_modified_defaults.xml:87 @@ -18303,114 +18573,7 @@ msgid "ldap_group_external_member = ipaExternalMember" msgstr "" #~ msgid "" -#~ "PLEASE NOTE: the support for non-unique named subpatterns is not " -#~ "available on all platforms (e.g. RHEL5 and SLES10). Only platforms with " -#~ "libpcre version 7 or higher can support non-unique named subpatterns." -#~ msgstr "" -#~ "BITTE BEACHTEN SIE: Die Unterstützung für nicht eindeutig benannte " -#~ "Musterteile ist nicht auf allen Plattformen (z.B. RHEL5 und SLES10) " -#~ "vorhanden. Nur Plattformen mit Libpcre Version 7 oder höher können nicht " -#~ "eindeutig benannte Musterteile unterstützen." - -#~ msgid "" -#~ "PLEASE NOTE ALSO: older version of libpcre only support the Python syntax " -#~ "(?P<name>) to label subpatterns." -#~ msgstr "" -#~ "BITTE BEACHTEN SIE AUCH: Ältere Versionen von Libpcre unterstützen für " -#~ "Beschriftungsmusterteile nur die Python-Syntax (?P<Name>)." - -#~ msgid "ldap_groups_use_matching_rule_in_chain" -#~ msgstr "ldap_groups_use_matching_rule_in_chain" - -#~ msgid "" -#~ "This option tells SSSD to take advantage of an Active Directory-specific " -#~ "feature which may speed up group lookup operations on deployments with " -#~ "complex or deep nested groups." -#~ msgstr "" -#~ "Diese Option teilt SSSD mit, dass es den Vorteil einer Active-Directory-" -#~ "spezifischen Funktionalität nutzen soll, die Gruppenachschlageoptionen " -#~ "und Bereitstellungen mit komplexen oder tief verschachtelten Gruppen zu " -#~ "beschleunigen." - -#~ msgid "" -#~ "In most common cases, it is best to leave this option disabled. It " -#~ "generally only provides a performance increase on very complex nestings." -#~ msgstr "" -#~ "In den meisten Fällen ist es am besten, diese Option deaktiviert zu " -#~ "lassen. Normalerweise führt sie nur bei sehr komplexen Verschachtelungen " -#~ "zu einer Leistungssteigerung." - -#~ msgid "" -#~ "If this option is enabled, SSSD will use it if it detects that the server " -#~ "supports it during initial connection. So \"True\" here essentially means " -#~ "\"auto-detect\"." -#~ msgstr "" -#~ "Falls diese Option aktiviert ist und SSSD beim Verbinden feststellt, dass " -#~ "der Server sie unterstützt, wird SSSD sie verwenden. Daher bedeutet hier " -#~ "»True« eigentlich »auto-detect«." - -#~ msgid "" -#~ "Note: This feature is currently known to work only with Active Directory " -#~ "2008 R1 and later. See <ulink url=\"http://msdn.microsoft.com/en-us/" -#~ "library/windows/desktop/aa746475%28v=vs.85%29.aspx\"> MSDN(TM) " -#~ "documentation</ulink> for more details." -#~ msgstr "" -#~ "Hinweis: Es ist bekannt, dass diese Funktionalität derzeit nur mit Active " -#~ "Directory 2008 R1 und neuer funktioniert. Weitere Einzelheiten finden Sie " -#~ "in der <ulink url=\"http://msdn.microsoft.com/en-us/library/windows/" -#~ "desktop/aa746475%28v=vs.85%29.aspx\"> MSDN™-Dokumentation</ulink>." - -#~ msgid "ldap_initgroups_use_matching_rule_in_chain" -#~ msgstr "ldap_initgroups_use_matching_rule_in_chain" - -#~ msgid "" -#~ "This option tells SSSD to take advantage of an Active Directory-specific " -#~ "feature which might speed up initgroups operations (most notably when " -#~ "dealing with complex or deep nested groups)." -#~ msgstr "" -#~ "Diese Option teilt SSSD mit, dass es den Vorteil einer Active-Directory-" -#~ "spezifischen Funktionalität nutzen soll, die möglicherweise Initgroups-" -#~ "Aktionen beschleunigt (vor allem, beim Umgang mit komplexen oder " -#~ "verschachtelten Gruppen)." - -#~ msgid "" -#~ "The Kerberos locator plugin <command>sssd_krb5_locator_plugin</command> " -#~ "is used by the Kerberos provider of <citerefentry> <refentrytitle>sssd</" -#~ "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> to tell the " -#~ "Kerberos libraries what Realm and which KDC to use. Typically this is " -#~ "done in <citerefentry> <refentrytitle>krb5.conf</refentrytitle> " -#~ "<manvolnum>5</manvolnum> </citerefentry> which is always read by the " -#~ "Kerberos libraries. To simplify the configuration the Realm and the KDC " -#~ "can be defined in <citerefentry> <refentrytitle>sssd.conf</refentrytitle> " -#~ "<manvolnum>5</manvolnum> </citerefentry> as described in <citerefentry> " -#~ "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" -#~ "citerefentry>" -#~ msgstr "" -#~ "Das Kerberos Locator-Plugin <command>sssd_krb5_locator_plugin</command> " -#~ "wird vom Kerberos-Anbieter von <citerefentry> <refentrytitle>sssd</" -#~ "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> verwendet, um für " -#~ "die Kerberos-Bibliotheken festzulegen, welcher Realm und KDC verwendet " -#~ "werden soll. Typischerweise geschieht dies in der Datei <citerefentry> " -#~ "<refentrytitle>krb5.conf</refentrytitle> <manvolnum>5</manvolnum> </" -#~ "citerefentry>, die immer von den Kerberos-Bibliotheken gelesen wird. Um " -#~ "die Konfiguration zu vereinfachen, können Realm und KDC in der Datei " -#~ "<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -#~ "manvolnum> </citerefentry> definiert werden, so wie es in der " -#~ "Handbuchseite zu <citerefentry> <refentrytitle>sssd-krb5</refentrytitle> " -#~ "<manvolnum>5</manvolnum> </citerefentry> beschrieben ist." - -#~ msgid "" -#~ "<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</" -#~ "manvolnum> </citerefentry> puts the Realm and the name or IP address of " -#~ "the KDC into the environment variables SSSD_KRB5_REALM and SSSD_KRB5_KDC " -#~ "respectively. When <command>sssd_krb5_locator_plugin</command> is called " -#~ "by the kerberos libraries it reads and evaluates these variables and " -#~ "returns them to the libraries." +#~ "You can turn off dereference lookups completely by setting the value to 0." #~ msgstr "" -#~ "<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</" -#~ "manvolnum> </citerefentry> legt den Realm und den Namen oder die IP-" -#~ "Adresse der Schlüsselverwaltungszentrale (KDC) in den Umgebungsvariablen " -#~ "SSSD_KRB5_REALM beziehungsweise SSSD_KRB5_KDC ab. Wenn " -#~ "<command>sssd_krb5_locator_plugin</command> durch die Kerberos-" -#~ "Bibliotheken aufgerufen wird, liest es diese Variablen, wertet sie aus " -#~ "und gibt sie an die Bibliotheken zurück." +#~ "Sie können dereferenzierendes Nachschlagen komplett ausschalten, indem " +#~ "Sie den Wert auf 0 setzen." diff --git a/src/man/po/es.po b/src/man/po/es.po index f08fc702eec..0e5467952ed 100644 --- a/src/man/po/es.po +++ b/src/man/po/es.po @@ -15,10 +15,10 @@ # Emilio Herrera <ehespinosa57@gmail.com>, 2019. #zanata msgid "" msgstr "" -"Project-Id-Version: sssd-docs 1.16.2\n" +"Project-Id-Version: sssd-docs 2.0.99\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2019-02-27 19:54+0100\n" -"PO-Revision-Date: 2019-02-26 01:23+0000\n" +"POT-Creation-Date: 2019-06-13 20:34+0200\n" +"PO-Revision-Date: 2019-06-07 03:13+0000\n" "Last-Translator: Emilio Herrera <ehespinosa57@gmail.com>\n" "Language-Team: Spanish (http://www.transifex.com/projects/p/sssd/language/" "es/)\n" @@ -362,11 +362,11 @@ msgstr "" "habilitado para el registro de la depuración SSSD esta opción se ignora." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:133 sssd.conf.5.xml:579 sssd.conf.5.xml:875 -#: sssd.conf.5.xml:1648 sssd.conf.5.xml:1678 sssd-ldap.5.xml:1792 -#: sssd-ldap.5.xml:1889 sssd-ldap.5.xml:1951 sssd-ldap.5.xml:2517 -#: sssd-ldap.5.xml:2582 sssd-ipa.5.xml:326 sssd-ad.5.xml:227 sssd-ad.5.xml:341 -#: sssd-ad.5.xml:907 sssd-ad.5.xml:1040 sssd-krb5.5.xml:499 +#: sssd.conf.5.xml:133 sssd.conf.5.xml:579 sssd.conf.5.xml:876 +#: sssd.conf.5.xml:1649 sssd.conf.5.xml:1679 sssd-ldap.5.xml:1849 +#: sssd-ldap.5.xml:1947 sssd-ldap.5.xml:2009 sssd-ldap.5.xml:2586 +#: sssd-ldap.5.xml:2651 sssd-ipa.5.xml:326 sssd-ad.5.xml:227 sssd-ad.5.xml:341 +#: sssd-ad.5.xml:926 sssd-ad.5.xml:1059 sssd-krb5.5.xml:499 #: sssd-secrets.5.xml:351 sssd-secrets.5.xml:364 msgid "Default: true" msgstr "Predeterminado: true" @@ -388,16 +388,16 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:146 sssd.conf.5.xml:576 sssd.conf.5.xml:758 -#: sssd.conf.5.xml:1581 sssd.conf.5.xml:3140 sssd-ldap.5.xml:708 -#: sssd-ldap.5.xml:1655 sssd-ldap.5.xml:1674 sssd-ldap.5.xml:1861 -#: sssd-ldap.5.xml:2287 sssd-ldap.5.xml:2606 sssd-ipa.5.xml:151 +#: sssd.conf.5.xml:1582 sssd.conf.5.xml:3207 sssd-ldap.5.xml:746 +#: sssd-ldap.5.xml:1700 sssd-ldap.5.xml:1719 sssd-ldap.5.xml:1919 +#: sssd-ldap.5.xml:2345 sssd-ldap.5.xml:2675 sssd-ipa.5.xml:151 #: sssd-ipa.5.xml:238 sssd-ipa.5.xml:574 sssd-krb5.5.xml:266 #: sssd-krb5.5.xml:300 sssd-krb5.5.xml:471 msgid "Default: false" msgstr "Predeterminado: false" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:2325 +#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:2383 #: sssd-systemtap.5.xml:82 sssd-systemtap.5.xml:143 sssd-systemtap.5.xml:210 #: sssd-systemtap.5.xml:248 sssd-systemtap.5.xml:304 msgid "<placeholder type=\"variablelist\" id=\"0\"/>" @@ -425,8 +425,8 @@ msgstr "" "Advierta que después de tres pulsaciones perdidas el servicio se terminará." #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:169 sssd.conf.5.xml:1412 sssd.conf.5.xml:3156 -#: sssd-ldap.5.xml:1526 include/ldap_id_mapping.xml:264 +#: sssd.conf.5.xml:169 sssd.conf.5.xml:1413 sssd.conf.5.xml:3223 +#: sssd-ldap.5.xml:1571 include/ldap_id_mapping.xml:264 msgid "Default: 10" msgstr "Predeterminado: 10" @@ -441,7 +441,7 @@ msgid "The [sssd] section" msgstr "La sección [sssd]" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:191 sssd.conf.5.xml:3245 +#: sssd.conf.5.xml:191 sssd.conf.5.xml:3312 msgid "Section parameters" msgstr "Parámetros de sección" @@ -542,7 +542,7 @@ msgstr "" "bajos." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:259 sssd.conf.5.xml:2754 +#: sssd.conf.5.xml:259 sssd.conf.5.xml:2755 msgid "re_expression (string)" msgstr "re_expression (cadena)" @@ -567,12 +567,12 @@ msgstr "" "las SECCIONES DOMINIO para mas información sobre estas expresiones regulares." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:276 sssd.conf.5.xml:2802 +#: sssd.conf.5.xml:276 sssd.conf.5.xml:2803 msgid "full_name_format (string)" msgstr "full_name_format (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:279 sssd.conf.5.xml:2805 +#: sssd.conf.5.xml:279 sssd.conf.5.xml:2806 msgid "" "A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" "manvolnum> </citerefentry>-compatible format that describes how to compose a " @@ -584,33 +584,33 @@ msgstr "" "dominio." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:290 sssd.conf.5.xml:2816 +#: sssd.conf.5.xml:290 sssd.conf.5.xml:2817 msgid "%1$s" msgstr "%1$s" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:291 sssd.conf.5.xml:2817 +#: sssd.conf.5.xml:291 sssd.conf.5.xml:2818 msgid "user name" msgstr "nombre de usuario" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:294 sssd.conf.5.xml:2820 +#: sssd.conf.5.xml:294 sssd.conf.5.xml:2821 msgid "%2$s" msgstr "%2$s" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:297 sssd.conf.5.xml:2823 +#: sssd.conf.5.xml:297 sssd.conf.5.xml:2824 msgid "domain name as specified in the SSSD config file." msgstr "" "nombre de dominio como se especifica en el fichero de configuración SSSD" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:303 sssd.conf.5.xml:2829 +#: sssd.conf.5.xml:303 sssd.conf.5.xml:2830 msgid "%3$s" msgstr "%3$s" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:306 sssd.conf.5.xml:2832 +#: sssd.conf.5.xml:306 sssd.conf.5.xml:2833 msgid "" "domain flat name. Mostly usable for Active Directory domains, both directly " "configured or discovered via IPA trusts." @@ -620,7 +620,7 @@ msgstr "" "medio de IPA de confianza." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:287 sssd.conf.5.xml:2813 +#: sssd.conf.5.xml:287 sssd.conf.5.xml:2814 msgid "" "The following expansions are supported: <placeholder type=\"variablelist\" " "id=\"0\"/>" @@ -787,10 +787,10 @@ msgstr "" "con use_fully_qualified_names fijado a False." #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:418 sssd.conf.5.xml:1201 sssd-ldap.5.xml:679 -#: sssd-ldap.5.xml:1260 sssd-ldap.5.xml:1614 sssd-ldap.5.xml:1626 -#: sssd-ldap.5.xml:1708 sssd-ad.5.xml:712 sssd-ad.5.xml:787 sssd.8.xml:126 -#: sssd-krb5.5.xml:410 sssd-krb5.5.xml:556 sssd-secrets.5.xml:339 +#: sssd.conf.5.xml:418 sssd.conf.5.xml:1202 sssd-ldap.5.xml:717 +#: sssd-ldap.5.xml:1298 sssd-ldap.5.xml:1659 sssd-ldap.5.xml:1671 +#: sssd-ldap.5.xml:1763 sssd-ad.5.xml:731 sssd-ad.5.xml:806 sssd.8.xml:126 +#: sssd-krb5.5.xml:410 sssd-krb5.5.xml:590 sssd-secrets.5.xml:339 #: sssd-secrets.5.xml:377 sssd-secrets.5.xml:390 sssd-secrets.5.xml:404 #: sssd-secrets.5.xml:415 include/ldap_id_mapping.xml:205 #: include/ldap_id_mapping.xml:216 @@ -889,15 +889,12 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:482 -#, fuzzy -#| msgid "" -#| "This option must be used together with " -#| "ocsp_default_responder_signing_cert." msgid "" "(NSS Version) This option must be used together with " "ocsp_default_responder_signing_cert." msgstr "" -"Esta opción debe ser usada junto con ocsp_default_responder_signing_cert." +"(Versión NSS) Esta opción debe ser usada junto con " +"ocsp_default_responder_signing_cert." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:490 @@ -906,19 +903,14 @@ msgstr "ocsp_default_responder_signing_cert=NAME" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:492 -#, fuzzy -#| msgid "" -#| "The nickname of the cert to trust (expected) to sign the OCSP responses. " -#| "The certificate with the given nickname must be available in the systems " -#| "NSS database." msgid "" "(NSS Version) The nickname of the cert to trust (expected) to sign the OCSP " "responses. The certificate with the given nickname must be available in the " "systems NSS database." msgstr "" -"El nickname del certificado en el que confiar (esperado) para firmar las " -"respuestas OCSP. El certificado con el nickname dado debe estar disponible " -"en la base de datos de los sistemas NSS." +"(NSS Version) El apodo del certificado en el que confiar (esperado) para " +"firmar las respuestas OCSP. El certificado con el apodo dado debe estar " +"disponible en la base de datos NSS del sistema." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:497 @@ -931,46 +923,40 @@ msgid "" "(OpenSSL version) This option is currently ignored. All needed certificates " "must be available in the PEM file given by pam_cert_db_path." msgstr "" +"(Versión OpenSSL) Esta opción se ignora actualmente. Todos los certificados " +"necesarios deben estar disponibles en el fichero PEM indicado por " +"pam_cert_db_path." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:507 msgid "crl_file=/PATH/TO/CRL/FILE" -msgstr "" +msgstr "crl_file=/PATH/TO/CRL/FILE" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:509 -#, fuzzy -#| msgid "" -#| "<quote>ipa</quote> to load maps stored in an IPA server. See " -#| "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" -#| "manvolnum> </citerefentry> for more information on configuring IPA." msgid "" "(NSS Version) This option is ignored, please see <citerefentry> " "<refentrytitle>crlutil</refentrytitle> <manvolnum>1</manvolnum> </" "citerefentry> how to import a Certificate Revocation List (CRL) into a NSS " "database." msgstr "" -"<quote>ipa</quote> para cargar mapas almacenados en un servidor IPA. Vea " -"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> para más información sobre la configuración de " -"IPA." +"(Versión NSS) Esta opción se ignora, por favor vea en <citerefentry> " +"<refentrytitle>crlutil</refentrytitle> <manvolnum>1</manvolnum> </" +"citerefentry> como importar una Lista de Revocación de Certificado (CRL) en " +"una base de datos NSS." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:518 -#, fuzzy -#| msgid "" -#| "Please refer to the <quote>dns_discovery_domain</quote> parameter in the " -#| "<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -#| "manvolnum> </citerefentry> manual page for more details." msgid "" "(OpenSSL Version) Use the Certificate Revocation List (CRL) from the given " "file during the verification of the certificate. The CRL must be given in " "PEM format, see <citerefentry> <refentrytitle>crl</refentrytitle> " "<manvolnum>1ssl</manvolnum> </citerefentry> for details." msgstr "" -"Por favor vea el parámetro <quote>dns_discovery_domain</quote> en la página " -"de manual <citerefentry> <refentrytitle>sssd.conf</refentrytitle> " -"<manvolnum>5</manvolnum> </citerefentry> para más detalles." +"(Versión OpenSSL) Usa la Lista de Revocación de Certificado (CRL) del " +"fichero dado durante la verificación del certificado. La CRL se debe dar en " +"formato PEM, vea detalles en <citerefentry> <refentrytitle>crl</" +"refentrytitle> <manvolnum>1ssl</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:451 @@ -984,14 +970,14 @@ msgstr "" "<placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:533 sssd.conf.5.xml:1397 sssd.conf.5.xml:1703 +#: sssd.conf.5.xml:533 sssd.conf.5.xml:1398 sssd.conf.5.xml:1704 msgid "This man page was generated for the NSS version." -msgstr "" +msgstr "Esta página de manual fue generada para la versión NSS." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:536 sssd.conf.5.xml:1400 sssd.conf.5.xml:1706 +#: sssd.conf.5.xml:536 sssd.conf.5.xml:1401 sssd.conf.5.xml:1707 msgid "This man page was generated for the OpenSSL version." -msgstr "" +msgstr "Esta página de manual fue generada para la versión OPENSSL." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:540 @@ -1102,7 +1088,7 @@ msgstr "" "casos donde los nombres de usuarios se deben compartir entre dominios." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:624 sssd.conf.5.xml:1424 sssd.conf.5.xml:3206 +#: sssd.conf.5.xml:624 sssd.conf.5.xml:1425 sssd.conf.5.xml:3273 #: sssd-ad.5.xml:164 sssd-ad.5.xml:302 sssd-ad.5.xml:316 msgid "Default: Not set" msgstr "Por defecto: No definido" @@ -1198,8 +1184,8 @@ msgstr "" "configura un valor más bajo será ajustado a 10 segundos." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:692 sssd.conf.5.xml:724 sssd.conf.5.xml:1006 -#: sssd.conf.5.xml:1267 sssd.conf.5.xml:1513 sssd-ldap.5.xml:1353 +#: sssd.conf.5.xml:692 sssd.conf.5.xml:724 sssd.conf.5.xml:1007 +#: sssd.conf.5.xml:1268 sssd.conf.5.xml:1514 sssd-ldap.5.xml:1391 msgid "Default: 60" msgstr "Predeterminado: 60" @@ -1223,7 +1209,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:707 msgid "offline_timeout + random_offset" -msgstr "" +msgstr "offline_timeout + random_offset" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:710 @@ -1231,11 +1217,14 @@ msgid "" "The random offset can increment up to 30 seconds. After each unsuccessful " "attempt to go online, the new interval is recalculated by the following:" msgstr "" +"El desplazamiento aleatorio puede ser incrementado a 30 segundos. Después " +"de cada intento fracasado de ir a línea, el nuevo intervalo se re-calcula de " +"la siguiente forma:" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:715 msgid "new_interval = old_interval*2 + random_offset" -msgstr "" +msgstr "new_interval = old_interval*2 + random_offset" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:718 @@ -1244,11 +1233,14 @@ msgid "" "hour. If the calculated length of new_interval is greater than an hour, it " "will be forced to one hour." msgstr "" +"Advierta que la longitud máxima de cada intervalo está limitada actualmente " +"a una hora. Si la longitud calculada de new_interval es mayor de una hora se " +"forzará a una hora." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:729 msgid "responder_idle_timeout" -msgstr "" +msgstr "responder_idle_timeout" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:732 @@ -1261,17 +1253,24 @@ msgid "" "built with systemd support and when services are either socket or D-Bus " "activated." msgstr "" +"Esta opción especifica el número de segundos que un proceso contestador SSSD " +"puede estar levantado sin ser usado. Este valor está limitado con el " +"objetivo de evitar el agotamiento de recursos del sistema. El valor mínimo " +"aceptable para esta opción es 60 segundos. Fijar esta opción a 0 (cero) " +"significa que se le ajustarña tiempo de espera al contestador. Esta opción " +"solo tiene efecto cuando SSSD está construido con soporte systemd y cuando " +"los servicios activados son socket o D-Bus." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:746 sssd.conf.5.xml:1019 sssd.conf.5.xml:1773 -#: sssd-ldap.5.xml:722 +#: sssd.conf.5.xml:746 sssd.conf.5.xml:1020 sssd.conf.5.xml:1774 +#: sssd-ldap.5.xml:760 msgid "Default: 300" msgstr "Predeterminado: 300" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:751 msgid "cache_first" -msgstr "" +msgstr "cache_first" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:754 @@ -1279,6 +1278,8 @@ msgid "" "This option specifies whether the responder should query all caches before " "querying the Data Providers." msgstr "" +"Esta opción especifica si el contestador consultará todos los caches antes " +"de consultar a los Proveedores de Datos." #. type: Content of: <reference><refentry><refsect1><refsect2><title> #: sssd.conf.5.xml:766 @@ -1358,7 +1359,7 @@ msgstr "" "segundos. (0 deshabilita esta función)." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:812 sssd.conf.5.xml:1602 +#: sssd.conf.5.xml:812 sssd.conf.5.xml:1603 msgid "Default: 50" msgstr "Predeterminado: 50" @@ -1379,14 +1380,14 @@ msgstr "" "entradas no existentes) antes de preguntar al punto final otra vez." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:826 sssd.conf.5.xml:1626 +#: sssd.conf.5.xml:826 sssd.conf.5.xml:1627 msgid "Default: 15" msgstr "Predeterminado: 15" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:831 msgid "local_negative_timeout (integer)" -msgstr "" +msgstr "local_negative_timeout (integer)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:834 @@ -1395,11 +1396,14 @@ msgid "" "negative cache before trying to look it up in the back end again. Setting " "the option to 0 disables this feature." msgstr "" +"Especifica por cuantos segundos nss_sss mantendría a los usuarios y grupos " +"locales en cache negativo antes de intentar buscarlo en el extremo final " +"otra vez. Fijando la opción a 0 deshabilita esta característica." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:840 msgid "Default: 14400 (4 hours)" -msgstr "" +msgstr "Por defecto: 14400 (4 horas)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:845 @@ -1408,34 +1412,48 @@ msgstr "filter_users, filter_groups (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:848 +#, fuzzy +#| msgid "" +#| "Exclude certain users or groups from being fetched from the sss NSS " +#| "database. This is particularly useful for system accounts. This option " +#| "can also be set per-domain or include fully-qualified names to filter " +#| "only users from the particular domain." msgid "" "Exclude certain users or groups from being fetched from the sss NSS " "database. This is particularly useful for system accounts. This option can " "also be set per-domain or include fully-qualified names to filter only users " -"from the particular domain." +"from the particular domain or by a user principal name (UPN)." msgstr "" +"Excluye a ciertos usuarios o grupos de ser recuperados de la base de datos " +"sss NSS. Esto es particularmente útil para cuentas del sistema. Esta opción " +"puede ser también ajustada por dominio o incluir nombres totalmente " +"cualificados para filtrar solo usuarios de un dominio concreto." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:855 +#: sssd.conf.5.xml:856 msgid "" "NOTE: The filter_groups option doesn't affect inheritance of nested group " "members, since filtering happens after they are propagated for returning via " "NSS. E.g. a group having a member group filtered out will still have the " "member users of the latter listed." msgstr "" +"AVISO: La opción filter_groups no afecta a la herencia de miembros de grupos " +"anidados, puesto que el filtrado sucede después de que hayan sido propagados " +"para volver por medio de NSS. E.g. un grupo que tenga un miembro del grupo " +"filtrado mantendrá los usuarios miembros del listado posterior." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:863 +#: sssd.conf.5.xml:864 msgid "Default: root" msgstr "Predeterminado: root" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:868 +#: sssd.conf.5.xml:869 msgid "filter_users_in_groups (bool)" msgstr "filter_users_in_groups (bool)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:871 +#: sssd.conf.5.xml:872 msgid "" "If you want filtered user still be group members set this option to false." msgstr "" @@ -1443,12 +1461,12 @@ msgstr "" "opción a false." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:882 +#: sssd.conf.5.xml:883 msgid "fallback_homedir (string)" msgstr "fallback_homedir (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:885 +#: sssd.conf.5.xml:886 msgid "" "Set a default template for a user's home directory if one is not specified " "explicitly by the domain's data provider." @@ -1457,7 +1475,7 @@ msgstr "" "especificado una explícitamente por el proveedor de datos del dominio." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:890 +#: sssd.conf.5.xml:891 msgid "" "The available values for this option are the same as for override_homedir." msgstr "" @@ -1465,7 +1483,7 @@ msgstr "" "override_homedir." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:896 +#: sssd.conf.5.xml:897 #, no-wrap msgid "" "fallback_homedir = /home/%u\n" @@ -1475,42 +1493,45 @@ msgstr "" " " #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:894 sssd.conf.5.xml:1334 sssd.conf.5.xml:1353 -#: sssd-krb5.5.xml:539 include/override_homedir.xml:59 +#: sssd.conf.5.xml:895 sssd.conf.5.xml:1335 sssd.conf.5.xml:1354 +#: sssd-krb5.5.xml:573 include/override_homedir.xml:59 msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "ejemplo: <placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:900 +#: sssd.conf.5.xml:901 msgid "Default: not set (no substitution for unset home directories)" msgstr "" "Por defecto: no fijado (sin sustitución para los directorios home no fijados)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:906 +#: sssd.conf.5.xml:907 msgid "override_shell (string)" msgstr "override_shell (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:909 +#: sssd.conf.5.xml:910 msgid "" "Override the login shell for all users. This option supersedes any other " "shell options if it takes effect and can be set either in the [nss] section " "or per-domain." msgstr "" +"Anula el shell de acceso para todos los usuarios. Esta opción reemplaza " +"cualquier otra opción de shell si tinene efecto y puede ser fijada bien en " +"la sección [nss] o por dominio." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:915 +#: sssd.conf.5.xml:916 msgid "Default: not set (SSSD will use the value retrieved from LDAP)" msgstr "Por defecto: no fijado (SSSD usará el valor recuperado desde LDAP)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:921 +#: sssd.conf.5.xml:922 msgid "allowed_shells (string)" msgstr "allowed_shells (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:924 +#: sssd.conf.5.xml:925 msgid "" "Restrict user shell to one of the listed values. The order of evaluation is:" msgstr "" @@ -1518,12 +1539,12 @@ msgstr "" "evaluación es:" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:927 +#: sssd.conf.5.xml:928 msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used." msgstr "1. Si el shell está presente en <quote>/etc/shells</quote>, se usa." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:931 +#: sssd.conf.5.xml:932 msgid "" "2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</" "quote>, use the value of the shell_fallback parameter." @@ -1532,7 +1553,7 @@ msgstr "" "shells</quote>, usa el valor del parámetro shell_fallback." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:936 +#: sssd.conf.5.xml:937 msgid "" "3. If the shell is not in the allowed_shells list and not in <quote>/etc/" "shells</quote>, a nologin shell is used." @@ -1541,25 +1562,28 @@ msgstr "" "shells</quote>, se usará un shell de no acceso." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:941 +#: sssd.conf.5.xml:942 msgid "The wildcard (*) can be used to allow any shell." -msgstr "" +msgstr "Se puede usar el comodín (*) para permitir cualquier shell." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:944 +#: sssd.conf.5.xml:945 msgid "" "The (*) is useful if you want to use shell_fallback in case that user's " "shell is not in <quote>/etc/shells</quote> and maintaining list of all " "allowed shells in allowed_shells would be to much overhead." msgstr "" +"(*) es útil si usted desea usar shell_fallback en caso de que el shell del " +"usuario no esté en <quote>/etc/shells</quote> y las lista que mantiene todos " +"los shells permitidos en allowed_shells estuviera llena." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:951 +#: sssd.conf.5.xml:952 msgid "An empty string for shell is passed as-is to libc." msgstr "Una cadena vacía para el shell se pasa como-es a libc." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:954 +#: sssd.conf.5.xml:955 msgid "" "The <quote>/etc/shells</quote> is only read on SSSD start up, which means " "that a restart of the SSSD is required in case a new shell is installed." @@ -1569,27 +1593,27 @@ msgstr "" "una nueva shell." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:958 +#: sssd.conf.5.xml:959 msgid "Default: Not set. The user shell is automatically used." msgstr "Por defecto: No fijado. La shell del usuario se usa automáticamente." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:963 +#: sssd.conf.5.xml:964 msgid "vetoed_shells (string)" msgstr "vetoed_shells (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:966 +#: sssd.conf.5.xml:967 msgid "Replace any instance of these shells with the shell_fallback" msgstr "Reemplaza cualquier instancia de estos shells con shell_fallback" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:971 +#: sssd.conf.5.xml:972 msgid "shell_fallback (string)" msgstr "shell_fallback (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:974 +#: sssd.conf.5.xml:975 msgid "" "The default shell to use if an allowed shell is not installed on the machine." msgstr "" @@ -1597,24 +1621,27 @@ msgstr "" "máquina." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:978 +#: sssd.conf.5.xml:979 msgid "Default: /bin/sh" msgstr "Predeterminado: /bin/sh" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:983 +#: sssd.conf.5.xml:984 msgid "default_shell" msgstr "default_shell" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:986 +#: sssd.conf.5.xml:987 msgid "" "The default shell to use if the provider does not return one during lookup. " "This option can be specified globally in the [nss] section or per-domain." msgstr "" +"El shell por defecto a usar si el proveedor no devuelve uno durante la " +"búsqueda. Esta opción puede ser especificada globalmente en la sección [nss] " +"o por dominio." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:992 +#: sssd.conf.5.xml:993 msgid "" "Default: not set (Return NULL if no shell is specified and rely on libc to " "substitute something sensible when necessary, usually /bin/sh)" @@ -1624,12 +1651,12 @@ msgstr "" "normalmente /bin/sh)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:999 sssd.conf.5.xml:1260 +#: sssd.conf.5.xml:1000 sssd.conf.5.xml:1261 msgid "get_domains_timeout (int)" msgstr "get_domains_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1002 sssd.conf.5.xml:1263 +#: sssd.conf.5.xml:1003 sssd.conf.5.xml:1264 msgid "" "Specifies time in seconds for which the list of subdomains will be " "considered valid." @@ -1638,38 +1665,45 @@ msgstr "" "considerada válida." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1011 +#: sssd.conf.5.xml:1012 msgid "memcache_timeout (int)" msgstr "memcache_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1014 +#: sssd.conf.5.xml:1015 msgid "" "Specifies time in seconds for which records in the in-memory cache will be " "valid. Setting this option to zero will disable the in-memory cache." msgstr "" +"Especifica el tiempo en segundos por el cual os registros en la memoria " +"cache serán validos. Fijando esta opción o cero deshabilita la memoria cache." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1022 +#: sssd.conf.5.xml:1023 msgid "" "WARNING: Disabling the in-memory cache will have significant negative impact " "on SSSD's performance and should only be used for testing." msgstr "" +"PRECAUCIÓN: Deshabilitar la memoria cache puede llevar a un impacto negativo " +"significativo sobre el rendimiento de SSSD y debería ser usado solo para " +"pruebas." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1028 +#: sssd.conf.5.xml:1029 msgid "" "NOTE: If the environment variable SSS_NSS_USE_MEMCACHE is set to \"NO\", " "client applications will not use the fast in-memory cache." msgstr "" +"AVISO: Si la variable de entorno SSS_NSS_USE_MEMCACHE estça fijada a \"NO\", " +"las aplicaciones clientes no usaran la memoria cache rápida." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1036 sssd-ifp.5.xml:74 +#: sssd.conf.5.xml:1037 sssd-ifp.5.xml:74 msgid "user_attributes (string)" -msgstr "" +msgstr "user_attributes (string)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1039 +#: sssd.conf.5.xml:1040 msgid "" "Some of the additional NSS responder requests can return more attributes " "than just the POSIX ones defined by the NSS interface. The list of " @@ -1678,50 +1712,63 @@ msgid "" "<citerefentry> <refentrytitle>sssd-ifp</refentrytitle> <manvolnum>5</" "manvolnum> </citerefentry> for details) but with no default values." msgstr "" +"Algunas de las solicitudes de respuestas adicionales NSS pueden devolver mas " +"atributos que solos los de POXIS definido por el interfaz NSS. La lista de " +"atributos se controla con esta opción. Se maneja de la misma forma que la " +"opción <quote>user_attributes</quote> del contestador InfoPipe (see " +"<citerefentry> <refentrytitle>sssd-ifp</refentrytitle> <manvolnum>5</" +"manvolnum> </citerefentry> para mas detalles) pero sin valores " +"predeterminados." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1052 +#: sssd.conf.5.xml:1053 msgid "" "To make configuration more easy the NSS responder will check the InfoPipe " "option if it is not set for the NSS responder." msgstr "" +"Para hacer mas fácil la configuración el contestador NSS comprobará la " +"opción InfoPipe si no está fijada para el contestador NSS." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1057 +#: sssd.conf.5.xml:1058 msgid "Default: not set, fallback to InfoPipe option" -msgstr "" +msgstr "Por defecto: no ajustada, retroceder a opción InfoPipe" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1062 +#: sssd.conf.5.xml:1063 msgid "pwfield (string)" -msgstr "" +msgstr "pwfield (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1065 +#: sssd.conf.5.xml:1066 msgid "" "The value that NSS operations that return users or groups will return for " "the <quote>password</quote> field." msgstr "" +"El valor que las operaciones NSS que devuelven usuarios o grupos devolverán " +"para el campo <quote>password</quote>." #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:1070 include/override_homedir.xml:56 +#: sssd.conf.5.xml:1071 include/override_homedir.xml:56 msgid "This option can also be set per-domain." msgstr "Esta opción puede ser también fijada por dominio." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1073 +#: sssd.conf.5.xml:1074 msgid "" "Default: <quote>*</quote> (remote domains) or <quote>x</quote> (the files " "domain)" msgstr "" +"Por defecto: <quote>*</quote> (dominios remotos) o <quote>x</quote> (los " +"ficheros de dominio)" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1081 +#: sssd.conf.5.xml:1082 msgid "PAM configuration options" msgstr "Opciones de configuración PAM" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1083 +#: sssd.conf.5.xml:1084 msgid "" "These options can be used to configure the Pluggable Authentication Module " "(PAM) service." @@ -1730,12 +1777,12 @@ msgstr "" "Authentication Module (PAM)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1088 +#: sssd.conf.5.xml:1089 msgid "offline_credentials_expiration (integer)" msgstr "offline_credentials_expiration (entero)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1091 +#: sssd.conf.5.xml:1092 msgid "" "If the authentication provider is offline, how long should we allow cached " "logins (in days since the last successful online login)." @@ -1744,17 +1791,17 @@ msgstr "" "los accesos escondidos (en días desde el último login en línea con éxito)." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1096 sssd.conf.5.xml:1109 +#: sssd.conf.5.xml:1097 sssd.conf.5.xml:1110 msgid "Default: 0 (No limit)" msgstr "Predeterminado: 0 (Sin límite)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1102 +#: sssd.conf.5.xml:1103 msgid "offline_failed_login_attempts (integer)" msgstr "offline_failed_login_attempts (entero)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1105 +#: sssd.conf.5.xml:1106 msgid "" "If the authentication provider is offline, how many failed login attempts " "are allowed." @@ -1763,12 +1810,12 @@ msgstr "" "login fallados están permitidos." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1115 +#: sssd.conf.5.xml:1116 msgid "offline_failed_login_delay (integer)" msgstr "offline_failed_login_delay (entero)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1118 +#: sssd.conf.5.xml:1119 msgid "" "The time in minutes which has to pass after offline_failed_login_attempts " "has been reached before a new login attempt is possible." @@ -1778,7 +1825,7 @@ msgstr "" "intento de login sea posible." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1123 +#: sssd.conf.5.xml:1124 msgid "" "If set to 0 the user cannot authenticate offline if " "offline_failed_login_attempts has been reached. Only a successful online " @@ -1789,17 +1836,17 @@ msgstr "" "éxito puede habilitar otra vez la autenticación fuera de línea." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1129 sssd.conf.5.xml:1227 +#: sssd.conf.5.xml:1130 sssd.conf.5.xml:1228 msgid "Default: 5" msgstr "Predeterminado: 5" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1135 +#: sssd.conf.5.xml:1136 msgid "pam_verbosity (integer)" msgstr "pam_verbosity (entero)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1138 +#: sssd.conf.5.xml:1139 msgid "" "Controls what kind of messages are shown to the user during authentication. " "The higher the number to more messages are displayed." @@ -1808,107 +1855,115 @@ msgstr "" "autenticación. Cuanto mayor sea el número de mensajes más aparecen." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1143 +#: sssd.conf.5.xml:1144 msgid "Currently sssd supports the following values:" msgstr "Actualmente sssd soporta los siguientes valores:" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1146 +#: sssd.conf.5.xml:1147 msgid "<emphasis>0</emphasis>: do not show any message" msgstr "<emphasis>0</emphasis>: no mostrar ningún mensaje" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1149 +#: sssd.conf.5.xml:1150 msgid "<emphasis>1</emphasis>: show only important messages" msgstr "<emphasis>1</emphasis>: mostrar sólo mensajes importantes" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1153 +#: sssd.conf.5.xml:1154 msgid "<emphasis>2</emphasis>: show informational messages" msgstr "<emphasis>2</emphasis>: mostrar mensajes informativos" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1156 +#: sssd.conf.5.xml:1157 msgid "<emphasis>3</emphasis>: show all messages and debug information" msgstr "" "<emphasis>3</emphasis>: mostrar todos los mensajes e información de " "depuración" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1160 sssd.8.xml:63 +#: sssd.conf.5.xml:1161 sssd.8.xml:63 msgid "Default: 1" msgstr "Predeterminado: 1" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1166 +#: sssd.conf.5.xml:1167 msgid "pam_response_filter (integer)" -msgstr "" +msgstr "pam_response_filter (entero)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1169 +#: sssd.conf.5.xml:1170 msgid "" "A comma separated list of strings which allows to remove (filter) data sent " "by the PAM responder to pam_sss PAM module. There are different kind of " "responses sent to pam_sss e.g. messages displayed to the user or environment " "variables which should be set by pam_sss." msgstr "" +"Una lista separada por comas de cadenas que permiten borrar (filtrar) datos " +"enviados por el contestador PAM al modulo PAM pam_sss PAM. Hay diferentes " +"clases de respuestas enviadas a pam_sss e.g. mensajes mostrados al usuario o " +"variables de entorno que deberían ser fijadas por pam_sss." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1177 +#: sssd.conf.5.xml:1178 msgid "" "While messages already can be controlled with the help of the pam_verbosity " "option this option allows to filter out other kind of responses as well." msgstr "" +"Como los mensajes ya pueden ser controlados con la ayuda de la opción " +"pam_verbosity esta opción permite filtrar otra clase de respuestas también." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1184 +#: sssd.conf.5.xml:1185 msgid "ENV" -msgstr "" +msgstr "ENV" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1185 +#: sssd.conf.5.xml:1186 msgid "Do not send any environment variables to any service." -msgstr "" +msgstr "No envía ninguna variable de entorno a ningún servicio." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1188 +#: sssd.conf.5.xml:1189 msgid "ENV:var_name" -msgstr "" +msgstr "ENV:var_name" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1189 +#: sssd.conf.5.xml:1190 msgid "Do not send environment variable var_name to any service." -msgstr "" +msgstr "No envía la variable de entorno var_name a ningún servicio." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1193 +#: sssd.conf.5.xml:1194 msgid "ENV:var_name:service" -msgstr "" +msgstr "ENV:var_name:service" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1194 +#: sssd.conf.5.xml:1195 msgid "Do not send environment variable var_name to service." -msgstr "" +msgstr "No envía la variable de entorno var_name al servicio." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1182 +#: sssd.conf.5.xml:1183 msgid "" "Currently the following filters are supported: <placeholder type=" "\"variablelist\" id=\"0\"/>" msgstr "" +"Actualmente se soportan los siguientes filtros: <placeholder type=" +"\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1204 +#: sssd.conf.5.xml:1205 msgid "Example: ENV:KRB5CCNAME:sudo-i" -msgstr "" +msgstr "Ejemplo: ENV:KRB5CCNAME:sudo-i" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1210 +#: sssd.conf.5.xml:1211 msgid "pam_id_timeout (integer)" msgstr "pam_id_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1213 +#: sssd.conf.5.xml:1214 msgid "" "For any PAM request while SSSD is online, the SSSD will attempt to " "immediately update the cached identity information for the user in order to " @@ -1920,7 +1975,7 @@ msgstr "" "información más actual." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1219 +#: sssd.conf.5.xml:1220 msgid "" "A complete PAM conversation may perform multiple PAM requests, such as " "account management and session opening. This option controls (on a per-" @@ -1934,17 +1989,17 @@ msgstr "" "proveedor de identidad." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1233 +#: sssd.conf.5.xml:1234 msgid "pam_pwd_expiration_warning (integer)" msgstr "pam_pwd_expiration_warning (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1236 sssd.conf.5.xml:2235 +#: sssd.conf.5.xml:1237 sssd.conf.5.xml:2236 msgid "Display a warning N days before the password expires." msgstr "Mostrar una advertencia N días antes que la contraseña caduque." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1239 +#: sssd.conf.5.xml:1240 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -1955,7 +2010,7 @@ msgstr "" "información desaparece, sssd no podrá mostrar un aviso." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1245 sssd.conf.5.xml:2238 +#: sssd.conf.5.xml:1246 sssd.conf.5.xml:2239 msgid "" "If zero is set, then this filter is not applied, i.e. if the expiration " "warning was received from backend server, it will automatically be displayed." @@ -1965,7 +2020,7 @@ msgstr "" "automáticamente." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1250 +#: sssd.conf.5.xml:1251 msgid "" "This setting can be overridden by setting <emphasis>pwd_expiration_warning</" "emphasis> for a particular domain." @@ -1974,17 +2029,17 @@ msgstr "" "<emphasis>pwd_expiration_warning</emphasis> para un dominio concreto." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1255 sssd.conf.5.xml:3061 sssd.8.xml:79 +#: sssd.conf.5.xml:1256 sssd.conf.5.xml:3069 sssd.8.xml:79 msgid "Default: 0" msgstr "Predeterminado: 0" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1272 +#: sssd.conf.5.xml:1273 msgid "pam_trusted_users (string)" -msgstr "" +msgstr "pam_trusted_users (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1275 +#: sssd.conf.5.xml:1276 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to run PAM conversations against trusted domains. Users not " @@ -1992,205 +2047,234 @@ msgid "" "<quote>pam_public_domains</quote>. User names are resolved to UIDs at " "startup." msgstr "" +"Especifica la lista separada por comas de valores de UID o nombres de " +"usuarios que tienen permitidas conversaciones PAM contra dominios de " +"confianza. Los usuarios no incluidos en esta lista pueden solo acceder a " +"dominios marcadoscomo públicos con <quote>pam_public_domains</quote>. Los " +"nombres de usuarios se resuelven a UIDs en el arranque." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1285 +#: sssd.conf.5.xml:1286 msgid "Default: All users are considered trusted by default" -msgstr "" +msgstr "Por defecto: Todos los usuarios se consideran de confianza por defecto" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1289 +#: sssd.conf.5.xml:1290 msgid "" "Please note that UID 0 is always allowed to access the PAM responder even in " "case it is not in the pam_trusted_users list." msgstr "" +"Por favor advierta que la UID 0 siempre permite el acceso al contestador PAM " +"aunque no está en la la lista pam_trusted_users." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1296 +#: sssd.conf.5.xml:1297 msgid "pam_public_domains (string)" -msgstr "" +msgstr "pam_public_domains (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1299 +#: sssd.conf.5.xml:1300 msgid "" "Specifies the comma-separated list of domain names that are accessible even " "to untrusted users." msgstr "" +"Especifica la lista separada por comas de nombres de dominios que son " +"accesibles hasta para los usuarios en los que no se confíe." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1303 +#: sssd.conf.5.xml:1304 msgid "Two special values for pam_public_domains option are defined:" msgstr "" +"Hay definidos dos valores especiales para la opción pam_public_domains:" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1307 +#: sssd.conf.5.xml:1308 msgid "" "all (Untrusted users are allowed to access all domains in PAM responder.)" msgstr "" +"all (Los usuarios de no confianza están permitidos para acceder a todos los " +"dominios en el contestador PAM.)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1311 +#: sssd.conf.5.xml:1312 msgid "" "none (Untrusted users are not allowed to access any domains PAM in " "responder.)" msgstr "" +"none (Los usuarios de no confianza no tienen permitido acceder a los " +"dominios PAM en el contestador.)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1315 sssd.conf.5.xml:1340 sssd.conf.5.xml:1359 -#: sssd.conf.5.xml:1546 sssd.conf.5.xml:2032 sssd.conf.5.xml:2997 -#: sssd-ldap.5.xml:1920 +#: sssd.conf.5.xml:1316 sssd.conf.5.xml:1341 sssd.conf.5.xml:1360 +#: sssd.conf.5.xml:1547 sssd.conf.5.xml:2033 sssd.conf.5.xml:2998 +#: sssd-ldap.5.xml:1978 msgid "Default: none" msgstr "Predeterminado: none" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1320 +#: sssd.conf.5.xml:1321 msgid "pam_account_expired_message (string)" -msgstr "" +msgstr "pam_account_expired_message (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1323 +#: sssd.conf.5.xml:1324 msgid "" "Allows a custom expiration message to be set, replacing the default " "'Permission denied' message." msgstr "" +"Permite configurar un mensaje de expiración personalizado, reemplazando el " +"mensaje predeterminado 'Permiso denegado'." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1328 +#: sssd.conf.5.xml:1329 msgid "" "Note: Please be aware that message is only printed for the SSH service " "unless pam_verbosity is set to 3 (show all messages and debug information)." msgstr "" +"Nota: Por favor tenga cuidado que este mensaje solo se imprime por el " +"servicio SSH a no ser que pam_verbosity esté fijado a 3 (mostrar todos los " +"mensajes e información de depuración)." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1336 +#: sssd.conf.5.xml:1337 #, no-wrap msgid "" "pam_account_expired_message = Account expired, please contact help desk.\n" " " msgstr "" +"pam_account_expired_message = Cuenta expirada, por favor contacte con la mesa de ayuda.\n" +" " #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1345 +#: sssd.conf.5.xml:1346 msgid "pam_account_locked_message (string)" -msgstr "" +msgstr "pam_account_locked_message (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1348 +#: sssd.conf.5.xml:1349 msgid "" "Allows a custom lockout message to be set, replacing the default 'Permission " "denied' message." msgstr "" +"Permite fijar un mensaje de bloqueo personalizado, reemplazando el mensaje " +"por defecto 'Permiso denegado'." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1355 +#: sssd.conf.5.xml:1356 #, no-wrap msgid "" "pam_account_locked_message = Account locked, please contact help desk.\n" " " msgstr "" +"pam_account_locked_message = Cuenta bloqueada, por favor contacte con la mesa de ayuda.\n" +" " #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1364 +#: sssd.conf.5.xml:1365 msgid "pam_cert_auth (bool)" -msgstr "" +msgstr "pam_cert_auth (booleano)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1367 +#: sssd.conf.5.xml:1368 msgid "" "Enable certificate based Smartcard authentication. Since this requires " "additional communication with the Smartcard which will delay the " "authentication process this option is disabled by default." msgstr "" +"Habilita un certificado en base a la autenticación Smartcard. Como esto " +"requiere comunicación adicional con la Smartcard lo que dilatará el proceso " +"de autenticación esta opción está deshabilitada por defecto." #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1373 sssd.conf.5.xml:3090 sssd-ldap.5.xml:1455 -#: sssd-ldap.5.xml:1476 sssd-ldap.5.xml:1993 sssd-ad.5.xml:435 +#: sssd.conf.5.xml:1374 sssd-ldap.5.xml:1493 sssd-ldap.5.xml:1514 +#: sssd-ldap.5.xml:2051 sssd-ad.5.xml:435 sssd-ad.5.xml:453 #: include/ldap_id_mapping.xml:244 msgid "Default: False" msgstr "Por defecto: False" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1378 +#: sssd.conf.5.xml:1379 msgid "pam_cert_db_path (string)" -msgstr "" +msgstr "pam_cert_db_path (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1381 +#: sssd.conf.5.xml:1382 msgid "" "The path to the certificate database which contain the PKCS#11 modules to " "access the Smartcard." msgstr "" +"La ruta a la base de datos de certificado que contiene los módulos PKCS#11 " +"para acceder a la Smartcard." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1385 sssd.conf.5.xml:1691 sssd.conf.5.xml:3441 +#: sssd.conf.5.xml:1386 sssd.conf.5.xml:1692 sssd.conf.5.xml:3509 msgid "Default:" -msgstr "" +msgstr "Predeterminado:" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1387 sssd.conf.5.xml:1693 +#: sssd.conf.5.xml:1388 sssd.conf.5.xml:1694 msgid "/etc/pki/nssdb (NSS version, path to a NSS database)" -msgstr "" +msgstr "/etc/pki/nssdb (versión NSS, ruta a la base de datos NSS)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1390 sssd.conf.5.xml:1696 +#: sssd.conf.5.xml:1391 sssd.conf.5.xml:1697 msgid "" "/etc/sssd/pki/sssd_auth_ca_db.pem (OpenSSL version, path to a file with " "trusted CA certificates in PEM format)" msgstr "" +"/etc/sssd/pki/sssd_auth_ca_db.pem (Versión de OpenSSL, ruta a un fichero con " +"certificados CA de confianza en formato PEM)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1405 +#: sssd.conf.5.xml:1406 msgid "p11_child_timeout (integer)" -msgstr "" +msgstr "p11_child_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1408 +#: sssd.conf.5.xml:1409 msgid "How many seconds will pam_sss wait for p11_child to finish." -msgstr "" +msgstr "Cuantos segundos esperará pam_sss wait para que p11_child finalice." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1417 +#: sssd.conf.5.xml:1418 msgid "pam_app_services (string)" -msgstr "" +msgstr "pam_app_services (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1420 +#: sssd.conf.5.xml:1421 msgid "" "Which PAM services are permitted to contact domains of type " "<quote>application</quote>" msgstr "" +"Cuales son los servicios PAM que tiene permitido contactar con dominios del " +"tipo <quote>application</quote>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1429 -#, fuzzy -#| msgid "ldap_page_size (integer)" +#: sssd.conf.5.xml:1430 msgid "pam_p11_allowed_services (integer)" -msgstr "ldap_page_size (entero)" +msgstr "pam_p11_allowed_services (entero)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1432 -#, fuzzy -#| msgid "Comma separated list of users who are allowed to log in." +#: sssd.conf.5.xml:1433 msgid "" "A comma-separated list of PAM service names for which it will be allowed to " "use Smartcards." -msgstr "Lista separada por comas de usuarios a los está permitido el acceso." +msgstr "" +"Una lista separada por comas de nombres de servicios PAM a los que les será " +"permitidos usar Smartcards." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1447 -#, fuzzy, no-wrap -#| msgid "" -#| "fallback_homedir = /home/%u\n" -#| " " +#: sssd.conf.5.xml:1448 +#, no-wrap msgid "" "pam_p11_allowed_services = +my_pam_service, -login\n" " " msgstr "" -"fallback_homedir = /home/%u\n" +"pam_p11_allowed_services = +my_pam_service, -login\n" " " #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1436 +#: sssd.conf.5.xml:1437 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -2200,123 +2284,155 @@ msgid "" "<quote>my_pam_service</quote>), you would use the following configuration: " "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" +"Es posible añadir otro nombre de servicio PAM al conjunto predeterminado " +"usando <quote>+service_name</quote> o quitar explícitamente nombre de " +"servicio PAM de los predeterminados usando <quote>-service_name</quote>. Por " +"ejemplo, con el objetivo de reemplazar un nombre de servicio PAM por " +"autenticación con Smartcards (e.g. <quote>login</quote>) con un nombre de " +"servicio PAM personalizado (e.g. <quote>my_pam_service</quote>), debería " +"usar la siguiente configuración: <placeholder type=\"programlisting\" id=" +"\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1451 sssd-ad.5.xml:485 sssd-ad.5.xml:581 sssd-ad.5.xml:627 -#: sssd-ad.5.xml:673 sssd-ad.5.xml:739 +#: sssd.conf.5.xml:1452 sssd-ad.5.xml:504 sssd-ad.5.xml:600 sssd-ad.5.xml:646 +#: sssd-ad.5.xml:692 sssd-ad.5.xml:758 msgid "Default: the default set of PAM service names includes:" msgstr "" +"Predeterminado: el conjunto predeterminado de nombres de servicio PAM " +"incluye:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1456 sssd-ad.5.xml:489 +#: sssd.conf.5.xml:1457 sssd-ad.5.xml:508 msgid "login" -msgstr "" +msgstr "login" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1461 sssd-ad.5.xml:494 +#: sssd.conf.5.xml:1462 sssd-ad.5.xml:513 msgid "su" -msgstr "" +msgstr "su" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1466 sssd-ad.5.xml:499 +#: sssd.conf.5.xml:1467 sssd-ad.5.xml:518 msgid "su-l" -msgstr "" +msgstr "su-l" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1471 sssd-ad.5.xml:514 +#: sssd.conf.5.xml:1472 sssd-ad.5.xml:533 msgid "gdm-smartcard" -msgstr "" +msgstr "gdm-smartcard" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1476 sssd-ad.5.xml:509 +#: sssd.conf.5.xml:1477 sssd-ad.5.xml:528 msgid "gdm-password" -msgstr "" +msgstr "gdm-password" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1481 sssd-ad.5.xml:519 +#: sssd.conf.5.xml:1482 sssd-ad.5.xml:538 msgid "kdm" -msgstr "" +msgstr "kdm" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1486 sssd-ad.5.xml:748 +#: sssd.conf.5.xml:1487 sssd-ad.5.xml:767 msgid "sudo" -msgstr "" +msgstr "sudo" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1491 sssd-ad.5.xml:753 +#: sssd.conf.5.xml:1492 sssd-ad.5.xml:772 msgid "sudo-i" -msgstr "" +msgstr "sudo-i" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1496 +#: sssd.conf.5.xml:1497 msgid "gnome-screensaver" -msgstr "" +msgstr "gnome-screensaver" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1504 -#, fuzzy -#| msgid "pam_id_timeout (integer)" +#: sssd.conf.5.xml:1505 msgid "p11_wait_for_card_timeout (integer)" -msgstr "pam_id_timeout (entero)" +msgstr "p11_wait_for_card_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1507 +#: sssd.conf.5.xml:1508 msgid "" "If Smartcard authentication is required how many extra seconds in addition " "to p11_child_timeout should the PAM responder wait until a Smartcard is " "inserted." msgstr "" +"Si se requiere la autenticación con Smartcard cuantos segundos extras se " +"añaden a p11_child_timeout para que el contestador PAM espera hasta que se " +"inserte la Smartcard." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1518 -#, fuzzy -#| msgid "user (string)" +#: sssd.conf.5.xml:1519 msgid "p11_uri (string)" -msgstr "usuario (cadena)" +msgstr "p11_uri (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1521 +#: sssd.conf.5.xml:1522 +#, fuzzy +#| msgid "" +#| "PKCS#11 URI (see RFC-7512 for details) which can be used to restrict the " +#| "selection of devices used for Smartcard authentication. By default SSSD's " +#| "p11_child will search for a PKCS#11 slot (reader) where the 'removable' " +#| "flags is set and read the certificates from the inserted token from the " +#| "first slot found. If multiple readers are connected p11_uri can be use to " +#| "tell p11_child to use a specific reader." msgid "" "PKCS#11 URI (see RFC-7512 for details) which can be used to restrict the " "selection of devices used for Smartcard authentication. By default SSSD's " "p11_child will search for a PKCS#11 slot (reader) where the 'removable' " "flags is set and read the certificates from the inserted token from the " -"first slot found. If multiple readers are connected p11_uri can be use to " +"first slot found. If multiple readers are connected p11_uri can be used to " "tell p11_child to use a specific reader." msgstr "" +"PKCS#11 URI (vea RFC-7512 para más detalles) que pueden ser usados para " +"restringir la selección de dispositivos que se utilizan para la " +"autenticación Smartcard. Por defecto p11_child de SSSD buscará un espacio " +"PKCS#11 (lector) donde las banderas 'removable' estén fijadas y lee los " +"certificados desde la ficha insertada en el primer espacio encontrado. Si " +"hay múltiples lectores conectados p11_uri se puede usar para decirle a " +"p11_child que use un lector específico." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1534 +#: sssd.conf.5.xml:1535 #, no-wrap msgid "" "p11_uri = slot-description=My%20Smartcar%20Reader\n" " " msgstr "" +"p11_uri = slot-description=My%20Smartcar%20Reader\n" +" " #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1538 +#: sssd.conf.5.xml:1539 #, no-wrap msgid "" "p11_uri = library-description=OpenSC%20smartcard%20framework;slot-id=2\n" " " msgstr "" +"p11_uri = library-description=OpenSC%20smartcard%20framework;slot-id=2\n" +" " #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1532 +#: sssd.conf.5.xml:1533 msgid "" "Example: <placeholder type=\"programlisting\" id=\"0\"/> or <placeholder " "type=\"programlisting\" id=\"1\"/> To find suitable URI please check the " "debug output of p11_child. As an alternative the GnuTLS utility 'p11tool' " "with e.g. the '--list-all' will show PKCS#11 URIs as well." msgstr "" +"Ejemplo: <placeholder type=\"programlisting\" id=\"0\"/> o <placeholder type=" +"\"programlisting\" id=\"1\"/> Para encontrar la URI adecuada compruebe por " +"favor la salida de depuración de p11_child. Como alternativa la utilidad " +"GnuTLS 'p11tool' con e.g. '--list-all' mostrará PKCS#11 URIs también." #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1554 +#: sssd.conf.5.xml:1555 msgid "SUDO configuration options" msgstr "SUDO opciones de configuración" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1556 +#: sssd.conf.5.xml:1557 msgid "" "These options can be used to configure the sudo service. The detailed " "instructions for configuration of <citerefentry> <refentrytitle>sudo</" @@ -2325,14 +2441,21 @@ msgid "" "</citerefentry> are in the manual page <citerefentry> <refentrytitle>sssd-" "sudo</refentrytitle> <manvolnum>5</manvolnum> </citerefentry>." msgstr "" +"Se pueden usar estas opciones para configurar el servicio sudo. Las " +"instrucciones detalladas para la configuración de <citerefentry> " +"<refentrytitle>sudo</refentrytitle> <manvolnum>8</manvolnum> </citerefentry> " +"para trabajar con <citerefentry> <refentrytitle>sssd</refentrytitle> " +"<manvolnum>8</manvolnum> </citerefentry> están en la página de manual " +"<citerefentry> <refentrytitle>sssd-sudo</refentrytitle> <manvolnum>5</" +"manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1573 +#: sssd.conf.5.xml:1574 msgid "sudo_timed (bool)" msgstr "sudo_timed (booleano)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1576 +#: sssd.conf.5.xml:1577 msgid "" "Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " "that implement time-dependent sudoers entries." @@ -2341,12 +2464,12 @@ msgstr "" "entradas de sudoers dependientes del tiempo." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1588 +#: sssd.conf.5.xml:1589 msgid "sudo_threshold (integer)" -msgstr "" +msgstr "sudo_threshold (entero)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1591 +#: sssd.conf.5.xml:1592 msgid "" "Maximum number of expired rules that can be refreshed at once. If number of " "expired rules is below threshold, those rules are refreshed with " @@ -2354,24 +2477,30 @@ msgid "" "<quote>full refresh</quote> of sudo rules is triggered instead. This " "threshold number also applies to IPA sudo command and command group searches." msgstr "" +"Número máxio de reflas expiradas que pueden ser refrescadas a la vez. Si el " +"número de reglas expiradas está por debajo del umbral son refrescadas con el " +"mecanismo <quote>refrescar reglas</quote> mechanism. SI se supera el umbral " +"un <quote>refresco total</quote> de reglas sudo se dispara en su lugar. Este " +"umbral también se aplica al comando IPA sudo y a las búsquedas de grupo de " +"comando." #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1610 +#: sssd.conf.5.xml:1611 msgid "AUTOFS configuration options" msgstr "Opciones de configuración AUTOFS" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1612 +#: sssd.conf.5.xml:1613 msgid "These options can be used to configure the autofs service." msgstr "Estas opciones pueden ser usadas para configurar el servicio autofs." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1616 +#: sssd.conf.5.xml:1617 msgid "autofs_negative_timeout (integer)" msgstr "autofs_negative_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1619 +#: sssd.conf.5.xml:1620 msgid "" "Specifies for how many seconds should the autofs responder negative cache " "hits (that is, queries for invalid map entries, like nonexistent ones) " @@ -2382,22 +2511,22 @@ msgstr "" "existentes) antes de preguntar al punto final otra vez." #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1635 +#: sssd.conf.5.xml:1636 msgid "SSH configuration options" msgstr "Opciones de configuración SSH" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1637 +#: sssd.conf.5.xml:1638 msgid "These options can be used to configure the SSH service." msgstr "Estas opciones se pueden usar para configurar el servicio SSH." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1641 +#: sssd.conf.5.xml:1642 msgid "ssh_hash_known_hosts (bool)" msgstr "ssh_hash_known_hosts (booleano)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1644 +#: sssd.conf.5.xml:1645 msgid "" "Whether or not to hash host names and addresses in the managed known_hosts " "file." @@ -2406,12 +2535,12 @@ msgstr "" "known_host. " #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1653 +#: sssd.conf.5.xml:1654 msgid "ssh_known_hosts_timeout (integer)" msgstr "ssh_known_hosts_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1656 +#: sssd.conf.5.xml:1657 msgid "" "How many seconds to keep a host in the managed known_hosts file after its " "host keys were requested." @@ -2420,43 +2549,51 @@ msgstr "" "después de que se hayan pedido sus claves de host." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1660 +#: sssd.conf.5.xml:1661 msgid "Default: 180" msgstr "Por defecto: 180" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1665 +#: sssd.conf.5.xml:1666 msgid "ssh_use_certificate_keys (bool)" -msgstr "" +msgstr "ssh_use_certificate_keys (booleano)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1668 +#: sssd.conf.5.xml:1669 msgid "" "If set to true the <command>sss_ssh_authorizedkeys</command> will return ssh " "keys derived from the public key of X.509 certificates stored in the user " "entry as well. See <citerefentry> <refentrytitle>sss_ssh_authorizedkeys</" "refentrytitle> <manvolnum>1</manvolnum> </citerefentry> for details." msgstr "" +"Si se ajusta a true <command>sss_ssh_authorizedkeys</command> devolverá " +"claves ssh derivadas de la clave pública de los certificados X.509 " +"almacenados en la entrada de usuario también. Vea detalles en <citerefentry> " +"<refentrytitle>sss_ssh_authorizedkeys</refentrytitle> <manvolnum>1</" +"manvolnum> </citerefentry> for details." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1683 +#: sssd.conf.5.xml:1684 msgid "ca_db (string)" -msgstr "" +msgstr "ca_db (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1686 +#: sssd.conf.5.xml:1687 msgid "" "Path to a storage of trusted CA certificates. The option is used to validate " "user certificates before deriving public ssh keys from them." msgstr "" +"Ruta al almacenamiento de certificados CA de confianza. Esta opción se usa " +"para validar los certificados de usuario antes de derivar las claves " +"públicas ssh de ellos." #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1714 +#: sssd.conf.5.xml:1715 msgid "PAC responder configuration options" msgstr "Opciones de configuración del respondedor PAC" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1716 +#: sssd.conf.5.xml:1717 msgid "" "The PAC responder works together with the authorization data plugin for MIT " "Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the " @@ -2465,9 +2602,16 @@ msgid "" "joined to and of remote trusted domains from the local domain controller. If " "the PAC is decoded and evaluated some of the following operations are done:" msgstr "" +"El contestador PAC trabaja junto con el plugin de autorización de datos para " +"MIT Kerberos sssd_pac_plugin.so y un proveedor de sub dominios. El plugin " +"envía los datos PAC durante la autenticación GSSAPI al contestador PAC. El " +"proveedor de sub dominio recoge el SID de dominio y los rangos de ID del " +"dominio al que el cliente se ha unido y de los dominios remotos de confianza " +"desde el controlador local de dominio. Si el PAC es decodificado y evaluado " +"se hacen algunas de las siguientes operaciones:" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1725 +#: sssd.conf.5.xml:1726 msgid "" "If the remote user does not exist in the cache, it is created. The UID is " "determined with the help of the SID, trusted domains will have UPGs and the " @@ -2476,26 +2620,33 @@ msgid "" "the system defaults are used, but can be overwritten with the default_shell " "parameter." msgstr "" +"Si el usuario remoto no existe en la cache, se crea. Se determina la UID con " +"la ayuda del SID, los dominios de confianza tendrán UPGs y el GID tendrá el " +"mismo valor que la UID. El directorio home se ajusta en base al parámetro " +"subdomain_homedir. La shell estará vacía por defecto, i.e. se usa el sistema " +"predeterminado, pero se puede sustituir con el parámetro default_shell." #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1733 +#: sssd.conf.5.xml:1734 msgid "" "If there are SIDs of groups from domains sssd knows about, the user will be " "added to those groups." msgstr "" +"Si se conocen los SIDs de los grupos de los dominios, se añadirá el usuario " +"a esos grupos." #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1739 +#: sssd.conf.5.xml:1740 msgid "These options can be used to configure the PAC responder." msgstr "Estas opciones pueden ser usadas para configurar el respondedor PAC." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1743 sssd-ifp.5.xml:50 +#: sssd.conf.5.xml:1744 sssd-ifp.5.xml:50 msgid "allowed_uids (string)" msgstr "allowed_uids (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1746 +#: sssd.conf.5.xml:1747 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to access the PAC responder. User names are resolved to UIDs at " @@ -2505,14 +2656,14 @@ msgstr "" "usuario que tiene el acceso permitido al respondedor PAC." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1752 +#: sssd.conf.5.xml:1753 msgid "Default: 0 (only the root user is allowed to access the PAC responder)" msgstr "" "Por defecto: 0 (sólo el usuario root tiene permitido el acceso al " "respondedor PAC)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1756 +#: sssd.conf.5.xml:1757 msgid "" "Please note that although the UID 0 is used as the default it will be " "overwritten with this option. If you still want to allow the root user to " @@ -2525,24 +2676,27 @@ msgstr "" "lista de UIDs permitidas también." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1765 +#: sssd.conf.5.xml:1766 msgid "pac_lifetime (integer)" -msgstr "" +msgstr "pac_lifetime (entero)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1768 +#: sssd.conf.5.xml:1769 msgid "" "Lifetime of the PAC entry in seconds. As long as the PAC is valid the PAC " "data can be used to determine the group memberships of a user." msgstr "" +"Tiempo de vida de la entrada PAC en segundos. Tanto como la PAC es válida " +"los datos PAC pueden ser usados para determinar la membresia de grupo de un " +"usuario." #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1781 +#: sssd.conf.5.xml:1782 msgid "Session recording configuration options" -msgstr "" +msgstr "Opciones de configuración de la grabación de sesión" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1783 +#: sssd.conf.5.xml:1784 msgid "" "Session recording works in conjunction with <citerefentry> " "<refentrytitle>tlog-rec-session</refentrytitle> <manvolnum>8</manvolnum> </" @@ -2550,166 +2704,202 @@ msgid "" "they log in on a text terminal. See also <citerefentry> <refentrytitle>sssd-" "session-recording</refentrytitle> <manvolnum>5</manvolnum> </citerefentry>." msgstr "" +"Trabajos de grabación de sesión en conjunto con <citerefentry> " +"<refentrytitle>tlog-rec-session</refentrytitle> <manvolnum>8</manvolnum> </" +"citerefentry>, una parte del paquete tlog, para registrar lo que los " +"usuarios ven y el tipo cuando ellos lo registran en un terminal de texto. " +"Vea también <citerefentry> <refentrytitle>sssd-session-recording</" +"refentrytitle> <manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1796 +#: sssd.conf.5.xml:1797 msgid "These options can be used to configure session recording." -msgstr "" +msgstr "Se pueden usar estas opciones para configurar la grabación de sesión." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1800 sssd-session-recording.5.xml:64 +#: sssd.conf.5.xml:1801 sssd-session-recording.5.xml:64 msgid "scope (string)" -msgstr "" +msgstr "scope (cadena)" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1807 sssd-session-recording.5.xml:71 +#: sssd.conf.5.xml:1808 sssd-session-recording.5.xml:71 msgid "\"none\"" -msgstr "" +msgstr "\"none\"" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1810 sssd-session-recording.5.xml:74 +#: sssd.conf.5.xml:1811 sssd-session-recording.5.xml:74 msgid "No users are recorded." -msgstr "" +msgstr "NO se grabaron usuarios." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1815 sssd-session-recording.5.xml:79 +#: sssd.conf.5.xml:1816 sssd-session-recording.5.xml:79 msgid "\"some\"" -msgstr "" +msgstr "\"some\"" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1818 sssd-session-recording.5.xml:82 +#: sssd.conf.5.xml:1819 sssd-session-recording.5.xml:82 msgid "" "Users/groups specified by <replaceable>users</replaceable> and " "<replaceable>groups</replaceable> options are recorded." msgstr "" +"Usuarios/grupos especificados por las opciones <replaceable>users</" +"replaceable> y<replaceable>groups</replaceable> son grabados." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1827 sssd-session-recording.5.xml:91 +#: sssd.conf.5.xml:1828 sssd-session-recording.5.xml:91 msgid "\"all\"" -msgstr "" +msgstr "\"all\"" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1830 sssd-session-recording.5.xml:94 +#: sssd.conf.5.xml:1831 sssd-session-recording.5.xml:94 msgid "All users are recorded." -msgstr "" +msgstr "Se graban todos los usuarios." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1803 sssd-session-recording.5.xml:67 +#: sssd.conf.5.xml:1804 sssd-session-recording.5.xml:67 msgid "" "One of the following strings specifying the scope of session recording: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" +"Una de las siguientes cadena especifica el alcande de la sesión de " +"grabación: <placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1837 sssd-session-recording.5.xml:101 +#: sssd.conf.5.xml:1838 sssd-session-recording.5.xml:101 msgid "Default: \"none\"" -msgstr "" +msgstr "Predeterminado: \"none\"" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1842 sssd-session-recording.5.xml:106 +#: sssd.conf.5.xml:1843 sssd-session-recording.5.xml:106 msgid "users (string)" -msgstr "" +msgstr "users (cadena)" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1845 sssd-session-recording.5.xml:109 +#: sssd.conf.5.xml:1846 sssd-session-recording.5.xml:109 msgid "" "A comma-separated list of users which should have session recording enabled. " "Matches user names as returned by NSS. I.e. after the possible space " "replacement, case changes, etc." msgstr "" +"Una lista separada por comas de usuarios que deberían tener la grabación de " +"sesión habilitada. Coincide con los nombres de usuario que son devueltos por " +"NSS. I.e. después de las posibles sustituciones de espacios, cambios de " +"mayúsculas/minúsculas, etc." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1851 sssd-session-recording.5.xml:115 +#: sssd.conf.5.xml:1852 sssd-session-recording.5.xml:115 msgid "Default: Empty. Matches no users." -msgstr "" +msgstr "Predeterminado: Vacío. No hay usuarios coincidentes." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1856 sssd-session-recording.5.xml:120 +#: sssd.conf.5.xml:1857 sssd-session-recording.5.xml:120 msgid "groups (string)" -msgstr "" +msgstr "groups (cadena)" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1859 sssd-session-recording.5.xml:123 +#: sssd.conf.5.xml:1860 sssd-session-recording.5.xml:123 msgid "" "A comma-separated list of groups, members of which should have session " "recording enabled. Matches group names as returned by NSS. I.e. after the " "possible space replacement, case changes, etc." msgstr "" +"Una lista separada por comas de grupos, cuyos miembros tendrían habilitado " +"la grabación de sesión. Coincide con los nombres de grupo devueltos por NSS. " +"I.e. después de los posibles cambios de espacio, cambios de mayúsculas/" +"minúsculas, etc." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1865 sssd-session-recording.5.xml:129 +#: sssd.conf.5.xml:1866 sssd-session-recording.5.xml:129 msgid "" "NOTE: using this option (having it set to anything) has a considerable " "performance cost, because each uncached request for a user requires " "retrieving and matching the groups the user is member of." msgstr "" +"AVISO: el uso de esta opción (teniéndolo ajustado a cualquiera) tiene un " +"costo considerable de rendimiento, puesto que cada petición sin caché para " +"un usuario requiere a recuperación y el emparejado de los grupos a los que " +"pertenece el usuario." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1872 sssd-session-recording.5.xml:136 +#: sssd.conf.5.xml:1873 sssd-session-recording.5.xml:136 msgid "Default: Empty. Matches no groups." -msgstr "" +msgstr "Predeterminado: Vacío. No empareja grupos." #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1882 +#: sssd.conf.5.xml:1883 msgid "DOMAIN SECTIONS" msgstr "SECCIONES DE DOMINIO" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1889 +#: sssd.conf.5.xml:1890 msgid "domain_type (string)" -msgstr "" +msgstr "domain_type (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1892 +#: sssd.conf.5.xml:1893 msgid "" "Specifies whether the domain is meant to be used by POSIX-aware clients such " "as the Name Service Switch or by applications that do not need POSIX data to " "be present or generated. Only objects from POSIX domains are available to " "the operating system interfaces and utilities." msgstr "" +"Especifica si el dominio está destinado a ser usado por clientes atentos a " +"POSIX como Name Service Switch o por aplicaciones que no necesitan datos " +"POSIX presentes o generados. Solo los objetos de dominios POSIX están " +"disponibles para las interfaces y utilidades de sistema operativo." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1900 +#: sssd.conf.5.xml:1901 msgid "" "Allowed values for this option are <quote>posix</quote> and " "<quote>application</quote>." msgstr "" +"Los valores permitidos para esta opción son <quote>posix</quote> y " +"<quote>application</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1904 +#: sssd.conf.5.xml:1905 msgid "" "POSIX domains are reachable by all services. Application domains are only " "reachable from the InfoPipe responder (see <citerefentry> " "<refentrytitle>sssd-ifp</refentrytitle> <manvolnum>5</manvolnum> </" "citerefentry>) and the PAM responder." msgstr "" +"Los dominios POSIX son alcanzables por todos los servicios. Los dominios " +"aplicación son solo alcanzables desde el contestador InfoPipe (vea " +"<citerefentry> <refentrytitle>sssd-ifp</refentrytitle> <manvolnum>5</" +"manvolnum> </citerefentry>) y el contestador PAM." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1912 +#: sssd.conf.5.xml:1913 msgid "" "NOTE: The application domains are currently well tested with " "<quote>id_provider=ldap</quote> only." msgstr "" +"AVISO: LOs dominios aplicación actualmente están bien probados solamente con " +"<quote>id_provider=ldap</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1916 +#: sssd.conf.5.xml:1917 msgid "" "For an easy way to configure a non-POSIX domains, please see the " "<quote>Application domains</quote> section." msgstr "" +"Para una manera fácil de configurar dominios no POSIX, vea la sección " +"<quote>Dominios aplicación</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1920 +#: sssd.conf.5.xml:1921 msgid "Default: posix" -msgstr "" +msgstr "Predeterminado: posix" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1926 +#: sssd.conf.5.xml:1927 msgid "min_id,max_id (integer)" msgstr "min_id, max_id (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1929 +#: sssd.conf.5.xml:1930 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." @@ -2718,7 +2908,7 @@ msgstr "" "está fuera de estos límites, ésta es ignorada." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1934 +#: sssd.conf.5.xml:1935 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For non-" @@ -2731,55 +2921,63 @@ msgstr "" "reportados como en espera." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1941 +#: sssd.conf.5.xml:1942 msgid "" "These ID limits affect even saving entries to cache, not only returning them " "by name or ID." msgstr "" +"Estos límites de ID afectan aunque se guarden entrada en la caché, no solo " +"devolviéndolas por nombre o ID." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1945 +#: sssd.conf.5.xml:1946 msgid "Default: 1 for min_id, 0 (no limit) for max_id" msgstr "Predeterminado: 1 para min_id, 0 (sin límite) para max_id" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1951 +#: sssd.conf.5.xml:1952 msgid "enumerate (bool)" msgstr "enumerar (bool)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1954 +#: sssd.conf.5.xml:1955 msgid "" "Determines if a domain can be enumerated, that is, whether the domain can " "list all the users and group it contains. Note that it is not required to " "enable enumeration in order for secondary groups to be displayed. This " "parameter can have one of the following values:" msgstr "" +"Determina si un dominio puede ser enumerado, esto es, si el dominio puede " +"listar tods los usuarios y grupos que contiene. Advierta que no requiere " +"habilitar la enumeración con el objetivo de visualizar grupos secundarios. " +"Este parámetros puede tener uno de los siguientes valores:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1962 +#: sssd.conf.5.xml:1963 msgid "TRUE = Users and groups are enumerated" msgstr "TRUE = Usuarios y grupos son enumerados" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1965 +#: sssd.conf.5.xml:1966 msgid "FALSE = No enumerations for this domain" msgstr "FALSE = Sin enumeraciones para este dominio" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1968 sssd.conf.5.xml:2190 sssd.conf.5.xml:2365 +#: sssd.conf.5.xml:1969 sssd.conf.5.xml:2191 sssd.conf.5.xml:2366 msgid "Default: FALSE" msgstr "Predeterminado: FALSE" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1971 +#: sssd.conf.5.xml:1972 msgid "" "Enumerating a domain requires SSSD to download and store ALL user and group " "entries from the remote server." msgstr "" +"Enumerar un dominio requiere que SSSD descargue y almacene TODAS las " +"entradas de usuario y grupo del servidor remoto." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1976 +#: sssd.conf.5.xml:1977 msgid "" "Note: Enabling enumeration has a moderate performance impact on SSSD while " "enumeration is running. It may take up to several minutes after SSSD startup " @@ -2791,9 +2989,19 @@ msgid "" "quote> process becoming unresponsive or even restarted by the internal " "watchdog." msgstr "" +"Aviso: Habilitar la enumeración tiene un impacto moderado en el rendimiento " +"sobre SSSD mientras está corriendo la enumeración. Puede llevar varios " +"minutos después de que SSSD inicie una enumeración completa total. Durante " +"este tiempo, las peticiones individuales de información irán directamente a " +"LDAP, piense que puede ser lento, debido al pesado procesamiento de la " +"enumeración. El guardar gran número de entradas en la caché después de una " +"enumeración completa puede ser también intensiva para la CPU puesto que la " +"membresía debe ser vuelta a computar. Esto puede llevar a que el proceso " +"<quote>sssd_be</quote> no responda o que sea reiniciado por el perro " +"guardián interno." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1991 +#: sssd.conf.5.xml:1992 msgid "" "While the first enumeration is running, requests for the complete user or " "group lists may return no results until it completes." @@ -2803,7 +3011,7 @@ msgstr "" "completen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1996 +#: sssd.conf.5.xml:1997 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " @@ -2817,7 +3025,7 @@ msgstr "" "específico id_provider en uso." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2004 +#: sssd.conf.5.xml:2005 msgid "" "For the reasons cited above, enabling enumeration is not recommended, " "especially in large environments." @@ -2826,46 +3034,50 @@ msgstr "" "especialmente en entornos grandes." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2012 +#: sssd.conf.5.xml:2013 msgid "subdomain_enumerate (string)" -msgstr "" +msgstr "subdomain_enumerate (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2019 +#: sssd.conf.5.xml:2020 msgid "all" -msgstr "" +msgstr "all" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2020 +#: sssd.conf.5.xml:2021 msgid "All discovered trusted domains will be enumerated" -msgstr "" +msgstr "Se enumerarán todos los dominios de confianza descubiertos" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2023 +#: sssd.conf.5.xml:2024 msgid "none" -msgstr "" +msgstr "none" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2024 +#: sssd.conf.5.xml:2025 msgid "No discovered trusted domains will be enumerated" -msgstr "" +msgstr "No serán enumerados dominios de confianza descubiertos" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2015 +#: sssd.conf.5.xml:2016 msgid "" "Whether any of autodetected trusted domains should be enumerated. The " "supported values are: <placeholder type=\"variablelist\" id=\"0\"/> " "Optionally, a list of one or more domain names can enable enumeration just " "for these trusted domains." msgstr "" +"Si se debe enumerar alguno de los dominios de confianza autodetectados. Los " +"valores soportados son: <placeholder type=\"variablelist\" id=\"0\"/> " +"Opcionalmente, una lista de uno o más nombres de dominio puede habilitar la " +"enumeración solo para estos dominios de confianza." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2038 +#: sssd.conf.5.xml:2039 msgid "entry_cache_timeout (integer)" msgstr "entry_cache_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2041 +#: sssd.conf.5.xml:2042 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" @@ -2874,7 +3086,7 @@ msgstr "" "volver a consultar al backend" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2045 +#: sssd.conf.5.xml:2046 msgid "" "The cache expiration timestamps are stored as attributes of individual " "objects in the cache. Therefore, changing the cache timeout only has effect " @@ -2883,19 +3095,26 @@ msgid "" "citerefentry> tool in order to force refresh of entries that have already " "been cached." msgstr "" +"Los sellos de tiempo de expiración de caché son almacenados somo atributos " +"de los objetos individuales en caché. Por lo tanto, el cambio del tiempo de " +"expiración de la caché solo tendrá efecto para las entradas más nuevas o " +"expiradas. Debería ejecutar la herramienta <citerefentry> " +"<refentrytitle>sss_cache</refentrytitle> <manvolnum>8</manvolnum> </" +"citerefentry> con el objetivo de forzar el refresco de las entradas que ya " +"están en la caché." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2058 +#: sssd.conf.5.xml:2059 msgid "Default: 5400" msgstr "Predeterminado: 5400" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2064 +#: sssd.conf.5.xml:2065 msgid "entry_cache_user_timeout (integer)" msgstr "entry_cache_user_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2067 +#: sssd.conf.5.xml:2068 msgid "" "How many seconds should nss_sss consider user entries valid before asking " "the backend again" @@ -2904,19 +3123,19 @@ msgstr "" "antes de preguntar al punto final otra vez." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2071 sssd.conf.5.xml:2084 sssd.conf.5.xml:2097 -#: sssd.conf.5.xml:2110 sssd.conf.5.xml:2123 sssd.conf.5.xml:2137 -#: sssd.conf.5.xml:2151 +#: sssd.conf.5.xml:2072 sssd.conf.5.xml:2085 sssd.conf.5.xml:2098 +#: sssd.conf.5.xml:2111 sssd.conf.5.xml:2124 sssd.conf.5.xml:2138 +#: sssd.conf.5.xml:2152 msgid "Default: entry_cache_timeout" msgstr "Por defecto: entry_cache_timeout" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2077 +#: sssd.conf.5.xml:2078 msgid "entry_cache_group_timeout (integer)" msgstr "entry_cache_group_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2080 +#: sssd.conf.5.xml:2081 msgid "" "How many seconds should nss_sss consider group entries valid before asking " "the backend again" @@ -2925,12 +3144,12 @@ msgstr "" "antes de preguntar al punto final otra vez." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2090 +#: sssd.conf.5.xml:2091 msgid "entry_cache_netgroup_timeout (integer)" msgstr "entry_cache_netgroup_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2093 +#: sssd.conf.5.xml:2094 msgid "" "How many seconds should nss_sss consider netgroup entries valid before " "asking the backend again" @@ -2939,12 +3158,12 @@ msgstr "" "válidas antes de preguntar al punto final otra vez." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2103 +#: sssd.conf.5.xml:2104 msgid "entry_cache_service_timeout (integer)" msgstr "entry_cache_service_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2106 +#: sssd.conf.5.xml:2107 msgid "" "How many seconds should nss_sss consider service entries valid before asking " "the backend again" @@ -2953,12 +3172,12 @@ msgstr "" "antes de preguntar al punto final otra vez." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2116 +#: sssd.conf.5.xml:2117 msgid "entry_cache_sudo_timeout (integer)" msgstr "entry_cache_sudo_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2119 +#: sssd.conf.5.xml:2120 msgid "" "How many seconds should sudo consider rules valid before asking the backend " "again" @@ -2967,12 +3186,12 @@ msgstr "" "preguntar al backend otra vez." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2129 +#: sssd.conf.5.xml:2130 msgid "entry_cache_autofs_timeout (integer)" msgstr "entry_cache_autofs_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2132 +#: sssd.conf.5.xml:2133 msgid "" "How many seconds should the autofs service consider automounter maps valid " "before asking the backend again" @@ -2981,96 +3200,110 @@ msgstr "" "automontaje válidos antes de preguntar al punto final otra vez." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2143 +#: sssd.conf.5.xml:2144 msgid "entry_cache_ssh_host_timeout (integer)" -msgstr "" +msgstr "entry_cache_ssh_host_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2146 +#: sssd.conf.5.xml:2147 msgid "" "How many seconds to keep a host ssh key after refresh. IE how long to cache " "the host key for." msgstr "" +"Cuantos segundos mantener una clave ssh de host después de refrescar. IE " +"cuanto guardar en caché la clave de host." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2157 +#: sssd.conf.5.xml:2158 msgid "refresh_expired_interval (integer)" -msgstr "" +msgstr "refresh_expired_interval (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2160 +#: sssd.conf.5.xml:2161 msgid "" "Specifies how many seconds SSSD has to wait before triggering a background " "refresh task which will refresh all expired or nearly expired records." msgstr "" +"Especifica cuantos segundos tiene que esperar SSSD antes de disparar una " +"tarea de refresco en segundo plano que refrescará todos los registros " +"expirados o a punto de hacerlo." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2165 +#: sssd.conf.5.xml:2166 msgid "" "The background refresh will process users, groups and netgroups in the cache." msgstr "" +"El refresco en segundo plano procesará usuarios grupos y grupos de red en la " +"caché." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2169 +#: sssd.conf.5.xml:2170 msgid "You can consider setting this value to 3/4 * entry_cache_timeout." -msgstr "" +msgstr "Usted puede considerar ajustar este valor a 3/4 * entry_cache_timeout." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2173 sssd-ldap.5.xml:746 sssd-ipa.5.xml:254 +#: sssd.conf.5.xml:2174 sssd-ldap.5.xml:784 sssd-ipa.5.xml:254 msgid "Default: 0 (disabled)" -msgstr "" +msgstr "Predeterminado: 0 (deshabilitado)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2179 +#: sssd.conf.5.xml:2180 msgid "cache_credentials (bool)" msgstr "cache_credentials (bool)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2182 +#: sssd.conf.5.xml:2183 msgid "Determines if user credentials are also cached in the local LDB cache" msgstr "" "Determina si las credenciales del usuario están también escondidas en el " "cache LDB local" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2186 +#: sssd.conf.5.xml:2187 msgid "User credentials are stored in a SHA512 hash, not in plaintext" msgstr "" "Las credenciales de usuario son almacenadas en un hash SHA512, no en texto " "plano" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2196 +#: sssd.conf.5.xml:2197 msgid "cache_credentials_minimal_first_factor_length (int)" -msgstr "" +msgstr "cache_credentials_minimal_first_factor_length (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2199 +#: sssd.conf.5.xml:2200 msgid "" "If 2-Factor-Authentication (2FA) is used and credentials should be saved " "this value determines the minimal length the first authentication factor " "(long term password) must have to be saved as SHA512 hash into the cache." msgstr "" +"Si se usa 2-Factor-Authentication (2FA) y las credenciales deberían ser " +"guardadas este valor determina la longitud mínima del primer factor de " +"autenticación (contraseña de largo plazo) que debe ser guardado como hash " +"SHA512 en el caché." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2206 +#: sssd.conf.5.xml:2207 msgid "" "This should avoid that the short PINs of a PIN based 2FA scheme are saved in " "the cache which would make them easy targets for brute-force attacks." msgstr "" +"Esto evitaría que los PINs cortos de un esquema de PIN basado en 2FA se " +"guarden en caché lo que les haría objetivos fáciles de ataques de fuerza " +"bruta." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2211 +#: sssd.conf.5.xml:2212 msgid "Default: 8" -msgstr "" +msgstr "Predeterminado: 8" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2217 +#: sssd.conf.5.xml:2218 msgid "account_cache_expiration (integer)" msgstr "account_cache_expiration (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2220 +#: sssd.conf.5.xml:2221 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " @@ -3083,17 +3316,17 @@ msgstr "" "grande o igual que offline_credentials_expiration." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2227 +#: sssd.conf.5.xml:2228 msgid "Default: 0 (unlimited)" msgstr "Predeterminado: 0 (ilimitado)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2232 +#: sssd.conf.5.xml:2233 msgid "pwd_expiration_warning (integer)" msgstr "pwd_expiration_warning (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2243 +#: sssd.conf.5.xml:2244 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -3106,17 +3339,17 @@ msgstr "" "configurar un proveedor de autorización para el backend." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2250 +#: sssd.conf.5.xml:2251 msgid "Default: 7 (Kerberos), 0 (LDAP)" msgstr "Por defecto: 7 (Kerberos), 0 (LDAP)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2256 +#: sssd.conf.5.xml:2257 msgid "id_provider (string)" msgstr "id_provider (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2259 +#: sssd.conf.5.xml:2260 msgid "" "The identification provider used for the domain. Supported ID providers are:" msgstr "" @@ -3124,26 +3357,32 @@ msgstr "" "soportados son:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2263 +#: sssd.conf.5.xml:2264 msgid "<quote>proxy</quote>: Support a legacy NSS provider." -msgstr "" +msgstr "<quote>proxy</quote>: Soporta un proveedor NSS heredado." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2266 +#: sssd.conf.5.xml:2267 msgid "" "<quote>local</quote>: SSSD internal provider for local users (DEPRECATED)." msgstr "" +"<quote>local</quote>: Proveedor SSSD interno para usuarios locales " +"(OBSOLETO)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2270 +#: sssd.conf.5.xml:2271 msgid "" "<quote>files</quote>: FILES provider. See <citerefentry> <refentrytitle>sssd-" "files</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " "information on how to mirror local users and groups into SSSD." msgstr "" +"<quote>files</quote>: Proveedor de FICHEROS. Vea <citerefentry> " +"<refentrytitle>sssd-files</refentrytitle> <manvolnum>5</manvolnum> </" +"citerefentry> para más información sobre como hacer espejo de usuarios y " +"grupos locales en SSSD." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2278 +#: sssd.conf.5.xml:2279 msgid "" "<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -3154,8 +3393,8 @@ msgstr "" "información sobre la configuración de LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2286 sssd.conf.5.xml:2391 sssd.conf.5.xml:2446 -#: sssd.conf.5.xml:2509 +#: sssd.conf.5.xml:2287 sssd.conf.5.xml:2392 sssd.conf.5.xml:2447 +#: sssd.conf.5.xml:2510 msgid "" "<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management " "provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " @@ -3168,8 +3407,8 @@ msgstr "" "configuración de FreeIPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2295 sssd.conf.5.xml:2400 sssd.conf.5.xml:2455 -#: sssd.conf.5.xml:2518 +#: sssd.conf.5.xml:2296 sssd.conf.5.xml:2401 sssd.conf.5.xml:2456 +#: sssd.conf.5.xml:2519 msgid "" "<quote>ad</quote>: Active Directory provider. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3181,12 +3420,12 @@ msgstr "" "Directory." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2306 +#: sssd.conf.5.xml:2307 msgid "use_fully_qualified_names (bool)" msgstr "use_fully_qualified_names (bool)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2309 +#: sssd.conf.5.xml:2310 msgid "" "Use the full name and domain (as formatted by the domain's full_name_format) " "as the user's login name reported to NSS." @@ -3196,7 +3435,7 @@ msgstr "" "NSS." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2314 +#: sssd.conf.5.xml:2315 msgid "" "If set to TRUE, all requests to this domain must use fully qualified names. " "For example, if used in LOCAL domain that contains a \"test\" user, " @@ -3210,30 +3449,34 @@ msgstr "" "command> lo haría." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2322 +#: sssd.conf.5.xml:2323 msgid "" "NOTE: This option has no effect on netgroup lookups due to their tendency to " "include nested netgroups without qualified names. For netgroups, all domains " "will be searched when an unqualified name is requested." msgstr "" +"AVISO: Esta opción no tiene efecto sobre búsquedas de grupo de red debido a " +"su tendencia a incluir grupos de red anidados sin nombres cualificados. Para " +"grupos de red, se buscará en todos los dominios cuando se pida un no no " +"cualificado." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2329 +#: sssd.conf.5.xml:2330 msgid "Default: FALSE (TRUE if default_domain_suffix is used)" -msgstr "" +msgstr "Predeterminado: FALSE (TRUE si se usa default_domain_suffix)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2335 +#: sssd.conf.5.xml:2336 msgid "ignore_group_members (bool)" msgstr "ignore_group_members (bool)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2338 +#: sssd.conf.5.xml:2339 msgid "Do not return group members for group lookups." msgstr "No devuelve miembros de grupo para búsquedas de grupo." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2341 +#: sssd.conf.5.xml:2342 msgid "" "If set to TRUE, the group membership attribute is not requested from the " "ldap server, and group members are not returned when processing group lookup " @@ -3243,22 +3486,32 @@ msgid "" "citerefentry>. As an effect, <quote>getent group $groupname</quote> would " "return the requested group as if it was empty." msgstr "" +"Si se fija a TRUE, no se pide el atributo de membresía de grupo al servidor " +"ldap y los miembros no son devueltos cuando se procesan llamadas de " +"búsqueda, como <citerefentry> <refentrytitle>getgrnam</refentrytitle> " +"<manvolnum>3</manvolnum> </citerefentry> o <citerefentry> " +"<refentrytitle>getgrgid</refentrytitle> <manvolnum>3</manvolnum> </" +"citerefentry>. Como efecto, <quote>getent group $groupname</quote> debería " +"devolver el grupo pedido como si estuviera vacío." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2359 +#: sssd.conf.5.xml:2360 msgid "" "Enabling this option can also make access provider checks for group " "membership significantly faster, especially for groups containing many " "members." msgstr "" +"Habilitar esta opción puede también hacer acceso a las comprobaciones de " +"proveedor ara membresía de grupo significativamente más rápidas, " +"especialmente para grupos que contienen muchos miembros." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2370 +#: sssd.conf.5.xml:2371 msgid "auth_provider (string)" msgstr "auth_provider (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2373 +#: sssd.conf.5.xml:2374 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" @@ -3267,7 +3520,7 @@ msgstr "" "autenticación soportados son:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2377 sssd.conf.5.xml:2439 +#: sssd.conf.5.xml:2378 sssd.conf.5.xml:2440 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3278,7 +3531,7 @@ msgstr "" "citerefentry> para más información sobre la configuración LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2384 +#: sssd.conf.5.xml:2385 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3289,7 +3542,7 @@ msgstr "" "citerefentry> para más información sobre la configuración de Kerberos." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2408 +#: sssd.conf.5.xml:2409 msgid "" "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "" @@ -3297,17 +3550,17 @@ msgstr "" "objetivo PAM." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2411 +#: sssd.conf.5.xml:2412 msgid "<quote>local</quote>: SSSD internal provider for local users" msgstr "<quote>local</quote>: Proveedor interno SSSD para usuarios locales" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2415 +#: sssd.conf.5.xml:2416 msgid "<quote>none</quote> disables authentication explicitly." msgstr "<quote>none</quote> deshabilita la autenticación explícitamente." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2418 +#: sssd.conf.5.xml:2419 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." @@ -3316,12 +3569,12 @@ msgstr "" "manejar las peticiones de autenticación." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2424 +#: sssd.conf.5.xml:2425 msgid "access_provider (string)" msgstr "access_provider (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2427 +#: sssd.conf.5.xml:2428 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " @@ -3332,7 +3585,7 @@ msgstr "" "proveedores especiales internos son:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2433 +#: sssd.conf.5.xml:2434 msgid "" "<quote>permit</quote> always allow access. It's the only permitted access " "provider for a local domain." @@ -3341,12 +3594,12 @@ msgstr "" "sólo permitido para un dominio local." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2436 +#: sssd.conf.5.xml:2437 msgid "<quote>deny</quote> always deny access." msgstr "<quote>deny</quote> siempre niega el acceso." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2463 +#: sssd.conf.5.xml:2464 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" @@ -3359,30 +3612,35 @@ msgstr "" "configuración del módulo de acceso sencillo." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2470 +#: sssd.conf.5.xml:2471 msgid "" "<quote>krb5</quote>: .k5login based access control. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum></" "citerefentry> for more information on configuring Kerberos." msgstr "" +"<quote>krb5</quote>: .k5login basado en control de acceso. Vea " +"<citerefentry> <refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</" +"manvolnum></citerefentry> para más información sobre la configuración de " +"Kerberos." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2477 +#: sssd.conf.5.xml:2478 msgid "<quote>proxy</quote> for relaying access control to another PAM module." msgstr "" +"<quote>proxy</quote> para transmitir control de acceso a otro módulo PAM." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2480 +#: sssd.conf.5.xml:2481 msgid "Default: <quote>permit</quote>" msgstr "Predeterminado: <quote>permit</quote>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2485 +#: sssd.conf.5.xml:2486 msgid "chpass_provider (string)" msgstr "chpass_provider (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2488 +#: sssd.conf.5.xml:2489 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" @@ -3391,15 +3649,19 @@ msgstr "" "el dominio. Los proveedores de cambio de passweord soportados son:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2493 +#: sssd.conf.5.xml:2494 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" "manvolnum> </citerefentry> for more information on configuring LDAP." msgstr "" +"<quote>ldap</quote> para cambiar una contraseña almacenada en un servidor " +"LDAP. Vea <citerefentry> <refentrytitle>sssd-ldap</refentrytitle> " +"<manvolnum>5</manvolnum> </citerefentry> para más información sobre la " +"configuración de LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2501 +#: sssd.conf.5.xml:2502 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3410,7 +3672,7 @@ msgstr "" "citerefentry> para más información sobre configurar Kerberos." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2526 +#: sssd.conf.5.xml:2527 msgid "" "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "" @@ -3418,13 +3680,13 @@ msgstr "" "otros objetivos PAM." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2530 +#: sssd.conf.5.xml:2531 msgid "<quote>none</quote> disallows password changes explicitly." msgstr "" "<quote>none</quote> deniega explícitamente los cambios en la contraseña." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2533 +#: sssd.conf.5.xml:2534 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." @@ -3433,18 +3695,18 @@ msgstr "" "puede manejar las peticiones de cambio de password." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2540 +#: sssd.conf.5.xml:2541 msgid "sudo_provider (string)" msgstr "sudo_provider (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2543 +#: sssd.conf.5.xml:2544 msgid "The SUDO provider used for the domain. Supported SUDO providers are:" msgstr "" "El proveedor SUDO usado por el dominio. Los proveedores SUDO soportados son:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2547 +#: sssd.conf.5.xml:2548 msgid "" "<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3455,33 +3717,37 @@ msgstr "" "citerefentry> para más información sobre la configuración LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2555 +#: sssd.conf.5.xml:2556 msgid "" "<quote>ipa</quote> the same as <quote>ldap</quote> but with IPA default " "settings." msgstr "" +"<quote>ipa</quote> lo mismo que <quote>ldap</quote> pero con ajustes " +"predeterminados IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2559 +#: sssd.conf.5.xml:2560 msgid "" "<quote>ad</quote> the same as <quote>ldap</quote> but with AD default " "settings." msgstr "" +"<quote>ad</quote> lo mismo que <quote>ldap</quote> pero con ajustes " +"predeterminados AD." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2563 +#: sssd.conf.5.xml:2564 msgid "<quote>none</quote> disables SUDO explicitly." msgstr "<quote>none</quote>deshabilita SUDO explícitamente." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2566 sssd.conf.5.xml:2652 sssd.conf.5.xml:2722 -#: sssd.conf.5.xml:2747 +#: sssd.conf.5.xml:2567 sssd.conf.5.xml:2653 sssd.conf.5.xml:2723 +#: sssd.conf.5.xml:2748 msgid "Default: The value of <quote>id_provider</quote> is used if it is set." msgstr "" "Por defecto: el valor de <quote>id_provider</quote> se usa si está fijado." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2570 +#: sssd.conf.5.xml:2571 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -3490,23 +3756,34 @@ msgid "" "\"ldap_sudo_*\" in <citerefentry> <refentrytitle>sssd-ldap</refentrytitle> " "<manvolnum>5</manvolnum> </citerefentry>." msgstr "" +"Las instrucciones detalladas para la configuración de sudo_provider están el " +"la página de manual <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " +"<manvolnum>5</manvolnum> </citerefentry>. Hay muchas opciones de " +"configuración que se puden usar para ajustar el comportamiento. Vea por " +"favor \"ldap_sudo_*\" en <citerefentry> <refentrytitle>sssd-ldap</" +"refentrytitle> <manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2585 +#: sssd.conf.5.xml:2586 msgid "" "<emphasis>NOTE:</emphasis> Sudo rules are periodically downloaded in the " "background unless the sudo provider is explicitly disabled. Set " "<emphasis>sudo_provider = None</emphasis> to disable all sudo-related " "activity in SSSD if you do not want to use sudo with SSSD at all." msgstr "" +"<emphasis>AVISO:</emphasis> Las reglas sudo son periódicamente descargadas " +"en segundo plano a no ser que proveedor sudo esté explícitamente " +"deshabilitado. Ajuste <emphasis>sudo_provider = None</emphasis> para " +"deshabilitatr toda la actividad relacionada con sudo en SSSD si usted no " +"desea usar sudo cn SSSD mas." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2595 +#: sssd.conf.5.xml:2596 msgid "selinux_provider (string)" msgstr "selinux_provider (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2598 +#: sssd.conf.5.xml:2599 msgid "" "The provider which should handle loading of selinux settings. Note that this " "provider will be called right after access provider ends. Supported selinux " @@ -3517,7 +3794,7 @@ msgstr "" "finalice. Los proveedores selinux soportados son:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2604 +#: sssd.conf.5.xml:2605 msgid "" "<quote>ipa</quote> to load selinux settings from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3529,14 +3806,14 @@ msgstr "" "IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2612 +#: sssd.conf.5.xml:2613 msgid "<quote>none</quote> disallows fetching selinux settings explicitly." msgstr "" "<quote>none</quote> deshabilita ir a buscar los ajustes selinux " "explícitamente." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2615 +#: sssd.conf.5.xml:2616 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "selinux loading requests." @@ -3545,12 +3822,12 @@ msgstr "" "manejar las peticiones de carga selinux." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2621 +#: sssd.conf.5.xml:2622 msgid "subdomains_provider (string)" msgstr "subdomains_provider (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2624 +#: sssd.conf.5.xml:2625 msgid "" "The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider. Supported subdomain providers are:" @@ -3560,7 +3837,7 @@ msgstr "" "soportados son:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2630 +#: sssd.conf.5.xml:2631 msgid "" "<quote>ipa</quote> to load a list of subdomains from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3572,65 +3849,82 @@ msgstr "" "configuración de IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2639 +#: sssd.conf.5.xml:2640 msgid "" "<quote>ad</quote> to load a list of subdomains from an Active Directory " "server. See <citerefentry> <refentrytitle>sssd-ad</refentrytitle> " "<manvolnum>5</manvolnum> </citerefentry> for more information on configuring " "the AD provider." msgstr "" +"<quote>ad</quote> para descargar una lista de subdominios desde un servidor " +"Active Directory. Vea <citerefentry> <refentrytitle>sssd-ad</refentrytitle> " +"<manvolnum>5</manvolnum> </citerefentry> para más información sobre la " +"configuración del proveedor AD." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2648 +#: sssd.conf.5.xml:2649 msgid "<quote>none</quote> disallows fetching subdomains explicitly." msgstr "" "<quote>none</quote> deshabilita el buscador de subdominios explícitamente." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2658 +#: sssd.conf.5.xml:2659 msgid "session_provider (string)" -msgstr "" +msgstr "session_provider (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2661 +#: sssd.conf.5.xml:2662 msgid "" "The provider which configures and manages user session related tasks. The " "only user session task currently provided is the integration with Fleet " "Commander, which works only with IPA. Supported session providers are:" msgstr "" +"El proveedor que configura y gestiona las tareas relacionadas con la sesión " +"de usuario. La única tarea de usuario que actualmente se provee es la " +"integración con Fleet Commander, que trabaja solo con IPA. Los proveedores " +"de sesiones soportados son:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2668 +#: sssd.conf.5.xml:2669 msgid "<quote>ipa</quote> to allow performing user session related tasks." msgstr "" +"<quote>ipa</quote> para permitir llevar a cabo tareas relacionadas con la " +"sesión de usuario." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2672 +#: sssd.conf.5.xml:2673 msgid "" "<quote>none</quote> does not perform any kind of user session related tasks." msgstr "" +"<quote>none</quote> no lleva a cabo ninguna tarea relacionada con la sesión " +"de usuario." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2676 +#: sssd.conf.5.xml:2677 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can perform " "session related tasks." msgstr "" +"Predeterminado: <quote>id_provider</quote> se usa si está ajustado y puede " +"llevar a cabo tareas relacionadas con la sesión de usuario." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2680 +#: sssd.conf.5.xml:2681 msgid "" "<emphasis>NOTE:</emphasis> In order to have this feature working as expected " "SSSD must be running as \"root\" and not as the unprivileged user." msgstr "" +"<emphasis>AVISO:</emphasis> Con el objetivo de tener esta característica " +"trabajando como se espera SSSD se debe correr como \"root\" y o como usuario " +"sin privilegios." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2688 +#: sssd.conf.5.xml:2689 msgid "autofs_provider (string)" msgstr "autofs_provider (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2691 +#: sssd.conf.5.xml:2692 msgid "" "The autofs provider used for the domain. Supported autofs providers are:" msgstr "" @@ -3638,7 +3932,7 @@ msgstr "" "son:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2695 +#: sssd.conf.5.xml:2696 msgid "" "<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3650,7 +3944,7 @@ msgstr "" "LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2702 +#: sssd.conf.5.xml:2703 msgid "" "<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> " "<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3662,25 +3956,29 @@ msgstr "" "IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2710 +#: sssd.conf.5.xml:2711 msgid "" "<quote>ad</quote> to load maps stored in an AD server. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" "citerefentry> for more information on configuring the AD provider." msgstr "" +"<quote>ad</quote> para cargar mapas almacenados en un servidor AD. Vea " +"<citerefentry> <refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</" +"manvolnum> </citerefentry> para más información sobre como configurar un " +"proveedor AD." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2719 +#: sssd.conf.5.xml:2720 msgid "<quote>none</quote> disables autofs explicitly." msgstr "<quote>none</quote> deshabilita autofs explícitamente." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2729 +#: sssd.conf.5.xml:2730 msgid "hostid_provider (string)" msgstr "hostid_provider (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2732 +#: sssd.conf.5.xml:2733 msgid "" "The provider used for retrieving host identity information. Supported " "hostid providers are:" @@ -3689,7 +3987,7 @@ msgstr "" "proveedores de hostid soportados son:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2736 +#: sssd.conf.5.xml:2737 msgid "" "<quote>ipa</quote> to load host identity stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3701,12 +3999,12 @@ msgstr "" "configuración de IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2744 +#: sssd.conf.5.xml:2745 msgid "<quote>none</quote> disables hostid explicitly." msgstr "<quote>none</quote> deshabilita hostid explícitamente." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2757 +#: sssd.conf.5.xml:2758 msgid "" "Regular expression for this domain that describes how to parse the string " "containing user name and domain into these components. The \"domain\" can " @@ -3714,9 +4012,14 @@ msgid "" "trust subdomains and Active Directory domains, the flat (NetBIOS) name of " "the domain." msgstr "" +"Expresión regular para este dominio que describe como analizar " +"gramaticalmente la cadena que contiene el nombre de usuario y el dominio en " +"estos componentes. El \"dominio\" puede coincidir bien con el nombre de " +"dominio de configuración SSSD o en el caso de subdominios de confianza IPA y " +"dominios Active Directory, el nombre plano (NetBIOS) del dominio." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2766 +#: sssd.conf.5.xml:2767 msgid "" "Default for the AD and IPA provider: <quote>(((?P<domain>[^\\\\]+)\\" "\\(?P<name>.+$))|((?P<name>[^@]+)@(?P<domain>.+$))|(^(?" @@ -3729,22 +4032,22 @@ msgstr "" "nombres de usuario:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2771 +#: sssd.conf.5.xml:2772 msgid "username" msgstr "nombre de usuario" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2774 +#: sssd.conf.5.xml:2775 msgid "username@domain.name" msgstr "username@domain.name" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2777 +#: sssd.conf.5.xml:2778 msgid "domain\\username" msgstr "dominio/nombre_de_usuario" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2780 +#: sssd.conf.5.xml:2781 msgid "" "While the first two correspond to the general default the third one is " "introduced to allow easy integration of users from Windows domains." @@ -3754,7 +4057,7 @@ msgstr "" "dominios Windows." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2785 +#: sssd.conf.5.xml:2786 msgid "" "Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " "which translates to \"the name is everything up to the <quote>@</quote> " @@ -3765,7 +4068,7 @@ msgstr "" "el nombre, el dominio es el resto detrás de este signo\"" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2791 +#: sssd.conf.5.xml:2792 msgid "" "NOTE: Some Active Directory groups, typically those used for MS Exchange " "contain an <quote>@</quote> sign in the name, which clashes with the default " @@ -3773,19 +4076,24 @@ msgid "" "consider changing the re_expression value to: <quote>((?P<name>.+)@(?" "P<domain>[^@]+$))</quote>." msgstr "" +"AVISO: Algunos grupos Active Directory, normalmente aquellos que se usan por " +"MS Exchange contienen un signo <quote>@</quote> en el nombre, lo que choca " +"con el valor predeterminado de re_expressionpara los proveedores AD e IPA. " +"Para soportar estos grupos, considere cambiar el valor de re_expression a: " +"<quote>((?P<name>.+)@(?P<domain>[^@]+$))</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2842 +#: sssd.conf.5.xml:2843 msgid "Default: <quote>%1$s@%2$s</quote>." msgstr "Predeterminado: <quote>%1$s@%2$s</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2848 +#: sssd.conf.5.xml:2849 msgid "lookup_family_order (string)" msgstr "lookup_family_order (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2851 +#: sssd.conf.5.xml:2852 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." @@ -3794,69 +4102,75 @@ msgstr "" "a usar cuando se lleven a cabo búsquedas DNS." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2855 +#: sssd.conf.5.xml:2856 msgid "Supported values:" msgstr "Valores soportados:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2858 +#: sssd.conf.5.xml:2859 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" msgstr "ipv4_first: Intenta buscar dirección IPv4, si falla, intenta IPv6" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2861 +#: sssd.conf.5.xml:2862 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." msgstr "ipv4_only: Sólo intenta resolver nombres de host a direccones IPv4." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2864 +#: sssd.conf.5.xml:2865 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" msgstr "ipv6_first: Intenta buscar dirección IPv6, si falla, intenta IPv4" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2867 +#: sssd.conf.5.xml:2868 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." msgstr "ipv6_only: Sólo intenta resolver nombres de host a direccones IPv6." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2870 +#: sssd.conf.5.xml:2871 msgid "Default: ipv4_first" msgstr "Predeterminado: ipv4_first" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2876 +#: sssd.conf.5.xml:2877 msgid "dns_resolver_timeout (integer)" msgstr "dns_resolver_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2879 +#: sssd.conf.5.xml:2880 msgid "" "Defines the amount of time (in seconds) to wait for a reply from the " "internal fail over service before assuming that the service is unreachable. " "If this timeout is reached, the domain will continue to operate in offline " "mode." msgstr "" +"Define la cantidad de tiempo (en segundos) a esperar una respuesta de un " +"fallo interno sobre un servicio ntes de asumir que ese servicio es " +"inalcanzable. ISi se alcanza este tiempo de salida, el dominio continuará " +"trabajando en modo offline." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2886 +#: sssd.conf.5.xml:2887 msgid "" "Please see the section <quote>FAILOVER</quote> for more information about " "the service resolution." msgstr "" +"Por favor vea la sección <quote>RECUPERACIÓN DE FALLOS</quote> para más " +"información sobre la resolución del servicio." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2891 sssd-ldap.5.xml:1337 sssd-ldap.5.xml:1379 -#: sssd-ldap.5.xml:1397 sssd-krb5.5.xml:248 +#: sssd.conf.5.xml:2892 sssd-ldap.5.xml:1375 sssd-ldap.5.xml:1417 +#: sssd-ldap.5.xml:1435 sssd-krb5.5.xml:248 msgid "Default: 6" msgstr "Predeterminado: 6" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2897 +#: sssd.conf.5.xml:2898 msgid "dns_discovery_domain (string)" msgstr "dns_discovery_domain (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2900 +#: sssd.conf.5.xml:2901 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." @@ -3865,148 +4179,166 @@ msgstr "" "de dominio de la pregunta al descubridor de servicio DNS." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2904 +#: sssd.conf.5.xml:2905 msgid "Default: Use the domain part of machine's hostname" msgstr "" "Predeterminado: Utilizar la parte del dominio del nombre de host del equipo" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2910 +#: sssd.conf.5.xml:2911 msgid "override_gid (integer)" msgstr "override_gid (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2913 +#: sssd.conf.5.xml:2914 msgid "Override the primary GID value with the one specified." msgstr "Anula el valor primario GID con el especificado." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2919 +#: sssd.conf.5.xml:2920 msgid "case_sensitive (string)" -msgstr "" +msgstr "case_sensitive (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2930 +#: sssd.conf.5.xml:2931 msgid "True" -msgstr "" +msgstr "True" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2933 +#: sssd.conf.5.xml:2934 msgid "Case sensitive. This value is invalid for AD provider." msgstr "" +"Distingue mayúsculas y minúsculas. Este valor es invalido para el proveedor " +"AD." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2939 +#: sssd.conf.5.xml:2940 msgid "False" -msgstr "" +msgstr "False" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2941 +#: sssd.conf.5.xml:2942 msgid "Case insensitive." -msgstr "" +msgstr "No sensible a mayúsculas minúsculas." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2945 +#: sssd.conf.5.xml:2946 msgid "Preserving" -msgstr "" +msgstr "Preserving" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2948 +#: sssd.conf.5.xml:2949 msgid "" "Same as False (case insensitive), but does not lowercase names in the result " "of NSS operations. Note that name aliases (and in case of services also " "protocol names) are still lowercased in the output." msgstr "" +"Igual que False (no sensible a mayúsculas minúsculas.), pero sin minúsculas " +"en los nombres en el resultado de las operaciones NSS. Advierta que los " +"nombres de alias (y en el caso de servicios también los nombres de " +"protocolo) están en minúsculas en la salida." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2922 +#: sssd.conf.5.xml:2923 msgid "" "Treat user and group names as case sensitive. <phrase condition=" "\"enable_local_provider\"> At the moment, this option is not supported in " "the local provider. </phrase> Possible option values are: <placeholder type=" "\"variablelist\" id=\"0\"/>" msgstr "" +"Trata nombres de usuario y de grupo como sensibles a mayúsculas/minúsculas. " +"<phrase condition=\"enable_local_provider\"> En este momento esta opción no " +"está soportada en el proveedor local. </phrase> Los valores de opción " +"posibles son: <placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2960 +#: sssd.conf.5.xml:2961 msgid "Default: True (False for AD provider)" -msgstr "" +msgstr "Predeterminado: True (False para proveedor AD)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2966 +#: sssd.conf.5.xml:2967 msgid "subdomain_inherit (string)" -msgstr "" +msgstr "subdomain_inherit (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2969 +#: sssd.conf.5.xml:2970 msgid "" "Specifies a list of configuration parameters that should be inherited by a " "subdomain. Please note that only selected parameters can be inherited. " "Currently the following options can be inherited:" msgstr "" +"Especifica una lista de parámetros de configuración que deberían ser " +"heredados por un subdominio. Por favor advierta que solo pueden ser " +"heredados parámetros seleccionados. Actualmente se pueden heredar las " +"siguientes opciones:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2975 +#: sssd.conf.5.xml:2976 msgid "ignore_group_members" -msgstr "" +msgstr "ignore_group_members" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2978 +#: sssd.conf.5.xml:2979 msgid "ldap_purge_cache_timeout" -msgstr "" +msgstr "ldap_purge_cache_timeout" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2981 sssd-ldap.5.xml:1061 +#: sssd.conf.5.xml:2982 sssd-ldap.5.xml:1099 msgid "ldap_use_tokengroups" -msgstr "" +msgstr "ldap_use_tokengroups" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2984 +#: sssd.conf.5.xml:2985 msgid "ldap_user_principal" -msgstr "" +msgstr "ldap_user_principal" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2987 +#: sssd.conf.5.xml:2988 msgid "" "ldap_krb5_keytab (the value of krb5_keytab will be used if ldap_krb5_keytab " "is not set explicitly)" msgstr "" +"ldap_krb5_keytab (se deberá usar el valor de krb5_keytab si no se ha fijado " +"explícitamente ldap_krb5_keytab)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:2993 +#: sssd.conf.5.xml:2994 #, no-wrap msgid "" "subdomain_inherit = ldap_purge_cache_timeout\n" " " msgstr "" +"subdomain_inherit = ldap_purge_cache_timeout\n" +" " #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2991 sssd-secrets.5.xml:448 +#: sssd.conf.5.xml:2992 sssd-secrets.5.xml:448 msgid "Example: <placeholder type=\"programlisting\" id=\"0\"/>" -msgstr "" +msgstr "Ejemplo: <placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3000 +#: sssd.conf.5.xml:3001 msgid "Note: This option only works with the IPA and AD provider." -msgstr "" +msgstr "Aviso: Esta opción solo trabaja con el proveedor IPA y AD." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3007 +#: sssd.conf.5.xml:3008 msgid "subdomain_homedir (string)" msgstr "subdomain_homedir (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3018 +#: sssd.conf.5.xml:3019 msgid "%F" -msgstr "" +msgstr "%F" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3019 +#: sssd.conf.5.xml:3020 msgid "flat (NetBIOS) name of a subdomain." -msgstr "" +msgstr "flat (NetBIOS) nombre de un subdominio." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3010 +#: sssd.conf.5.xml:3011 msgid "" "Use this homedir as default value for all subdomains within this domain in " "IPA AD trust. See <emphasis>override_homedir</emphasis> for info about " @@ -4014,9 +4346,15 @@ msgid "" "with <emphasis>subdomain_homedir</emphasis>. <placeholder type=" "\"variablelist\" id=\"0\"/>" msgstr "" +"Use este directorio home como valor predeterminado para todos los " +"subdominios dentro de este dominio en IPA AD de confianza. Vea " +"<emphasis>override_homedir</emphasis> para información sobre los posibles " +"valores. Además de esto, la expansión de abajo sólo puede ser usada con " +"<emphasis>subdomain_homedir</emphasis>. <placeholder type=\"variablelist\" " +"id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3024 +#: sssd.conf.5.xml:3025 msgid "" "The value can be overridden by <emphasis>override_homedir</emphasis> option." msgstr "" @@ -4024,85 +4362,197 @@ msgstr "" "emphasis>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3028 +#: sssd.conf.5.xml:3029 msgid "Default: <filename>/home/%d/%u</filename>" msgstr "Por defecto: <filename>/home/%d/%u</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3033 +#: sssd.conf.5.xml:3034 msgid "realmd_tags (string)" -msgstr "" +msgstr "realmd_tags (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3036 +#: sssd.conf.5.xml:3037 msgid "" "Various tags stored by the realmd configuration service for this domain." msgstr "" +"Diversas banderas almacenadas por el servicio de configuración realmd para " +"este dominio." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3042 +#: sssd.conf.5.xml:3043 msgid "cached_auth_timeout (int)" -msgstr "" +msgstr "cached_auth_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3045 +#: sssd.conf.5.xml:3046 +#, fuzzy +#| msgid "" +#| "Specifies time in seconds since last successful online authentication for " +#| "which user will be authenticated using cached credentials while SSSD is " +#| "in the online mode." msgid "" "Specifies time in seconds since last successful online authentication for " "which user will be authenticated using cached credentials while SSSD is in " -"the online mode." +"the online mode. If the credentials are incorrect, SSSD falls back to online " +"authentication." msgstr "" +"Especifica el tiempo en segundos desde la última autenticación en línea con " +"éxito por la cual el usuario será autenticado usando las credenciales en " +"caché mientras SSSD está en modo en línea." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3051 -msgid "Special value 0 implies that this feature is disabled." +#: sssd.conf.5.xml:3054 +msgid "" +"This option's value is inherited by all trusted domains. At the moment it is " +"not possible to set a different value per trusted domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3055 +#: sssd.conf.5.xml:3059 +msgid "Special value 0 implies that this feature is disabled." +msgstr "El valor especial 0 implica que esta función está deshabilitada." + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3063 msgid "" "Please note that if <quote>cached_auth_timeout</quote> is longer than " "<quote>pam_id_timeout</quote> then the back end could be called to handle " "<quote>initgroups.</quote>" msgstr "" +"Por favor advierta que si <quote>cached_auth_timeout</quote> es mayor que " +"<quote>pam_id_timeout</quote> el otro extremo podría ser llamado para " +"gestionar <quote>initgroups.</quote>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3066 +#: sssd.conf.5.xml:3074 msgid "auto_private_groups (string)" +msgstr "auto_private_groups (cadena)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3080 +msgid "true" msgstr "" -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3069 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3083 +#, fuzzy +#| msgid "" +#| "If this option is enabled, SSSD will automatically create user private " +#| "groups based on user's UID number. The GID number is ignored in this case." +msgid "" +"Create user's private group unconditionally from user's UID number. The GID " +"number is ignored in this case." +msgstr "" +"Si esta opción está habilitada, SSSD creará automáticamente grupos de " +"usuario privado en base al número UID del usuario. El número GID se ignora " +"en este caso." + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3087 +msgid "" +"NOTE: Because the GID number and the user private group are inferred from " +"the UID number, it is not supported to have multiple entries with the same " +"UID or GID number with this option. In other words, enabling this option " +"enforces uniqueness across the ID space." +msgstr "" +"AVISO: Puesto que el número GID y el grupo privado de usuario se infieren de " +"número UID, no está soportado tener múltiples entrada con los mismos UID o " +"GID con esta opción. En otras palabras, habilitando esta opción se fuerza la " +"unicidad den el espacio de ID." + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3096 +#, fuzzy +#| msgid "False" +msgid "false" +msgstr "False" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3099 +msgid "" +"Always use the user's primary GID number. The GID number must refer to a " +"group object in the LDAP database." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3105 +msgid "hybrid" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3108 +msgid "" +"A primary group is autogenerated for user entries whose UID and GID numbers " +"have the same value and at the same time the GID number does not correspond " +"to a real group object in LDAP If the values are the same, but the primary " +"GID in the user entry is also used by a group object, the primary GID of the " +"user resolves to that group object." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3121 msgid "" -"If this option is enabled, SSSD will automatically create user private " -"groups based on user's UID number. The GID number is ignored in this case." +"If the UID and GID of a user are different, then the GID must correspond to " +"a group entry, otherwise the GID is simply not resolvable." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3128 +msgid "" +"This feature is useful for environments that wish to stop maintaining a " +"separate group objects for the user private groups, but also wish to retain " +"the existing user private groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3074 +#: sssd.conf.5.xml:3077 +#, fuzzy +#| msgid "" +#| "Options valid for proxy domains. <placeholder type=\"variablelist\" id=" +#| "\"0\"/>" msgid "" -"For POSIX subdomains, setting the option in the main domain is inherited in " -"the subdomain." +"This option takes any of three available values: <placeholder type=" +"\"variablelist\" id=\"0\"/>" msgstr "" +"Opciones válidas para dominios proxy. <placeholder type=\"variablelist\" id=" +"\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3078 +#: sssd.conf.5.xml:3140 +msgid "" +"For subdomains, the default value is False for subdomains that use assigned " +"POSIX IDs and True for subdomains that use automatic ID-mapping." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd.conf.5.xml:3148 +#, no-wrap +msgid "" +"[domain/forest.domain/sub.domain]\n" +"auto_private_groups = false\n" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd.conf.5.xml:3154 +#, no-wrap msgid "" -"For ID-mapping subdomains, auto_private_groups is already enabled for the " -"subdomains and setting it to false will not have any effect for the " -"subdomain." +"[domain/forest.domain]\n" +"subdomain_inherit = auto_private_groups\n" +"auto_private_groups = false\n" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3083 +#: sssd.conf.5.xml:3145 msgid "" -"NOTE: Because the GID number and the user private group are inferred from " -"the UID number, it is not supported to have multiple entries with the same " -"UID or GID number with this option. In other words, enabling this option " -"enforces uniqueness across the ID space." +"The value of auto_private_groups can either be set per subdomains in a " +"subsection, for example: <placeholder type=\"programlisting\" id=\"0\"/> or " +"globally for all subdomains in the main domain section using the " +"subdomain_inherit option: <placeholder type=\"programlisting\" id=\"1\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1884 +#: sssd.conf.5.xml:1885 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called <quote>[domain/<replaceable>NAME</" @@ -4114,17 +4564,17 @@ msgstr "" "id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3102 +#: sssd.conf.5.xml:3169 msgid "proxy_pam_target (string)" msgstr "proxy_pam_target (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3105 +#: sssd.conf.5.xml:3172 msgid "The proxy target PAM proxies to." msgstr "El proxy de destino PAM próximo a." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3108 +#: sssd.conf.5.xml:3175 msgid "" "Default: not set by default, you have to take an existing pam configuration " "or create a new one and add the service name here." @@ -4133,12 +4583,12 @@ msgstr "" "pam existente o crear una nueva y añadir el nombre de servicio aquí." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3116 +#: sssd.conf.5.xml:3183 msgid "proxy_lib_name (string)" msgstr "proxy_lib_name (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3119 +#: sssd.conf.5.xml:3186 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " @@ -4149,12 +4599,12 @@ msgstr "" "$(function), por ejemplo _nss_files_getpwent." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3129 +#: sssd.conf.5.xml:3196 msgid "proxy_fast_alias (boolean)" msgstr "proxy_fast_alias (booleano)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3132 +#: sssd.conf.5.xml:3199 msgid "" "When a user or group is looked up by name in the proxy provider, a second " "lookup by ID is performed to \"canonicalize\" the name in case the requested " @@ -4168,20 +4618,24 @@ msgstr "" "razones de rendimiento." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3146 +#: sssd.conf.5.xml:3213 msgid "proxy_max_children (integer)" -msgstr "" +msgstr "proxy_max_children (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3149 +#: sssd.conf.5.xml:3216 msgid "" "This option specifies the number of pre-forked proxy children. It is useful " "for high-load SSSD environments where sssd may run out of available child " "slots, which would cause some issues due to the requests being queued." msgstr "" +"Esta opción especifica el número de hijos proxy pre-bifurcados. Es útil para " +"entornor SSSD de alta carga donde sssd puede quedarse sin espacios para " +"hijos disponibles, lo que podría causar errores debido a las peticiones que " +"son encoladas." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3098 +#: sssd.conf.5.xml:3165 msgid "" "Options valid for proxy domains. <placeholder type=\"variablelist\" id=" "\"0\"/>" @@ -4190,12 +4644,12 @@ msgstr "" "\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:3165 +#: sssd.conf.5.xml:3232 msgid "Application domains" -msgstr "" +msgstr "Dominios de aplicaciones" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3167 +#: sssd.conf.5.xml:3234 msgid "" "SSSD, with its D-Bus interface (see <citerefentry> <refentrytitle>sssd-ifp</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry>) is appealing to " @@ -4210,36 +4664,56 @@ msgid "" "<quote>application</quote> optionally inherits settings from a tradition " "SSSD domain." msgstr "" +"SSSD, con su interfaz D-Bus (see <citerefentry> <refentrytitle>sssd-ifp</" +"refentrytitle> <manvolnum>5</manvolnum> </citerefentry>) es atractivo para " +"las aplicaciones como puerta de entrada a un directorio LDAP donde se " +"almacenan usuarios y grupos. Sin embargo, de modo distinto al tradicional " +"despliegue SSSD donde todos los usuarios y grupos bien tienen atributos " +"POSIX o esos atributos se pueden inferir desde los Windows SIDs, en muchos " +"casos los usuarios y grupos en el escenario de soporte de la aplicación no " +"tienen atributos POSIX. En lugar de establecer una sección <quote>[domain/" +"<replaceable>NAME</replaceable>]</quote>, el administrador puede configurar " +"una sección <quote>[application/<replaceable>NAME</replaceable>]</quote> que " +"internamente represente un dominio con un tipo <quote>application</quote> " +"que opcionalmente herede ajustes de un dominio SSSD tradicional." #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3187 +#: sssd.conf.5.xml:3254 msgid "" "Please note that the application domain must still be explicitly enabled in " "the <quote>domains</quote> parameter so that the lookup order between the " "application domain and its POSIX sibling domain is set correctly." msgstr "" +"Por favor advierta que el dominio de aplicación debe aún ser habilitado " +"explícitamente en el parámetros <quote>domains</quote> de modo que la orden " +"de búsqueda entre el dominio de aplicación y su dominio POSIX hermano está " +"establecido correctamente." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:3193 +#: sssd.conf.5.xml:3260 msgid "Application domain parameters" -msgstr "" +msgstr "Parámetros de dominio de aplicación" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3195 +#: sssd.conf.5.xml:3262 msgid "inherit_from (string)" -msgstr "" +msgstr "inherit_from (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3198 +#: sssd.conf.5.xml:3265 msgid "" "The SSSD POSIX-type domain the application domain inherits all settings " "from. The application domain can moreover add its own settings to the " "application settings that augment or override the <quote>sibling</quote> " "domain settings." msgstr "" +"En el dominio tipo SSSD POSIX el dominio de aplicación hereda todos los " +"ajustes. El dominio de aplicación puede además añadir sus propios ajustes a " +"los ajustes de aplicación que aumentan o anulan los ajustes del dominio " +"<quote>hermano</quote>." #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3212 +#: sssd.conf.5.xml:3279 msgid "" "The following example illustrates the use of an application domain. In this " "setup, the POSIX domain is connected to an LDAP server and is used by the OS " @@ -4247,9 +4721,14 @@ msgid "" "the telephoneNumber attribute, stores it as the phone attribute in the cache " "and makes the phone attribute reachable through the D-Bus interface." msgstr "" +"El siguiente ejemplo ilustra el uso de un dominio de aplicación. En este " +"ajuste, el dominio POSIX está conectado a un servidor LDAP y se usa por el " +"SO a través de un contestador NSS. Además, el dominio de aplicación también " +"pide el atributo telephoneNumber, lo almacena como el atributo phone en la " +"cache y hace al atributo phone alcanzable a través del interfaz D-Bus." #. type: Content of: <reference><refentry><refsect1><refsect2><programlisting> -#: sssd.conf.5.xml:3220 +#: sssd.conf.5.xml:3287 #, no-wrap msgid "" "[sssd]\n" @@ -4267,14 +4746,28 @@ msgid "" "inherit_from = posixdom\n" "ldap_user_extra_attrs = phone:telephoneNumber\n" msgstr "" +"[sssd]\n" +"domains = appdom, posixdom\n" +"\n" +"[ifp]\n" +"user_attributes = +phone\n" +"\n" +"[domain/posixdom]\n" +"id_provider = ldap\n" +"ldap_uri = ldap://ldap.example.com\n" +"ldap_search_base = dc=example,dc=com\n" +"\n" +"[application/appdom]\n" +"inherit_from = posixdom\n" +"ldap_user_extra_attrs = phone:telephoneNumber\n" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:3238 +#: sssd.conf.5.xml:3305 msgid "The local domain section" msgstr "La sección de dominio local" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3240 +#: sssd.conf.5.xml:3307 msgid "" "This section contains settings for domain that stores users and groups in " "SSSD native database, that is, a domain that uses " @@ -4285,29 +4778,29 @@ msgstr "" "utiliza <replaceable>id_provider=local</replaceable>." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3247 +#: sssd.conf.5.xml:3314 msgid "default_shell (string)" msgstr "default_shell (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3250 +#: sssd.conf.5.xml:3317 msgid "The default shell for users created with SSSD userspace tools." msgstr "" "El shell predeterminado para los usuarios creados con herramientas de " "espacio de usuario SSSD." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3254 +#: sssd.conf.5.xml:3321 msgid "Default: <filename>/bin/bash</filename>" msgstr "Predeterminado: <filename>/bin/bash</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3259 +#: sssd.conf.5.xml:3326 msgid "base_directory (string)" msgstr "base_directory (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3262 +#: sssd.conf.5.xml:3329 msgid "" "The tools append the login name to <replaceable>base_directory</replaceable> " "and use that as the home directory." @@ -4317,17 +4810,17 @@ msgstr "" "de inicio." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3267 +#: sssd.conf.5.xml:3334 msgid "Default: <filename>/home</filename>" msgstr "Predeterminado: <filename>/home</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3272 +#: sssd.conf.5.xml:3339 msgid "create_homedir (bool)" msgstr "create_homedir (bool)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3275 +#: sssd.conf.5.xml:3342 msgid "" "Indicate if a home directory should be created by default for new users. " "Can be overridden on command line." @@ -4336,17 +4829,17 @@ msgstr "" "Puede ser anulado desde la línea de comando." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3279 sssd.conf.5.xml:3291 +#: sssd.conf.5.xml:3346 sssd.conf.5.xml:3358 msgid "Default: TRUE" msgstr "Predeterminado: TRUE" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3284 +#: sssd.conf.5.xml:3351 msgid "remove_homedir (bool)" msgstr "remove_homedir (bool)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3287 +#: sssd.conf.5.xml:3354 msgid "" "Indicate if a home directory should be removed by default for deleted " "users. Can be overridden on command line." @@ -4355,12 +4848,12 @@ msgstr "" "borrados. Puede ser anulado desde la línea de comando." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3296 +#: sssd.conf.5.xml:3363 msgid "homedir_umask (integer)" msgstr "homedir_umask (entero)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3299 +#: sssd.conf.5.xml:3366 msgid "" "Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " @@ -4371,17 +4864,17 @@ msgstr "" "predeterminados en un directorio de inicio recién creado." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3307 +#: sssd.conf.5.xml:3374 msgid "Default: 077" msgstr "Predeterminado: 077" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3312 +#: sssd.conf.5.xml:3379 msgid "skel_dir (string)" msgstr "skel_dir (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3315 +#: sssd.conf.5.xml:3382 msgid "" "The skeleton directory, which contains files and directories to be copied in " "the user's home directory, when the home directory is created by " @@ -4394,17 +4887,17 @@ msgstr "" "<manvolnum>8</manvolnum></citerefentry>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3325 +#: sssd.conf.5.xml:3392 msgid "Default: <filename>/etc/skel</filename>" msgstr "Predeterminado: <filename>/etc/skel</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3330 +#: sssd.conf.5.xml:3397 msgid "mail_dir (string)" msgstr "mail_dir (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3333 +#: sssd.conf.5.xml:3400 msgid "" "The mail spool directory. This is needed to manipulate the mailbox when its " "corresponding user account is modified or deleted. If not specified, a " @@ -4415,17 +4908,17 @@ msgstr "" "Si no se especifica, se utiliza un valor por defecto." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3340 +#: sssd.conf.5.xml:3407 msgid "Default: <filename>/var/mail</filename>" msgstr "Predeterminado: <filename>/var/mail</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3345 +#: sssd.conf.5.xml:3412 msgid "userdel_cmd (string)" msgstr "userdel_cmd (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3348 +#: sssd.conf.5.xml:3415 msgid "" "The command that is run after a user is removed. The command us passed the " "username of the user being removed as the first and only parameter. The " @@ -4436,17 +4929,17 @@ msgstr "" "único parámetro. El código de retorno del comando no es tenido en cuenta." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3354 +#: sssd.conf.5.xml:3421 msgid "Default: None, no command is run" msgstr "Predeterminado: None, no se ejecuta comando" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3364 +#: sssd.conf.5.xml:3431 msgid "TRUSTED DOMAIN SECTION" -msgstr "" +msgstr "SECCIÓN DE DOMINIO DE CONFIANZA" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3366 +#: sssd.conf.5.xml:3433 msgid "" "Some options used in the domain section can also be used in the trusted " "domain section, that is, in a section called <quote>[domain/" @@ -4455,66 +4948,81 @@ msgid "" "domain. Please refer to examples below for explanation. Currently supported " "options in the trusted domain section are:" msgstr "" +"Algunas opciones usadas en la sección dominio puede ser usadas también en la " +"sección dominio de confianza, esto es, en una sección llamada<quote>[domain/" +"<replaceable>DOMAIN_NAME</replaceable>/<replaceable>TRUSTED_DOMAIN_NAME</" +"replaceable>]</quote>. Donde DOMAIN_NAME es el dominio base real. Por favor " +"vea los ejemplos de abajo para una explicación. Actualmente las opciones " +"soportadas en la sección de dominio de confianza son:" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3373 +#: sssd.conf.5.xml:3440 msgid "ldap_search_base," -msgstr "" +msgstr "ldap_search_base," #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3374 +#: sssd.conf.5.xml:3441 msgid "ldap_user_search_base," -msgstr "" +msgstr "ldap_user_search_base," #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3375 +#: sssd.conf.5.xml:3442 msgid "ldap_group_search_base," -msgstr "" +msgstr "ldap_group_search_base," #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3376 +#: sssd.conf.5.xml:3443 msgid "ldap_netgroup_search_base," -msgstr "" +msgstr "ldap_netgroup_search_base," #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3377 +#: sssd.conf.5.xml:3444 msgid "ldap_service_search_base," -msgstr "" +msgstr "ldap_service_search_base," + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:3445 +#, fuzzy +#| msgid "ldap_sasl_mech (string)" +msgid "ldap_sasl_mech," +msgstr "ldap_sasl_mech (cadena)" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3378 +#: sssd.conf.5.xml:3446 msgid "ad_server," -msgstr "" +msgstr "ad_server," #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3379 +#: sssd.conf.5.xml:3447 msgid "ad_backup_server," -msgstr "" +msgstr "ad_backup_server," #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3380 +#: sssd.conf.5.xml:3448 msgid "ad_site," -msgstr "" +msgstr "ad_site," #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3381 sssd-ipa.5.xml:797 +#: sssd.conf.5.xml:3449 sssd-ipa.5.xml:797 msgid "use_fully_qualified_names" -msgstr "" +msgstr "use_fully_qualified_names" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3383 +#: sssd.conf.5.xml:3451 msgid "" "For more details about these options see their individual description in the " "manual page." msgstr "" +"Para más detalles sobre estas opciones vea su descripción individual en la " +"página de manual." #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3389 +#: sssd.conf.5.xml:3457 msgid "CERTIFICATE MAPPING SECTION" -msgstr "" +msgstr "SECCIÓN DE MAPEO DEL CERTIFICADO" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3391 +#: sssd.conf.5.xml:3459 msgid "" "To allow authentication with Smartcards and certificates SSSD must be able " "to map certificates to users. This can be done by adding the full " @@ -4525,159 +5033,304 @@ msgid "" "might be cumbersome or not even possible to do this for the general case " "where local services use PAM for authentication." msgstr "" +"Para permitir la autenticación con Smartcards y certificados SSSD debe ser " +"capaz de mapear los certificados con los usuarios. Esto puede ser hecho " +"añadiendo el certificado completo al objeto LDAP del usuario o a una " +"anulación local. Mientras requierir el uso del certificado completo para " +"usar la característica autenticación Smartcard de SSH (ver <citerefentry> " +"<refentrytitle>sss_ssh_authorizedkeys</refentrytitle> <manvolnum>8</" +"manvolnum> </citerefentry> para más detalles) puede ser engorroso o no " +"siempre posible de hacer esto en el caso general donde los servicios locales " +"usan autenticación PAM." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3405 -#, fuzzy -#| msgid "" -#| "This manual page only describes attribute name mapping. For detailed " -#| "explanation of sudo related attribute semantics, see <citerefentry> " -#| "<refentrytitle>sudoers.ldap</refentrytitle><manvolnum>5</manvolnum> </" -#| "citerefentry>" +#: sssd.conf.5.xml:3473 msgid "" "To make the mapping more flexible mapping and matching rules were added to " "SSSD (see <citerefentry> <refentrytitle>sss-certmap</refentrytitle> " "<manvolnum>5</manvolnum> </citerefentry> for details)." msgstr "" -"Esta página de manual sólo describe el atributo de nombre mapping. Para una " -"explicación detallada de la semántica del atributo relacionada con sudo, vea " -"<citerefentry> <refentrytitle>sudoers.ldap</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>" +"Para hacer que la asignación sea más flexible, se agregaron reglas de " +"asignación y coincidencia a SSSD (ver más detalles en <citerefentry> " +"<refentrytitle>sss-certmap</refentrytitle> <manvolnum>5</manvolnum> </" +"citerefentry>)." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3414 +#: sssd.conf.5.xml:3482 msgid "" "A mapping and matching rule can be added to the SSSD configuration in a " "section on its own with a name like <quote>[certmap/" "<replaceable>DOMAIN_NAME</replaceable>/<replaceable>RULE_NAME</" "replaceable>]</quote>. In this section the following options are allowed:" msgstr "" +"Un regla de mapeo y coincidencia puede ser añadida a la configuración SSSD " +"en una sección en si misma con un nombre como <quote>[certmap/" +"<replaceable>DOMAIN_NAME</replaceable>/<replaceable>RULE_NAME</" +"replaceable>]</quote>. En esta sección están permitidas las siguientes " +"opciones:" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3421 -#, fuzzy -#| msgid "user (string)" +#: sssd.conf.5.xml:3489 msgid "matchrule (string)" -msgstr "usuario (cadena)" +msgstr "matchrule (cadena)" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3424 +#: sssd.conf.5.xml:3492 msgid "" "Only certificates from the Smartcard which matches this rule will be " "processed, all others are ignored." msgstr "" +"Solo los certificados de la Smartcard que coincidan con esta regla serán " +"procesados, los demás son ignorados." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3428 +#: sssd.conf.5.xml:3496 msgid "" "Default: KRB5:<EKU>clientAuth, i.e. only certificates which have the " "Extended Key Usage <quote>clientAuth</quote>" msgstr "" +"Predeterminado: KRB5:<EKU>clientAuth, i.e. solo los certificados que " +"tengan Extended Key Usage <quote>clientAuth</quote>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3435 -#, fuzzy -#| msgid "user (string)" +#: sssd.conf.5.xml:3503 msgid "maprule (string)" -msgstr "usuario (cadena)" +msgstr "maprule (cadena)" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3438 +#: sssd.conf.5.xml:3506 msgid "Defines how the user is found for a given certificate." -msgstr "" +msgstr "Define como se encuentra un usuario desde un certificado dado." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3444 +#: sssd.conf.5.xml:3512 msgid "" "LDAP:(userCertificate;binary={cert!bin}) for LDAP based providers like " "<quote>ldap</quote>, <quote>AD</quote> or <quote>ipa</quote>." msgstr "" +"LDAP:(userCertificate;binary={cert!bin}) para proveedores basados en LDAP " +"como <quote>ldap</quote>, <quote>AD</quote> o <quote>ipa</quote>." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3450 +#: sssd.conf.5.xml:3518 msgid "" "The RULE_NAME for the <quote>files</quote> provider which tries to find a " "user with the same name." msgstr "" +"El RULE_NAME para el proveedor de <quote>ficheros</quote> que intenta " +"encontrar un usuario con el mismo nombre." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3459 -#, fuzzy -#| msgid "ad_domain (string)" +#: sssd.conf.5.xml:3527 msgid "domains (string)" -msgstr "ad_domain (cadena)" +msgstr "domains (cadena)" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3462 +#: sssd.conf.5.xml:3530 msgid "" "Comma separated list of domain names the rule should be applied. By default " "a rule is only valid in the domain configured in sssd.conf. If the provider " "supports subdomains this option can be used to add the rule to subdomains as " "well." msgstr "" +"Lista separada por comas de nombrs de dominios a los que la regla debería " +"ser aplicada. Por defecto una regla solo es válida en el dominio configurado " +"en sssd.conf. Si el proveedor soporta subdominios esta opción puede ser " +"usada para añadir la regla a los subdominios también." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3469 +#: sssd.conf.5.xml:3537 msgid "Default: the configured domain in sssd.conf" -msgstr "" +msgstr "Predetermiado: el dominio configurado en sssd.conf" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3474 -#, fuzzy -#| msgid "pam_verbosity (integer)" +#: sssd.conf.5.xml:3542 msgid "priority (integer)" -msgstr "pam_verbosity (entero)" +msgstr "priority (entero)" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3477 +#: sssd.conf.5.xml:3545 msgid "" "Unsigned integer value defining the priority of the rule. The higher the " "number the lower the priority. <quote>0</quote> stands for the highest " "priority while <quote>4294967295</quote> is the lowest." msgstr "" +"Valor entero sin signo que define la prioridad de la regla. El número más " +"alto la prioridad más baja. <quote>0</quote> se mantiene para la prioridad " +"más alte mientras que <quote>4294967295</quote> es la más baja." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3483 -#, fuzzy -#| msgid "Default: homeDirectory" +#: sssd.conf.5.xml:3551 msgid "Default: the lowest priority" -msgstr "Predeterminado: homeDirectory" +msgstr "Predeterminado: la prioridad más baja" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3489 +#: sssd.conf.5.xml:3557 msgid "" "To make the configuration simple and reduce the amount of configuration " "options the <quote>files</quote> provider has some special properties:" msgstr "" +"Para hacer la configuración sencilla y reducir la cantidad de opciones de " +"configuración el proveedor de <quote>ficheros</quote> tiene algunas " +"propiedades especiales:" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3495 +#: sssd.conf.5.xml:3563 msgid "" "if maprule is not set the RULE_NAME name is assumed to be the name of the " "matching user" msgstr "" +"si maprule no está establecido el nombre RULE_NAME se asume como en del " +"usuario coincidente" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3501 +#: sssd.conf.5.xml:3569 msgid "" "if a maprule is used both a single user name or a template like " "<quote>{subject_rfc822_name.short_name}</quote> must be in braces like e.g. " "<quote>(username)</quote> or <quote>({subject_rfc822_name.short_name})</" "quote>" msgstr "" +"si se usa una maprule tanto un único nombre de usuario como una plantilla " +"como <quote>{subject_rfc822_name.short_name}</quote> debe ir entre llaves " +"como e.g. <quote>(username)</quote> or <quote>({subject_rfc822_name." +"short_name})</quote>" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3510 +#: sssd.conf.5.xml:3578 msgid "the <quote>domains</quote> option is ignored" +msgstr "la opción <quote>domains</quote> es ignorada" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sssd.conf.5.xml:3586 +#, fuzzy +#| msgid "CONFIGURATION OPTIONS" +msgid "PROMPTING CONFIGURATION SECTION" +msgstr "OPCIONES DE CONFIGURACIÓN" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:3588 +msgid "" +"If a special file (<filename>/var/lib/sss/pubconf/pam_preauth_available</" +"filename>) exists SSSD's PAM module pam_sss will ask SSSD to figure out " +"which authentication methods are available for the user trying to log in. " +"Based on the results pam_sss will prompt the user for appropriate " +"credentials." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:3596 +msgid "" +"With the growing number of authentication methods and the possibility that " +"there are multiple ones for a single user the heuristic used by pam_sss to " +"select the prompting might not be suitable for all use cases. To following " +"options should provide a better flexibility here." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3608 +msgid "[prompting/password]" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3611 +#, fuzzy +#| msgid "password" +msgid "password_prompt" +msgstr "contraseña" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3612 +msgid "to change the string of the password prompt" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3610 +#, fuzzy +#| msgid "" +#| "Options valid for proxy domains. <placeholder type=\"variablelist\" id=" +#| "\"0\"/>" +msgid "" +"to configure password prompting, allowed options are: <placeholder type=" +"\"variablelist\" id=\"0\"/>" +msgstr "" +"Opciones válidas para dominios proxy. <placeholder type=\"variablelist\" id=" +"\"0\"/>" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3620 +msgid "[prompting/2fa]" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3624 +msgid "first_prompt" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3625 +msgid "to change the string of the prompt for the first factor" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3628 +msgid "second_prompt" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3629 +msgid "to change the string of the prompt for the second factor" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3632 +msgid "single_prompt" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3633 +msgid "" +"boolean value, if True there will be only a single prompt using the value of " +"first_prompt where it is expected that both factor are entered as a single " +"string" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3622 +#, fuzzy +#| msgid "" +#| "Options valid for proxy domains. <placeholder type=\"variablelist\" id=" +#| "\"0\"/>" +msgid "" +"to configure two-factor authentication prompting, allowed options are: " +"<placeholder type=\"variablelist\" id=\"0\"/>" +msgstr "" +"Opciones válidas para dominios proxy. <placeholder type=\"variablelist\" id=" +"\"0\"/>" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:3603 +msgid "" +"Each supported authentication method has it's own configuration sub-section " +"under <quote>[prompting/...]</quote>. Currently there are: <placeholder type=" +"\"variablelist\" id=\"0\"/> <placeholder type=\"variablelist\" id=\"1\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:3645 +msgid "" +"It is possible to add a sub-section for specific PAM services like e.g. " +"<quote>[prompting/password/sshd]</quote> to individual change the prompting " +"for this service." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3518 idmap_sss.8.xml:43 +#: sssd.conf.5.xml:3652 idmap_sss.8.xml:43 msgid "EXAMPLES" -msgstr "" +msgstr "EJEMPLOS" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3524 +#: sssd.conf.5.xml:3658 #, no-wrap msgid "" "[sssd]\n" @@ -4731,24 +5384,30 @@ msgstr "" "enumerate = False\n" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3520 +#: sssd.conf.5.xml:3654 msgid "" "1. The following example shows a typical SSSD config. It does not describe " "configuration of the domains themselves - refer to documentation on " "configuring domains for more details. <placeholder type=\"programlisting\" " "id=\"0\"/>" msgstr "" +"1. El siguiente ejemplo muestra una configuración SSSD típica.No describe la " +"configuración de los dominios en si mismos - vea la documentación sobre " +"configuración de dominios para mas detalles. <placeholder type=" +"\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3557 +#: sssd.conf.5.xml:3691 #, no-wrap msgid "" "[domain/ipa.com/child.ad.com]\n" "use_fully_qualified_names = false\n" msgstr "" +"[domain/ipa.com/child.ad.com]\n" +"use_fully_qualified_names = false\n" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3551 +#: sssd.conf.5.xml:3685 msgid "" "2. The following example shows configuration of IPA AD trust where the AD " "forest consists of two domains in a parent-child structure. Suppose IPA " @@ -4757,9 +5416,15 @@ msgid "" "configuration should be used. <placeholder type=\"programlisting\" id=\"0\"/" ">" msgstr "" +"2. El siguiente ejemplo muestra la configuración de confianza IPA AD el " +"bosque AD consta de dos dominios en una estructura padre-hijo. Supone que " +"el dominio IPA (ipa.com) tiene confianza con el dominio AD (ad.com). ad.com " +"tiene dominio hijo (child.ad.com). Para habilitar nombres cortos en el " +"dominio hijo se debería usar la siguiente configuración. <placeholder type=" +"\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3571 +#: sssd.conf.5.xml:3705 #, no-wrap msgid "" "[certmap/my.domain/rule_name]\n" @@ -4771,9 +5436,17 @@ msgid "" "[certmap/files/myname]\n" "matchrule = <ISSUER>^CN=My-CA,DC=MY,DC=DOMAIN$<SUBJECT>^CN=User.Name,DC=MY,DC=DOMAIN$\n" msgstr "" +"[certmap/my.domain/rule_name]\n" +"matchrule = <ISSUER>^CN=My-CA,DC=MY,DC=DOMAIN$\n" +"maprule = (userCertificate;binary={cert!bin})\n" +"domains = my.domain, your.domain\n" +"priority = 10\n" +"\n" +"[certmap/files/myname]\n" +"matchrule = <ISSUER>^CN=My-CA,DC=MY,DC=DOMAIN$<SUBJECT>^CN=User.Name,DC=MY,DC=DOMAIN$\n" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3562 +#: sssd.conf.5.xml:3696 msgid "" "3. The following example shows the configuration for two certificate mapping " "rules. The first is valid for the configured domain <quote>my.domain</quote> " @@ -4783,6 +5456,14 @@ msgid "" "for this domain and contains a matching rule for the local user " "<quote>myname</quote>. <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" +"3. El siguiente ejemplo muestra la configuración para dos reglas de mapeo de " +"certificado. La primera es válida para el dominio configurado <quote>my." +"domain</quote> y adicionalmente para los subdominios <quote>your.domain</" +"quote> y usa el certificado completo en el filtro de búsqueda. El segundo " +"ejemplo es válido para el dominio <quote>files</quote> donde se asume que el " +"proveedor de ficheros se usa por este dominio y contiene la regla de " +"coincidencia para el usuario local <quote>myname</quote>. <placeholder type=" +"\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refnamediv><refname> #: sssd-ldap.5.xml:10 sssd-ldap.5.xml:16 @@ -4792,7 +5473,7 @@ msgstr "sssd-ldap" #. type: Content of: <reference><refentry><refnamediv><refpurpose> #: sssd-ldap.5.xml:17 msgid "SSSD LDAP provider" -msgstr "" +msgstr "Proveedor SSSD LDAP" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ldap.5.xml:23 @@ -4955,7 +5636,7 @@ msgstr "" "http://www.ietf.org/rfc/rfc2254.txt" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:662 sssd-ad.5.xml:286 +#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:700 sssd-ad.5.xml:286 #: sss_override.8.xml:137 sss_override.8.xml:234 msgid "Examples:" msgstr "Ejemplos:" @@ -5075,52 +5756,97 @@ msgstr "Predeterminado: rfc2307" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:209 +#, fuzzy +#| msgid "ldap_group_modify_timestamp (string)" +msgid "ldap_pwmodify_mode (string)" +msgstr "ldap_group_modify_timestamp (cadena)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:212 +msgid "Specify the operation that is used to modify user password." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:216 +#, fuzzy +#| msgid "Four schema types are currently supported:" +msgid "Two modes are currently supported:" +msgstr "Cuatro tipos de esquema son actualmente soportados:" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ldap.5.xml:220 +msgid "exop - Password Modify Extended Operation (RFC 3062)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ldap.5.xml:226 +msgid "ldap_modify - Direct modification of userPassword (not recommended)." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:233 +msgid "" +"Note: First, a new connection is established to verify current password by " +"binding as the user that requested password change. If successful, this " +"connection is used to change the password therefore the user must have write " +"access to userPassword attribute." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:241 +#, fuzzy +#| msgid "Default: gecos" +msgid "Default: exop" +msgstr "Predeterminado: gecos" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:247 msgid "ldap_default_bind_dn (string)" msgstr "ldap_default_bind_dn (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:212 +#: sssd-ldap.5.xml:250 msgid "The default bind DN to use for performing LDAP operations." msgstr "" "El enlazador DN por defecto a usar para llevar a cabo operaciones LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:219 +#: sssd-ldap.5.xml:257 msgid "ldap_default_authtok_type (string)" msgstr "ldap_default_authtok_type (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:222 +#: sssd-ldap.5.xml:260 msgid "The type of the authentication token of the default bind DN." msgstr "El tipo de ficha de autenticación del enlazador DN por defecto." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:226 +#: sssd-ldap.5.xml:264 msgid "The two mechanisms currently supported are:" msgstr "Los dos mecanismos actualmente soportados son:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:229 +#: sssd-ldap.5.xml:267 msgid "password" msgstr "contraseña" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:232 +#: sssd-ldap.5.xml:270 msgid "obfuscated_password" msgstr "obfuscated_password" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:235 +#: sssd-ldap.5.xml:273 msgid "Default: password" msgstr "Por defecto: contraseña" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:241 +#: sssd-ldap.5.xml:279 msgid "ldap_default_authtok (string)" msgstr "ldap_default_authtok (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:244 +#: sssd-ldap.5.xml:282 msgid "" "The authentication token of the default bind DN. Only clear text passwords " "are currently supported." @@ -5129,156 +5855,162 @@ msgstr "" "actualmente password de texto claro." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:251 +#: sssd-ldap.5.xml:289 msgid "ldap_user_object_class (string)" msgstr "ldap_user_object_class (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:254 +#: sssd-ldap.5.xml:292 msgid "The object class of a user entry in LDAP." msgstr "La clase de objeto de una entrada de usuario en LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:257 +#: sssd-ldap.5.xml:295 msgid "Default: posixAccount" msgstr "Predeterminado: posixAccount" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:263 +#: sssd-ldap.5.xml:301 msgid "ldap_user_name (string)" msgstr "ldap_user_name (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:266 +#: sssd-ldap.5.xml:304 msgid "The LDAP attribute that corresponds to the user's login name." msgstr "" "El atributo LDAP que corresponde al nombre de inicio de sesión del usuario." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:270 +#: sssd-ldap.5.xml:308 msgid "Default: uid (rfc2307, rfc2307bis and IPA), sAMAccountName (AD)" -msgstr "" +msgstr "Predeterminado: uid (rfc2307, rfc2307bis e IPA), sAMAccountName (AD)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:277 +#: sssd-ldap.5.xml:315 msgid "ldap_user_uid_number (string)" msgstr "ldap_user_uid_number (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:280 +#: sssd-ldap.5.xml:318 msgid "The LDAP attribute that corresponds to the user's id." msgstr "El atributo LDAP que corresponde al id de usuario." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:284 +#: sssd-ldap.5.xml:322 msgid "Default: uidNumber" msgstr "Predeterminado: uidNumber" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:290 +#: sssd-ldap.5.xml:328 msgid "ldap_user_gid_number (string)" msgstr "ldap_user_gid_number (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:293 +#: sssd-ldap.5.xml:331 msgid "The LDAP attribute that corresponds to the user's primary group id." msgstr "El atributo LDAP que corresponde al id del grupo primario del usuario." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:297 sssd-ldap.5.xml:929 +#: sssd-ldap.5.xml:335 sssd-ldap.5.xml:967 msgid "Default: gidNumber" msgstr "Predeterminado: gidNumber" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:303 +#: sssd-ldap.5.xml:341 msgid "ldap_user_primary_group (string)" -msgstr "" +msgstr "ldap_user_primary_group (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:306 +#: sssd-ldap.5.xml:344 msgid "" "Active Directory primary group attribute for ID-mapping. Note that this " "attribute should only be set manually if you are running the <quote>ldap</" "quote> provider with ID mapping." msgstr "" +"Atributo de grupo primario Active Directory para el mapeo de ID. Advierta " +"que este atributo debería solo ser establecido manualmente si usted está " +"ejecutando el proveedor <quote>ldap</quote> con mapeo ID." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:312 +#: sssd-ldap.5.xml:350 msgid "Default: unset (LDAP), primaryGroupID (AD)" -msgstr "" +msgstr "Predeterminado: no establecido (LDAP), primaryGroupID (AD)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:318 +#: sssd-ldap.5.xml:356 msgid "ldap_user_gecos (string)" msgstr "ldap_user_gecos (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:321 +#: sssd-ldap.5.xml:359 msgid "The LDAP attribute that corresponds to the user's gecos field." msgstr "El atributo LDAP que corresponde al campo de gecos del usuario." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:325 +#: sssd-ldap.5.xml:363 msgid "Default: gecos" msgstr "Predeterminado: gecos" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:331 +#: sssd-ldap.5.xml:369 msgid "ldap_user_home_directory (string)" msgstr "ldap_user_home_directory (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:334 +#: sssd-ldap.5.xml:372 msgid "The LDAP attribute that contains the name of the user's home directory." msgstr "" "El atributo LDAP que contiene el nombre del directorio principal del usuario." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:338 +#: sssd-ldap.5.xml:376 msgid "Default: homeDirectory" msgstr "Predeterminado: homeDirectory" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:344 +#: sssd-ldap.5.xml:382 msgid "ldap_user_shell (string)" msgstr "ldap_user_shell (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:347 +#: sssd-ldap.5.xml:385 msgid "The LDAP attribute that contains the path to the user's default shell." msgstr "" "El atributo LDAP que contiene la ruta de acceso a la shell predeterminada " "del usuario." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:351 +#: sssd-ldap.5.xml:389 msgid "Default: loginShell" msgstr "Predeterminado: loginShell" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:357 +#: sssd-ldap.5.xml:395 msgid "ldap_user_uuid (string)" -msgstr "" +msgstr "ldap_user_uuid (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:360 +#: sssd-ldap.5.xml:398 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object." msgstr "" +"El atributo LDAP que contiene el UUID/GUID de un objeto de usuario LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:364 sssd-ldap.5.xml:955 +#: sssd-ldap.5.xml:402 sssd-ldap.5.xml:993 msgid "" "Default: not set in the general case, objectGUID for AD and ipaUniqueID for " "IPA" msgstr "" +"Predeterminado: no establecido en caso general, objectGUID para AD e " +"ipaUniqueID para IPA" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:371 +#: sssd-ldap.5.xml:409 msgid "ldap_user_objectsid (string)" msgstr "ldap_user_objectsid (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:374 +#: sssd-ldap.5.xml:412 msgid "" "The LDAP attribute that contains the objectSID of an LDAP user object. This " "is usually only necessary for ActiveDirectory servers." @@ -5287,17 +6019,19 @@ msgstr "" "es normalmente sólo necesario para servidores ActiveDirectory." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:379 sssd-ldap.5.xml:970 +#: sssd-ldap.5.xml:417 sssd-ldap.5.xml:1008 msgid "Default: objectSid for ActiveDirectory, not set for other servers." msgstr "" +"Predeterminado: objectSid para ActiveDirectory, no establecido para otros " +"servidores." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:386 +#: sssd-ldap.5.xml:424 msgid "ldap_user_modify_timestamp (string)" msgstr "ldap_user_modify_timestamp (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:389 sssd-ldap.5.xml:980 sssd-ldap.5.xml:1144 +#: sssd-ldap.5.xml:427 sssd-ldap.5.xml:1018 sssd-ldap.5.xml:1182 msgid "" "The LDAP attribute that contains timestamp of the last modification of the " "parent object." @@ -5306,17 +6040,17 @@ msgstr "" "objeto primario." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:393 sssd-ldap.5.xml:984 sssd-ldap.5.xml:1151 +#: sssd-ldap.5.xml:431 sssd-ldap.5.xml:1022 sssd-ldap.5.xml:1189 msgid "Default: modifyTimestamp" msgstr "Predeterminado: modifyTimestamp" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:399 +#: sssd-ldap.5.xml:437 msgid "ldap_user_shadow_last_change (string)" msgstr "ldap_user_shadow_last_change (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:402 +#: sssd-ldap.5.xml:440 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -5329,17 +6063,17 @@ msgstr "" "citerefentry> homologo (fecha del último cambio de password)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:412 +#: sssd-ldap.5.xml:450 msgid "Default: shadowLastChange" msgstr "Predeterminado: shadowLastChange" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:418 +#: sssd-ldap.5.xml:456 msgid "ldap_user_shadow_min (string)" msgstr "ldap_user_shadow_min (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:421 +#: sssd-ldap.5.xml:459 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -5352,17 +6086,17 @@ msgstr "" "citerefentry> homologo (edad mínima del password)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:430 +#: sssd-ldap.5.xml:468 msgid "Default: shadowMin" msgstr "Predeterminado: shadowMin" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:436 +#: sssd-ldap.5.xml:474 msgid "ldap_user_shadow_max (string)" msgstr "ldap_user_shadow_max (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:439 +#: sssd-ldap.5.xml:477 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -5375,17 +6109,17 @@ msgstr "" "citerefentry> homologo (edad máxima del password)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:448 +#: sssd-ldap.5.xml:486 msgid "Default: shadowMax" msgstr "Predeterminado: shadowMax" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:454 +#: sssd-ldap.5.xml:492 msgid "ldap_user_shadow_warning (string)" msgstr "ldap_user_shadow_warning (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:457 +#: sssd-ldap.5.xml:495 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -5398,17 +6132,17 @@ msgstr "" "citerefentry> homologo (período de aviso de password)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:467 +#: sssd-ldap.5.xml:505 msgid "Default: shadowWarning" msgstr "Predeterminado: shadowWarning" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:473 +#: sssd-ldap.5.xml:511 msgid "ldap_user_shadow_inactive (string)" msgstr "ldap_user_shadow_inactive (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:476 +#: sssd-ldap.5.xml:514 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -5421,17 +6155,17 @@ msgstr "" "citerefentry> homologo (período de inactividad de password)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:486 +#: sssd-ldap.5.xml:524 msgid "Default: shadowInactive" msgstr "Predeterminado: shadowInactive" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:492 +#: sssd-ldap.5.xml:530 msgid "ldap_user_shadow_expire (string)" msgstr "ldap_user_shadow_expire (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:495 +#: sssd-ldap.5.xml:533 msgid "" "When using ldap_pwd_policy=shadow or ldap_account_expire_policy=shadow, this " "parameter contains the name of an LDAP attribute corresponding to its " @@ -5445,17 +6179,17 @@ msgstr "" "expiración de la cuenta)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:505 +#: sssd-ldap.5.xml:543 msgid "Default: shadowExpire" msgstr "Predeterminado: shadowExpire" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:511 +#: sssd-ldap.5.xml:549 msgid "ldap_user_krb_last_pwd_change (string)" msgstr "ldap_user_krb_last_pwd_change (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:514 +#: sssd-ldap.5.xml:552 msgid "" "When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " "an LDAP attribute storing the date and time of last password change in " @@ -5466,17 +6200,17 @@ msgstr "" "de password en kerberos." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:520 +#: sssd-ldap.5.xml:558 msgid "Default: krbLastPwdChange" msgstr "Predeterminado: krbLastPwdChange" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:526 +#: sssd-ldap.5.xml:564 msgid "ldap_user_krb_password_expiration (string)" msgstr "ldap_user_krb_password_expiration (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:529 +#: sssd-ldap.5.xml:567 msgid "" "When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " "an LDAP attribute storing the date and time when current password expires." @@ -5486,17 +6220,17 @@ msgstr "" "el password actual." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:535 +#: sssd-ldap.5.xml:573 msgid "Default: krbPasswordExpiration" msgstr "Predeterminado: krbPasswordExpiration" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:541 +#: sssd-ldap.5.xml:579 msgid "ldap_user_ad_account_expires (string)" msgstr "ldap_user_ad_account_expires (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:544 +#: sssd-ldap.5.xml:582 msgid "" "When using ldap_account_expire_policy=ad, this parameter contains the name " "of an LDAP attribute storing the expiration time of the account." @@ -5505,17 +6239,17 @@ msgstr "" "nombre de un atributo LDAP que almacena el tiempo de expiración de la cuenta." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:549 +#: sssd-ldap.5.xml:587 msgid "Default: accountExpires" msgstr "Predeterminado: accountExpires" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:555 +#: sssd-ldap.5.xml:593 msgid "ldap_user_ad_user_account_control (string)" msgstr "ldap_user_ad_user_account_control (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:558 +#: sssd-ldap.5.xml:596 msgid "" "When using ldap_account_expire_policy=ad, this parameter contains the name " "of an LDAP attribute storing the user account control bit field." @@ -5525,17 +6259,17 @@ msgstr "" "de usuario." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:563 +#: sssd-ldap.5.xml:601 msgid "Default: userAccountControl" msgstr "Predeterminado: userAccountControl" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:569 +#: sssd-ldap.5.xml:607 msgid "ldap_ns_account_lock (string)" msgstr "ldap_ns_account_lock (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:572 +#: sssd-ldap.5.xml:610 msgid "" "When using ldap_account_expire_policy=rhds or equivalent, this parameter " "determines if access is allowed or not." @@ -5544,17 +6278,17 @@ msgstr "" "determina si el acceso está permitido o no." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:577 +#: sssd-ldap.5.xml:615 msgid "Default: nsAccountLock" msgstr "Predeterminado: nsAccountLock" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:583 +#: sssd-ldap.5.xml:621 msgid "ldap_user_nds_login_disabled (string)" msgstr "ldap_user_nds_login_disabled (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:586 +#: sssd-ldap.5.xml:624 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines if " "access is allowed or not." @@ -5563,17 +6297,17 @@ msgstr "" "acceso está permitido o no." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:590 sssd-ldap.5.xml:604 +#: sssd-ldap.5.xml:628 sssd-ldap.5.xml:642 msgid "Default: loginDisabled" msgstr "Predeterminado: loginDisabled" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:596 +#: sssd-ldap.5.xml:634 msgid "ldap_user_nds_login_expiration_time (string)" msgstr "ldap_user_nds_login_expiration_time (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:599 +#: sssd-ldap.5.xml:637 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines until " "which date access is granted." @@ -5582,12 +6316,12 @@ msgstr "" "que fecha se concede el acceso." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:610 +#: sssd-ldap.5.xml:648 msgid "ldap_user_nds_login_allowed_time_map (string)" msgstr "ldap_user_nds_login_allowed_time_map (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:613 +#: sssd-ldap.5.xml:651 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines the " "hours of a day in a week when access is granted." @@ -5596,17 +6330,17 @@ msgstr "" "hora de un día en la semana cuando se concede el acceso." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:618 +#: sssd-ldap.5.xml:656 msgid "Default: loginAllowedTimeMap" msgstr "Predeterminado: loginAllowedTimeMap" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:624 +#: sssd-ldap.5.xml:662 msgid "ldap_user_principal (string)" msgstr "ldap_user_principal (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:627 +#: sssd-ldap.5.xml:665 msgid "" "The LDAP attribute that contains the user's Kerberos User Principal Name " "(UPN)." @@ -5615,24 +6349,26 @@ msgstr "" "del usuario." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:631 +#: sssd-ldap.5.xml:669 msgid "Default: krbPrincipalName" msgstr "Predeterminado: krbPrincipalName" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:637 +#: sssd-ldap.5.xml:675 msgid "ldap_user_extra_attrs (string)" -msgstr "" +msgstr "ldap_user_extra_attrs (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:640 +#: sssd-ldap.5.xml:678 msgid "" "Comma-separated list of LDAP attributes that SSSD would fetch along with the " "usual set of user attributes." msgstr "" +"Lista separada por comas de atributos LDAP que SSSD debería ir a buscar con " +"el conjunto usual de atributos de usuario." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:645 +#: sssd-ldap.5.xml:683 msgid "" "The list can either contain LDAP attribute names only, or colon-separated " "tuples of SSSD cache attribute name and LDAP attribute name. In case only " @@ -5640,61 +6376,75 @@ msgid "" "verbatim. Using a custom SSSD attribute name might be required by " "environments that configure several SSSD domains with different LDAP schemas." msgstr "" +"La lista puede contener bien nombres de atributo LDAP solamente o tuplas " +"separadas por comas de de nombre de atributo SSSD en caché y nombre de " +"atributo LDAP. En el caso de que solo sed especifique el nombre de atributo " +"LDAP, el atributo se salva al caché literal. El uso de un nombre de " +"atributo SSSD personal puede ser requerido por entornos que configuran " +"varios dominios SSSD con diferentes esquemas LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:655 +#: sssd-ldap.5.xml:693 msgid "" "Please note that several attribute names are reserved by SSSD, notably the " "<quote>name</quote> attribute. SSSD would report an error if any of the " "reserved attribute names is used as an extra attribute name." msgstr "" +"Por favor advierta que varios nombres de atributos están reservados por " +"SSSD, notablemente el atributo <quote>name</quote>. SSSD informaría de un " +"error si cualquiera de los nombres de atributo reservados es usado como un " +"nombre de atributo extra." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:665 +#: sssd-ldap.5.xml:703 msgid "ldap_user_extra_attrs = telephoneNumber" -msgstr "" +msgstr "ldap_user_extra_attrs = telephoneNumber" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:668 +#: sssd-ldap.5.xml:706 msgid "" "Save the <quote>telephoneNumber</quote> attribute from LDAP as " "<quote>telephoneNumber</quote> to the cache." msgstr "" +"Guarda el atributo <quote>telephoneNumber</quote> desde LDAP como " +"<quote>telephoneNumber</quote> al caché." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:672 +#: sssd-ldap.5.xml:710 msgid "ldap_user_extra_attrs = phone:telephoneNumber" -msgstr "" +msgstr "ldap_user_extra_attrs = phone:telephoneNumber" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:675 +#: sssd-ldap.5.xml:713 msgid "" "Save the <quote>telephoneNumber</quote> attribute from LDAP as <quote>phone</" "quote> to the cache." msgstr "" +"Guarda el atributo <quote>telephoneNumber</quote> desde LDAP como " +"<quote>phone</quote> al caché." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:685 +#: sssd-ldap.5.xml:723 msgid "ldap_user_ssh_public_key (string)" msgstr "ldap_user_ssh_public_key (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:688 +#: sssd-ldap.5.xml:726 msgid "The LDAP attribute that contains the user's SSH public keys." msgstr "El atributo LDAP que contiene las claves públicas SSH del usuario." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:692 sssd-ldap.5.xml:1247 +#: sssd-ldap.5.xml:730 sssd-ldap.5.xml:1285 msgid "Default: sshPublicKey" -msgstr "" +msgstr "Predeterminado: sshPublicKey" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:698 +#: sssd-ldap.5.xml:736 msgid "ldap_force_upper_case_realm (boolean)" msgstr "ldap_force_upper_case_realm (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:701 +#: sssd-ldap.5.xml:739 msgid "" "Some directory servers, for example Active Directory, might deliver the " "realm part of the UPN in lower case, which might cause the authentication to " @@ -5707,12 +6457,12 @@ msgstr "" "usar mayúsculas reales." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:714 +#: sssd-ldap.5.xml:752 msgid "ldap_enumeration_refresh_timeout (integer)" msgstr "ldap_enumeration_refresh_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:717 +#: sssd-ldap.5.xml:755 msgid "" "Specifies how many seconds SSSD has to wait before refreshing its cache of " "enumerated records." @@ -5721,12 +6471,12 @@ msgstr "" "escondrijo de los registros enumerados." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:728 +#: sssd-ldap.5.xml:766 msgid "ldap_purge_cache_timeout (integer)" msgstr "ldap_purge_cache_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:731 +#: sssd-ldap.5.xml:769 msgid "" "Determine how often to check the cache for inactive entries (such as groups " "with no members and users who have never logged in) and remove them to save " @@ -5737,52 +6487,57 @@ msgstr "" "para guardar espacio." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:737 +#: sssd-ldap.5.xml:775 msgid "" "Setting this option to zero will disable the cache cleanup operation. Please " "note that if enumeration is enabled, the cleanup task is required in order " "to detect entries removed from the server and can't be disabled. By default, " "the cleanup task will run every 3 hours with enumeration enabled." msgstr "" +"Estableciendo esta opción a cero deshabilitará la operación de limpieza del " +"caché. Por favor advierta que si la enumeración está habilitada, se requiere " +"la tarea de limpieza con el objetivo de detectar entradas borradas desde el " +"servidor y no pueden ser deshabilitadas. Por defecto, la tarea de limpieza " +"correrá cada tres horas con la enumeración habilitada." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:752 +#: sssd-ldap.5.xml:790 msgid "ldap_user_fullname (string)" msgstr "ldap_user_fullname (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:755 +#: sssd-ldap.5.xml:793 msgid "The LDAP attribute that corresponds to the user's full name." msgstr "El atributo LDAP que corresponde al nombre completo del usuario." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:759 sssd-ldap.5.xml:1102 sssd-ldap.5.xml:1176 -#: sssd-ldap.5.xml:1285 sssd-ldap.5.xml:2346 sssd-ipa.5.xml:622 +#: sssd-ldap.5.xml:797 sssd-ldap.5.xml:1140 sssd-ldap.5.xml:1214 +#: sssd-ldap.5.xml:1323 sssd-ldap.5.xml:2404 sssd-ipa.5.xml:622 msgid "Default: cn" msgstr "Predeterminado: cn" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:765 +#: sssd-ldap.5.xml:803 msgid "ldap_user_member_of (string)" msgstr "ldap_user_member_of (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:768 +#: sssd-ldap.5.xml:806 msgid "The LDAP attribute that lists the user's group memberships." msgstr "El atributo LDAP que lista los afiliación a grupo de usario." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:772 sssd-ldap.5.xml:1215 +#: sssd-ldap.5.xml:810 sssd-ldap.5.xml:1253 msgid "Default: memberOf" msgstr "Predeterminado: memberOf" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:778 +#: sssd-ldap.5.xml:816 msgid "ldap_user_authorized_service (string)" msgstr "ldap_user_authorized_service (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:781 +#: sssd-ldap.5.xml:819 msgid "" "If access_provider=ldap and ldap_access_order=authorized_service, SSSD will " "use the presence of the authorizedService attribute in the user's LDAP entry " @@ -5793,7 +6548,7 @@ msgstr "" "usuario para determinar el privilegio de acceso." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:788 +#: sssd-ldap.5.xml:826 msgid "" "An explicit deny (!svc) is resolved first. Second, SSSD searches for " "explicit allow (svc) and finally for allow_all (*)." @@ -5802,25 +6557,28 @@ msgstr "" "permiso explícito (svc) y finalmente permitir todo (*)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:793 +#: sssd-ldap.5.xml:831 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>authorized_service</quote> in order for the " "ldap_user_authorized_service option to work." msgstr "" +"Por favor advierta que la opcion de configuración ldap_access_order " +"<emphasis>debe</emphasis> incluir <quote>authorized_service</quote> con el " +"objetivo de que la opción ldap_user_authorized_service trabaje." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:800 +#: sssd-ldap.5.xml:838 msgid "Default: authorizedService" msgstr "Predeterminado: iluminada" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:806 +#: sssd-ldap.5.xml:844 msgid "ldap_user_authorized_host (string)" msgstr "ldap_user_authorized_host (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:809 +#: sssd-ldap.5.xml:847 msgid "" "If access_provider=ldap and ldap_access_order=host, SSSD will use the " "presence of the host attribute in the user's LDAP entry to determine access " @@ -5831,7 +6589,7 @@ msgstr "" "el privilegio de acceso." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:815 +#: sssd-ldap.5.xml:853 msgid "" "An explicit deny (!host) is resolved first. Second, SSSD searches for " "explicit allow (host) and finally for allow_all (*)." @@ -5840,78 +6598,90 @@ msgstr "" "SSSD para permiso explícito (host) y finalmente permitir todo (*)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:820 +#: sssd-ldap.5.xml:858 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>host</quote> in order for the " "ldap_user_authorized_host option to work." msgstr "" +"Por favor advierta que la opción de configuración ldap_access_order " +"<emphasis>debe</emphasis> incluir <quote>host</quote> con el objetivo de que " +"la opción ldap_user_authorized_host." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:827 +#: sssd-ldap.5.xml:865 msgid "Default: host" msgstr "Default: host" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:833 +#: sssd-ldap.5.xml:871 msgid "ldap_user_authorized_rhost (string)" -msgstr "" +msgstr "ldap_user_authorized_rhost (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:836 +#: sssd-ldap.5.xml:874 msgid "" "If access_provider=ldap and ldap_access_order=rhost, SSSD will use the " "presence of the rhost attribute in the user's LDAP entry to determine access " "privilege. Similarly to host verification process." msgstr "" +"Si access_provider=ldap y ldap_access_order=rhost, SSSD usará la presencia " +"del atributo rhost en la entrada LDAP de usuario para determinar el " +"privilegio de acceso. Similarmente al proceso de verificación de host." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:843 +#: sssd-ldap.5.xml:881 msgid "" "An explicit deny (!rhost) is resolved first. Second, SSSD searches for " "explicit allow (rhost) and finally for allow_all (*)." msgstr "" +"Una denegación explícita (!rhost) se resuelve primero. Segundo, SSSD busca " +"permisos explícitos (rhost) y finalmente allow_all (*)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:848 +#: sssd-ldap.5.xml:886 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>rhost</quote> in order for the " "ldap_user_authorized_rhost option to work." msgstr "" +"Por favor advierta que la opción de configuración ldap_access_order " +"<emphasis>debe</emphasis> incluir <quote>rhost</quote> con el objetivo de " +"que la opción ldap_user_authorized_rhost trabaje." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:855 +#: sssd-ldap.5.xml:893 msgid "Default: rhost" -msgstr "" +msgstr "Predeterminado: rhost" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:861 +#: sssd-ldap.5.xml:899 msgid "ldap_user_certificate (string)" -msgstr "" +msgstr "ldap_user_certificate (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:864 +#: sssd-ldap.5.xml:902 msgid "Name of the LDAP attribute containing the X509 certificate of the user." -msgstr "" +msgstr "Nombre del atributo LDAP que contiene el certificado X509 del usuario." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:868 +#: sssd-ldap.5.xml:906 msgid "Default: userCertificate;binary" -msgstr "" +msgstr "Predeterminado: userCertificate;binary" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:874 +#: sssd-ldap.5.xml:912 msgid "ldap_user_email (string)" -msgstr "" +msgstr "ldap_user_email (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:877 +#: sssd-ldap.5.xml:915 msgid "Name of the LDAP attribute containing the email address of the user." msgstr "" +"Nombre del atributo LDAP que contiene el correo electrónico del usuario." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:881 +#: sssd-ldap.5.xml:919 msgid "" "Note: If an email address of a user conflicts with an email address or fully " "qualified name of another user, then SSSD will not be able to serve those " @@ -5919,84 +6689,91 @@ msgid "" "email address then set this option to a nonexistent attribute name in order " "to disable user lookup/login by email." msgstr "" +"Aviso: Si una dirección de correo electrónico de un usuario entra en " +"conflicto con una dirección de correo electrónico o el nombre totalmente " +"cualificado de otro usuario, SSSD no será capaz de servir adecuadamente a " +"esos usuarios. Si por alguna de varias razones los usuarios necesitan " +"compartir la misma dirección de correo electrónico establezca esta opción a " +"un nombre de atributo no existente con elobjetivo de deshabilitar la " +"búsqueda/acceso por correo electrónico." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:890 +#: sssd-ldap.5.xml:928 msgid "Default: mail" -msgstr "" +msgstr "Predeterminado: mail" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:896 +#: sssd-ldap.5.xml:934 msgid "ldap_group_object_class (string)" msgstr "ldap_group_object_class (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:899 +#: sssd-ldap.5.xml:937 msgid "The object class of a group entry in LDAP." msgstr "La clase de objeto de una entrada de grupo LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:902 +#: sssd-ldap.5.xml:940 msgid "Default: posixGroup" msgstr "Por defecto: posixGroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:908 +#: sssd-ldap.5.xml:946 msgid "ldap_group_name (string)" msgstr "ldap_group_name (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:911 +#: sssd-ldap.5.xml:949 msgid "The LDAP attribute that corresponds to the group name." msgstr "El atributo LDAP que corresponde al nombre de grupo." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:915 +#: sssd-ldap.5.xml:953 msgid "Default: cn (rfc2307, rfc2307bis and IPA), sAMAccountName (AD)" -msgstr "" +msgstr "Predeterminado: cn (rfc2307, rfc2307bis and IPA), sAMAccountName (AD)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:922 +#: sssd-ldap.5.xml:960 msgid "ldap_group_gid_number (string)" msgstr "ldap_group_gid_number (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:925 +#: sssd-ldap.5.xml:963 msgid "The LDAP attribute that corresponds to the group's id." msgstr "El atributo LDAP que corresponde al id del grupo." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:935 +#: sssd-ldap.5.xml:973 msgid "ldap_group_member (string)" msgstr "ldap_group_member (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:938 +#: sssd-ldap.5.xml:976 msgid "The LDAP attribute that contains the names of the group's members." msgstr "El atributo LDAP que contiene los nombres de los miembros del grupo." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:942 +#: sssd-ldap.5.xml:980 msgid "Default: memberuid (rfc2307) / member (rfc2307bis)" msgstr "Valor predeterminado: memberuid (rfc2307) / member (rfc2307bis)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:948 +#: sssd-ldap.5.xml:986 msgid "ldap_group_uuid (string)" -msgstr "" +msgstr "ldap_group_uuid (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:951 +#: sssd-ldap.5.xml:989 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object." -msgstr "" +msgstr "El atributo LDAP que contiene el UUID/GUID de un objeto grupo LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:962 +#: sssd-ldap.5.xml:1000 msgid "ldap_group_objectsid (string)" msgstr "ldap_group_objectsid (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:965 +#: sssd-ldap.5.xml:1003 msgid "" "The LDAP attribute that contains the objectSID of an LDAP group object. This " "is usually only necessary for ActiveDirectory servers." @@ -6005,59 +6782,70 @@ msgstr "" "normalmente sólo necesario para servidores ActiveDirectory." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:977 +#: sssd-ldap.5.xml:1015 msgid "ldap_group_modify_timestamp (string)" msgstr "ldap_group_modify_timestamp (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:990 +#: sssd-ldap.5.xml:1028 msgid "ldap_group_type (integer)" -msgstr "" +msgstr "ldap_group_type (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:993 +#: sssd-ldap.5.xml:1031 msgid "" "The LDAP attribute that contains an integer value indicating the type of the " "group and maybe other flags." msgstr "" +"El atributo LDAP que contiene un valor entero indicando el tipo del grupo y " +"puede ser otras banderas." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:998 +#: sssd-ldap.5.xml:1036 msgid "" "This attribute is currently only used by the AD provider to determine if a " "group is a domain local groups and has to be filtered out for trusted " "domains." msgstr "" +"Este atributo es actualmente usado por el proveedor AD para determinar si un " +"grupo está en grupos de dominio local y ha de ser sacado de los dominios de " +"confianza." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1004 +#: sssd-ldap.5.xml:1042 msgid "Default: groupType in the AD provider, otherwise not set" msgstr "" +"Predeterminado: groupType en el proveedor AD, de otro modo no establecido" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1011 +#: sssd-ldap.5.xml:1049 msgid "ldap_group_external_member (string)" -msgstr "" +msgstr "ldap_group_external_member (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1014 +#: sssd-ldap.5.xml:1052 msgid "" "The LDAP attribute that references group members that are defined in an " "external domain. At the moment, only IPA's external members are supported." msgstr "" +"El atributo LDAP que referencia a los miembros de grupo que están definidos " +"en un dominio externo. En este momento, solo se soportan los miembros " +"externos de IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1020 +#: sssd-ldap.5.xml:1058 msgid "Default: ipaExternalMember in the IPA provider, otherwise unset." msgstr "" +"Predeterminado: ipaExternalMember en el proveedor IPA, de otro modo no " +"estabecido." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1027 +#: sssd-ldap.5.xml:1065 msgid "ldap_group_nesting_level (integer)" msgstr "ldap_group_nesting_level (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1030 +#: sssd-ldap.5.xml:1068 msgid "" "If ldap_schema is set to a schema format that supports nested groups (e.g. " "RFC2307bis), then this option controls how many levels of nesting SSSD will " @@ -6069,7 +6857,7 @@ msgstr "" "esquema RFC2307." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1037 +#: sssd-ldap.5.xml:1075 msgid "" "Note: This option specifies the guaranteed level of nested groups to be " "processed for any lookup. However, nested groups beyond this limit " @@ -6077,9 +6865,15 @@ msgid "" "the deeper nesting levels. Also, subsequent lookups for other groups may " "enlarge the result set for original lookup if re-queried." msgstr "" +"Aviso: Esta opción especifica el nivel garantizado d grupos anidados a ser " +"procesados para cualquier búsqueda. Sin embargo, los grupos anidados detrás " +"de este límite <emphasis>pueden ser</emphasis> devueltos si las búsquedas " +"anteriores ya resueltas en os niveles más profundos de anidamiento. " +"También, las búsquedas subsiguientes para otros grupos pueden agrandar el " +"conjunto de resultados de la búsqueda origina si se requiere." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1046 +#: sssd-ldap.5.xml:1084 msgid "" "If ldap_group_nesting_level is set to 0 then no nested groups are processed " "at all. However, when connected to Active-Directory Server 2008 and later " @@ -6087,87 +6881,96 @@ msgid "" "usage of Token-Groups by setting ldap_use_tokengroups to false in order to " "restrict group nesting." msgstr "" +"Si ldap_group_nesting_level está establecido a 0 no se procesan de ninguna " +"manera grupos anidados. Sin embargo, cuando está conectado a Active-" +"Directory Server 2008 y posteriores usando <quote>id_provider=ad</quote> se " +"recomienda además deshabilitar la utilización de Token-Groups estableciendo " +"ldap_use_tokengroups a false con el objetivo de restringir el anidamiento de " +"grupos." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1055 +#: sssd-ldap.5.xml:1093 msgid "Default: 2" msgstr "Predeterminado: 2" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1064 +#: sssd-ldap.5.xml:1102 msgid "" "This options enables or disables use of Token-Groups attribute when " "performing initgroup for users from Active Directory Server 2008 and later." msgstr "" +"Esta opción habilita o deshabilita el uso del atributo Token-Groups cuando " +"lleva a cabo un initgroup para usuarios de Active Directory Server 2008 y " +"posteriores." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1069 +#: sssd-ldap.5.xml:1107 msgid "Default: True for AD and IPA otherwise False." -msgstr "" +msgstr "Predeterminado: True para AD e IPA en otro caso False." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1075 +#: sssd-ldap.5.xml:1113 msgid "ldap_netgroup_object_class (string)" msgstr "ldap_netgroup_object_class (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1078 +#: sssd-ldap.5.xml:1116 msgid "The object class of a netgroup entry in LDAP." msgstr "La clase de objeto de una entrada netgroup en LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1081 +#: sssd-ldap.5.xml:1119 msgid "In IPA provider, ipa_netgroup_object_class should be used instead." msgstr "En proveedor IPA, ipa_netgroup_object_class, se usaría en su lugar." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1085 +#: sssd-ldap.5.xml:1123 msgid "Default: nisNetgroup" msgstr "Predeterminado: nisNetgroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1091 +#: sssd-ldap.5.xml:1129 msgid "ldap_netgroup_name (string)" msgstr "ldap_netgroup_name (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1094 +#: sssd-ldap.5.xml:1132 msgid "The LDAP attribute that corresponds to the netgroup name." msgstr "El atributo LDAP que corresponde al nombre del netgroup." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1098 +#: sssd-ldap.5.xml:1136 msgid "In IPA provider, ipa_netgroup_name should be used instead." msgstr "Un proveedor IPA, ipa_netgroup_name sería usado en su lugar." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1108 +#: sssd-ldap.5.xml:1146 msgid "ldap_netgroup_member (string)" msgstr "ldap_netgroup_member (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1111 +#: sssd-ldap.5.xml:1149 msgid "The LDAP attribute that contains the names of the netgroup's members." msgstr "" "El atributo LDAP que contiene los nombres de los miembros de grupo de red." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1115 +#: sssd-ldap.5.xml:1153 msgid "In IPA provider, ipa_netgroup_member should be used instead." msgstr "Un proveedor IPA, ipa_netgroup_member sería usado en su lugar." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1119 +#: sssd-ldap.5.xml:1157 msgid "Default: memberNisNetgroup" msgstr "Predeterminado: memberNisNetgroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1125 +#: sssd-ldap.5.xml:1163 msgid "ldap_netgroup_triple (string)" msgstr "ldap_netgroup_triple (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1128 +#: sssd-ldap.5.xml:1166 msgid "" "The LDAP attribute that contains the (host, user, domain) netgroup triples." msgstr "" @@ -6175,94 +6978,94 @@ msgstr "" "de red." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1132 sssd-ldap.5.xml:1148 +#: sssd-ldap.5.xml:1170 sssd-ldap.5.xml:1186 msgid "This option is not available in IPA provider." msgstr "Esta opción no está disponible en el proveedor IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1135 +#: sssd-ldap.5.xml:1173 msgid "Default: nisNetgroupTriple" msgstr "Predeterminado: nisNetgroupTriple" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1141 +#: sssd-ldap.5.xml:1179 msgid "ldap_netgroup_modify_timestamp (string)" msgstr "ldap_netgroup_modify_timestamp (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1157 +#: sssd-ldap.5.xml:1195 msgid "ldap_host_object_class (string)" -msgstr "" +msgstr "ldap_host_object_class (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1160 +#: sssd-ldap.5.xml:1198 msgid "The object class of a host entry in LDAP." -msgstr "" +msgstr "El objeto clase de una entrada host en LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1163 sssd-ldap.5.xml:1272 +#: sssd-ldap.5.xml:1201 sssd-ldap.5.xml:1310 msgid "Default: ipService" msgstr "Por defecto: ipService" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1169 +#: sssd-ldap.5.xml:1207 msgid "ldap_host_name (string)" -msgstr "" +msgstr "ldap_host_name (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1172 sssd-ldap.5.xml:1198 +#: sssd-ldap.5.xml:1210 sssd-ldap.5.xml:1236 msgid "The LDAP attribute that corresponds to the host's name." -msgstr "" +msgstr "El atributo LDAP que corresponde al nombre de host." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1182 +#: sssd-ldap.5.xml:1220 msgid "ldap_host_fqdn (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1185 +#: sssd-ldap.5.xml:1223 msgid "" "The LDAP attribute that corresponds to the host's fully-qualified domain " "name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1189 +#: sssd-ldap.5.xml:1227 msgid "Default: fqdn" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1195 +#: sssd-ldap.5.xml:1233 msgid "ldap_host_serverhostname (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1202 +#: sssd-ldap.5.xml:1240 msgid "Default: serverHostname" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1208 +#: sssd-ldap.5.xml:1246 msgid "ldap_host_member_of (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1211 +#: sssd-ldap.5.xml:1249 msgid "The LDAP attribute that lists the host's group memberships." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1221 +#: sssd-ldap.5.xml:1259 msgid "ldap_host_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1224 +#: sssd-ldap.5.xml:1262 msgid "Optional. Use the given string as search base for host objects." msgstr "Opcional. Usa la cadena dada como base de búsqueda para objetos host." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1228 sssd-ipa.5.xml:374 sssd-ipa.5.xml:393 +#: sssd-ldap.5.xml:1266 sssd-ipa.5.xml:374 sssd-ipa.5.xml:393 #: sssd-ipa.5.xml:412 sssd-ipa.5.xml:431 msgid "" "See <quote>ldap_search_base</quote> for information about configuring " @@ -6272,47 +7075,47 @@ msgstr "" "de múltiples bases de búsqueda." #. type: Content of: <listitem><para> -#: sssd-ldap.5.xml:1233 sssd-ipa.5.xml:379 include/ldap_search_bases.xml:27 +#: sssd-ldap.5.xml:1271 sssd-ipa.5.xml:379 include/ldap_search_bases.xml:27 msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" msgstr "Predeterminado: el valor de <emphasis>ldap_search_base</emphasis>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1240 +#: sssd-ldap.5.xml:1278 msgid "ldap_host_ssh_public_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1243 +#: sssd-ldap.5.xml:1281 msgid "The LDAP attribute that contains the host's SSH public keys." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1253 +#: sssd-ldap.5.xml:1291 msgid "ldap_host_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1256 +#: sssd-ldap.5.xml:1294 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP host object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1266 +#: sssd-ldap.5.xml:1304 msgid "ldap_service_object_class (string)" msgstr "ldap_service_object_class (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1269 +#: sssd-ldap.5.xml:1307 msgid "The object class of a service entry in LDAP." msgstr "La clase objeto de una entrada de servicio en LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1278 +#: sssd-ldap.5.xml:1316 msgid "ldap_service_name (string)" msgstr "ldap_service_name (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1281 +#: sssd-ldap.5.xml:1319 msgid "" "The LDAP attribute that contains the name of service attributes and their " "aliases." @@ -6320,49 +7123,49 @@ msgstr "" "El atributo LDAP que contiene el nombre de servicio de atributos y sus alias." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1291 +#: sssd-ldap.5.xml:1329 msgid "ldap_service_port (string)" msgstr "ldap_service_port (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1294 +#: sssd-ldap.5.xml:1332 msgid "The LDAP attribute that contains the port managed by this service." msgstr "El atributo LDAP que contiene el puerto manejado por este servicio." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1298 +#: sssd-ldap.5.xml:1336 msgid "Default: ipServicePort" msgstr "Por defecto: ipServicePort" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1304 +#: sssd-ldap.5.xml:1342 msgid "ldap_service_proto (string)" msgstr "ldap_service_proto (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1307 +#: sssd-ldap.5.xml:1345 msgid "" "The LDAP attribute that contains the protocols understood by this service." msgstr "" "El atributo LDAP que contiene los protocolos entendidos por este servicio." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1311 +#: sssd-ldap.5.xml:1349 msgid "Default: ipServiceProtocol" msgstr "Por defecto: ipServiceProtocol" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1317 +#: sssd-ldap.5.xml:1355 msgid "ldap_service_search_base (string)" msgstr "ldap_service_search_base (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1322 +#: sssd-ldap.5.xml:1360 msgid "ldap_search_timeout (integer)" msgstr "ldap_search_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1325 +#: sssd-ldap.5.xml:1363 msgid "" "Specifies the timeout (in seconds) that ldap searches are allowed to run " "before they are cancelled and cached results are returned (and offline mode " @@ -6373,7 +7176,7 @@ msgstr "" "escondidos devueltos (y se entra en modo fuera de línea)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1331 +#: sssd-ldap.5.xml:1369 msgid "" "Note: this option is subject to change in future versions of the SSSD. It " "will likely be replaced at some point by a series of timeouts for specific " @@ -6384,12 +7187,12 @@ msgstr "" "espera para tipos específicos de búsqueda." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1343 +#: sssd-ldap.5.xml:1381 msgid "ldap_enumeration_search_timeout (integer)" msgstr "ldap_enumeration_search_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1346 +#: sssd-ldap.5.xml:1384 msgid "" "Specifies the timeout (in seconds) that ldap searches for user and group " "enumerations are allowed to run before they are cancelled and cached results " @@ -6401,12 +7204,12 @@ msgstr "" "fuera de línea)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1359 +#: sssd-ldap.5.xml:1397 msgid "ldap_network_timeout (integer)" msgstr "ldap_network_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1362 +#: sssd-ldap.5.xml:1400 msgid "" "Specifies the timeout (in seconds) after which the <citerefentry> " "<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" @@ -6423,12 +7226,12 @@ msgstr "" "citerefentry> vuelve en caso de no actividad." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1385 +#: sssd-ldap.5.xml:1423 msgid "ldap_opt_timeout (integer)" msgstr "ldap_opt_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1388 +#: sssd-ldap.5.xml:1426 msgid "" "Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " "will abort if no response is received. Also controls the timeout when " @@ -6437,12 +7240,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1403 +#: sssd-ldap.5.xml:1441 msgid "ldap_connection_expire_timeout (integer)" msgstr "ldap_connection_expire_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1406 +#: sssd-ldap.5.xml:1444 msgid "" "Specifies a timeout (in seconds) that a connection to an LDAP server will be " "maintained. After this time, the connection will be re-established. If used " @@ -6455,17 +7258,17 @@ msgstr "" "temprano (este valor contra el tiempo de vida TGT)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1414 sssd-ldap.5.xml:2503 +#: sssd-ldap.5.xml:1452 sssd-ldap.5.xml:2572 msgid "Default: 900 (15 minutes)" msgstr "Predeterminado: 900 (15 minutos)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1420 +#: sssd-ldap.5.xml:1458 msgid "ldap_page_size (integer)" msgstr "ldap_page_size (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1423 +#: sssd-ldap.5.xml:1461 msgid "" "Specify the number of records to retrieve from LDAP in a single request. " "Some LDAP servers enforce a maximum limit per-request." @@ -6474,17 +7277,17 @@ msgstr "" "Algunos servidores LDAP hacen cumplir un límite máximo por petición." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1428 +#: sssd-ldap.5.xml:1466 msgid "Default: 1000" msgstr "Predeterminado: 1000" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1434 +#: sssd-ldap.5.xml:1472 msgid "ldap_disable_paging (boolean)" msgstr "ldap_disable_paging (booleano)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1437 +#: sssd-ldap.5.xml:1475 msgid "" "Disable the LDAP paging control. This option should be used if the LDAP " "server reports that it supports the LDAP paging control in its RootDSE but " @@ -6495,7 +7298,7 @@ msgstr "" "RootDSE pero no está habilitado o no se comporta apropiadamente." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1443 +#: sssd-ldap.5.xml:1481 msgid "" "Example: OpenLDAP servers with the paging control module installed on the " "server but not enabled will report it in the RootDSE but be unable to use it." @@ -6505,7 +7308,7 @@ msgstr "" "pero es incapaz de usarlo." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1449 +#: sssd-ldap.5.xml:1487 msgid "" "Example: 389 DS has a bug where it can only support a one paging control at " "a time on a single connection. On busy clients, this can result in some " @@ -6516,17 +7319,17 @@ msgstr "" "puede ocasionar que algunas peticiones sean denegadas." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1461 +#: sssd-ldap.5.xml:1499 msgid "ldap_disable_range_retrieval (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1464 +#: sssd-ldap.5.xml:1502 msgid "Disable Active Directory range retrieval." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1467 +#: sssd-ldap.5.xml:1505 msgid "" "Active Directory limits the number of members to be retrieved in a single " "lookup using the MaxValRange policy (which defaults to 1500 members). If a " @@ -6536,12 +7339,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1482 +#: sssd-ldap.5.xml:1520 msgid "ldap_sasl_minssf (integer)" msgstr "ldap_sasl_minssf (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1485 +#: sssd-ldap.5.xml:1523 msgid "" "When communicating with an LDAP server using SASL, specify the minimum " "security level necessary to establish the connection. The values of this " @@ -6552,19 +7355,19 @@ msgstr "" "de esta opción son definidos por OpenLDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1491 +#: sssd-ldap.5.xml:1529 msgid "Default: Use the system default (usually specified by ldap.conf)" msgstr "" "Por defecto: Usa el sistema por defecto (normalmente especificado por ldap." "conf)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1498 +#: sssd-ldap.5.xml:1536 msgid "ldap_deref_threshold (integer)" msgstr "ldap_deref_threshold (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1501 +#: sssd-ldap.5.xml:1539 msgid "" "Specify the number of group members that must be missing from the internal " "cache in order to trigger a dereference lookup. If less members are missing, " @@ -6575,15 +7378,18 @@ msgstr "" "deference. Si hay menos miembros desaparecidos, se buscarán individualmente." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1507 +#: sssd-ldap.5.xml:1545 msgid "" -"You can turn off dereference lookups completely by setting the value to 0." +"You can turn off dereference lookups completely by setting the value to 0. " +"Please note that there are some codepaths in SSSD, like the IPA HBAC " +"provider, that are only implemented using the dereference call, so even with " +"dereference explicitly disabled, those parts will still use dereference if " +"the server supports it and advertises the dereference control in the rootDSE " +"object." msgstr "" -"Usted puede quitar las búsquedas dereference completamente fijando el valor " -"a 0." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1511 +#: sssd-ldap.5.xml:1556 msgid "" "A dereference lookup is a means of fetching all group members in a single " "LDAP call. Different LDAP servers may implement different dereference " @@ -6596,7 +7402,7 @@ msgstr "" "soportados son 389/RHDS, OpenLDAP y Active Directory." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1519 +#: sssd-ldap.5.xml:1564 msgid "" "<emphasis>Note:</emphasis> If any of the search bases specifies a search " "filter, then the dereference lookup performance enhancement will be disabled " @@ -6607,12 +7413,12 @@ msgstr "" "será deshabilitado sin tener en cuenta este ajuste." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1532 +#: sssd-ldap.5.xml:1577 msgid "ldap_tls_reqcert (string)" msgstr "ldap_tls_reqcert (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1535 +#: sssd-ldap.5.xml:1580 msgid "" "Specifies what checks to perform on server certificates in a TLS session, if " "any. It can be specified as one of the following values:" @@ -6622,7 +7428,7 @@ msgstr "" "los siguientes valores:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1541 +#: sssd-ldap.5.xml:1586 msgid "" "<emphasis>never</emphasis> = The client will not request or check any server " "certificate." @@ -6631,7 +7437,7 @@ msgstr "" "certificado de servidor." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1545 +#: sssd-ldap.5.xml:1590 msgid "" "<emphasis>allow</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -6642,7 +7448,7 @@ msgstr "" "certificado malo, será ignorado y la sesión continua normalmente." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1552 +#: sssd-ldap.5.xml:1597 msgid "" "<emphasis>try</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -6653,7 +7459,7 @@ msgstr "" "certificado malo, la sesión se termina inmediatamente." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1558 +#: sssd-ldap.5.xml:1603 msgid "" "<emphasis>demand</emphasis> = The server certificate is requested. If no " "certificate is provided, or a bad certificate is provided, the session is " @@ -6664,22 +7470,22 @@ msgstr "" "termina inmediatamente." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1564 +#: sssd-ldap.5.xml:1609 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" msgstr "<emphasis>hard</emphasis> = Igual que <quote>demand</quote>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1568 +#: sssd-ldap.5.xml:1613 msgid "Default: hard" msgstr "Predeterminado: hard" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1574 +#: sssd-ldap.5.xml:1619 msgid "ldap_tls_cacert (string)" msgstr "ldap_tls_cacert (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1577 +#: sssd-ldap.5.xml:1622 msgid "" "Specifies the file that contains certificates for all of the Certificate " "Authorities that <command>sssd</command> will recognize." @@ -6688,7 +7494,7 @@ msgstr "" "de Certificación que <command>sssd</command> reconocerá." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1582 sssd-ldap.5.xml:1600 sssd-ldap.5.xml:1641 +#: sssd-ldap.5.xml:1627 sssd-ldap.5.xml:1645 sssd-ldap.5.xml:1686 msgid "" "Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." "conf</filename>" @@ -6697,12 +7503,12 @@ msgstr "" "etc/openldap/ldap.conf</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1589 +#: sssd-ldap.5.xml:1634 msgid "ldap_tls_cacertdir (string)" msgstr "ldap_tls_cacertdir (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1592 +#: sssd-ldap.5.xml:1637 msgid "" "Specifies the path of a directory that contains Certificate Authority " "certificates in separate individual files. Typically the file names need to " @@ -6716,33 +7522,33 @@ msgstr "" "para crear los nombres correctos." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1607 +#: sssd-ldap.5.xml:1652 msgid "ldap_tls_cert (string)" msgstr "ldap_tls_cert (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1610 +#: sssd-ldap.5.xml:1655 msgid "Specifies the file that contains the certificate for the client's key." msgstr "" "Especifica el fichero que contiene el certificado para la clave del cliente." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1620 +#: sssd-ldap.5.xml:1665 msgid "ldap_tls_key (string)" msgstr "ldap_tls_key (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1623 +#: sssd-ldap.5.xml:1668 msgid "Specifies the file that contains the client's key." msgstr "Especifica el archivo que contiene la clave del cliente." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1632 +#: sssd-ldap.5.xml:1677 msgid "ldap_tls_cipher_suite (string)" msgstr "ldap_tls_cipher_suite (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1635 +#: sssd-ldap.5.xml:1680 msgid "" "Specifies acceptable cipher suites. Typically this is a colon separated " "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " @@ -6750,12 +7556,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1648 +#: sssd-ldap.5.xml:1693 msgid "ldap_id_use_start_tls (boolean)" msgstr "ldap_id_use_start_tls (booleano)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1651 +#: sssd-ldap.5.xml:1696 msgid "" "Specifies that the id_provider connection must also use <systemitem class=" "\"protocol\">tls</systemitem> to protect the channel." @@ -6764,12 +7570,12 @@ msgstr "" "<systemitem class=\"protocol\">tls</systemitem> para proteger el canal." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1661 +#: sssd-ldap.5.xml:1706 msgid "ldap_id_mapping (boolean)" msgstr "ldap_id_mapping (booleano)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1664 +#: sssd-ldap.5.xml:1709 msgid "" "Specifies that SSSD should attempt to map user and group IDs from the " "ldap_user_objectsid and ldap_group_objectsid attributes instead of relying " @@ -6780,18 +7586,18 @@ msgstr "" "ldap_user_uid_number y ldap_group_gid_number." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1670 +#: sssd-ldap.5.xml:1715 msgid "Currently this feature supports only ActiveDirectory objectSID mapping." msgstr "" "Actualmente está función soporta sólo mapeos de objectSID de ActiveDirectory." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1680 +#: sssd-ldap.5.xml:1725 msgid "ldap_min_id, ldap_max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1683 +#: sssd-ldap.5.xml:1728 msgid "" "In contrast to the SID based ID mapping which is used if ldap_id_mapping is " "set to true the allowed ID range for ldap_user_uid_number and " @@ -6802,31 +7608,46 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1695 +#: sssd-ldap.5.xml:1740 msgid "Default: not set (both options are set to 0)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1701 +#: sssd-ldap.5.xml:1746 msgid "ldap_sasl_mech (string)" msgstr "ldap_sasl_mech (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1704 +#: sssd-ldap.5.xml:1749 +#, fuzzy +#| msgid "" +#| "Specify the SASL mechanism to use. Currently only GSSAPI is tested and " +#| "supported." msgid "" -"Specify the SASL mechanism to use. Currently only GSSAPI is tested and " -"supported." +"Specify the SASL mechanism to use. Currently only GSSAPI and GSS-SPNEGO are " +"tested and supported." msgstr "" "Especifica el mecanismo SASL a emplear. Actualmente sólo GSSAPI está " "probado y soportado." +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1753 +msgid "" +"If the backend supports sub-domains the value of ldap_sasl_mech is " +"automatically inherited to the sub-domains. If a different value is needed " +"for a sub-domain it can be overwritten by setting ldap_sasl_mech for this " +"sub-domain explicitly. Please see TRUSTED DOMAIN SECTION in " +"<citerefentry><refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" +"manvolnum></citerefentry> for details." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1714 +#: sssd-ldap.5.xml:1769 msgid "ldap_sasl_authid (string)" msgstr "ldap_sasl_authid (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ldap.5.xml:1725 +#: sssd-ldap.5.xml:1781 #, no-wrap msgid "" "hostname@REALM\n" @@ -6839,40 +7660,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1717 -#, fuzzy -#| msgid "" -#| "Specify the SASL authorization id to use. When GSSAPI is used, this " -#| "represents the Kerberos principal used for authentication to the " -#| "directory. This option can either contain the full principal (for " -#| "example host/myhost@EXAMPLE.COM) or just the principal name (for example " -#| "host/myhost)." -msgid "" -"Specify the SASL authorization id to use. When GSSAPI is used, this " -"represents the Kerberos principal used for authentication to the directory. " -"This option can either contain the full principal (for example host/" -"myhost@EXAMPLE.COM) or just the principal name (for example host/myhost). By " -"default, the value is not set and the following principals are used: " -"<placeholder type=\"programlisting\" id=\"0\"/> If none of them are found, " -"the first principal in keytab is returned." -msgstr "" -"Especifica la id de autorización SASL a usar. Cuando se usa GSSAPI, esto " -"representa el Kerberos principal usado para autenticación al directorio. " -"Esta opción puede contener el principal completo (por ejemplo host/" -"myhost@EXAMPLE.COM) o sólo en nombre principal (por ejemplo host/myhost)." - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1736 +#: sssd-ldap.5.xml:1772 +msgid "" +"Specify the SASL authorization id to use. When GSSAPI/GSS-SPNEGO are used, " +"this represents the Kerberos principal used for authentication to the " +"directory. This option can either contain the full principal (for example " +"host/myhost@EXAMPLE.COM) or just the principal name (for example host/" +"myhost). By default, the value is not set and the following principals are " +"used: <placeholder type=\"programlisting\" id=\"0\"/> If none of them are " +"found, the first principal in keytab is returned." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1792 msgid "Default: host/hostname@REALM" msgstr "Por defecto: host/nombre_de_host@REALM" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1742 +#: sssd-ldap.5.xml:1798 msgid "ldap_sasl_realm (string)" msgstr "ldap_sasl_realm (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1745 +#: sssd-ldap.5.xml:1801 msgid "" "Specify the SASL realm to use. When not specified, this option defaults to " "the value of krb5_realm. If the ldap_sasl_authid contains the realm as " @@ -6883,17 +7693,17 @@ msgstr "" "reino también, esta opción se ignora." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1751 +#: sssd-ldap.5.xml:1807 msgid "Default: the value of krb5_realm." msgstr "Por defecto: el valor de krb5_realm." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1757 +#: sssd-ldap.5.xml:1813 msgid "ldap_sasl_canonicalize (boolean)" msgstr "ldap_sasl_canonicalize (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1760 +#: sssd-ldap.5.xml:1816 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." @@ -6902,65 +7712,75 @@ msgstr "" "para para canocalizar el nombre de host durante una unión SASL." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1765 +#: sssd-ldap.5.xml:1821 msgid "Default: false;" msgstr "Predeterminado: false;" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1771 +#: sssd-ldap.5.xml:1827 msgid "ldap_krb5_keytab (string)" msgstr "ldap_krb5_keytab (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1774 -msgid "Specify the keytab to use when using SASL/GSSAPI." +#: sssd-ldap.5.xml:1830 +#, fuzzy +#| msgid "Specify the keytab to use when using SASL/GSSAPI." +msgid "Specify the keytab to use when using SASL/GSSAPI/GSS-SPNEGO." msgstr "Especifica la keytab a usar cuando se utilice SASL/GSSAPI." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1777 +#: sssd-ldap.5.xml:1834 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" "Por defecto: Keytab del sistema, normalmente <filename>/etc/krb5.keytab</" "filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1783 +#: sssd-ldap.5.xml:1840 msgid "ldap_krb5_init_creds (boolean)" msgstr "ldap_krb5_init_creds (booleano)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1786 +#: sssd-ldap.5.xml:1843 +#, fuzzy +#| msgid "" +#| "Specifies that the id_provider should init Kerberos credentials (TGT). " +#| "This action is performed only if SASL is used and the mechanism selected " +#| "is GSSAPI." msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " -"GSSAPI." +"GSSAPI or GSS-SPNEGO." msgstr "" "Especifica la id de proveedor que iniciaría las credenciales Kerberos (TGT). " "Esta acción se lleva a cabo sólo si SASL se usa y el mecanismo seleccionado " "es GSSAPI." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1798 +#: sssd-ldap.5.xml:1855 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "ldap_krb5_ticket_lifetime (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1801 -msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." +#: sssd-ldap.5.xml:1858 +#, fuzzy +#| msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." +msgid "" +"Specifies the lifetime in seconds of the TGT if GSSAPI or GSS-SPNEGO is used." msgstr "Especifica el tiempo de vida en segundos del TGT si se usa GSSAPI." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1805 sssd-ad.5.xml:959 +#: sssd-ldap.5.xml:1862 sssd-ad.5.xml:978 msgid "Default: 86400 (24 hours)" msgstr "Predeterminado: 86400 (24 horas)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1811 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:1868 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "krb5_server, krb5_backup_server (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1814 +#: sssd-ldap.5.xml:1871 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of preference. " @@ -6979,7 +7799,7 @@ msgstr "" "información, vea la sección <quote>SERVICE DISCOVERY</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1826 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:1883 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -6990,7 +7810,7 @@ msgstr "" "regresa a _tcp si no se encuentra nada." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1831 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1888 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " @@ -7002,29 +7822,31 @@ msgstr "" "configuración para usar <quote>krb5_server</quote> en su lugar." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1840 sssd-ipa.5.xml:443 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1897 sssd-ipa.5.xml:443 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "krb5_realm (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1843 -msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." +#: sssd-ldap.5.xml:1900 +#, fuzzy +#| msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." +msgid "Specify the Kerberos REALM (for SASL/GSSAPI/GSS-SPNEGO auth)." msgstr "Especifica el REALM Kerberos (para autorización SASL/GSSAPI)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1846 +#: sssd-ldap.5.xml:1904 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" "Predeterminado: Predeterminados del sistema, vea <filename>/etc/krb5.conf</" "filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1852 sssd-krb5.5.xml:462 +#: sssd-ldap.5.xml:1910 sssd-krb5.5.xml:462 msgid "krb5_canonicalize (boolean)" msgstr "krb5_canonicalize (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1855 +#: sssd-ldap.5.xml:1913 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" @@ -7033,12 +7855,12 @@ msgstr "" "servidor LDAP. Esta función está disponible con MIT Kerberos >= 1.7" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1867 sssd-krb5.5.xml:477 +#: sssd-ldap.5.xml:1925 sssd-krb5.5.xml:477 msgid "krb5_use_kdcinfo (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1870 sssd-krb5.5.xml:480 +#: sssd-ldap.5.xml:1928 sssd-krb5.5.xml:480 msgid "" "Specifies if the SSSD should instruct the Kerberos libraries what realm and " "which KDCs to use. This option is on by default, if you disable it, you need " @@ -7048,7 +7870,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1881 sssd-krb5.5.xml:491 +#: sssd-ldap.5.xml:1939 sssd-krb5.5.xml:491 msgid "" "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more " @@ -7056,12 +7878,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1895 +#: sssd-ldap.5.xml:1953 msgid "ldap_pwd_policy (string)" msgstr "ldap_pwd_policy (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1898 +#: sssd-ldap.5.xml:1956 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" @@ -7070,7 +7892,7 @@ msgstr "" "del cliente. Los siguientes valores son permitidos:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1903 +#: sssd-ldap.5.xml:1961 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." @@ -7079,7 +7901,7 @@ msgstr "" "no puede deshabilitar las políticas de password en el lado servidor." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1908 +#: sssd-ldap.5.xml:1966 msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " @@ -7090,7 +7912,7 @@ msgstr "" "manvolnum></citerefentry> para evaluar si la contraseña ha expirado." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1914 +#: sssd-ldap.5.xml:1972 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " @@ -7102,26 +7924,26 @@ msgstr "" "password." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1923 +#: sssd-ldap.5.xml:1981 msgid "" "<emphasis>Note</emphasis>: if a password policy is configured on server " "side, it always takes precedence over policy set with this option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1931 +#: sssd-ldap.5.xml:1989 msgid "ldap_referrals (boolean)" msgstr "ldap_referrals (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1934 +#: sssd-ldap.5.xml:1992 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "" "Especifica si el seguimiento de referencias automático debería ser " "habilitado." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1938 +#: sssd-ldap.5.xml:1996 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." @@ -7130,7 +7952,7 @@ msgstr "" "está compilado con OpenLDAP versión 2.4.13 o más alta." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1943 +#: sssd-ldap.5.xml:2001 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " @@ -7143,29 +7965,29 @@ msgstr "" "esta opción a false le llevará a una notable mejora de rendimiento." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1957 +#: sssd-ldap.5.xml:2015 msgid "ldap_dns_service_name (string)" msgstr "ldap_dns_service_name (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1960 +#: sssd-ldap.5.xml:2018 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" "Especifica el nombre del servicio para utilizar cuando está habilitado el " "servicio de descubrimiento." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1964 +#: sssd-ldap.5.xml:2022 msgid "Default: ldap" msgstr "Predeterminado: ldap" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1970 +#: sssd-ldap.5.xml:2028 msgid "ldap_chpass_dns_service_name (string)" msgstr "ldap_chpass_dns_service_name (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1973 +#: sssd-ldap.5.xml:2031 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." @@ -7175,17 +7997,17 @@ msgstr "" "descubrimiento." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1978 +#: sssd-ldap.5.xml:2036 msgid "Default: not set, i.e. service discovery is disabled" msgstr "Por defecto: no fijado, esto es servicio descubridor deshabilitado." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1984 +#: sssd-ldap.5.xml:2042 msgid "ldap_chpass_update_last_change (bool)" msgstr "ldap_chpass_update_last_change (booleano)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1987 +#: sssd-ldap.5.xml:2045 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." @@ -7194,12 +8016,12 @@ msgstr "" "desde el Epoch después de una operación de cambio de contraseña." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1999 +#: sssd-ldap.5.xml:2057 msgid "ldap_access_filter (string)" msgstr "ldap_access_filter (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2002 +#: sssd-ldap.5.xml:2060 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -7215,12 +8037,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2022 +#: sssd-ldap.5.xml:2080 msgid "Example:" msgstr "Ejemplo:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:2025 +#: sssd-ldap.5.xml:2083 #, no-wrap msgid "" "access_provider = ldap\n" @@ -7229,14 +8051,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2029 +#: sssd-ldap.5.xml:2087 msgid "" "This example means that access to this host is restricted to users whose " "employeeType attribute is set to \"admin\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2034 +#: sssd-ldap.5.xml:2092 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -7245,17 +8067,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2042 sssd-ldap.5.xml:2099 +#: sssd-ldap.5.xml:2100 sssd-ldap.5.xml:2157 msgid "Default: Empty" msgstr "Predeterminado: vacío" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2048 +#: sssd-ldap.5.xml:2106 msgid "ldap_account_expire_policy (string)" msgstr "ldap_account_expire_policy (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2051 +#: sssd-ldap.5.xml:2109 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." @@ -7264,7 +8086,7 @@ msgstr "" "control de acceso del lado cliente." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2055 +#: sssd-ldap.5.xml:2113 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -7275,12 +8097,12 @@ msgstr "" "una código de error definible aunque el password sea correcto." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2062 +#: sssd-ldap.5.xml:2120 msgid "The following values are allowed:" msgstr "Los siguientes valores están permitidos:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2065 +#: sssd-ldap.5.xml:2123 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." @@ -7289,7 +8111,7 @@ msgstr "" "determinar si la cuenta ha expirado." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2070 +#: sssd-ldap.5.xml:2128 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -7302,7 +8124,7 @@ msgstr "" "se comprueba el tiempo de expiración de la cuenta." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2077 +#: sssd-ldap.5.xml:2135 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " @@ -7313,7 +8135,7 @@ msgstr "" "el acceso o no." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2083 +#: sssd-ldap.5.xml:2141 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -7326,7 +8148,7 @@ msgstr "" "permitido. Si ambos atributos están desaparecidos se concede el acceso." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2092 +#: sssd-ldap.5.xml:2150 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>expire</quote> in order for the " @@ -7334,24 +8156,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2105 +#: sssd-ldap.5.xml:2163 msgid "ldap_access_order (string)" msgstr "ldap_access_order (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2108 +#: sssd-ldap.5.xml:2166 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" "Lista separada por coma de opciones de control de acceso. Los valores " "permitidos son:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2112 +#: sssd-ldap.5.xml:2170 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "<emphasis>filtro</emphasis>: utilizar ldap_access_filter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2115 +#: sssd-ldap.5.xml:2173 msgid "" "<emphasis>lockout</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -7361,14 +8183,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2125 +#: sssd-ldap.5.xml:2183 msgid "" "<emphasis> Please note that this option is superseded by the <quote>ppolicy</" "quote> option and might be removed in a future release. </emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2132 +#: sssd-ldap.5.xml:2190 msgid "" "<emphasis>ppolicy</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -7381,12 +8203,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2149 +#: sssd-ldap.5.xml:2207 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "<emphasis>caducar</emphasis>: utilizar ldap_account_expire_policy" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2153 +#: sssd-ldap.5.xml:2211 msgid "" "<emphasis>pwd_expire_policy_reject, pwd_expire_policy_warn, " "pwd_expire_policy_renew: </emphasis> These options are useful if users are " @@ -7396,7 +8218,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2163 +#: sssd-ldap.5.xml:2221 msgid "" "The difference between these options is the action taken if user password is " "expired: pwd_expire_policy_reject - user is denied to log in, " @@ -7406,20 +8228,20 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2171 +#: sssd-ldap.5.xml:2229 msgid "" "Note If user password is expired no explicit message is prompted by SSSD." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2175 +#: sssd-ldap.5.xml:2233 msgid "" "Please note that 'access_provider = ldap' must be set for this feature to " "work. Also 'ldap_pwd_policy' must be set to an appropriate password policy." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2180 +#: sssd-ldap.5.xml:2238 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" @@ -7428,32 +8250,32 @@ msgstr "" "autorizedService para determinar el acceso" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2185 +#: sssd-ldap.5.xml:2243 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" "<emphasis>host</emphasis>: usa el atributo host para determinar el acceso" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2189 +#: sssd-ldap.5.xml:2247 msgid "" "<emphasis>rhost</emphasis>: use the rhost attribute to determine whether " "remote host can access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2193 +#: sssd-ldap.5.xml:2251 msgid "" "Please note, rhost field in pam is set by application, it is better to check " "what the application sends to pam, before enabling this access control option" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2198 +#: sssd-ldap.5.xml:2256 msgid "Default: filter" msgstr "Predeterminado: filter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2201 +#: sssd-ldap.5.xml:2259 msgid "" "Please note that it is a configuration error if a value is used more than " "once." @@ -7462,12 +8284,12 @@ msgstr "" "una vez." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2208 +#: sssd-ldap.5.xml:2266 msgid "ldap_pwdlockout_dn (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2211 +#: sssd-ldap.5.xml:2269 msgid "" "This option specifies the DN of password policy entry on LDAP server. Please " "note that absence of this option in sssd.conf in case of enabled account " @@ -7476,22 +8298,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2219 +#: sssd-ldap.5.xml:2277 msgid "Example: cn=ppolicy,ou=policies,dc=example,dc=com" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2222 +#: sssd-ldap.5.xml:2280 msgid "Default: cn=ppolicy,ou=policies,$ldap_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2228 +#: sssd-ldap.5.xml:2286 msgid "ldap_deref (string)" msgstr "ldap_deref (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2231 +#: sssd-ldap.5.xml:2289 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" @@ -7500,13 +8322,13 @@ msgstr "" "lleva a cabo una búsqueda. Están permitidas las siguientes opciones:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2236 +#: sssd-ldap.5.xml:2294 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "" "<emphasis>never</emphasis>: Nunca serán eliminadas las referencias al alias." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2240 +#: sssd-ldap.5.xml:2298 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." @@ -7516,7 +8338,7 @@ msgstr "" "búsqueda." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2245 +#: sssd-ldap.5.xml:2303 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." @@ -7525,7 +8347,7 @@ msgstr "" "cuando se localice el objeto base de la búsqueda." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2250 +#: sssd-ldap.5.xml:2308 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." @@ -7534,7 +8356,7 @@ msgstr "" "para la búsqueda como en la localización del objeto base de la búsqueda." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2255 +#: sssd-ldap.5.xml:2313 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" @@ -7543,12 +8365,12 @@ msgstr "" "librerías cliente LDAP)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2263 +#: sssd-ldap.5.xml:2321 msgid "ldap_rfc2307_fallback_to_local_users (boolean)" msgstr "ldap_rfc2307_fallback_to_local_users (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2266 +#: sssd-ldap.5.xml:2324 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." @@ -7557,7 +8379,7 @@ msgstr "" "servidores que usan el esquema RFC2307." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2270 +#: sssd-ldap.5.xml:2328 msgid "" "In some environments where the RFC2307 schema is used, local users are made " "members of LDAP groups by adding their names to the memberUid attribute. " @@ -7575,7 +8397,7 @@ msgstr "" "llamadas getpw*() o initgroups()." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2281 +#: sssd-ldap.5.xml:2339 msgid "" "This option falls back to checking if local users are referenced, and caches " "them so that later initgroups() calls will augment the local users with the " @@ -7586,24 +8408,24 @@ msgstr "" "initgroups() aumentará los usuarios locales con los grupos LDAP adicionales." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2293 sssd-ifp.5.xml:136 +#: sssd-ldap.5.xml:2351 sssd-ifp.5.xml:136 msgid "wildcard_limit (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2296 +#: sssd-ldap.5.xml:2354 msgid "" "Specifies an upper limit on the number of entries that are downloaded during " "a wildcard lookup." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2300 +#: sssd-ldap.5.xml:2358 msgid "At the moment, only the InfoPipe responder supports wildcard lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2304 +#: sssd-ldap.5.xml:2362 msgid "Default: 1000 (often the size of one page)" msgstr "" @@ -7623,12 +8445,12 @@ msgstr "" "completos. <placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2314 +#: sssd-ldap.5.xml:2372 msgid "SUDO OPTIONS" msgstr "OPCIONES SUDO" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2316 +#: sssd-ldap.5.xml:2374 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -7636,52 +8458,52 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2327 +#: sssd-ldap.5.xml:2385 msgid "ldap_sudorule_object_class (string)" msgstr "ldap_sudorule_object_class (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2330 +#: sssd-ldap.5.xml:2388 msgid "The object class of a sudo rule entry in LDAP." msgstr "El objeto clase de una regla de entrada sudo en LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2333 +#: sssd-ldap.5.xml:2391 msgid "Default: sudoRole" msgstr "Por defecto: sudoRole" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2339 +#: sssd-ldap.5.xml:2397 msgid "ldap_sudorule_name (string)" msgstr "ldap_sudorule_name (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2342 +#: sssd-ldap.5.xml:2400 msgid "The LDAP attribute that corresponds to the sudo rule name." msgstr "El atributo LDAP que corresponde a la regla nombre de sudo." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2352 +#: sssd-ldap.5.xml:2410 msgid "ldap_sudorule_command (string)" msgstr "ldap_sudorule_command (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2355 +#: sssd-ldap.5.xml:2413 msgid "The LDAP attribute that corresponds to the command name." msgstr "El atributo LDAP que corresponde al nombre de comando." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2359 +#: sssd-ldap.5.xml:2417 msgid "Default: sudoCommand" msgstr "Por defecto: sudoCommand" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2365 +#: sssd-ldap.5.xml:2423 msgid "ldap_sudorule_host (string)" msgstr "ldap_sudorule_host (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2368 +#: sssd-ldap.5.xml:2426 msgid "" "The LDAP attribute that corresponds to the host name (or host IP address, " "host IP network, or host netgroup)" @@ -7690,17 +8512,17 @@ msgstr "" "red IP del host o grupo de red del host)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2373 +#: sssd-ldap.5.xml:2431 msgid "Default: sudoHost" msgstr "Por defecto: sudoHost" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2379 +#: sssd-ldap.5.xml:2437 msgid "ldap_sudorule_user (string)" msgstr "ldap_sudorule_user (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2382 +#: sssd-ldap.5.xml:2440 msgid "" "The LDAP attribute that corresponds to the user name (or UID, group name or " "user's netgroup)" @@ -7709,32 +8531,32 @@ msgstr "" "grupo o grupo de red del usuario)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2386 +#: sssd-ldap.5.xml:2444 msgid "Default: sudoUser" msgstr "Por defecto: sudoUser" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2392 +#: sssd-ldap.5.xml:2450 msgid "ldap_sudorule_option (string)" msgstr "ldap_sudorule_option (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2395 +#: sssd-ldap.5.xml:2453 msgid "The LDAP attribute that corresponds to the sudo options." msgstr "El atributo LDAP que corresponde a las opciones sudo." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2399 +#: sssd-ldap.5.xml:2457 msgid "Default: sudoOption" msgstr "Por defecto: sudoOption" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2405 +#: sssd-ldap.5.xml:2463 msgid "ldap_sudorule_runasuser (string)" msgstr "ldap_sudorule_runasuser (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2408 +#: sssd-ldap.5.xml:2466 msgid "" "The LDAP attribute that corresponds to the user name that commands may be " "run as." @@ -7743,17 +8565,17 @@ msgstr "" "pueden ejecutar como." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2412 +#: sssd-ldap.5.xml:2470 msgid "Default: sudoRunAsUser" msgstr "Por defectot: sudoRunAsUser" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2418 +#: sssd-ldap.5.xml:2476 msgid "ldap_sudorule_runasgroup (string)" msgstr "ldap_sudorule_runasgroup (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2421 +#: sssd-ldap.5.xml:2479 msgid "" "The LDAP attribute that corresponds to the group name or group GID that " "commands may be run as." @@ -7762,17 +8584,17 @@ msgstr "" "ejecutar comandos como." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2425 +#: sssd-ldap.5.xml:2483 msgid "Default: sudoRunAsGroup" msgstr "Por defecto: sudoRunAsGroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2431 +#: sssd-ldap.5.xml:2489 msgid "ldap_sudorule_notbefore (string)" msgstr "ldap_sudorule_notbefore (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2434 +#: sssd-ldap.5.xml:2492 msgid "" "The LDAP attribute that corresponds to the start date/time for when the sudo " "rule is valid." @@ -7781,17 +8603,17 @@ msgstr "" "regla sudo es válida." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2438 +#: sssd-ldap.5.xml:2496 msgid "Default: sudoNotBefore" msgstr "Por defecto: sudoNotBefore" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2444 +#: sssd-ldap.5.xml:2502 msgid "ldap_sudorule_notafter (string)" msgstr "ldap_sudorule_notafter (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2447 +#: sssd-ldap.5.xml:2505 msgid "" "The LDAP attribute that corresponds to the expiration date/time, after which " "the sudo rule will no longer be valid." @@ -7800,32 +8622,32 @@ msgstr "" "la regla sudo dejará de ser válida." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2452 +#: sssd-ldap.5.xml:2510 msgid "Default: sudoNotAfter" msgstr "Por defecto: sudoNotAfter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2458 +#: sssd-ldap.5.xml:2516 msgid "ldap_sudorule_order (string)" msgstr "ldap_sudorule_order (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2461 +#: sssd-ldap.5.xml:2519 msgid "The LDAP attribute that corresponds to the ordering index of the rule." msgstr "El atributo LDAP que corresponde al índice de ordenación de la regla." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2465 +#: sssd-ldap.5.xml:2523 msgid "Default: sudoOrder" msgstr "Por defecto: sudoOrder" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2471 +#: sssd-ldap.5.xml:2529 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "ldap_sudo_full_refresh_interval (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2474 +#: sssd-ldap.5.xml:2532 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." @@ -7835,7 +8657,7 @@ msgstr "" "servidor)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2479 +#: sssd-ldap.5.xml:2537 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </" "emphasis>" @@ -7844,28 +8666,33 @@ msgstr "" "emphasis>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2484 +#: sssd-ldap.5.xml:2542 msgid "Default: 21600 (6 hours)" msgstr "Por defecto: 21600 (6 horas)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2490 +#: sssd-ldap.5.xml:2548 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "ldap_sudo_smart_refresh_interval (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2493 +#: sssd-ldap.5.xml:2551 +#, fuzzy +#| msgid "" +#| "How many seconds SSSD has to wait before executing a smart refresh of " +#| "sudo rules (which downloads all rules that have USN higher than the " +#| "highest USN of cached rules)." msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " -"rules (which downloads all rules that have USN higher than the highest USN " -"of cached rules)." +"rules (which downloads all rules that have USN higher than the highest " +"server USN value that is currently known by SSSD)." msgstr "" "Cuantos segundos tiene que esperar SSSD antes de ejecutar una actualización " "inteligente de las reglas sudo (que descarga todas las reglas que tienen " "USBN más alto que el USN más alto de las reglas escondidas)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2499 +#: sssd-ldap.5.xml:2557 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." @@ -7873,13 +8700,23 @@ msgstr "" "Si los atributos USN no se soportan por el servidor, se usa en su lugar el " "atributo modifyTimestamp." +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:2561 +msgid "" +"<emphasis>Note:</emphasis> the highest USN value can be updated by three " +"tasks: 1) By sudo full and smart refresh (if updated rules are found), 2) by " +"enumeration of users and groups (if enabled and updated users or groups are " +"found) and 3) by reconnecting to the server (by default every 15 minutes, " +"see <emphasis>ldap_connection_expire_timeout</emphasis>)." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2509 +#: sssd-ldap.5.xml:2578 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "ldap_sudo_use_host_filter (booleano)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2512 +#: sssd-ldap.5.xml:2581 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." @@ -7888,12 +8725,12 @@ msgstr "" "máquina (usando las direcciones de host/red y nombres de host IPv4 o IPv6)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2523 +#: sssd-ldap.5.xml:2592 msgid "ldap_sudo_hostnames (string)" msgstr "ldap_sudo_hostnames (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2526 +#: sssd-ldap.5.xml:2595 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." @@ -7902,7 +8739,7 @@ msgstr "" "totalmente cualificados que sería usada para filtrar las reglas." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2531 +#: sssd-ldap.5.xml:2600 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." @@ -7911,8 +8748,8 @@ msgstr "" "nombre de dominio totalmente cualificado automáticamente." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2536 sssd-ldap.5.xml:2559 sssd-ldap.5.xml:2577 -#: sssd-ldap.5.xml:2595 +#: sssd-ldap.5.xml:2605 sssd-ldap.5.xml:2628 sssd-ldap.5.xml:2646 +#: sssd-ldap.5.xml:2664 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</" "emphasis> then this option has no effect." @@ -7921,17 +8758,17 @@ msgstr "" "emphasis> esta opción no tiene efecto." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2541 sssd-ldap.5.xml:2564 +#: sssd-ldap.5.xml:2610 sssd-ldap.5.xml:2633 msgid "Default: not specified" msgstr "Por defecto: no especificado" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2547 +#: sssd-ldap.5.xml:2616 msgid "ldap_sudo_ip (string)" msgstr "ldap_sudo_ip (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2550 +#: sssd-ldap.5.xml:2619 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." @@ -7940,7 +8777,7 @@ msgstr "" "usada para filtrar las reglas." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2555 +#: sssd-ldap.5.xml:2624 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." @@ -7949,12 +8786,12 @@ msgstr "" "automáticamente." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2570 +#: sssd-ldap.5.xml:2639 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "sudo_include_netgroups (booleano)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2573 +#: sssd-ldap.5.xml:2642 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." @@ -7963,12 +8800,12 @@ msgstr "" "atributo sudoHost." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2588 +#: sssd-ldap.5.xml:2657 msgid "ldap_sudo_include_regexp (boolean)" msgstr "ldap_sudo_include_regexp (booleano)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2591 +#: sssd-ldap.5.xml:2660 msgid "" "If true then SSSD will download every rule that contains a wildcard in " "sudoHost attribute." @@ -7977,14 +8814,14 @@ msgstr "" "atributo sudoHost." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><note><para> -#: sssd-ldap.5.xml:2601 +#: sssd-ldap.5.xml:2670 msgid "" "Using wildcard is an operation that is very costly to evaluate on the LDAP " "server side!" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2613 +#: sssd-ldap.5.xml:2682 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -7997,87 +8834,87 @@ msgstr "" "manvolnum> </citerefentry>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2623 +#: sssd-ldap.5.xml:2692 msgid "AUTOFS OPTIONS" msgstr "OPCIONES AUTOFS" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2625 +#: sssd-ldap.5.xml:2694 msgid "" "Some of the defaults for the parameters below are dependent on the LDAP " "schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2631 +#: sssd-ldap.5.xml:2700 msgid "ldap_autofs_map_master_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2634 +#: sssd-ldap.5.xml:2703 msgid "The name of the automount master map in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2637 +#: sssd-ldap.5.xml:2706 msgid "Default: auto.master" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2644 +#: sssd-ldap.5.xml:2713 msgid "ldap_autofs_map_object_class (string)" msgstr "ldap_autofs_map_object_class (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2647 +#: sssd-ldap.5.xml:2716 msgid "The object class of an automount map entry in LDAP." msgstr "El objeto clase de una entrada de mapa de automontaje en LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2650 +#: sssd-ldap.5.xml:2719 msgid "Default: nisMap (rfc2307, autofs_provider=ad), otherwise automountMap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2658 +#: sssd-ldap.5.xml:2727 msgid "ldap_autofs_map_name (string)" msgstr "ldap_autofs_map_name (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2661 +#: sssd-ldap.5.xml:2730 msgid "The name of an automount map entry in LDAP." msgstr "El nombre de una entrada de mapa de automontaje en LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2664 +#: sssd-ldap.5.xml:2733 msgid "" "Default: nisMapName (rfc2307, autofs_provider=ad), otherwise automountMapName" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2672 +#: sssd-ldap.5.xml:2741 msgid "ldap_autofs_entry_object_class (string)" msgstr "ldap_autofs_entry_object_class (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2675 +#: sssd-ldap.5.xml:2744 msgid "" "The object class of an automount entry in LDAP. The entry usually " "corresponds to a mount point." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2680 +#: sssd-ldap.5.xml:2749 msgid "Default: nisObject (rfc2307, autofs_provider=ad), otherwise automount" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2688 +#: sssd-ldap.5.xml:2757 msgid "ldap_autofs_entry_key (string)" msgstr "ldap_autofs_entry_key (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2691 sssd-ldap.5.xml:2706 +#: sssd-ldap.5.xml:2760 sssd-ldap.5.xml:2775 msgid "" "The key of an automount entry in LDAP. The entry usually corresponds to a " "mount point." @@ -8086,24 +8923,24 @@ msgstr "" "normalmente a un punto de montaje." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2695 +#: sssd-ldap.5.xml:2764 msgid "Default: cn (rfc2307, autofs_provider=ad), otherwise automountKey" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2703 +#: sssd-ldap.5.xml:2772 msgid "ldap_autofs_entry_value (string)" msgstr "ldap_autofs_entry_value (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2710 +#: sssd-ldap.5.xml:2779 msgid "" "Default: nisMapEntry (rfc2307, autofs_provider=ad), otherwise " "automountInformation" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2629 +#: sssd-ldap.5.xml:2698 msgid "" "<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" "\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " @@ -8112,32 +8949,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2721 +#: sssd-ldap.5.xml:2790 msgid "ADVANCED OPTIONS" msgstr "OPCIONES AVANZADAS" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2728 +#: sssd-ldap.5.xml:2797 msgid "ldap_netgroup_search_base (string)" msgstr "ldap_netgroup_search_base (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2733 +#: sssd-ldap.5.xml:2802 msgid "ldap_user_search_base (string)" msgstr "ldap_user_search_base (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2738 +#: sssd-ldap.5.xml:2807 msgid "ldap_group_search_base (string)" msgstr "ldap_group_search_base (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note> -#: sssd-ldap.5.xml:2743 +#: sssd-ldap.5.xml:2812 msgid "<note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note><para> -#: sssd-ldap.5.xml:2745 +#: sssd-ldap.5.xml:2814 msgid "" "If the option <quote>ldap_use_tokengroups</quote> is enabled, the searches " "against Active Directory will not be restricted and return all groups " @@ -8146,22 +8983,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist> -#: sssd-ldap.5.xml:2752 +#: sssd-ldap.5.xml:2821 msgid "</note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2754 +#: sssd-ldap.5.xml:2823 msgid "ldap_sudo_search_base (string)" msgstr "ldap_sudo_search_base (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2759 +#: sssd-ldap.5.xml:2828 msgid "ldap_autofs_search_base (string)" msgstr "ldap_autofs_search_base (cadena)" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2723 +#: sssd-ldap.5.xml:2792 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -8170,14 +9007,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2774 sssd-simple.5.xml:131 sssd-ipa.5.xml:843 -#: sssd-ad.5.xml:1078 sssd-krb5.5.xml:570 sss_rpcidmapd.5.xml:98 +#: sssd-ldap.5.xml:2843 sssd-simple.5.xml:131 sssd-ipa.5.xml:843 +#: sssd-ad.5.xml:1097 sssd-krb5.5.xml:604 sss_rpcidmapd.5.xml:98 #: sssd-files.5.xml:130 sssd-session-recording.5.xml:144 msgid "EXAMPLE" msgstr "EJEMPLO" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2776 +#: sssd-ldap.5.xml:2845 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -8188,7 +9025,7 @@ msgstr "" "replaceable>." #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2782 +#: sssd-ldap.5.xml:2851 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -8201,27 +9038,27 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:2781 sssd-ldap.5.xml:2799 sssd-simple.5.xml:139 -#: sssd-ipa.5.xml:851 sssd-ad.5.xml:1086 sssd-sudo.5.xml:56 sssd-krb5.5.xml:579 +#: sssd-ldap.5.xml:2850 sssd-ldap.5.xml:2868 sssd-simple.5.xml:139 +#: sssd-ipa.5.xml:851 sssd-ad.5.xml:1105 sssd-sudo.5.xml:56 sssd-krb5.5.xml:613 #: sssd-files.5.xml:137 sssd-files.5.xml:148 sssd-session-recording.5.xml:150 #: include/ldap_id_mapping.xml:105 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "<placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2793 +#: sssd-ldap.5.xml:2862 msgid "LDAP ACCESS FILTER EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2795 +#: sssd-ldap.5.xml:2864 msgid "" "The following example assumes that SSSD is correctly configured and to use " "the ldap_access_order=lockout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2800 +#: sssd-ldap.5.xml:2869 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -8237,13 +9074,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2815 sssd_krb5_locator_plugin.8.xml:81 sssd-simple.5.xml:148 -#: sssd-ad.5.xml:1101 sssd.8.xml:257 sss_seed.8.xml:163 +#: sssd-ldap.5.xml:2884 sssd_krb5_locator_plugin.8.xml:83 sssd-simple.5.xml:148 +#: sssd-ad.5.xml:1120 sssd.8.xml:257 sss_seed.8.xml:163 msgid "NOTES" msgstr "NOTAS" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2817 +#: sssd-ldap.5.xml:2886 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -8467,17 +9304,15 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: pam_sss.8.xml:211 -#, fuzzy -#| msgid "<option>use_authtok</option>" msgid "<option>try_cert_auth</option>" -msgstr "<option>use_authtok</option>" +msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: pam_sss.8.xml:215 msgid "" "Try to use certificate based authentication, i.e. authentication with a " "Smartcard or similar devices. If a Smartcard is available and the service is " -"allowed for Smartcard authentication the use will be prompted for a PIN and " +"allowed for Smartcard authentication the user will be prompted for a PIN and " "the certificate based authentication will continue" msgstr "" @@ -8490,10 +9325,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: pam_sss.8.xml:231 -#, fuzzy -#| msgid "<option>quiet</option>" msgid "<option>require_cert_auth</option>" -msgstr "<option>quiet</option>" +msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: pam_sss.8.xml:235 @@ -8528,13 +9361,22 @@ msgstr "" "Todos los tipos de módulos (<option>account</option>, <option>auth</option>, " "<option>password</option> y <option>session</option>) son suministrados." +#. type: Content of: <reference><refentry><refsect1><para> +#: pam_sss.8.xml:259 +msgid "" +"If SSSD's PAM responder is not running, e.g. if the PAM responder socket is " +"not available, pam_sss will return PAM_USER_UNKNOWN when called as " +"<option>account</option> module to avoid issues with users from other " +"sources during access control." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><title> -#: pam_sss.8.xml:262 +#: pam_sss.8.xml:266 msgid "FILES" msgstr "ARCHIVOS" #. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:263 +#: pam_sss.8.xml:267 msgid "" "If a password reset by root fails, because the corresponding SSSD provider " "does not support password resets, an individual message can be displayed. " @@ -8546,7 +9388,7 @@ msgstr "" "sobre como resetear un password." #. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:268 +#: pam_sss.8.xml:272 msgid "" "The message is read from the file <filename>pam_sss_pw_reset_message.LOC</" "filename> where LOC stands for a locale string returned by <citerefentry> " @@ -8566,7 +9408,7 @@ msgstr "" "lectura." #. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:278 +#: pam_sss.8.xml:282 msgid "" "These files are searched in the directory <filename>/etc/sssd/customize/" "DOMAIN_NAME/</filename>. If no matching file is present a generic message is " @@ -8619,34 +9461,44 @@ msgstr "" msgid "" "The plugin reads the information about the KDCs of a given realm from a file " "called <filename>kdcinfo.REALM</filename>. The file should contain one or " -"more IP addresses either in dotted-decimal IPv4 notation or the hexadecimal " -"IPv6 notation. An optional port number can be added to the end separated " -"with a colon, the IPv6 address has to be enclosed in squared brackets in " -"this case as usual. Valid entries are:" +"more DNS names or IP addresses either in dotted-decimal IPv4 notation or the " +"hexadecimal IPv6 notation. An optional port number can be added to the end " +"separated with a colon, the IPv6 address has to be enclosed in squared " +"brackets in this case as usual. Valid entries are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> #: sssd_krb5_locator_plugin.8.xml:58 -msgid "1.2.3.4" +msgid "kdc.example.com" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> #: sssd_krb5_locator_plugin.8.xml:59 -msgid "5.6.7.8:99" +msgid "kdc.example.com:321" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> #: sssd_krb5_locator_plugin.8.xml:60 -msgid "2001:db8:85a3::8a2e:370:7334" +msgid "1.2.3.4" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> #: sssd_krb5_locator_plugin.8.xml:61 +msgid "5.6.7.8:99" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd_krb5_locator_plugin.8.xml:62 +msgid "2001:db8:85a3::8a2e:370:7334" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd_krb5_locator_plugin.8.xml:63 msgid "[2001:db8:85a3::8a2e:370:7334]:321" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:63 +#: sssd_krb5_locator_plugin.8.xml:65 msgid "" "SSSD's krb5 auth-provider which is used by the IPA and AD providers as well " "adds the address of the current KDC or domain controller SSSD is using to " @@ -8654,7 +9506,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:68 +#: sssd_krb5_locator_plugin.8.xml:70 msgid "" "In environments with read-only and read-write KDCs where clients are " "expected to use the read-only instances for the general operations and only " @@ -8667,7 +9519,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:83 +#: sssd_krb5_locator_plugin.8.xml:85 msgid "" "Not all Kerberos implementations support the use of plugins. If " "<command>sssd_krb5_locator_plugin</command> is not available on your system " @@ -8678,7 +9530,7 @@ msgstr "" "usted tiene que editar /etc/krb5.conf para reflejar sus ajustes Kerberos." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:89 +#: sssd_krb5_locator_plugin.8.xml:91 msgid "" "If the environment variable SSSD_KRB5_LOCATOR_DEBUG is set to any value " "debug messages will be sent to stderr." @@ -8687,13 +9539,22 @@ msgstr "" "valor los mensajes de depuración se enviarán a stderr." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:93 +#: sssd_krb5_locator_plugin.8.xml:95 msgid "" "If the environment variable SSSD_KRB5_LOCATOR_DISABLE is set to any value " "the plugin is disabled and will just return KRB5_PLUGIN_NO_HANDLE to the " "caller." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:100 +msgid "" +"If the environment variable SSSD_KRB5_LOCATOR_IGNORE_DNS_FAILURES is set to " +"any value plugin will try to resolve all DNS names in kdcinfo file. By " +"default plugin returns KRB5_PLUGIN_NO_HANDLE to the caller immediately on " +"first DNS resolving failure." +msgstr "" + #. type: Content of: <reference><refentry><refnamediv><refname> #: sssd-simple.5.xml:10 sssd-simple.5.xml:16 msgid "sssd-simple" @@ -9852,7 +10713,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:128 sssd-ad.5.xml:888 +#: sssd-ipa.5.xml:128 sssd-ad.5.xml:907 msgid "dyndns_update (boolean)" msgstr "" @@ -9867,7 +10728,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:140 sssd-ad.5.xml:902 +#: sssd-ipa.5.xml:140 sssd-ad.5.xml:921 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" @@ -9885,12 +10746,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:157 sssd-ad.5.xml:913 +#: sssd-ipa.5.xml:157 sssd-ad.5.xml:932 msgid "dyndns_ttl (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:160 sssd-ad.5.xml:916 +#: sssd-ipa.5.xml:160 sssd-ad.5.xml:935 msgid "" "The TTL to apply to the client DNS record when updating it. If " "dyndns_update is false this has no effect. This will override the TTL " @@ -9911,12 +10772,12 @@ msgid "Default: 1200 (seconds)" msgstr "Por defecto: 1200 (segundos)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:177 sssd-ad.5.xml:927 +#: sssd-ipa.5.xml:177 sssd-ad.5.xml:946 msgid "dyndns_iface (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:180 sssd-ad.5.xml:930 +#: sssd-ipa.5.xml:180 sssd-ad.5.xml:949 msgid "" "Optional. Applicable only when dyndns_update is true. Choose the interface " "or a list of interfaces whose IP addresses should be used for dynamic DNS " @@ -9940,17 +10801,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:197 sssd-ad.5.xml:941 +#: sssd-ipa.5.xml:197 sssd-ad.5.xml:960 msgid "Example: dyndns_iface = em1, vnet1, vnet2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:203 sssd-ad.5.xml:992 +#: sssd-ipa.5.xml:203 sssd-ad.5.xml:1011 msgid "dyndns_auth (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:206 sssd-ad.5.xml:995 +#: sssd-ipa.5.xml:206 sssd-ad.5.xml:1014 msgid "" "Whether the nsupdate utility should use GSS-TSIG authentication for secure " "updates with the DNS server, insecure updates can be sent by setting this " @@ -9958,7 +10819,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:212 sssd-ad.5.xml:1001 +#: sssd-ipa.5.xml:212 sssd-ad.5.xml:1020 msgid "Default: GSS-TSIG" msgstr "" @@ -9985,7 +10846,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:244 sssd-ad.5.xml:947 +#: sssd-ipa.5.xml:244 sssd-ad.5.xml:966 msgid "dyndns_refresh_interval (integer)" msgstr "" @@ -9998,12 +10859,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:260 sssd-ad.5.xml:965 +#: sssd-ipa.5.xml:260 sssd-ad.5.xml:984 msgid "dyndns_update_ptr (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:263 sssd-ad.5.xml:968 +#: sssd-ipa.5.xml:263 sssd-ad.5.xml:987 msgid "" "Whether the PTR record should also be explicitly updated when updating the " "client's DNS records. Applicable only when dyndns_update is true." @@ -10022,62 +10883,60 @@ msgid "Default: False (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:280 sssd-ad.5.xml:979 +#: sssd-ipa.5.xml:280 sssd-ad.5.xml:998 msgid "dyndns_force_tcp (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:283 sssd-ad.5.xml:982 +#: sssd-ipa.5.xml:283 sssd-ad.5.xml:1001 msgid "" "Whether the nsupdate utility should default to using TCP for communicating " "with the DNS server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:287 sssd-ad.5.xml:986 +#: sssd-ipa.5.xml:287 sssd-ad.5.xml:1005 msgid "Default: False (let nsupdate choose the protocol)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:293 sssd-ad.5.xml:1007 +#: sssd-ipa.5.xml:293 sssd-ad.5.xml:1026 msgid "dyndns_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:296 sssd-ad.5.xml:1010 +#: sssd-ipa.5.xml:296 sssd-ad.5.xml:1029 msgid "" "The DNS server to use when performing a DNS update. In most setups, it's " "recommended to leave this option unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:301 sssd-ad.5.xml:1015 +#: sssd-ipa.5.xml:301 sssd-ad.5.xml:1034 msgid "" "Setting this option makes sense for environments where the DNS server is " "different from the identity server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:306 sssd-ad.5.xml:1020 +#: sssd-ipa.5.xml:306 sssd-ad.5.xml:1039 msgid "" "Please note that this option will be only used in fallback attempt when " "previous attempt using autodetected settings failed." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:311 sssd-ad.5.xml:1025 +#: sssd-ipa.5.xml:311 sssd-ad.5.xml:1044 msgid "Default: None (let nsupdate choose the server)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:317 sssd-ad.5.xml:1031 -#, fuzzy -#| msgid "ldap_disable_paging (boolean)" +#: sssd-ipa.5.xml:317 sssd-ad.5.xml:1050 msgid "dyndns_update_per_family (boolean)" -msgstr "ldap_disable_paging (booleano)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:320 sssd-ad.5.xml:1034 +#: sssd-ipa.5.xml:320 sssd-ad.5.xml:1053 msgid "" "DNS update is by default performed in two steps - IPv4 update and then IPv6 " "update. In some cases it might be desirable to perform IPv4 and IPv6 update " @@ -10202,26 +11061,26 @@ msgstr "" "convertido hacia la base DN para usarlo para llevar a cabo operaciones LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:458 sssd-ad.5.xml:1049 +#: sssd-ipa.5.xml:458 sssd-ad.5.xml:1068 msgid "krb5_confd_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:461 sssd-ad.5.xml:1052 +#: sssd-ipa.5.xml:461 sssd-ad.5.xml:1071 msgid "" "Absolute path of a directory where SSSD should place Kerberos configuration " "snippets." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:465 sssd-ad.5.xml:1056 +#: sssd-ipa.5.xml:465 sssd-ad.5.xml:1075 msgid "" "To disable the creation of the configuration snippets set the parameter to " "'none'." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:469 sssd-ad.5.xml:1060 +#: sssd-ipa.5.xml:469 sssd-ad.5.xml:1079 msgid "" "Default: not set (krb5.include.d subdirectory of SSSD's pubconf directory)" msgstr "" @@ -10240,7 +11099,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:486 sssd-ipa.5.xml:516 sssd-ipa.5.xml:532 sssd-ad.5.xml:452 +#: sssd-ipa.5.xml:486 sssd-ipa.5.xml:516 sssd-ipa.5.xml:532 sssd-ad.5.xml:471 msgid "Default: 5 (seconds)" msgstr "Predeterminado: 5 (segundos)" @@ -10563,37 +11422,20 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ipa.5.xml:749 -#, fuzzy -#| msgid "" -#| "These configuration options can be present in a domain configuration " -#| "section, that is, in a section called <quote>[domain/<replaceable>NAME</" -#| "replaceable>]</quote> <placeholder type=\"variablelist\" id=\"0\"/>" msgid "" "Some configuration options can be also set for a trusted domain. A trusted " "domain configuration can either be done using a subsection, for example: " "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" -"Estas opciones de configuración pueden estar presentes en la sección " -"configuración de dominio, esto es, en una sección llamada <quote>[domain/" -"<replaceable>NAME</replaceable>]</quote> <placeholder type=\"variablelist\" " -"id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ipa.5.xml:758 -#, fuzzy -#| msgid "" -#| "Please refer to the <quote>dns_discovery_domain</quote> parameter in the " -#| "<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -#| "manvolnum> </citerefentry> manual page for more details." msgid "" "In addition, some options can be set in the parent domain and inherited by " "the trusted domain using the <quote>subdomain_inherit</quote> option. For " "more details, see the <citerefentry> <refentrytitle>sssd.conf</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page." msgstr "" -"Por favor vea el parámetro <quote>dns_discovery_domain</quote> en la página " -"de manual <citerefentry> <refentrytitle>sssd.conf</refentrytitle> " -"<manvolnum>5</manvolnum> </citerefentry> para más detalles." #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ipa.5.xml:768 @@ -10620,10 +11462,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> #: sssd-ipa.5.xml:782 -#, fuzzy -#| msgid "ad_server, ad_backup_server (string)" msgid "ad_backup_server" -msgstr "ad_server, ad_backup_server (cadena)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> #: sssd-ipa.5.xml:785 sssd-ipa.5.xml:812 @@ -10632,24 +11472,18 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> #: sssd-ipa.5.xml:788 -#, fuzzy -#| msgid "ldap_search_base (string)" msgid "ldap_search_base" -msgstr "ldap_search_base (cadena)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> #: sssd-ipa.5.xml:791 -#, fuzzy -#| msgid "ldap_user_search_base (string)" msgid "ldap_user_search_base" -msgstr "ldap_user_search_base (cadena)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> #: sssd-ipa.5.xml:794 -#, fuzzy -#| msgid "ldap_group_search_base (string)" msgid "ldap_group_search_base" -msgstr "ldap_group_search_base (cadena)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> #: sssd-ipa.5.xml:803 @@ -11161,10 +11995,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ad.5.xml:421 -#, fuzzy -#| msgid "ldap_id_mapping (boolean)" msgid "ad_gpo_implicit_deny (boolean)" -msgstr "ldap_id_mapping (booleano)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:424 @@ -11178,12 +12010,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:442 +#: sssd-ad.5.xml:441 +#, fuzzy +#| msgid "ldap_referrals (boolean)" +msgid "ad_gpo_ignore_unreadable (boolean)" +msgstr "ldap_referrals (boolean)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:444 +msgid "" +"Normally when some group policy containers (AD object) of applicable group " +"policy objects are not readable by SSSD then users are denied access. This " +"option allows to ignore group policy containers and with them associated " +"policies if their attributes in group policy containers are not readable for " +"SSSD." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:461 msgid "ad_gpo_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:445 +#: sssd-ad.5.xml:464 msgid "" "The amount of time between lookups of GPO policy files against the AD " "server. This will reduce the latency and load on the AD server if there are " @@ -11191,12 +12040,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:458 +#: sssd-ad.5.xml:477 msgid "ad_gpo_map_interactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:461 +#: sssd-ad.5.xml:480 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the InteractiveLogonRight and " @@ -11204,14 +12053,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:467 +#: sssd-ad.5.xml:486 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on locally\" and \"Deny log on locally\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:481 +#: sssd-ad.5.xml:500 #, no-wrap msgid "" "ad_gpo_map_interactive = +my_pam_service, -login\n" @@ -11219,7 +12068,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:472 +#: sssd-ad.5.xml:491 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -11231,42 +12080,42 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:504 +#: sssd-ad.5.xml:523 msgid "gdm-fingerprint" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:524 +#: sssd-ad.5.xml:543 msgid "lightdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:529 +#: sssd-ad.5.xml:548 msgid "lxdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:534 +#: sssd-ad.5.xml:553 msgid "sddm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:539 +#: sssd-ad.5.xml:558 msgid "unity" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:544 +#: sssd-ad.5.xml:563 msgid "xdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:553 +#: sssd-ad.5.xml:572 msgid "ad_gpo_map_remote_interactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:556 +#: sssd-ad.5.xml:575 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the RemoteInteractiveLogonRight and " @@ -11274,7 +12123,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:562 +#: sssd-ad.5.xml:581 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on through Remote Desktop Services\" and \"Deny log on through Remote " @@ -11282,7 +12131,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:577 +#: sssd-ad.5.xml:596 #, no-wrap msgid "" "ad_gpo_map_remote_interactive = +my_pam_service, -sshd\n" @@ -11290,7 +12139,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:568 +#: sssd-ad.5.xml:587 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -11302,22 +12151,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:585 +#: sssd-ad.5.xml:604 msgid "sshd" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:590 +#: sssd-ad.5.xml:609 msgid "cockpit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:599 +#: sssd-ad.5.xml:618 msgid "ad_gpo_map_network (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:602 +#: sssd-ad.5.xml:621 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the NetworkLogonRight and " @@ -11325,7 +12174,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:608 +#: sssd-ad.5.xml:627 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Access " "this computer from the network\" and \"Deny access to this computer from the " @@ -11333,7 +12182,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:623 +#: sssd-ad.5.xml:642 #, no-wrap msgid "" "ad_gpo_map_network = +my_pam_service, -ftp\n" @@ -11341,7 +12190,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:614 +#: sssd-ad.5.xml:633 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -11353,22 +12202,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:631 +#: sssd-ad.5.xml:650 msgid "ftp" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:636 +#: sssd-ad.5.xml:655 msgid "samba" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:645 +#: sssd-ad.5.xml:664 msgid "ad_gpo_map_batch (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:648 +#: sssd-ad.5.xml:667 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the BatchLogonRight and DenyBatchLogonRight " @@ -11376,14 +12225,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:654 +#: sssd-ad.5.xml:673 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a batch job\" and \"Deny log on as a batch job\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:668 +#: sssd-ad.5.xml:687 #, no-wrap msgid "" "ad_gpo_map_batch = +my_pam_service, -crond\n" @@ -11391,7 +12240,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:659 +#: sssd-ad.5.xml:678 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -11403,23 +12252,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:671 +#: sssd-ad.5.xml:690 msgid "" "Note: Cron service name may differ depending on Linux distribution used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:677 +#: sssd-ad.5.xml:696 msgid "crond" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:686 +#: sssd-ad.5.xml:705 msgid "ad_gpo_map_service (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:689 +#: sssd-ad.5.xml:708 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the ServiceLogonRight and " @@ -11427,14 +12276,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:695 +#: sssd-ad.5.xml:714 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a service\" and \"Deny log on as a service\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:708 +#: sssd-ad.5.xml:727 #, no-wrap msgid "" "ad_gpo_map_service = +my_pam_service\n" @@ -11442,7 +12291,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:700 sssd-ad.5.xml:775 +#: sssd-ad.5.xml:719 sssd-ad.5.xml:794 msgid "" "It is possible to add a PAM service name to the default set by using <quote>" "+service_name</quote>. Since the default set is empty, it is not possible " @@ -11453,19 +12302,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:718 +#: sssd-ad.5.xml:737 msgid "ad_gpo_map_permit (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:721 +#: sssd-ad.5.xml:740 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always granted, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:735 +#: sssd-ad.5.xml:754 #, no-wrap msgid "" "ad_gpo_map_permit = +my_pam_service, -sudo\n" @@ -11473,7 +12322,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:726 +#: sssd-ad.5.xml:745 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -11485,29 +12334,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:743 +#: sssd-ad.5.xml:762 msgid "polkit-1" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:758 +#: sssd-ad.5.xml:777 msgid "systemd-user" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:767 +#: sssd-ad.5.xml:786 msgid "ad_gpo_map_deny (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:770 +#: sssd-ad.5.xml:789 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always denied, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:783 +#: sssd-ad.5.xml:802 #, no-wrap msgid "" "ad_gpo_map_deny = +my_pam_service\n" @@ -11515,12 +12364,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:793 +#: sssd-ad.5.xml:812 msgid "ad_gpo_default_right (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:796 +#: sssd-ad.5.xml:815 msgid "" "This option defines how access control is evaluated for PAM service names " "that are not explicitly listed in one of the ad_gpo_map_* options. This " @@ -11533,57 +12382,57 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:809 +#: sssd-ad.5.xml:828 msgid "Supported values for this option include:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:813 +#: sssd-ad.5.xml:832 msgid "interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:818 +#: sssd-ad.5.xml:837 msgid "remote_interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:823 +#: sssd-ad.5.xml:842 msgid "network" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:828 +#: sssd-ad.5.xml:847 msgid "batch" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:833 +#: sssd-ad.5.xml:852 msgid "service" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:838 +#: sssd-ad.5.xml:857 msgid "permit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:843 +#: sssd-ad.5.xml:862 msgid "deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:849 +#: sssd-ad.5.xml:868 msgid "Default: deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:855 +#: sssd-ad.5.xml:874 msgid "ad_maximum_machine_account_password_age (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:858 +#: sssd-ad.5.xml:877 msgid "" "SSSD will check once a day if the machine account password is older than the " "given age in days and try to renew it. A value of 0 will disable the renewal " @@ -11591,17 +12440,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:864 +#: sssd-ad.5.xml:883 msgid "Default: 30 days" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:870 +#: sssd-ad.5.xml:889 msgid "ad_machine_account_password_renewal_opts (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:873 +#: sssd-ad.5.xml:892 msgid "" "This option should only be used to test the machine account renewal task. " "The option expects 2 integers separated by a colon (':'). The first integer " @@ -11611,12 +12460,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:882 +#: sssd-ad.5.xml:901 msgid "Default: 86400:750 (24h and 15m)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:891 +#: sssd-ad.5.xml:910 msgid "" "Optional. This option tells SSSD to automatically update the Active " "Directory DNS server with the IP address of this client. The update is " @@ -11627,19 +12476,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:921 +#: sssd-ad.5.xml:940 msgid "Default: 3600 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:937 +#: sssd-ad.5.xml:956 msgid "" "Default: Use the IP addresses of the interface which is used for AD LDAP " "connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:950 +#: sssd-ad.5.xml:969 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -11649,12 +12498,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:973 sss_rpcidmapd.5.xml:76 +#: sssd-ad.5.xml:992 sss_rpcidmapd.5.xml:76 msgid "Default: True" msgstr "Predeterminado: True" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1080 +#: sssd-ad.5.xml:1099 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -11665,7 +12514,7 @@ msgstr "" "Este ejemplo muestra sólo las opciones específicas del proveedor AD." #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1087 +#: sssd-ad.5.xml:1106 #, no-wrap msgid "" "[domain/EXAMPLE]\n" @@ -11689,7 +12538,7 @@ msgstr "" "ad_domain = example.com\n" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1107 +#: sssd-ad.5.xml:1126 #, no-wrap msgid "" "access_provider = ldap\n" @@ -11701,7 +12550,7 @@ msgstr "" "ldap_account_expire_policy = ad\n" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1103 +#: sssd-ad.5.xml:1122 msgid "" "The AD access control provider checks if the account is expired. It has the " "same effect as the following configuration of the LDAP provider: " @@ -11712,7 +12561,7 @@ msgstr "" "<placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1113 +#: sssd-ad.5.xml:1132 msgid "" "However, unless the <quote>ad</quote> access control provider is explicitly " "configured, the default access provider is <quote>permit</quote>. Please " @@ -11722,7 +12571,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1121 +#: sssd-ad.5.xml:1140 msgid "" "When the autofs provider is set to <quote>ad</quote>, the RFC2307 schema " "attribute mapping (nisMap, nisObject, ...) is used, because these attributes " @@ -12197,10 +13046,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd.8.xml:169 -#, fuzzy -#| msgid "<option>-c</option>,<option>--config</option>" msgid "<option>-g</option>,<option>--genconf</option>" -msgstr "<option>-c</option>,<option>--config</option>" +msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.8.xml:173 @@ -12211,10 +13058,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd.8.xml:181 -#, fuzzy -#| msgid "<option>-s</option>,<option>--stdin</option>" msgid "<option>-s</option>,<option>--genconf-section</option>" -msgstr "<option>-s</option>,<option>--stdin</option>" +msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.8.xml:185 @@ -13421,23 +14266,79 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-krb5.5.xml:505 +#, fuzzy +#| msgid "krb5_ccachedir (string)" +msgid "krb5_kdcinfo_lookahead (string)" +msgstr "krb5_ccachedir (cadena)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:508 +#, fuzzy +#| msgid "" +#| "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " +#| "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" +#| "citerefentry> for more information on configuring Kerberos." +msgid "" +"When krb5_use_kdcinfo is set to true, you can limit the amount of servers " +"handed to <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" +"refentrytitle> <manvolnum>8</manvolnum> </citerefentry>. This might be " +"helpful when there are too many servers discovered using SRV record." +msgstr "" +"<quote>krb5</quote> para cambiar una contraseña Kerberos. Vea <citerefentry> " +"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" +"citerefentry> para más información sobre configurar Kerberos." + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:518 +msgid "" +"The krb5_kdcinfo_lookahead option contains two numbers seperated by a colon. " +"The first number represents number of primary servers used and the second " +"number specifies the number of backup servers." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:524 +#, fuzzy +#| msgid "" +#| "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" +#| "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes " +#| "to evaluate if the password has expired." +msgid "" +"For example <emphasis>10:0</emphasis> means that up to 10 primary servers " +"will be handed to <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" +"refentrytitle> <manvolnum>8</manvolnum> </citerefentry>. but no backup " +"servers." +msgstr "" +"<emphasis>shadow</emphasis> - Usa los atributos de estilo " +"<citerefentry><refentrytitle>shadow</refentrytitle> <manvolnum>5</" +"manvolnum></citerefentry> para evaluar si la contraseña ha expirado." + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:533 +#, fuzzy +#| msgid "Default: 3" +msgid "Default: 3:1" +msgstr "Predeterminado: 3" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-krb5.5.xml:539 msgid "krb5_use_enterprise_principal (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:508 +#: sssd-krb5.5.xml:542 msgid "" "Specifies if the user principal should be treated as enterprise principal. " "See section 5 of RFC 6806 for more details about enterprise principals." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:514 +#: sssd-krb5.5.xml:548 msgid "Default: false (AD provider: true)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:517 +#: sssd-krb5.5.xml:551 msgid "" "The IPA provider will set to option to 'true' if it detects that the server " "is capable of handling enterprise principals and the option is not set " @@ -13445,12 +14346,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:526 +#: sssd-krb5.5.xml:560 msgid "krb5_map_user (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:529 +#: sssd-krb5.5.xml:563 msgid "" "The list of mappings is given as a comma-separated list of pairs " "<quote>username:primary</quote> where <quote>username</quote> is a UNIX user " @@ -13460,7 +14361,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-krb5.5.xml:541 +#: sssd-krb5.5.xml:575 #, no-wrap msgid "" "krb5_realm = REALM\n" @@ -13468,7 +14369,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:546 +#: sssd-krb5.5.xml:580 msgid "" "<quote>joe</quote> and <quote>dick</quote> are UNIX user names and " "<quote>juser</quote> and <quote>richard</quote> are primaries of kerberos " @@ -13488,7 +14389,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:572 +#: sssd-krb5.5.xml:606 msgid "" "The following example assumes that SSSD is correctly configured and FOO is " "one of the domains in the <replaceable>[sssd]</replaceable> section. This " @@ -13497,7 +14398,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-krb5.5.xml:580 +#: sssd-krb5.5.xml:614 #, no-wrap msgid "" "[domain/FOO]\n" @@ -14802,22 +15703,14 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_ssh_knownhostsproxy.1.xml:89 -#, fuzzy -#| msgid "<option>-k</option>,<option>--kick</option>" msgid "<option>-k</option>,<option>--pubkey</option>" -msgstr "<option>-k</option>,<option>--kick</option>" +msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_ssh_knownhostsproxy.1.xml:93 -#, fuzzy -#| msgid "" -#| "Search for host public keys in SSSD domain <replaceable>DOMAIN</" -#| "replaceable>." msgid "" "Print the host ssh public keys for host <replaceable>HOST</replaceable>." msgstr "" -"Busca las claves públicas del host en el dominio SSSD <replaceable>DOMAIN</" -"replaceable>." #. type: Content of: <reference><refentry><refnamediv><refname> #: idmap_sss.8.xml:10 idmap_sss.8.xml:15 @@ -14968,22 +15861,12 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-files.5.xml:58 -#, fuzzy -#| msgid "" -#| "The skeleton directory, which contains files and directories to be copied " -#| "in the user's home directory, when the home directory is created by " -#| "<citerefentry> <refentrytitle>sss_useradd</refentrytitle> <manvolnum>8</" -#| "manvolnum> </citerefentry>" msgid "" "Please note that some distributions enable the files domain automatically, " "prepending the domain before any explicitly configured domains. See " "enable_files_domain in <citerefentry> <refentrytitle>sssd.conf</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry>." msgstr "" -"El directorio esqueleto, el cual contiene archivos y directorios a copiarse " -"en el directorio principal del usuario, cuando se crea el directorio " -"principal de <citerefentry><refentrytitle>sss_useradd</refentrytitle> " -"<manvolnum>8</manvolnum></citerefentry>" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-files.5.xml:67 @@ -17736,21 +18619,13 @@ msgstr "" #. type: Content of: <refsect1><refsect2><title> #: include/ad_modified_defaults.xml:80 -#, fuzzy -#| msgid "NSS configuration options" msgid "NSS configuration" -msgstr "Opciones de configuración de NSS" +msgstr "" #. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> #: include/ad_modified_defaults.xml:84 -#, fuzzy -#| msgid "" -#| "fallback_homedir = /home/%u\n" -#| " " msgid "fallback_homedir = /home/%d/%u" msgstr "" -"fallback_homedir = /home/%u\n" -" " #. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> #: include/ad_modified_defaults.xml:87 @@ -17866,87 +18741,23 @@ msgid "ldap_group_external_member = ipaExternalMember" msgstr "" #~ msgid "" -#~ "PLEASE NOTE: the support for non-unique named subpatterns is not " -#~ "available on all platforms (e.g. RHEL5 and SLES10). Only platforms with " -#~ "libpcre version 7 or higher can support non-unique named subpatterns." -#~ msgstr "" -#~ "POR FAVOR ADVIERTA: el soporte para subplantillas sin nombre único no " -#~ "está disponible en todas las plataformas (por ejemplo, RHEL5 y SLES10). " -#~ "Sólo las plataformas con la versión de libpcre 7 o superior pueden " -#~ "soportar las subplantillas sin nombre único." - -#~ msgid "" -#~ "PLEASE NOTE ALSO: older version of libpcre only support the Python syntax " -#~ "(?P<name>) to label subpatterns." -#~ msgstr "" -#~ "POR FAVOR TENGA EN CUENTA ADEMAS: Versiones anteriores de libpcre sólo " -#~ "soportan la sintaxis Python (?P<name>) para identificar " -#~ "subpatrones." - -#~ msgid "ldap_groups_use_matching_rule_in_chain" -#~ msgstr "ldap_groups_use_matching_rule_in_chain" - -#~ msgid "" -#~ "This option tells SSSD to take advantage of an Active Directory-specific " -#~ "feature which may speed up group lookup operations on deployments with " -#~ "complex or deep nested groups." -#~ msgstr "" -#~ "Esta opción le dice a SSSD como tomar ventajar de una función específica " -#~ "de Active Directory que puede acelerar las operaciones de búsqueda de " -#~ "grupo son despliegues con grupos complejos o profundamente anidados." - -#~ msgid "" -#~ "In most common cases, it is best to leave this option disabled. It " -#~ "generally only provides a performance increase on very complex nestings." -#~ msgstr "" -#~ "En los casos más comunes, es mejor dejar esta opción deshabilitada. " -#~ "Generalmente sólo suministra un incremento de rendimiento en anidamientos " -#~ "muy complejos." - -#~ msgid "" -#~ "If this option is enabled, SSSD will use it if it detects that the server " -#~ "supports it during initial connection. So \"True\" here essentially means " -#~ "\"auto-detect\"." +#~ "For POSIX subdomains, setting the option in the main domain is inherited " +#~ "in the subdomain." #~ msgstr "" -#~ "Si esta opción está habilitada, SSSD la usará si detecta que el servidor " -#~ "la soporta durante la conexión inicial. De modo que “True” aquí significa " -#~ "esencialmente “auto-detect”." - -#~ msgid "" -#~ "Note: This feature is currently known to work only with Active Directory " -#~ "2008 R1 and later. See <ulink url=\"http://msdn.microsoft.com/en-us/" -#~ "library/windows/desktop/aa746475%28v=vs.85%29.aspx\"> MSDN(TM) " -#~ "documentation</ulink> for more details." -#~ msgstr "" -#~ "Nota: Esta función se sabe que actualmente trabajo sólo con Active " -#~ "Directory 2008 R1 y posteriores. Vea <ulink url=\"http://msdn.microsoft." -#~ "com/en-us/library/windows/desktop/aa746475%28v=vs.85%29.aspx\"> MSDN(TM) " -#~ "documentation</ulink> para más detalles." - -#~ msgid "ldap_initgroups_use_matching_rule_in_chain" -#~ msgstr "ldap_initgroups_use_matching_rule_in_chain" +#~ "Para subdominios POSIX, ajustando la opción en el dominio principal se " +#~ "hereda en todos los subdominios." #~ msgid "" -#~ "This option tells SSSD to take advantage of an Active Directory-specific " -#~ "feature which might speed up initgroups operations (most notably when " -#~ "dealing with complex or deep nested groups)." +#~ "For ID-mapping subdomains, auto_private_groups is already enabled for the " +#~ "subdomains and setting it to false will not have any effect for the " +#~ "subdomain." #~ msgstr "" -#~ "Esta opción le dice a SSSD que tome ventaja de una función específica de " -#~ "Active Directory que puede acelerar las operaciones de inicio de grupo " -#~ "(más notable cuando se trata con grupos complejos o profundamente " -#~ "anidados)." +#~ "Para subdominios de mapeo ID, auto_private_groups ya está habilitado para " +#~ "los subdominios y ajustando a false no tendrá ningún efecto sobre el " +#~ "subdominio." #~ msgid "" -#~ "<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</" -#~ "manvolnum> </citerefentry> puts the Realm and the name or IP address of " -#~ "the KDC into the environment variables SSSD_KRB5_REALM and SSSD_KRB5_KDC " -#~ "respectively. When <command>sssd_krb5_locator_plugin</command> is called " -#~ "by the kerberos libraries it reads and evaluates these variables and " -#~ "returns them to the libraries." +#~ "You can turn off dereference lookups completely by setting the value to 0." #~ msgstr "" -#~ "<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</" -#~ "manvolnum> </citerefentry> pone el Reino y el nombre o dirección IP del " -#~ "KDC en las variables de entorno SSSD_KRB5_REALM y SSSD_KRB5_KDC " -#~ "respectivamente. Cuando <command>sssd_krb5_locator_plugin</command> es " -#~ "llamado por las librerías kerberos lee y evalúa estas variables y se las " -#~ "devuelve a las librerías." +#~ "Usted puede quitar las búsquedas dereference completamente fijando el " +#~ "valor a 0." diff --git a/src/man/po/eu.po b/src/man/po/eu.po index b146016e41c..d648ac91c86 100644 --- a/src/man/po/eu.po +++ b/src/man/po/eu.po @@ -5,9 +5,9 @@ # Translators: msgid "" msgstr "" -"Project-Id-Version: sssd-docs 1.16.2\n" +"Project-Id-Version: sssd-docs 2.0.99\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2019-02-27 19:54+0100\n" +"POT-Creation-Date: 2019-06-13 20:34+0200\n" "PO-Revision-Date: 2014-12-14 11:55+0000\n" "Last-Translator: Copied by Zanata <copied-by-zanata@zanata.org>\n" "Language-Team: Basque (http://www.transifex.com/projects/p/sssd/language/" @@ -292,11 +292,11 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:133 sssd.conf.5.xml:579 sssd.conf.5.xml:875 -#: sssd.conf.5.xml:1648 sssd.conf.5.xml:1678 sssd-ldap.5.xml:1792 -#: sssd-ldap.5.xml:1889 sssd-ldap.5.xml:1951 sssd-ldap.5.xml:2517 -#: sssd-ldap.5.xml:2582 sssd-ipa.5.xml:326 sssd-ad.5.xml:227 sssd-ad.5.xml:341 -#: sssd-ad.5.xml:907 sssd-ad.5.xml:1040 sssd-krb5.5.xml:499 +#: sssd.conf.5.xml:133 sssd.conf.5.xml:579 sssd.conf.5.xml:876 +#: sssd.conf.5.xml:1649 sssd.conf.5.xml:1679 sssd-ldap.5.xml:1849 +#: sssd-ldap.5.xml:1947 sssd-ldap.5.xml:2009 sssd-ldap.5.xml:2586 +#: sssd-ldap.5.xml:2651 sssd-ipa.5.xml:326 sssd-ad.5.xml:227 sssd-ad.5.xml:341 +#: sssd-ad.5.xml:926 sssd-ad.5.xml:1059 sssd-krb5.5.xml:499 #: sssd-secrets.5.xml:351 sssd-secrets.5.xml:364 msgid "Default: true" msgstr "" @@ -315,16 +315,16 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:146 sssd.conf.5.xml:576 sssd.conf.5.xml:758 -#: sssd.conf.5.xml:1581 sssd.conf.5.xml:3140 sssd-ldap.5.xml:708 -#: sssd-ldap.5.xml:1655 sssd-ldap.5.xml:1674 sssd-ldap.5.xml:1861 -#: sssd-ldap.5.xml:2287 sssd-ldap.5.xml:2606 sssd-ipa.5.xml:151 +#: sssd.conf.5.xml:1582 sssd.conf.5.xml:3207 sssd-ldap.5.xml:746 +#: sssd-ldap.5.xml:1700 sssd-ldap.5.xml:1719 sssd-ldap.5.xml:1919 +#: sssd-ldap.5.xml:2345 sssd-ldap.5.xml:2675 sssd-ipa.5.xml:151 #: sssd-ipa.5.xml:238 sssd-ipa.5.xml:574 sssd-krb5.5.xml:266 #: sssd-krb5.5.xml:300 sssd-krb5.5.xml:471 msgid "Default: false" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:2325 +#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:2383 #: sssd-systemtap.5.xml:82 sssd-systemtap.5.xml:143 sssd-systemtap.5.xml:210 #: sssd-systemtap.5.xml:248 sssd-systemtap.5.xml:304 msgid "<placeholder type=\"variablelist\" id=\"0\"/>" @@ -349,8 +349,8 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:169 sssd.conf.5.xml:1412 sssd.conf.5.xml:3156 -#: sssd-ldap.5.xml:1526 include/ldap_id_mapping.xml:264 +#: sssd.conf.5.xml:169 sssd.conf.5.xml:1413 sssd.conf.5.xml:3223 +#: sssd-ldap.5.xml:1571 include/ldap_id_mapping.xml:264 msgid "Default: 10" msgstr "" @@ -365,7 +365,7 @@ msgid "The [sssd] section" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:191 sssd.conf.5.xml:3245 +#: sssd.conf.5.xml:191 sssd.conf.5.xml:3312 msgid "Section parameters" msgstr "" @@ -445,7 +445,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:259 sssd.conf.5.xml:2754 +#: sssd.conf.5.xml:259 sssd.conf.5.xml:2755 msgid "re_expression (string)" msgstr "" @@ -465,12 +465,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:276 sssd.conf.5.xml:2802 +#: sssd.conf.5.xml:276 sssd.conf.5.xml:2803 msgid "full_name_format (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:279 sssd.conf.5.xml:2805 +#: sssd.conf.5.xml:279 sssd.conf.5.xml:2806 msgid "" "A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" "manvolnum> </citerefentry>-compatible format that describes how to compose a " @@ -478,39 +478,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:290 sssd.conf.5.xml:2816 +#: sssd.conf.5.xml:290 sssd.conf.5.xml:2817 msgid "%1$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:291 sssd.conf.5.xml:2817 +#: sssd.conf.5.xml:291 sssd.conf.5.xml:2818 msgid "user name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:294 sssd.conf.5.xml:2820 +#: sssd.conf.5.xml:294 sssd.conf.5.xml:2821 msgid "%2$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:297 sssd.conf.5.xml:2823 +#: sssd.conf.5.xml:297 sssd.conf.5.xml:2824 msgid "domain name as specified in the SSSD config file." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:303 sssd.conf.5.xml:2829 +#: sssd.conf.5.xml:303 sssd.conf.5.xml:2830 msgid "%3$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:306 sssd.conf.5.xml:2832 +#: sssd.conf.5.xml:306 sssd.conf.5.xml:2833 msgid "" "domain flat name. Mostly usable for Active Directory domains, both directly " "configured or discovered via IPA trusts." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:287 sssd.conf.5.xml:2813 +#: sssd.conf.5.xml:287 sssd.conf.5.xml:2814 msgid "" "The following expansions are supported: <placeholder type=\"variablelist\" " "id=\"0\"/>" @@ -634,10 +634,10 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:418 sssd.conf.5.xml:1201 sssd-ldap.5.xml:679 -#: sssd-ldap.5.xml:1260 sssd-ldap.5.xml:1614 sssd-ldap.5.xml:1626 -#: sssd-ldap.5.xml:1708 sssd-ad.5.xml:712 sssd-ad.5.xml:787 sssd.8.xml:126 -#: sssd-krb5.5.xml:410 sssd-krb5.5.xml:556 sssd-secrets.5.xml:339 +#: sssd.conf.5.xml:418 sssd.conf.5.xml:1202 sssd-ldap.5.xml:717 +#: sssd-ldap.5.xml:1298 sssd-ldap.5.xml:1659 sssd-ldap.5.xml:1671 +#: sssd-ldap.5.xml:1763 sssd-ad.5.xml:731 sssd-ad.5.xml:806 sssd.8.xml:126 +#: sssd-krb5.5.xml:410 sssd-krb5.5.xml:590 sssd-secrets.5.xml:339 #: sssd-secrets.5.xml:377 sssd-secrets.5.xml:390 sssd-secrets.5.xml:404 #: sssd-secrets.5.xml:415 include/ldap_id_mapping.xml:205 #: include/ldap_id_mapping.xml:216 @@ -780,12 +780,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:533 sssd.conf.5.xml:1397 sssd.conf.5.xml:1703 +#: sssd.conf.5.xml:533 sssd.conf.5.xml:1398 sssd.conf.5.xml:1704 msgid "This man page was generated for the NSS version." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:536 sssd.conf.5.xml:1400 sssd.conf.5.xml:1706 +#: sssd.conf.5.xml:536 sssd.conf.5.xml:1401 sssd.conf.5.xml:1707 msgid "This man page was generated for the OpenSSL version." msgstr "" @@ -869,7 +869,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:624 sssd.conf.5.xml:1424 sssd.conf.5.xml:3206 +#: sssd.conf.5.xml:624 sssd.conf.5.xml:1425 sssd.conf.5.xml:3273 #: sssd-ad.5.xml:164 sssd-ad.5.xml:302 sssd-ad.5.xml:316 msgid "Default: Not set" msgstr "" @@ -945,8 +945,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:692 sssd.conf.5.xml:724 sssd.conf.5.xml:1006 -#: sssd.conf.5.xml:1267 sssd.conf.5.xml:1513 sssd-ldap.5.xml:1353 +#: sssd.conf.5.xml:692 sssd.conf.5.xml:724 sssd.conf.5.xml:1007 +#: sssd.conf.5.xml:1268 sssd.conf.5.xml:1514 sssd-ldap.5.xml:1391 msgid "Default: 60" msgstr "" @@ -1006,8 +1006,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:746 sssd.conf.5.xml:1019 sssd.conf.5.xml:1773 -#: sssd-ldap.5.xml:722 +#: sssd.conf.5.xml:746 sssd.conf.5.xml:1020 sssd.conf.5.xml:1774 +#: sssd-ldap.5.xml:760 msgid "Default: 300" msgstr "" @@ -1084,7 +1084,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:812 sssd.conf.5.xml:1602 +#: sssd.conf.5.xml:812 sssd.conf.5.xml:1603 msgid "Default: 50" msgstr "" @@ -1102,7 +1102,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:826 sssd.conf.5.xml:1626 +#: sssd.conf.5.xml:826 sssd.conf.5.xml:1627 msgid "Default: 15" msgstr "" @@ -1135,11 +1135,11 @@ msgid "" "Exclude certain users or groups from being fetched from the sss NSS " "database. This is particularly useful for system accounts. This option can " "also be set per-domain or include fully-qualified names to filter only users " -"from the particular domain." +"from the particular domain or by a user principal name (UPN)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:855 +#: sssd.conf.5.xml:856 msgid "" "NOTE: The filter_groups option doesn't affect inheritance of nested group " "members, since filtering happens after they are propagated for returning via " @@ -1148,41 +1148,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:863 +#: sssd.conf.5.xml:864 msgid "Default: root" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:868 +#: sssd.conf.5.xml:869 msgid "filter_users_in_groups (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:871 +#: sssd.conf.5.xml:872 msgid "" "If you want filtered user still be group members set this option to false." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:882 +#: sssd.conf.5.xml:883 msgid "fallback_homedir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:885 +#: sssd.conf.5.xml:886 msgid "" "Set a default template for a user's home directory if one is not specified " "explicitly by the domain's data provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:890 +#: sssd.conf.5.xml:891 msgid "" "The available values for this option are the same as for override_homedir." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:896 +#: sssd.conf.5.xml:897 #, no-wrap msgid "" "fallback_homedir = /home/%u\n" @@ -1190,23 +1190,23 @@ msgid "" msgstr "" #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:894 sssd.conf.5.xml:1334 sssd.conf.5.xml:1353 -#: sssd-krb5.5.xml:539 include/override_homedir.xml:59 +#: sssd.conf.5.xml:895 sssd.conf.5.xml:1335 sssd.conf.5.xml:1354 +#: sssd-krb5.5.xml:573 include/override_homedir.xml:59 msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:900 +#: sssd.conf.5.xml:901 msgid "Default: not set (no substitution for unset home directories)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:906 +#: sssd.conf.5.xml:907 msgid "override_shell (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:909 +#: sssd.conf.5.xml:910 msgid "" "Override the login shell for all users. This option supersedes any other " "shell options if it takes effect and can be set either in the [nss] section " @@ -1214,47 +1214,47 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:915 +#: sssd.conf.5.xml:916 msgid "Default: not set (SSSD will use the value retrieved from LDAP)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:921 +#: sssd.conf.5.xml:922 msgid "allowed_shells (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:924 +#: sssd.conf.5.xml:925 msgid "" "Restrict user shell to one of the listed values. The order of evaluation is:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:927 +#: sssd.conf.5.xml:928 msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:931 +#: sssd.conf.5.xml:932 msgid "" "2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</" "quote>, use the value of the shell_fallback parameter." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:936 +#: sssd.conf.5.xml:937 msgid "" "3. If the shell is not in the allowed_shells list and not in <quote>/etc/" "shells</quote>, a nologin shell is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:941 +#: sssd.conf.5.xml:942 msgid "The wildcard (*) can be used to allow any shell." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:944 +#: sssd.conf.5.xml:945 msgid "" "The (*) is useful if you want to use shell_fallback in case that user's " "shell is not in <quote>/etc/shells</quote> and maintaining list of all " @@ -1262,112 +1262,112 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:951 +#: sssd.conf.5.xml:952 msgid "An empty string for shell is passed as-is to libc." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:954 +#: sssd.conf.5.xml:955 msgid "" "The <quote>/etc/shells</quote> is only read on SSSD start up, which means " "that a restart of the SSSD is required in case a new shell is installed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:958 +#: sssd.conf.5.xml:959 msgid "Default: Not set. The user shell is automatically used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:963 +#: sssd.conf.5.xml:964 msgid "vetoed_shells (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:966 +#: sssd.conf.5.xml:967 msgid "Replace any instance of these shells with the shell_fallback" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:971 +#: sssd.conf.5.xml:972 msgid "shell_fallback (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:974 +#: sssd.conf.5.xml:975 msgid "" "The default shell to use if an allowed shell is not installed on the machine." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:978 +#: sssd.conf.5.xml:979 msgid "Default: /bin/sh" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:983 +#: sssd.conf.5.xml:984 msgid "default_shell" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:986 +#: sssd.conf.5.xml:987 msgid "" "The default shell to use if the provider does not return one during lookup. " "This option can be specified globally in the [nss] section or per-domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:992 +#: sssd.conf.5.xml:993 msgid "" "Default: not set (Return NULL if no shell is specified and rely on libc to " "substitute something sensible when necessary, usually /bin/sh)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:999 sssd.conf.5.xml:1260 +#: sssd.conf.5.xml:1000 sssd.conf.5.xml:1261 msgid "get_domains_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1002 sssd.conf.5.xml:1263 +#: sssd.conf.5.xml:1003 sssd.conf.5.xml:1264 msgid "" "Specifies time in seconds for which the list of subdomains will be " "considered valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1011 +#: sssd.conf.5.xml:1012 msgid "memcache_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1014 +#: sssd.conf.5.xml:1015 msgid "" "Specifies time in seconds for which records in the in-memory cache will be " "valid. Setting this option to zero will disable the in-memory cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1022 +#: sssd.conf.5.xml:1023 msgid "" "WARNING: Disabling the in-memory cache will have significant negative impact " "on SSSD's performance and should only be used for testing." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1028 +#: sssd.conf.5.xml:1029 msgid "" "NOTE: If the environment variable SSS_NSS_USE_MEMCACHE is set to \"NO\", " "client applications will not use the fast in-memory cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1036 sssd-ifp.5.xml:74 +#: sssd.conf.5.xml:1037 sssd-ifp.5.xml:74 msgid "user_attributes (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1039 +#: sssd.conf.5.xml:1040 msgid "" "Some of the additional NSS responder requests can return more attributes " "than just the POSIX ones defined by the NSS interface. The list of " @@ -1378,96 +1378,96 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1052 +#: sssd.conf.5.xml:1053 msgid "" "To make configuration more easy the NSS responder will check the InfoPipe " "option if it is not set for the NSS responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1057 +#: sssd.conf.5.xml:1058 msgid "Default: not set, fallback to InfoPipe option" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1062 +#: sssd.conf.5.xml:1063 msgid "pwfield (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1065 +#: sssd.conf.5.xml:1066 msgid "" "The value that NSS operations that return users or groups will return for " "the <quote>password</quote> field." msgstr "" #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:1070 include/override_homedir.xml:56 +#: sssd.conf.5.xml:1071 include/override_homedir.xml:56 msgid "This option can also be set per-domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1073 +#: sssd.conf.5.xml:1074 msgid "" "Default: <quote>*</quote> (remote domains) or <quote>x</quote> (the files " "domain)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1081 +#: sssd.conf.5.xml:1082 msgid "PAM configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1083 +#: sssd.conf.5.xml:1084 msgid "" "These options can be used to configure the Pluggable Authentication Module " "(PAM) service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1088 +#: sssd.conf.5.xml:1089 msgid "offline_credentials_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1091 +#: sssd.conf.5.xml:1092 msgid "" "If the authentication provider is offline, how long should we allow cached " "logins (in days since the last successful online login)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1096 sssd.conf.5.xml:1109 +#: sssd.conf.5.xml:1097 sssd.conf.5.xml:1110 msgid "Default: 0 (No limit)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1102 +#: sssd.conf.5.xml:1103 msgid "offline_failed_login_attempts (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1105 +#: sssd.conf.5.xml:1106 msgid "" "If the authentication provider is offline, how many failed login attempts " "are allowed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1115 +#: sssd.conf.5.xml:1116 msgid "offline_failed_login_delay (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1118 +#: sssd.conf.5.xml:1119 msgid "" "The time in minutes which has to pass after offline_failed_login_attempts " "has been reached before a new login attempt is possible." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1123 +#: sssd.conf.5.xml:1124 msgid "" "If set to 0 the user cannot authenticate offline if " "offline_failed_login_attempts has been reached. Only a successful online " @@ -1475,59 +1475,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1129 sssd.conf.5.xml:1227 +#: sssd.conf.5.xml:1130 sssd.conf.5.xml:1228 msgid "Default: 5" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1135 +#: sssd.conf.5.xml:1136 msgid "pam_verbosity (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1138 +#: sssd.conf.5.xml:1139 msgid "" "Controls what kind of messages are shown to the user during authentication. " "The higher the number to more messages are displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1143 +#: sssd.conf.5.xml:1144 msgid "Currently sssd supports the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1146 +#: sssd.conf.5.xml:1147 msgid "<emphasis>0</emphasis>: do not show any message" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1149 +#: sssd.conf.5.xml:1150 msgid "<emphasis>1</emphasis>: show only important messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1153 +#: sssd.conf.5.xml:1154 msgid "<emphasis>2</emphasis>: show informational messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1156 +#: sssd.conf.5.xml:1157 msgid "<emphasis>3</emphasis>: show all messages and debug information" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1160 sssd.8.xml:63 +#: sssd.conf.5.xml:1161 sssd.8.xml:63 msgid "Default: 1" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1166 +#: sssd.conf.5.xml:1167 msgid "pam_response_filter (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1169 +#: sssd.conf.5.xml:1170 msgid "" "A comma separated list of strings which allows to remove (filter) data sent " "by the PAM responder to pam_sss PAM module. There are different kind of " @@ -1536,61 +1536,61 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1177 +#: sssd.conf.5.xml:1178 msgid "" "While messages already can be controlled with the help of the pam_verbosity " "option this option allows to filter out other kind of responses as well." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1184 +#: sssd.conf.5.xml:1185 msgid "ENV" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1185 +#: sssd.conf.5.xml:1186 msgid "Do not send any environment variables to any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1188 +#: sssd.conf.5.xml:1189 msgid "ENV:var_name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1189 +#: sssd.conf.5.xml:1190 msgid "Do not send environment variable var_name to any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1193 +#: sssd.conf.5.xml:1194 msgid "ENV:var_name:service" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1194 +#: sssd.conf.5.xml:1195 msgid "Do not send environment variable var_name to service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1182 +#: sssd.conf.5.xml:1183 msgid "" "Currently the following filters are supported: <placeholder type=" "\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1204 +#: sssd.conf.5.xml:1205 msgid "Example: ENV:KRB5CCNAME:sudo-i" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1210 +#: sssd.conf.5.xml:1211 msgid "pam_id_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1213 +#: sssd.conf.5.xml:1214 msgid "" "For any PAM request while SSSD is online, the SSSD will attempt to " "immediately update the cached identity information for the user in order to " @@ -1598,7 +1598,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1219 +#: sssd.conf.5.xml:1220 msgid "" "A complete PAM conversation may perform multiple PAM requests, such as " "account management and session opening. This option controls (on a per-" @@ -1607,17 +1607,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1233 +#: sssd.conf.5.xml:1234 msgid "pam_pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1236 sssd.conf.5.xml:2235 +#: sssd.conf.5.xml:1237 sssd.conf.5.xml:2236 msgid "Display a warning N days before the password expires." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1239 +#: sssd.conf.5.xml:1240 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -1625,31 +1625,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1245 sssd.conf.5.xml:2238 +#: sssd.conf.5.xml:1246 sssd.conf.5.xml:2239 msgid "" "If zero is set, then this filter is not applied, i.e. if the expiration " "warning was received from backend server, it will automatically be displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1250 +#: sssd.conf.5.xml:1251 msgid "" "This setting can be overridden by setting <emphasis>pwd_expiration_warning</" "emphasis> for a particular domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1255 sssd.conf.5.xml:3061 sssd.8.xml:79 +#: sssd.conf.5.xml:1256 sssd.conf.5.xml:3069 sssd.8.xml:79 msgid "Default: 0" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1272 +#: sssd.conf.5.xml:1273 msgid "pam_trusted_users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1275 +#: sssd.conf.5.xml:1276 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to run PAM conversations against trusted domains. Users not " @@ -1659,75 +1659,75 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1285 +#: sssd.conf.5.xml:1286 msgid "Default: All users are considered trusted by default" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1289 +#: sssd.conf.5.xml:1290 msgid "" "Please note that UID 0 is always allowed to access the PAM responder even in " "case it is not in the pam_trusted_users list." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1296 +#: sssd.conf.5.xml:1297 msgid "pam_public_domains (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1299 +#: sssd.conf.5.xml:1300 msgid "" "Specifies the comma-separated list of domain names that are accessible even " "to untrusted users." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1303 +#: sssd.conf.5.xml:1304 msgid "Two special values for pam_public_domains option are defined:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1307 +#: sssd.conf.5.xml:1308 msgid "" "all (Untrusted users are allowed to access all domains in PAM responder.)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1311 +#: sssd.conf.5.xml:1312 msgid "" "none (Untrusted users are not allowed to access any domains PAM in " "responder.)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1315 sssd.conf.5.xml:1340 sssd.conf.5.xml:1359 -#: sssd.conf.5.xml:1546 sssd.conf.5.xml:2032 sssd.conf.5.xml:2997 -#: sssd-ldap.5.xml:1920 +#: sssd.conf.5.xml:1316 sssd.conf.5.xml:1341 sssd.conf.5.xml:1360 +#: sssd.conf.5.xml:1547 sssd.conf.5.xml:2033 sssd.conf.5.xml:2998 +#: sssd-ldap.5.xml:1978 msgid "Default: none" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1320 +#: sssd.conf.5.xml:1321 msgid "pam_account_expired_message (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1323 +#: sssd.conf.5.xml:1324 msgid "" "Allows a custom expiration message to be set, replacing the default " "'Permission denied' message." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1328 +#: sssd.conf.5.xml:1329 msgid "" "Note: Please be aware that message is only printed for the SSH service " "unless pam_verbosity is set to 3 (show all messages and debug information)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1336 +#: sssd.conf.5.xml:1337 #, no-wrap msgid "" "pam_account_expired_message = Account expired, please contact help desk.\n" @@ -1735,19 +1735,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1345 +#: sssd.conf.5.xml:1346 msgid "pam_account_locked_message (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1348 +#: sssd.conf.5.xml:1349 msgid "" "Allows a custom lockout message to be set, replacing the default 'Permission " "denied' message." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1355 +#: sssd.conf.5.xml:1356 #, no-wrap msgid "" "pam_account_locked_message = Account locked, please contact help desk.\n" @@ -1755,12 +1755,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1364 +#: sssd.conf.5.xml:1365 msgid "pam_cert_auth (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1367 +#: sssd.conf.5.xml:1368 msgid "" "Enable certificate based Smartcard authentication. Since this requires " "additional communication with the Smartcard which will delay the " @@ -1768,77 +1768,77 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1373 sssd.conf.5.xml:3090 sssd-ldap.5.xml:1455 -#: sssd-ldap.5.xml:1476 sssd-ldap.5.xml:1993 sssd-ad.5.xml:435 +#: sssd.conf.5.xml:1374 sssd-ldap.5.xml:1493 sssd-ldap.5.xml:1514 +#: sssd-ldap.5.xml:2051 sssd-ad.5.xml:435 sssd-ad.5.xml:453 #: include/ldap_id_mapping.xml:244 msgid "Default: False" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1378 +#: sssd.conf.5.xml:1379 msgid "pam_cert_db_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1381 +#: sssd.conf.5.xml:1382 msgid "" "The path to the certificate database which contain the PKCS#11 modules to " "access the Smartcard." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1385 sssd.conf.5.xml:1691 sssd.conf.5.xml:3441 +#: sssd.conf.5.xml:1386 sssd.conf.5.xml:1692 sssd.conf.5.xml:3509 msgid "Default:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1387 sssd.conf.5.xml:1693 +#: sssd.conf.5.xml:1388 sssd.conf.5.xml:1694 msgid "/etc/pki/nssdb (NSS version, path to a NSS database)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1390 sssd.conf.5.xml:1696 +#: sssd.conf.5.xml:1391 sssd.conf.5.xml:1697 msgid "" "/etc/sssd/pki/sssd_auth_ca_db.pem (OpenSSL version, path to a file with " "trusted CA certificates in PEM format)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1405 +#: sssd.conf.5.xml:1406 msgid "p11_child_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1408 +#: sssd.conf.5.xml:1409 msgid "How many seconds will pam_sss wait for p11_child to finish." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1417 +#: sssd.conf.5.xml:1418 msgid "pam_app_services (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1420 +#: sssd.conf.5.xml:1421 msgid "" "Which PAM services are permitted to contact domains of type " "<quote>application</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1429 +#: sssd.conf.5.xml:1430 msgid "pam_p11_allowed_services (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1432 +#: sssd.conf.5.xml:1433 msgid "" "A comma-separated list of PAM service names for which it will be allowed to " "use Smartcards." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1447 +#: sssd.conf.5.xml:1448 #, no-wrap msgid "" "pam_p11_allowed_services = +my_pam_service, -login\n" @@ -1846,7 +1846,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1436 +#: sssd.conf.5.xml:1437 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -1858,63 +1858,63 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1451 sssd-ad.5.xml:485 sssd-ad.5.xml:581 sssd-ad.5.xml:627 -#: sssd-ad.5.xml:673 sssd-ad.5.xml:739 +#: sssd.conf.5.xml:1452 sssd-ad.5.xml:504 sssd-ad.5.xml:600 sssd-ad.5.xml:646 +#: sssd-ad.5.xml:692 sssd-ad.5.xml:758 msgid "Default: the default set of PAM service names includes:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1456 sssd-ad.5.xml:489 +#: sssd.conf.5.xml:1457 sssd-ad.5.xml:508 msgid "login" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1461 sssd-ad.5.xml:494 +#: sssd.conf.5.xml:1462 sssd-ad.5.xml:513 msgid "su" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1466 sssd-ad.5.xml:499 +#: sssd.conf.5.xml:1467 sssd-ad.5.xml:518 msgid "su-l" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1471 sssd-ad.5.xml:514 +#: sssd.conf.5.xml:1472 sssd-ad.5.xml:533 msgid "gdm-smartcard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1476 sssd-ad.5.xml:509 +#: sssd.conf.5.xml:1477 sssd-ad.5.xml:528 msgid "gdm-password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1481 sssd-ad.5.xml:519 +#: sssd.conf.5.xml:1482 sssd-ad.5.xml:538 msgid "kdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1486 sssd-ad.5.xml:748 +#: sssd.conf.5.xml:1487 sssd-ad.5.xml:767 msgid "sudo" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1491 sssd-ad.5.xml:753 +#: sssd.conf.5.xml:1492 sssd-ad.5.xml:772 msgid "sudo-i" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1496 +#: sssd.conf.5.xml:1497 msgid "gnome-screensaver" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1504 +#: sssd.conf.5.xml:1505 msgid "p11_wait_for_card_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1507 +#: sssd.conf.5.xml:1508 msgid "" "If Smartcard authentication is required how many extra seconds in addition " "to p11_child_timeout should the PAM responder wait until a Smartcard is " @@ -1922,23 +1922,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1518 +#: sssd.conf.5.xml:1519 msgid "p11_uri (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1521 +#: sssd.conf.5.xml:1522 msgid "" "PKCS#11 URI (see RFC-7512 for details) which can be used to restrict the " "selection of devices used for Smartcard authentication. By default SSSD's " "p11_child will search for a PKCS#11 slot (reader) where the 'removable' " "flags is set and read the certificates from the inserted token from the " -"first slot found. If multiple readers are connected p11_uri can be use to " +"first slot found. If multiple readers are connected p11_uri can be used to " "tell p11_child to use a specific reader." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1534 +#: sssd.conf.5.xml:1535 #, no-wrap msgid "" "p11_uri = slot-description=My%20Smartcar%20Reader\n" @@ -1946,7 +1946,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1538 +#: sssd.conf.5.xml:1539 #, no-wrap msgid "" "p11_uri = library-description=OpenSC%20smartcard%20framework;slot-id=2\n" @@ -1954,7 +1954,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1532 +#: sssd.conf.5.xml:1533 msgid "" "Example: <placeholder type=\"programlisting\" id=\"0\"/> or <placeholder " "type=\"programlisting\" id=\"1\"/> To find suitable URI please check the " @@ -1963,12 +1963,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1554 +#: sssd.conf.5.xml:1555 msgid "SUDO configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1556 +#: sssd.conf.5.xml:1557 msgid "" "These options can be used to configure the sudo service. The detailed " "instructions for configuration of <citerefentry> <refentrytitle>sudo</" @@ -1979,24 +1979,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1573 +#: sssd.conf.5.xml:1574 msgid "sudo_timed (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1576 +#: sssd.conf.5.xml:1577 msgid "" "Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " "that implement time-dependent sudoers entries." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1588 +#: sssd.conf.5.xml:1589 msgid "sudo_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1591 +#: sssd.conf.5.xml:1592 msgid "" "Maximum number of expired rules that can be refreshed at once. If number of " "expired rules is below threshold, those rules are refreshed with " @@ -2006,22 +2006,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1610 +#: sssd.conf.5.xml:1611 msgid "AUTOFS configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1612 +#: sssd.conf.5.xml:1613 msgid "These options can be used to configure the autofs service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1616 +#: sssd.conf.5.xml:1617 msgid "autofs_negative_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1619 +#: sssd.conf.5.xml:1620 msgid "" "Specifies for how many seconds should the autofs responder negative cache " "hits (that is, queries for invalid map entries, like nonexistent ones) " @@ -2029,51 +2029,51 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1635 +#: sssd.conf.5.xml:1636 msgid "SSH configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1637 +#: sssd.conf.5.xml:1638 msgid "These options can be used to configure the SSH service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1641 +#: sssd.conf.5.xml:1642 msgid "ssh_hash_known_hosts (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1644 +#: sssd.conf.5.xml:1645 msgid "" "Whether or not to hash host names and addresses in the managed known_hosts " "file." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1653 +#: sssd.conf.5.xml:1654 msgid "ssh_known_hosts_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1656 +#: sssd.conf.5.xml:1657 msgid "" "How many seconds to keep a host in the managed known_hosts file after its " "host keys were requested." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1660 +#: sssd.conf.5.xml:1661 msgid "Default: 180" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1665 +#: sssd.conf.5.xml:1666 msgid "ssh_use_certificate_keys (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1668 +#: sssd.conf.5.xml:1669 msgid "" "If set to true the <command>sss_ssh_authorizedkeys</command> will return ssh " "keys derived from the public key of X.509 certificates stored in the user " @@ -2082,24 +2082,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1683 +#: sssd.conf.5.xml:1684 msgid "ca_db (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1686 +#: sssd.conf.5.xml:1687 msgid "" "Path to a storage of trusted CA certificates. The option is used to validate " "user certificates before deriving public ssh keys from them." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1714 +#: sssd.conf.5.xml:1715 msgid "PAC responder configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1716 +#: sssd.conf.5.xml:1717 msgid "" "The PAC responder works together with the authorization data plugin for MIT " "Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the " @@ -2110,7 +2110,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1725 +#: sssd.conf.5.xml:1726 msgid "" "If the remote user does not exist in the cache, it is created. The UID is " "determined with the help of the SID, trusted domains will have UPGs and the " @@ -2121,24 +2121,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1733 +#: sssd.conf.5.xml:1734 msgid "" "If there are SIDs of groups from domains sssd knows about, the user will be " "added to those groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1739 +#: sssd.conf.5.xml:1740 msgid "These options can be used to configure the PAC responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1743 sssd-ifp.5.xml:50 +#: sssd.conf.5.xml:1744 sssd-ifp.5.xml:50 msgid "allowed_uids (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1746 +#: sssd.conf.5.xml:1747 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to access the PAC responder. User names are resolved to UIDs at " @@ -2146,12 +2146,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1752 +#: sssd.conf.5.xml:1753 msgid "Default: 0 (only the root user is allowed to access the PAC responder)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1756 +#: sssd.conf.5.xml:1757 msgid "" "Please note that although the UID 0 is used as the default it will be " "overwritten with this option. If you still want to allow the root user to " @@ -2160,24 +2160,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1765 +#: sssd.conf.5.xml:1766 msgid "pac_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1768 +#: sssd.conf.5.xml:1769 msgid "" "Lifetime of the PAC entry in seconds. As long as the PAC is valid the PAC " "data can be used to determine the group memberships of a user." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1781 +#: sssd.conf.5.xml:1782 msgid "Session recording configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1783 +#: sssd.conf.5.xml:1784 msgid "" "Session recording works in conjunction with <citerefentry> " "<refentrytitle>tlog-rec-session</refentrytitle> <manvolnum>8</manvolnum> </" @@ -2187,66 +2187,66 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1796 +#: sssd.conf.5.xml:1797 msgid "These options can be used to configure session recording." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1800 sssd-session-recording.5.xml:64 +#: sssd.conf.5.xml:1801 sssd-session-recording.5.xml:64 msgid "scope (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1807 sssd-session-recording.5.xml:71 +#: sssd.conf.5.xml:1808 sssd-session-recording.5.xml:71 msgid "\"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1810 sssd-session-recording.5.xml:74 +#: sssd.conf.5.xml:1811 sssd-session-recording.5.xml:74 msgid "No users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1815 sssd-session-recording.5.xml:79 +#: sssd.conf.5.xml:1816 sssd-session-recording.5.xml:79 msgid "\"some\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1818 sssd-session-recording.5.xml:82 +#: sssd.conf.5.xml:1819 sssd-session-recording.5.xml:82 msgid "" "Users/groups specified by <replaceable>users</replaceable> and " "<replaceable>groups</replaceable> options are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1827 sssd-session-recording.5.xml:91 +#: sssd.conf.5.xml:1828 sssd-session-recording.5.xml:91 msgid "\"all\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1830 sssd-session-recording.5.xml:94 +#: sssd.conf.5.xml:1831 sssd-session-recording.5.xml:94 msgid "All users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1803 sssd-session-recording.5.xml:67 +#: sssd.conf.5.xml:1804 sssd-session-recording.5.xml:67 msgid "" "One of the following strings specifying the scope of session recording: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1837 sssd-session-recording.5.xml:101 +#: sssd.conf.5.xml:1838 sssd-session-recording.5.xml:101 msgid "Default: \"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1842 sssd-session-recording.5.xml:106 +#: sssd.conf.5.xml:1843 sssd-session-recording.5.xml:106 msgid "users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1845 sssd-session-recording.5.xml:109 +#: sssd.conf.5.xml:1846 sssd-session-recording.5.xml:109 msgid "" "A comma-separated list of users which should have session recording enabled. " "Matches user names as returned by NSS. I.e. after the possible space " @@ -2254,17 +2254,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1851 sssd-session-recording.5.xml:115 +#: sssd.conf.5.xml:1852 sssd-session-recording.5.xml:115 msgid "Default: Empty. Matches no users." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1856 sssd-session-recording.5.xml:120 +#: sssd.conf.5.xml:1857 sssd-session-recording.5.xml:120 msgid "groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1859 sssd-session-recording.5.xml:123 +#: sssd.conf.5.xml:1860 sssd-session-recording.5.xml:123 msgid "" "A comma-separated list of groups, members of which should have session " "recording enabled. Matches group names as returned by NSS. I.e. after the " @@ -2272,7 +2272,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1865 sssd-session-recording.5.xml:129 +#: sssd.conf.5.xml:1866 sssd-session-recording.5.xml:129 msgid "" "NOTE: using this option (having it set to anything) has a considerable " "performance cost, because each uncached request for a user requires " @@ -2280,22 +2280,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1872 sssd-session-recording.5.xml:136 +#: sssd.conf.5.xml:1873 sssd-session-recording.5.xml:136 msgid "Default: Empty. Matches no groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1882 +#: sssd.conf.5.xml:1883 msgid "DOMAIN SECTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1889 +#: sssd.conf.5.xml:1890 msgid "domain_type (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1892 +#: sssd.conf.5.xml:1893 msgid "" "Specifies whether the domain is meant to be used by POSIX-aware clients such " "as the Name Service Switch or by applications that do not need POSIX data to " @@ -2304,14 +2304,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1900 +#: sssd.conf.5.xml:1901 msgid "" "Allowed values for this option are <quote>posix</quote> and " "<quote>application</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1904 +#: sssd.conf.5.xml:1905 msgid "" "POSIX domains are reachable by all services. Application domains are only " "reachable from the InfoPipe responder (see <citerefentry> " @@ -2320,38 +2320,38 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1912 +#: sssd.conf.5.xml:1913 msgid "" "NOTE: The application domains are currently well tested with " "<quote>id_provider=ldap</quote> only." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1916 +#: sssd.conf.5.xml:1917 msgid "" "For an easy way to configure a non-POSIX domains, please see the " "<quote>Application domains</quote> section." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1920 +#: sssd.conf.5.xml:1921 msgid "Default: posix" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1926 +#: sssd.conf.5.xml:1927 msgid "min_id,max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1929 +#: sssd.conf.5.xml:1930 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1934 +#: sssd.conf.5.xml:1935 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For non-" @@ -2360,24 +2360,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1941 +#: sssd.conf.5.xml:1942 msgid "" "These ID limits affect even saving entries to cache, not only returning them " "by name or ID." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1945 +#: sssd.conf.5.xml:1946 msgid "Default: 1 for min_id, 0 (no limit) for max_id" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1951 +#: sssd.conf.5.xml:1952 msgid "enumerate (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1954 +#: sssd.conf.5.xml:1955 msgid "" "Determines if a domain can be enumerated, that is, whether the domain can " "list all the users and group it contains. Note that it is not required to " @@ -2386,29 +2386,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1962 +#: sssd.conf.5.xml:1963 msgid "TRUE = Users and groups are enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1965 +#: sssd.conf.5.xml:1966 msgid "FALSE = No enumerations for this domain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1968 sssd.conf.5.xml:2190 sssd.conf.5.xml:2365 +#: sssd.conf.5.xml:1969 sssd.conf.5.xml:2191 sssd.conf.5.xml:2366 msgid "Default: FALSE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1971 +#: sssd.conf.5.xml:1972 msgid "" "Enumerating a domain requires SSSD to download and store ALL user and group " "entries from the remote server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1976 +#: sssd.conf.5.xml:1977 msgid "" "Note: Enabling enumeration has a moderate performance impact on SSSD while " "enumeration is running. It may take up to several minutes after SSSD startup " @@ -2422,14 +2422,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1991 +#: sssd.conf.5.xml:1992 msgid "" "While the first enumeration is running, requests for the complete user or " "group lists may return no results until it completes." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1996 +#: sssd.conf.5.xml:1997 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " @@ -2438,39 +2438,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2004 +#: sssd.conf.5.xml:2005 msgid "" "For the reasons cited above, enabling enumeration is not recommended, " "especially in large environments." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2012 +#: sssd.conf.5.xml:2013 msgid "subdomain_enumerate (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2019 +#: sssd.conf.5.xml:2020 msgid "all" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2020 +#: sssd.conf.5.xml:2021 msgid "All discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2023 +#: sssd.conf.5.xml:2024 msgid "none" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2024 +#: sssd.conf.5.xml:2025 msgid "No discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2015 +#: sssd.conf.5.xml:2016 msgid "" "Whether any of autodetected trusted domains should be enumerated. The " "supported values are: <placeholder type=\"variablelist\" id=\"0\"/> " @@ -2479,19 +2479,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2038 +#: sssd.conf.5.xml:2039 msgid "entry_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2041 +#: sssd.conf.5.xml:2042 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2045 +#: sssd.conf.5.xml:2046 msgid "" "The cache expiration timestamps are stored as attributes of individual " "objects in the cache. Therefore, changing the cache timeout only has effect " @@ -2502,151 +2502,151 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2058 +#: sssd.conf.5.xml:2059 msgid "Default: 5400" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2064 +#: sssd.conf.5.xml:2065 msgid "entry_cache_user_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2067 +#: sssd.conf.5.xml:2068 msgid "" "How many seconds should nss_sss consider user entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2071 sssd.conf.5.xml:2084 sssd.conf.5.xml:2097 -#: sssd.conf.5.xml:2110 sssd.conf.5.xml:2123 sssd.conf.5.xml:2137 -#: sssd.conf.5.xml:2151 +#: sssd.conf.5.xml:2072 sssd.conf.5.xml:2085 sssd.conf.5.xml:2098 +#: sssd.conf.5.xml:2111 sssd.conf.5.xml:2124 sssd.conf.5.xml:2138 +#: sssd.conf.5.xml:2152 msgid "Default: entry_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2077 +#: sssd.conf.5.xml:2078 msgid "entry_cache_group_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2080 +#: sssd.conf.5.xml:2081 msgid "" "How many seconds should nss_sss consider group entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2090 +#: sssd.conf.5.xml:2091 msgid "entry_cache_netgroup_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2093 +#: sssd.conf.5.xml:2094 msgid "" "How many seconds should nss_sss consider netgroup entries valid before " "asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2103 +#: sssd.conf.5.xml:2104 msgid "entry_cache_service_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2106 +#: sssd.conf.5.xml:2107 msgid "" "How many seconds should nss_sss consider service entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2116 +#: sssd.conf.5.xml:2117 msgid "entry_cache_sudo_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2119 +#: sssd.conf.5.xml:2120 msgid "" "How many seconds should sudo consider rules valid before asking the backend " "again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2129 +#: sssd.conf.5.xml:2130 msgid "entry_cache_autofs_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2132 +#: sssd.conf.5.xml:2133 msgid "" "How many seconds should the autofs service consider automounter maps valid " "before asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2143 +#: sssd.conf.5.xml:2144 msgid "entry_cache_ssh_host_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2146 +#: sssd.conf.5.xml:2147 msgid "" "How many seconds to keep a host ssh key after refresh. IE how long to cache " "the host key for." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2157 +#: sssd.conf.5.xml:2158 msgid "refresh_expired_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2160 +#: sssd.conf.5.xml:2161 msgid "" "Specifies how many seconds SSSD has to wait before triggering a background " "refresh task which will refresh all expired or nearly expired records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2165 +#: sssd.conf.5.xml:2166 msgid "" "The background refresh will process users, groups and netgroups in the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2169 +#: sssd.conf.5.xml:2170 msgid "You can consider setting this value to 3/4 * entry_cache_timeout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2173 sssd-ldap.5.xml:746 sssd-ipa.5.xml:254 +#: sssd.conf.5.xml:2174 sssd-ldap.5.xml:784 sssd-ipa.5.xml:254 msgid "Default: 0 (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2179 +#: sssd.conf.5.xml:2180 msgid "cache_credentials (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2182 +#: sssd.conf.5.xml:2183 msgid "Determines if user credentials are also cached in the local LDB cache" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2186 +#: sssd.conf.5.xml:2187 msgid "User credentials are stored in a SHA512 hash, not in plaintext" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2196 +#: sssd.conf.5.xml:2197 msgid "cache_credentials_minimal_first_factor_length (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2199 +#: sssd.conf.5.xml:2200 msgid "" "If 2-Factor-Authentication (2FA) is used and credentials should be saved " "this value determines the minimal length the first authentication factor " @@ -2654,24 +2654,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2206 +#: sssd.conf.5.xml:2207 msgid "" "This should avoid that the short PINs of a PIN based 2FA scheme are saved in " "the cache which would make them easy targets for brute-force attacks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2211 +#: sssd.conf.5.xml:2212 msgid "Default: 8" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2217 +#: sssd.conf.5.xml:2218 msgid "account_cache_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2220 +#: sssd.conf.5.xml:2221 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " @@ -2680,17 +2680,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2227 +#: sssd.conf.5.xml:2228 msgid "Default: 0 (unlimited)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2232 +#: sssd.conf.5.xml:2233 msgid "pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2243 +#: sssd.conf.5.xml:2244 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -2699,34 +2699,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2250 +#: sssd.conf.5.xml:2251 msgid "Default: 7 (Kerberos), 0 (LDAP)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2256 +#: sssd.conf.5.xml:2257 msgid "id_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2259 +#: sssd.conf.5.xml:2260 msgid "" "The identification provider used for the domain. Supported ID providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2263 +#: sssd.conf.5.xml:2264 msgid "<quote>proxy</quote>: Support a legacy NSS provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2266 +#: sssd.conf.5.xml:2267 msgid "" "<quote>local</quote>: SSSD internal provider for local users (DEPRECATED)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2270 +#: sssd.conf.5.xml:2271 msgid "" "<quote>files</quote>: FILES provider. See <citerefentry> <refentrytitle>sssd-" "files</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -2734,7 +2734,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2278 +#: sssd.conf.5.xml:2279 msgid "" "<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -2742,8 +2742,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2286 sssd.conf.5.xml:2391 sssd.conf.5.xml:2446 -#: sssd.conf.5.xml:2509 +#: sssd.conf.5.xml:2287 sssd.conf.5.xml:2392 sssd.conf.5.xml:2447 +#: sssd.conf.5.xml:2510 msgid "" "<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management " "provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " @@ -2752,8 +2752,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2295 sssd.conf.5.xml:2400 sssd.conf.5.xml:2455 -#: sssd.conf.5.xml:2518 +#: sssd.conf.5.xml:2296 sssd.conf.5.xml:2401 sssd.conf.5.xml:2456 +#: sssd.conf.5.xml:2519 msgid "" "<quote>ad</quote>: Active Directory provider. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2761,19 +2761,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2306 +#: sssd.conf.5.xml:2307 msgid "use_fully_qualified_names (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2309 +#: sssd.conf.5.xml:2310 msgid "" "Use the full name and domain (as formatted by the domain's full_name_format) " "as the user's login name reported to NSS." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2314 +#: sssd.conf.5.xml:2315 msgid "" "If set to TRUE, all requests to this domain must use fully qualified names. " "For example, if used in LOCAL domain that contains a \"test\" user, " @@ -2782,7 +2782,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2322 +#: sssd.conf.5.xml:2323 msgid "" "NOTE: This option has no effect on netgroup lookups due to their tendency to " "include nested netgroups without qualified names. For netgroups, all domains " @@ -2790,22 +2790,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2329 +#: sssd.conf.5.xml:2330 msgid "Default: FALSE (TRUE if default_domain_suffix is used)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2335 +#: sssd.conf.5.xml:2336 msgid "ignore_group_members (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2338 +#: sssd.conf.5.xml:2339 msgid "Do not return group members for group lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2341 +#: sssd.conf.5.xml:2342 msgid "" "If set to TRUE, the group membership attribute is not requested from the " "ldap server, and group members are not returned when processing group lookup " @@ -2817,7 +2817,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2359 +#: sssd.conf.5.xml:2360 msgid "" "Enabling this option can also make access provider checks for group " "membership significantly faster, especially for groups containing many " @@ -2825,19 +2825,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2370 +#: sssd.conf.5.xml:2371 msgid "auth_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2373 +#: sssd.conf.5.xml:2374 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2377 sssd.conf.5.xml:2439 +#: sssd.conf.5.xml:2378 sssd.conf.5.xml:2440 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2845,7 +2845,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2384 +#: sssd.conf.5.xml:2385 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2853,35 +2853,35 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2408 +#: sssd.conf.5.xml:2409 msgid "" "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2411 +#: sssd.conf.5.xml:2412 msgid "<quote>local</quote>: SSSD internal provider for local users" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2415 +#: sssd.conf.5.xml:2416 msgid "<quote>none</quote> disables authentication explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2418 +#: sssd.conf.5.xml:2419 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2424 +#: sssd.conf.5.xml:2425 msgid "access_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2427 +#: sssd.conf.5.xml:2428 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " @@ -2889,19 +2889,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2433 +#: sssd.conf.5.xml:2434 msgid "" "<quote>permit</quote> always allow access. It's the only permitted access " "provider for a local domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2436 +#: sssd.conf.5.xml:2437 msgid "<quote>deny</quote> always deny access." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2463 +#: sssd.conf.5.xml:2464 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" @@ -2910,7 +2910,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2470 +#: sssd.conf.5.xml:2471 msgid "" "<quote>krb5</quote>: .k5login based access control. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum></" @@ -2918,29 +2918,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2477 +#: sssd.conf.5.xml:2478 msgid "<quote>proxy</quote> for relaying access control to another PAM module." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2480 +#: sssd.conf.5.xml:2481 msgid "Default: <quote>permit</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2485 +#: sssd.conf.5.xml:2486 msgid "chpass_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2488 +#: sssd.conf.5.xml:2489 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2493 +#: sssd.conf.5.xml:2494 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -2948,7 +2948,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2501 +#: sssd.conf.5.xml:2502 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2956,35 +2956,35 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2526 +#: sssd.conf.5.xml:2527 msgid "" "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2530 +#: sssd.conf.5.xml:2531 msgid "<quote>none</quote> disallows password changes explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2533 +#: sssd.conf.5.xml:2534 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2540 +#: sssd.conf.5.xml:2541 msgid "sudo_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2543 +#: sssd.conf.5.xml:2544 msgid "The SUDO provider used for the domain. Supported SUDO providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2547 +#: sssd.conf.5.xml:2548 msgid "" "<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2992,32 +2992,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2555 +#: sssd.conf.5.xml:2556 msgid "" "<quote>ipa</quote> the same as <quote>ldap</quote> but with IPA default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2559 +#: sssd.conf.5.xml:2560 msgid "" "<quote>ad</quote> the same as <quote>ldap</quote> but with AD default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2563 +#: sssd.conf.5.xml:2564 msgid "<quote>none</quote> disables SUDO explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2566 sssd.conf.5.xml:2652 sssd.conf.5.xml:2722 -#: sssd.conf.5.xml:2747 +#: sssd.conf.5.xml:2567 sssd.conf.5.xml:2653 sssd.conf.5.xml:2723 +#: sssd.conf.5.xml:2748 msgid "Default: The value of <quote>id_provider</quote> is used if it is set." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2570 +#: sssd.conf.5.xml:2571 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -3028,7 +3028,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2585 +#: sssd.conf.5.xml:2586 msgid "" "<emphasis>NOTE:</emphasis> Sudo rules are periodically downloaded in the " "background unless the sudo provider is explicitly disabled. Set " @@ -3037,12 +3037,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2595 +#: sssd.conf.5.xml:2596 msgid "selinux_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2598 +#: sssd.conf.5.xml:2599 msgid "" "The provider which should handle loading of selinux settings. Note that this " "provider will be called right after access provider ends. Supported selinux " @@ -3050,7 +3050,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2604 +#: sssd.conf.5.xml:2605 msgid "" "<quote>ipa</quote> to load selinux settings from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3058,31 +3058,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2612 +#: sssd.conf.5.xml:2613 msgid "<quote>none</quote> disallows fetching selinux settings explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2615 +#: sssd.conf.5.xml:2616 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "selinux loading requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2621 +#: sssd.conf.5.xml:2622 msgid "subdomains_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2624 +#: sssd.conf.5.xml:2625 msgid "" "The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider. Supported subdomain providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2630 +#: sssd.conf.5.xml:2631 msgid "" "<quote>ipa</quote> to load a list of subdomains from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3090,7 +3090,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2639 +#: sssd.conf.5.xml:2640 msgid "" "<quote>ad</quote> to load a list of subdomains from an Active Directory " "server. See <citerefentry> <refentrytitle>sssd-ad</refentrytitle> " @@ -3099,17 +3099,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2648 +#: sssd.conf.5.xml:2649 msgid "<quote>none</quote> disallows fetching subdomains explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2658 +#: sssd.conf.5.xml:2659 msgid "session_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2661 +#: sssd.conf.5.xml:2662 msgid "" "The provider which configures and manages user session related tasks. The " "only user session task currently provided is the integration with Fleet " @@ -3117,43 +3117,43 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2668 +#: sssd.conf.5.xml:2669 msgid "<quote>ipa</quote> to allow performing user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2672 +#: sssd.conf.5.xml:2673 msgid "" "<quote>none</quote> does not perform any kind of user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2676 +#: sssd.conf.5.xml:2677 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can perform " "session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2680 +#: sssd.conf.5.xml:2681 msgid "" "<emphasis>NOTE:</emphasis> In order to have this feature working as expected " "SSSD must be running as \"root\" and not as the unprivileged user." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2688 +#: sssd.conf.5.xml:2689 msgid "autofs_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2691 +#: sssd.conf.5.xml:2692 msgid "" "The autofs provider used for the domain. Supported autofs providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2695 +#: sssd.conf.5.xml:2696 msgid "" "<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3161,7 +3161,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2702 +#: sssd.conf.5.xml:2703 msgid "" "<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> " "<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3169,7 +3169,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2710 +#: sssd.conf.5.xml:2711 msgid "" "<quote>ad</quote> to load maps stored in an AD server. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3177,24 +3177,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2719 +#: sssd.conf.5.xml:2720 msgid "<quote>none</quote> disables autofs explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2729 +#: sssd.conf.5.xml:2730 msgid "hostid_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2732 +#: sssd.conf.5.xml:2733 msgid "" "The provider used for retrieving host identity information. Supported " "hostid providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2736 +#: sssd.conf.5.xml:2737 msgid "" "<quote>ipa</quote> to load host identity stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3202,12 +3202,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2744 +#: sssd.conf.5.xml:2745 msgid "<quote>none</quote> disables hostid explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2757 +#: sssd.conf.5.xml:2758 msgid "" "Regular expression for this domain that describes how to parse the string " "containing user name and domain into these components. The \"domain\" can " @@ -3217,7 +3217,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2766 +#: sssd.conf.5.xml:2767 msgid "" "Default for the AD and IPA provider: <quote>(((?P<domain>[^\\\\]+)\\" "\\(?P<name>.+$))|((?P<name>[^@]+)@(?P<domain>.+$))|(^(?" @@ -3226,29 +3226,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2771 +#: sssd.conf.5.xml:2772 msgid "username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2774 +#: sssd.conf.5.xml:2775 msgid "username@domain.name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2777 +#: sssd.conf.5.xml:2778 msgid "domain\\username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2780 +#: sssd.conf.5.xml:2781 msgid "" "While the first two correspond to the general default the third one is " "introduced to allow easy integration of users from Windows domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2785 +#: sssd.conf.5.xml:2786 msgid "" "Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " "which translates to \"the name is everything up to the <quote>@</quote> " @@ -3256,7 +3256,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2791 +#: sssd.conf.5.xml:2792 msgid "" "NOTE: Some Active Directory groups, typically those used for MS Exchange " "contain an <quote>@</quote> sign in the name, which clashes with the default " @@ -3266,59 +3266,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2842 +#: sssd.conf.5.xml:2843 msgid "Default: <quote>%1$s@%2$s</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2848 +#: sssd.conf.5.xml:2849 msgid "lookup_family_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2851 +#: sssd.conf.5.xml:2852 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2855 +#: sssd.conf.5.xml:2856 msgid "Supported values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2858 +#: sssd.conf.5.xml:2859 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2861 +#: sssd.conf.5.xml:2862 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2864 +#: sssd.conf.5.xml:2865 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2867 +#: sssd.conf.5.xml:2868 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2870 +#: sssd.conf.5.xml:2871 msgid "Default: ipv4_first" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2876 +#: sssd.conf.5.xml:2877 msgid "dns_resolver_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2879 +#: sssd.conf.5.xml:2880 msgid "" "Defines the amount of time (in seconds) to wait for a reply from the " "internal fail over service before assuming that the service is unreachable. " @@ -3327,77 +3327,77 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2886 +#: sssd.conf.5.xml:2887 msgid "" "Please see the section <quote>FAILOVER</quote> for more information about " "the service resolution." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2891 sssd-ldap.5.xml:1337 sssd-ldap.5.xml:1379 -#: sssd-ldap.5.xml:1397 sssd-krb5.5.xml:248 +#: sssd.conf.5.xml:2892 sssd-ldap.5.xml:1375 sssd-ldap.5.xml:1417 +#: sssd-ldap.5.xml:1435 sssd-krb5.5.xml:248 msgid "Default: 6" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2897 +#: sssd.conf.5.xml:2898 msgid "dns_discovery_domain (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2900 +#: sssd.conf.5.xml:2901 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2904 +#: sssd.conf.5.xml:2905 msgid "Default: Use the domain part of machine's hostname" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2910 +#: sssd.conf.5.xml:2911 msgid "override_gid (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2913 +#: sssd.conf.5.xml:2914 msgid "Override the primary GID value with the one specified." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2919 +#: sssd.conf.5.xml:2920 msgid "case_sensitive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2930 +#: sssd.conf.5.xml:2931 msgid "True" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2933 +#: sssd.conf.5.xml:2934 msgid "Case sensitive. This value is invalid for AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2939 +#: sssd.conf.5.xml:2940 msgid "False" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2941 +#: sssd.conf.5.xml:2942 msgid "Case insensitive." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2945 +#: sssd.conf.5.xml:2946 msgid "Preserving" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2948 +#: sssd.conf.5.xml:2949 msgid "" "Same as False (case insensitive), but does not lowercase names in the result " "of NSS operations. Note that name aliases (and in case of services also " @@ -3405,7 +3405,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2922 +#: sssd.conf.5.xml:2923 msgid "" "Treat user and group names as case sensitive. <phrase condition=" "\"enable_local_provider\"> At the moment, this option is not supported in " @@ -3414,17 +3414,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2960 +#: sssd.conf.5.xml:2961 msgid "Default: True (False for AD provider)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2966 +#: sssd.conf.5.xml:2967 msgid "subdomain_inherit (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2969 +#: sssd.conf.5.xml:2970 msgid "" "Specifies a list of configuration parameters that should be inherited by a " "subdomain. Please note that only selected parameters can be inherited. " @@ -3432,34 +3432,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2975 +#: sssd.conf.5.xml:2976 msgid "ignore_group_members" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2978 +#: sssd.conf.5.xml:2979 msgid "ldap_purge_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2981 sssd-ldap.5.xml:1061 +#: sssd.conf.5.xml:2982 sssd-ldap.5.xml:1099 msgid "ldap_use_tokengroups" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2984 +#: sssd.conf.5.xml:2985 msgid "ldap_user_principal" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2987 +#: sssd.conf.5.xml:2988 msgid "" "ldap_krb5_keytab (the value of krb5_keytab will be used if ldap_krb5_keytab " "is not set explicitly)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:2993 +#: sssd.conf.5.xml:2994 #, no-wrap msgid "" "subdomain_inherit = ldap_purge_cache_timeout\n" @@ -3467,32 +3467,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2991 sssd-secrets.5.xml:448 +#: sssd.conf.5.xml:2992 sssd-secrets.5.xml:448 msgid "Example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3000 +#: sssd.conf.5.xml:3001 msgid "Note: This option only works with the IPA and AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3007 +#: sssd.conf.5.xml:3008 msgid "subdomain_homedir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3018 +#: sssd.conf.5.xml:3019 msgid "%F" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3019 +#: sssd.conf.5.xml:3020 msgid "flat (NetBIOS) name of a subdomain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3010 +#: sssd.conf.5.xml:3011 msgid "" "Use this homedir as default value for all subdomains within this domain in " "IPA AD trust. See <emphasis>override_homedir</emphasis> for info about " @@ -3502,47 +3502,55 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3024 +#: sssd.conf.5.xml:3025 msgid "" "The value can be overridden by <emphasis>override_homedir</emphasis> option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3028 +#: sssd.conf.5.xml:3029 msgid "Default: <filename>/home/%d/%u</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3033 +#: sssd.conf.5.xml:3034 msgid "realmd_tags (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3036 +#: sssd.conf.5.xml:3037 msgid "" "Various tags stored by the realmd configuration service for this domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3042 +#: sssd.conf.5.xml:3043 msgid "cached_auth_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3045 +#: sssd.conf.5.xml:3046 msgid "" "Specifies time in seconds since last successful online authentication for " "which user will be authenticated using cached credentials while SSSD is in " -"the online mode." +"the online mode. If the credentials are incorrect, SSSD falls back to online " +"authentication." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3051 +#: sssd.conf.5.xml:3054 +msgid "" +"This option's value is inherited by all trusted domains. At the moment it is " +"not possible to set a different value per trusted domain." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3059 msgid "Special value 0 implies that this feature is disabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3055 +#: sssd.conf.5.xml:3063 msgid "" "Please note that if <quote>cached_auth_timeout</quote> is longer than " "<quote>pam_id_timeout</quote> then the back end could be called to handle " @@ -3550,43 +3558,115 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3066 +#: sssd.conf.5.xml:3074 msgid "auto_private_groups (string)" msgstr "" -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3069 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3080 +msgid "true" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3083 +msgid "" +"Create user's private group unconditionally from user's UID number. The GID " +"number is ignored in this case." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3087 +msgid "" +"NOTE: Because the GID number and the user private group are inferred from " +"the UID number, it is not supported to have multiple entries with the same " +"UID or GID number with this option. In other words, enabling this option " +"enforces uniqueness across the ID space." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3096 +msgid "false" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3099 +msgid "" +"Always use the user's primary GID number. The GID number must refer to a " +"group object in the LDAP database." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3105 +msgid "hybrid" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3108 +msgid "" +"A primary group is autogenerated for user entries whose UID and GID numbers " +"have the same value and at the same time the GID number does not correspond " +"to a real group object in LDAP If the values are the same, but the primary " +"GID in the user entry is also used by a group object, the primary GID of the " +"user resolves to that group object." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3121 msgid "" -"If this option is enabled, SSSD will automatically create user private " -"groups based on user's UID number. The GID number is ignored in this case." +"If the UID and GID of a user are different, then the GID must correspond to " +"a group entry, otherwise the GID is simply not resolvable." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3128 +msgid "" +"This feature is useful for environments that wish to stop maintaining a " +"separate group objects for the user private groups, but also wish to retain " +"the existing user private groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3074 +#: sssd.conf.5.xml:3077 msgid "" -"For POSIX subdomains, setting the option in the main domain is inherited in " -"the subdomain." +"This option takes any of three available values: <placeholder type=" +"\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3078 +#: sssd.conf.5.xml:3140 +msgid "" +"For subdomains, the default value is False for subdomains that use assigned " +"POSIX IDs and True for subdomains that use automatic ID-mapping." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd.conf.5.xml:3148 +#, no-wrap msgid "" -"For ID-mapping subdomains, auto_private_groups is already enabled for the " -"subdomains and setting it to false will not have any effect for the " -"subdomain." +"[domain/forest.domain/sub.domain]\n" +"auto_private_groups = false\n" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd.conf.5.xml:3154 +#, no-wrap +msgid "" +"[domain/forest.domain]\n" +"subdomain_inherit = auto_private_groups\n" +"auto_private_groups = false\n" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3083 +#: sssd.conf.5.xml:3145 msgid "" -"NOTE: Because the GID number and the user private group are inferred from " -"the UID number, it is not supported to have multiple entries with the same " -"UID or GID number with this option. In other words, enabling this option " -"enforces uniqueness across the ID space." +"The value of auto_private_groups can either be set per subdomains in a " +"subsection, for example: <placeholder type=\"programlisting\" id=\"0\"/> or " +"globally for all subdomains in the main domain section using the " +"subdomain_inherit option: <placeholder type=\"programlisting\" id=\"1\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1884 +#: sssd.conf.5.xml:1885 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called <quote>[domain/<replaceable>NAME</" @@ -3594,29 +3674,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3102 +#: sssd.conf.5.xml:3169 msgid "proxy_pam_target (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3105 +#: sssd.conf.5.xml:3172 msgid "The proxy target PAM proxies to." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3108 +#: sssd.conf.5.xml:3175 msgid "" "Default: not set by default, you have to take an existing pam configuration " "or create a new one and add the service name here." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3116 +#: sssd.conf.5.xml:3183 msgid "proxy_lib_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3119 +#: sssd.conf.5.xml:3186 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " @@ -3624,12 +3704,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3129 +#: sssd.conf.5.xml:3196 msgid "proxy_fast_alias (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3132 +#: sssd.conf.5.xml:3199 msgid "" "When a user or group is looked up by name in the proxy provider, a second " "lookup by ID is performed to \"canonicalize\" the name in case the requested " @@ -3638,12 +3718,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3146 +#: sssd.conf.5.xml:3213 msgid "proxy_max_children (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3149 +#: sssd.conf.5.xml:3216 msgid "" "This option specifies the number of pre-forked proxy children. It is useful " "for high-load SSSD environments where sssd may run out of available child " @@ -3651,19 +3731,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3098 +#: sssd.conf.5.xml:3165 msgid "" "Options valid for proxy domains. <placeholder type=\"variablelist\" id=" "\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:3165 +#: sssd.conf.5.xml:3232 msgid "Application domains" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3167 +#: sssd.conf.5.xml:3234 msgid "" "SSSD, with its D-Bus interface (see <citerefentry> <refentrytitle>sssd-ifp</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry>) is appealing to " @@ -3680,7 +3760,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3187 +#: sssd.conf.5.xml:3254 msgid "" "Please note that the application domain must still be explicitly enabled in " "the <quote>domains</quote> parameter so that the lookup order between the " @@ -3688,17 +3768,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:3193 +#: sssd.conf.5.xml:3260 msgid "Application domain parameters" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3195 +#: sssd.conf.5.xml:3262 msgid "inherit_from (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3198 +#: sssd.conf.5.xml:3265 msgid "" "The SSSD POSIX-type domain the application domain inherits all settings " "from. The application domain can moreover add its own settings to the " @@ -3707,7 +3787,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3212 +#: sssd.conf.5.xml:3279 msgid "" "The following example illustrates the use of an application domain. In this " "setup, the POSIX domain is connected to an LDAP server and is used by the OS " @@ -3717,7 +3797,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><programlisting> -#: sssd.conf.5.xml:3220 +#: sssd.conf.5.xml:3287 #, no-wrap msgid "" "[sssd]\n" @@ -3737,12 +3817,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:3238 +#: sssd.conf.5.xml:3305 msgid "The local domain section" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3240 +#: sssd.conf.5.xml:3307 msgid "" "This section contains settings for domain that stores users and groups in " "SSSD native database, that is, a domain that uses " @@ -3750,73 +3830,73 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3247 +#: sssd.conf.5.xml:3314 msgid "default_shell (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3250 +#: sssd.conf.5.xml:3317 msgid "The default shell for users created with SSSD userspace tools." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3254 +#: sssd.conf.5.xml:3321 msgid "Default: <filename>/bin/bash</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3259 +#: sssd.conf.5.xml:3326 msgid "base_directory (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3262 +#: sssd.conf.5.xml:3329 msgid "" "The tools append the login name to <replaceable>base_directory</replaceable> " "and use that as the home directory." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3267 +#: sssd.conf.5.xml:3334 msgid "Default: <filename>/home</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3272 +#: sssd.conf.5.xml:3339 msgid "create_homedir (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3275 +#: sssd.conf.5.xml:3342 msgid "" "Indicate if a home directory should be created by default for new users. " "Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3279 sssd.conf.5.xml:3291 +#: sssd.conf.5.xml:3346 sssd.conf.5.xml:3358 msgid "Default: TRUE" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3284 +#: sssd.conf.5.xml:3351 msgid "remove_homedir (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3287 +#: sssd.conf.5.xml:3354 msgid "" "Indicate if a home directory should be removed by default for deleted " "users. Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3296 +#: sssd.conf.5.xml:3363 msgid "homedir_umask (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3299 +#: sssd.conf.5.xml:3366 msgid "" "Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " @@ -3824,17 +3904,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3307 +#: sssd.conf.5.xml:3374 msgid "Default: 077" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3312 +#: sssd.conf.5.xml:3379 msgid "skel_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3315 +#: sssd.conf.5.xml:3382 msgid "" "The skeleton directory, which contains files and directories to be copied in " "the user's home directory, when the home directory is created by " @@ -3843,17 +3923,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3325 +#: sssd.conf.5.xml:3392 msgid "Default: <filename>/etc/skel</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3330 +#: sssd.conf.5.xml:3397 msgid "mail_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3333 +#: sssd.conf.5.xml:3400 msgid "" "The mail spool directory. This is needed to manipulate the mailbox when its " "corresponding user account is modified or deleted. If not specified, a " @@ -3861,17 +3941,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3340 +#: sssd.conf.5.xml:3407 msgid "Default: <filename>/var/mail</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3345 +#: sssd.conf.5.xml:3412 msgid "userdel_cmd (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3348 +#: sssd.conf.5.xml:3415 msgid "" "The command that is run after a user is removed. The command us passed the " "username of the user being removed as the first and only parameter. The " @@ -3879,17 +3959,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3354 +#: sssd.conf.5.xml:3421 msgid "Default: None, no command is run" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3364 +#: sssd.conf.5.xml:3431 msgid "TRUSTED DOMAIN SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3366 +#: sssd.conf.5.xml:3433 msgid "" "Some options used in the domain section can also be used in the trusted " "domain section, that is, in a section called <quote>[domain/" @@ -3900,64 +3980,69 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3373 +#: sssd.conf.5.xml:3440 msgid "ldap_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3374 +#: sssd.conf.5.xml:3441 msgid "ldap_user_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3375 +#: sssd.conf.5.xml:3442 msgid "ldap_group_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3376 +#: sssd.conf.5.xml:3443 msgid "ldap_netgroup_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3377 +#: sssd.conf.5.xml:3444 msgid "ldap_service_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3378 +#: sssd.conf.5.xml:3445 +msgid "ldap_sasl_mech," +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:3446 msgid "ad_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3379 +#: sssd.conf.5.xml:3447 msgid "ad_backup_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3380 +#: sssd.conf.5.xml:3448 msgid "ad_site," msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3381 sssd-ipa.5.xml:797 +#: sssd.conf.5.xml:3449 sssd-ipa.5.xml:797 msgid "use_fully_qualified_names" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3383 +#: sssd.conf.5.xml:3451 msgid "" "For more details about these options see their individual description in the " "manual page." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3389 +#: sssd.conf.5.xml:3457 msgid "CERTIFICATE MAPPING SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3391 +#: sssd.conf.5.xml:3459 msgid "" "To allow authentication with Smartcards and certificates SSSD must be able " "to map certificates to users. This can be done by adding the full " @@ -3970,7 +4055,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3405 +#: sssd.conf.5.xml:3473 msgid "" "To make the mapping more flexible mapping and matching rules were added to " "SSSD (see <citerefentry> <refentrytitle>sss-certmap</refentrytitle> " @@ -3978,7 +4063,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3414 +#: sssd.conf.5.xml:3482 msgid "" "A mapping and matching rule can be added to the SSSD configuration in a " "section on its own with a name like <quote>[certmap/" @@ -3987,55 +4072,55 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3421 +#: sssd.conf.5.xml:3489 msgid "matchrule (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3424 +#: sssd.conf.5.xml:3492 msgid "" "Only certificates from the Smartcard which matches this rule will be " "processed, all others are ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3428 +#: sssd.conf.5.xml:3496 msgid "" "Default: KRB5:<EKU>clientAuth, i.e. only certificates which have the " "Extended Key Usage <quote>clientAuth</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3435 +#: sssd.conf.5.xml:3503 msgid "maprule (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3438 +#: sssd.conf.5.xml:3506 msgid "Defines how the user is found for a given certificate." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3444 +#: sssd.conf.5.xml:3512 msgid "" "LDAP:(userCertificate;binary={cert!bin}) for LDAP based providers like " "<quote>ldap</quote>, <quote>AD</quote> or <quote>ipa</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3450 +#: sssd.conf.5.xml:3518 msgid "" "The RULE_NAME for the <quote>files</quote> provider which tries to find a " "user with the same name." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3459 +#: sssd.conf.5.xml:3527 msgid "domains (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3462 +#: sssd.conf.5.xml:3530 msgid "" "Comma separated list of domain names the rule should be applied. By default " "a rule is only valid in the domain configured in sssd.conf. If the provider " @@ -4044,17 +4129,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3469 +#: sssd.conf.5.xml:3537 msgid "Default: the configured domain in sssd.conf" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3474 +#: sssd.conf.5.xml:3542 msgid "priority (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3477 +#: sssd.conf.5.xml:3545 msgid "" "Unsigned integer value defining the priority of the rule. The higher the " "number the lower the priority. <quote>0</quote> stands for the highest " @@ -4062,26 +4147,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3483 +#: sssd.conf.5.xml:3551 msgid "Default: the lowest priority" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3489 +#: sssd.conf.5.xml:3557 msgid "" "To make the configuration simple and reduce the amount of configuration " "options the <quote>files</quote> provider has some special properties:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3495 +#: sssd.conf.5.xml:3563 msgid "" "if maprule is not set the RULE_NAME name is assumed to be the name of the " "matching user" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3501 +#: sssd.conf.5.xml:3569 msgid "" "if a maprule is used both a single user name or a template like " "<quote>{subject_rfc822_name.short_name}</quote> must be in braces like e.g. " @@ -4090,17 +4175,124 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3510 +#: sssd.conf.5.xml:3578 msgid "the <quote>domains</quote> option is ignored" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3518 idmap_sss.8.xml:43 +#: sssd.conf.5.xml:3586 +msgid "PROMPTING CONFIGURATION SECTION" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:3588 +msgid "" +"If a special file (<filename>/var/lib/sss/pubconf/pam_preauth_available</" +"filename>) exists SSSD's PAM module pam_sss will ask SSSD to figure out " +"which authentication methods are available for the user trying to log in. " +"Based on the results pam_sss will prompt the user for appropriate " +"credentials." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:3596 +msgid "" +"With the growing number of authentication methods and the possibility that " +"there are multiple ones for a single user the heuristic used by pam_sss to " +"select the prompting might not be suitable for all use cases. To following " +"options should provide a better flexibility here." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3608 +msgid "[prompting/password]" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3611 +msgid "password_prompt" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3612 +msgid "to change the string of the password prompt" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3610 +msgid "" +"to configure password prompting, allowed options are: <placeholder type=" +"\"variablelist\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3620 +msgid "[prompting/2fa]" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3624 +msgid "first_prompt" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3625 +msgid "to change the string of the prompt for the first factor" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3628 +msgid "second_prompt" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3629 +msgid "to change the string of the prompt for the second factor" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3632 +msgid "single_prompt" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3633 +msgid "" +"boolean value, if True there will be only a single prompt using the value of " +"first_prompt where it is expected that both factor are entered as a single " +"string" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3622 +msgid "" +"to configure two-factor authentication prompting, allowed options are: " +"<placeholder type=\"variablelist\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:3603 +msgid "" +"Each supported authentication method has it's own configuration sub-section " +"under <quote>[prompting/...]</quote>. Currently there are: <placeholder type=" +"\"variablelist\" id=\"0\"/> <placeholder type=\"variablelist\" id=\"1\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:3645 +msgid "" +"It is possible to add a sub-section for specific PAM services like e.g. " +"<quote>[prompting/password/sshd]</quote> to individual change the prompting " +"for this service." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sssd.conf.5.xml:3652 idmap_sss.8.xml:43 msgid "EXAMPLES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3524 +#: sssd.conf.5.xml:3658 #, no-wrap msgid "" "[sssd]\n" @@ -4130,7 +4322,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3520 +#: sssd.conf.5.xml:3654 msgid "" "1. The following example shows a typical SSSD config. It does not describe " "configuration of the domains themselves - refer to documentation on " @@ -4139,7 +4331,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3557 +#: sssd.conf.5.xml:3691 #, no-wrap msgid "" "[domain/ipa.com/child.ad.com]\n" @@ -4147,7 +4339,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3551 +#: sssd.conf.5.xml:3685 msgid "" "2. The following example shows configuration of IPA AD trust where the AD " "forest consists of two domains in a parent-child structure. Suppose IPA " @@ -4158,7 +4350,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3571 +#: sssd.conf.5.xml:3705 #, no-wrap msgid "" "[certmap/my.domain/rule_name]\n" @@ -4172,7 +4364,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3562 +#: sssd.conf.5.xml:3696 msgid "" "3. The following example shows the configuration for two certificate mapping " "rules. The first is valid for the configured domain <quote>my.domain</quote> " @@ -4322,7 +4514,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:662 sssd-ad.5.xml:286 +#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:700 sssd-ad.5.xml:286 #: sss_override.8.xml:137 sss_override.8.xml:234 msgid "Examples:" msgstr "" @@ -4417,123 +4609,162 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:209 -msgid "ldap_default_bind_dn (string)" +msgid "ldap_pwmodify_mode (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:212 +msgid "Specify the operation that is used to modify user password." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:216 +msgid "Two modes are currently supported:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ldap.5.xml:220 +msgid "exop - Password Modify Extended Operation (RFC 3062)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ldap.5.xml:226 +msgid "ldap_modify - Direct modification of userPassword (not recommended)." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:233 +msgid "" +"Note: First, a new connection is established to verify current password by " +"binding as the user that requested password change. If successful, this " +"connection is used to change the password therefore the user must have write " +"access to userPassword attribute." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:241 +msgid "Default: exop" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:247 +msgid "ldap_default_bind_dn (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:250 msgid "The default bind DN to use for performing LDAP operations." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:219 +#: sssd-ldap.5.xml:257 msgid "ldap_default_authtok_type (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:222 +#: sssd-ldap.5.xml:260 msgid "The type of the authentication token of the default bind DN." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:226 +#: sssd-ldap.5.xml:264 msgid "The two mechanisms currently supported are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:229 +#: sssd-ldap.5.xml:267 msgid "password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:232 +#: sssd-ldap.5.xml:270 msgid "obfuscated_password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:235 +#: sssd-ldap.5.xml:273 msgid "Default: password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:241 +#: sssd-ldap.5.xml:279 msgid "ldap_default_authtok (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:244 +#: sssd-ldap.5.xml:282 msgid "" "The authentication token of the default bind DN. Only clear text passwords " "are currently supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:251 +#: sssd-ldap.5.xml:289 msgid "ldap_user_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:254 +#: sssd-ldap.5.xml:292 msgid "The object class of a user entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:257 +#: sssd-ldap.5.xml:295 msgid "Default: posixAccount" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:263 +#: sssd-ldap.5.xml:301 msgid "ldap_user_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:266 +#: sssd-ldap.5.xml:304 msgid "The LDAP attribute that corresponds to the user's login name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:270 +#: sssd-ldap.5.xml:308 msgid "Default: uid (rfc2307, rfc2307bis and IPA), sAMAccountName (AD)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:277 +#: sssd-ldap.5.xml:315 msgid "ldap_user_uid_number (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:280 +#: sssd-ldap.5.xml:318 msgid "The LDAP attribute that corresponds to the user's id." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:284 +#: sssd-ldap.5.xml:322 msgid "Default: uidNumber" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:290 +#: sssd-ldap.5.xml:328 msgid "ldap_user_gid_number (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:293 +#: sssd-ldap.5.xml:331 msgid "The LDAP attribute that corresponds to the user's primary group id." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:297 sssd-ldap.5.xml:929 +#: sssd-ldap.5.xml:335 sssd-ldap.5.xml:967 msgid "Default: gidNumber" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:303 +#: sssd-ldap.5.xml:341 msgid "ldap_user_primary_group (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:306 +#: sssd-ldap.5.xml:344 msgid "" "Active Directory primary group attribute for ID-mapping. Note that this " "attribute should only be set manually if you are running the <quote>ldap</" @@ -4541,113 +4772,113 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:312 +#: sssd-ldap.5.xml:350 msgid "Default: unset (LDAP), primaryGroupID (AD)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:318 +#: sssd-ldap.5.xml:356 msgid "ldap_user_gecos (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:321 +#: sssd-ldap.5.xml:359 msgid "The LDAP attribute that corresponds to the user's gecos field." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:325 +#: sssd-ldap.5.xml:363 msgid "Default: gecos" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:331 +#: sssd-ldap.5.xml:369 msgid "ldap_user_home_directory (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:334 +#: sssd-ldap.5.xml:372 msgid "The LDAP attribute that contains the name of the user's home directory." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:338 +#: sssd-ldap.5.xml:376 msgid "Default: homeDirectory" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:344 +#: sssd-ldap.5.xml:382 msgid "ldap_user_shell (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:347 +#: sssd-ldap.5.xml:385 msgid "The LDAP attribute that contains the path to the user's default shell." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:351 +#: sssd-ldap.5.xml:389 msgid "Default: loginShell" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:357 +#: sssd-ldap.5.xml:395 msgid "ldap_user_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:360 +#: sssd-ldap.5.xml:398 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:364 sssd-ldap.5.xml:955 +#: sssd-ldap.5.xml:402 sssd-ldap.5.xml:993 msgid "" "Default: not set in the general case, objectGUID for AD and ipaUniqueID for " "IPA" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:371 +#: sssd-ldap.5.xml:409 msgid "ldap_user_objectsid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:374 +#: sssd-ldap.5.xml:412 msgid "" "The LDAP attribute that contains the objectSID of an LDAP user object. This " "is usually only necessary for ActiveDirectory servers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:379 sssd-ldap.5.xml:970 +#: sssd-ldap.5.xml:417 sssd-ldap.5.xml:1008 msgid "Default: objectSid for ActiveDirectory, not set for other servers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:386 +#: sssd-ldap.5.xml:424 msgid "ldap_user_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:389 sssd-ldap.5.xml:980 sssd-ldap.5.xml:1144 +#: sssd-ldap.5.xml:427 sssd-ldap.5.xml:1018 sssd-ldap.5.xml:1182 msgid "" "The LDAP attribute that contains timestamp of the last modification of the " "parent object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:393 sssd-ldap.5.xml:984 sssd-ldap.5.xml:1151 +#: sssd-ldap.5.xml:431 sssd-ldap.5.xml:1022 sssd-ldap.5.xml:1189 msgid "Default: modifyTimestamp" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:399 +#: sssd-ldap.5.xml:437 msgid "ldap_user_shadow_last_change (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:402 +#: sssd-ldap.5.xml:440 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -4656,17 +4887,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:412 +#: sssd-ldap.5.xml:450 msgid "Default: shadowLastChange" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:418 +#: sssd-ldap.5.xml:456 msgid "ldap_user_shadow_min (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:421 +#: sssd-ldap.5.xml:459 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -4675,17 +4906,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:430 +#: sssd-ldap.5.xml:468 msgid "Default: shadowMin" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:436 +#: sssd-ldap.5.xml:474 msgid "ldap_user_shadow_max (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:439 +#: sssd-ldap.5.xml:477 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -4694,17 +4925,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:448 +#: sssd-ldap.5.xml:486 msgid "Default: shadowMax" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:454 +#: sssd-ldap.5.xml:492 msgid "ldap_user_shadow_warning (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:457 +#: sssd-ldap.5.xml:495 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -4713,17 +4944,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:467 +#: sssd-ldap.5.xml:505 msgid "Default: shadowWarning" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:473 +#: sssd-ldap.5.xml:511 msgid "ldap_user_shadow_inactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:476 +#: sssd-ldap.5.xml:514 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -4732,17 +4963,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:486 +#: sssd-ldap.5.xml:524 msgid "Default: shadowInactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:492 +#: sssd-ldap.5.xml:530 msgid "ldap_user_shadow_expire (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:495 +#: sssd-ldap.5.xml:533 msgid "" "When using ldap_pwd_policy=shadow or ldap_account_expire_policy=shadow, this " "parameter contains the name of an LDAP attribute corresponding to its " @@ -4751,17 +4982,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:505 +#: sssd-ldap.5.xml:543 msgid "Default: shadowExpire" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:511 +#: sssd-ldap.5.xml:549 msgid "ldap_user_krb_last_pwd_change (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:514 +#: sssd-ldap.5.xml:552 msgid "" "When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " "an LDAP attribute storing the date and time of last password change in " @@ -4769,155 +5000,155 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:520 +#: sssd-ldap.5.xml:558 msgid "Default: krbLastPwdChange" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:526 +#: sssd-ldap.5.xml:564 msgid "ldap_user_krb_password_expiration (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:529 +#: sssd-ldap.5.xml:567 msgid "" "When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " "an LDAP attribute storing the date and time when current password expires." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:535 +#: sssd-ldap.5.xml:573 msgid "Default: krbPasswordExpiration" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:541 +#: sssd-ldap.5.xml:579 msgid "ldap_user_ad_account_expires (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:544 +#: sssd-ldap.5.xml:582 msgid "" "When using ldap_account_expire_policy=ad, this parameter contains the name " "of an LDAP attribute storing the expiration time of the account." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:549 +#: sssd-ldap.5.xml:587 msgid "Default: accountExpires" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:555 +#: sssd-ldap.5.xml:593 msgid "ldap_user_ad_user_account_control (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:558 +#: sssd-ldap.5.xml:596 msgid "" "When using ldap_account_expire_policy=ad, this parameter contains the name " "of an LDAP attribute storing the user account control bit field." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:563 +#: sssd-ldap.5.xml:601 msgid "Default: userAccountControl" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:569 +#: sssd-ldap.5.xml:607 msgid "ldap_ns_account_lock (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:572 +#: sssd-ldap.5.xml:610 msgid "" "When using ldap_account_expire_policy=rhds or equivalent, this parameter " "determines if access is allowed or not." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:577 +#: sssd-ldap.5.xml:615 msgid "Default: nsAccountLock" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:583 +#: sssd-ldap.5.xml:621 msgid "ldap_user_nds_login_disabled (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:586 +#: sssd-ldap.5.xml:624 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines if " "access is allowed or not." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:590 sssd-ldap.5.xml:604 +#: sssd-ldap.5.xml:628 sssd-ldap.5.xml:642 msgid "Default: loginDisabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:596 +#: sssd-ldap.5.xml:634 msgid "ldap_user_nds_login_expiration_time (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:599 +#: sssd-ldap.5.xml:637 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines until " "which date access is granted." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:610 +#: sssd-ldap.5.xml:648 msgid "ldap_user_nds_login_allowed_time_map (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:613 +#: sssd-ldap.5.xml:651 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines the " "hours of a day in a week when access is granted." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:618 +#: sssd-ldap.5.xml:656 msgid "Default: loginAllowedTimeMap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:624 +#: sssd-ldap.5.xml:662 msgid "ldap_user_principal (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:627 +#: sssd-ldap.5.xml:665 msgid "" "The LDAP attribute that contains the user's Kerberos User Principal Name " "(UPN)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:631 +#: sssd-ldap.5.xml:669 msgid "Default: krbPrincipalName" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:637 +#: sssd-ldap.5.xml:675 msgid "ldap_user_extra_attrs (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:640 +#: sssd-ldap.5.xml:678 msgid "" "Comma-separated list of LDAP attributes that SSSD would fetch along with the " "usual set of user attributes." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:645 +#: sssd-ldap.5.xml:683 msgid "" "The list can either contain LDAP attribute names only, or colon-separated " "tuples of SSSD cache attribute name and LDAP attribute name. In case only " @@ -4927,7 +5158,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:655 +#: sssd-ldap.5.xml:693 msgid "" "Please note that several attribute names are reserved by SSSD, notably the " "<quote>name</quote> attribute. SSSD would report an error if any of the " @@ -4935,51 +5166,51 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:665 +#: sssd-ldap.5.xml:703 msgid "ldap_user_extra_attrs = telephoneNumber" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:668 +#: sssd-ldap.5.xml:706 msgid "" "Save the <quote>telephoneNumber</quote> attribute from LDAP as " "<quote>telephoneNumber</quote> to the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:672 +#: sssd-ldap.5.xml:710 msgid "ldap_user_extra_attrs = phone:telephoneNumber" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:675 +#: sssd-ldap.5.xml:713 msgid "" "Save the <quote>telephoneNumber</quote> attribute from LDAP as <quote>phone</" "quote> to the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:685 +#: sssd-ldap.5.xml:723 msgid "ldap_user_ssh_public_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:688 +#: sssd-ldap.5.xml:726 msgid "The LDAP attribute that contains the user's SSH public keys." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:692 sssd-ldap.5.xml:1247 +#: sssd-ldap.5.xml:730 sssd-ldap.5.xml:1285 msgid "Default: sshPublicKey" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:698 +#: sssd-ldap.5.xml:736 msgid "ldap_force_upper_case_realm (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:701 +#: sssd-ldap.5.xml:739 msgid "" "Some directory servers, for example Active Directory, might deliver the " "realm part of the UPN in lower case, which might cause the authentication to " @@ -4988,24 +5219,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:714 +#: sssd-ldap.5.xml:752 msgid "ldap_enumeration_refresh_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:717 +#: sssd-ldap.5.xml:755 msgid "" "Specifies how many seconds SSSD has to wait before refreshing its cache of " "enumerated records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:728 +#: sssd-ldap.5.xml:766 msgid "ldap_purge_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:731 +#: sssd-ldap.5.xml:769 msgid "" "Determine how often to check the cache for inactive entries (such as groups " "with no members and users who have never logged in) and remove them to save " @@ -5013,7 +5244,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:737 +#: sssd-ldap.5.xml:775 msgid "" "Setting this option to zero will disable the cache cleanup operation. Please " "note that if enumeration is enabled, the cleanup task is required in order " @@ -5022,43 +5253,43 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:752 +#: sssd-ldap.5.xml:790 msgid "ldap_user_fullname (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:755 +#: sssd-ldap.5.xml:793 msgid "The LDAP attribute that corresponds to the user's full name." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:759 sssd-ldap.5.xml:1102 sssd-ldap.5.xml:1176 -#: sssd-ldap.5.xml:1285 sssd-ldap.5.xml:2346 sssd-ipa.5.xml:622 +#: sssd-ldap.5.xml:797 sssd-ldap.5.xml:1140 sssd-ldap.5.xml:1214 +#: sssd-ldap.5.xml:1323 sssd-ldap.5.xml:2404 sssd-ipa.5.xml:622 msgid "Default: cn" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:765 +#: sssd-ldap.5.xml:803 msgid "ldap_user_member_of (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:768 +#: sssd-ldap.5.xml:806 msgid "The LDAP attribute that lists the user's group memberships." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:772 sssd-ldap.5.xml:1215 +#: sssd-ldap.5.xml:810 sssd-ldap.5.xml:1253 msgid "Default: memberOf" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:778 +#: sssd-ldap.5.xml:816 msgid "ldap_user_authorized_service (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:781 +#: sssd-ldap.5.xml:819 msgid "" "If access_provider=ldap and ldap_access_order=authorized_service, SSSD will " "use the presence of the authorizedService attribute in the user's LDAP entry " @@ -5066,14 +5297,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:788 +#: sssd-ldap.5.xml:826 msgid "" "An explicit deny (!svc) is resolved first. Second, SSSD searches for " "explicit allow (svc) and finally for allow_all (*)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:793 +#: sssd-ldap.5.xml:831 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>authorized_service</quote> in order for the " @@ -5081,17 +5312,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:800 +#: sssd-ldap.5.xml:838 msgid "Default: authorizedService" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:806 +#: sssd-ldap.5.xml:844 msgid "ldap_user_authorized_host (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:809 +#: sssd-ldap.5.xml:847 msgid "" "If access_provider=ldap and ldap_access_order=host, SSSD will use the " "presence of the host attribute in the user's LDAP entry to determine access " @@ -5099,14 +5330,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:815 +#: sssd-ldap.5.xml:853 msgid "" "An explicit deny (!host) is resolved first. Second, SSSD searches for " "explicit allow (host) and finally for allow_all (*)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:820 +#: sssd-ldap.5.xml:858 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>host</quote> in order for the " @@ -5114,17 +5345,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:827 +#: sssd-ldap.5.xml:865 msgid "Default: host" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:833 +#: sssd-ldap.5.xml:871 msgid "ldap_user_authorized_rhost (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:836 +#: sssd-ldap.5.xml:874 msgid "" "If access_provider=ldap and ldap_access_order=rhost, SSSD will use the " "presence of the rhost attribute in the user's LDAP entry to determine access " @@ -5132,14 +5363,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:843 +#: sssd-ldap.5.xml:881 msgid "" "An explicit deny (!rhost) is resolved first. Second, SSSD searches for " "explicit allow (rhost) and finally for allow_all (*)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:848 +#: sssd-ldap.5.xml:886 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>rhost</quote> in order for the " @@ -5147,37 +5378,37 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:855 +#: sssd-ldap.5.xml:893 msgid "Default: rhost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:861 +#: sssd-ldap.5.xml:899 msgid "ldap_user_certificate (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:864 +#: sssd-ldap.5.xml:902 msgid "Name of the LDAP attribute containing the X509 certificate of the user." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:868 +#: sssd-ldap.5.xml:906 msgid "Default: userCertificate;binary" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:874 +#: sssd-ldap.5.xml:912 msgid "ldap_user_email (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:877 +#: sssd-ldap.5.xml:915 msgid "Name of the LDAP attribute containing the email address of the user." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:881 +#: sssd-ldap.5.xml:919 msgid "" "Note: If an email address of a user conflicts with an email address or fully " "qualified name of another user, then SSSD will not be able to serve those " @@ -5187,106 +5418,106 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:890 +#: sssd-ldap.5.xml:928 msgid "Default: mail" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:896 +#: sssd-ldap.5.xml:934 msgid "ldap_group_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:899 +#: sssd-ldap.5.xml:937 msgid "The object class of a group entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:902 +#: sssd-ldap.5.xml:940 msgid "Default: posixGroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:908 +#: sssd-ldap.5.xml:946 msgid "ldap_group_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:911 +#: sssd-ldap.5.xml:949 msgid "The LDAP attribute that corresponds to the group name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:915 +#: sssd-ldap.5.xml:953 msgid "Default: cn (rfc2307, rfc2307bis and IPA), sAMAccountName (AD)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:922 +#: sssd-ldap.5.xml:960 msgid "ldap_group_gid_number (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:925 +#: sssd-ldap.5.xml:963 msgid "The LDAP attribute that corresponds to the group's id." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:935 +#: sssd-ldap.5.xml:973 msgid "ldap_group_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:938 +#: sssd-ldap.5.xml:976 msgid "The LDAP attribute that contains the names of the group's members." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:942 +#: sssd-ldap.5.xml:980 msgid "Default: memberuid (rfc2307) / member (rfc2307bis)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:948 +#: sssd-ldap.5.xml:986 msgid "ldap_group_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:951 +#: sssd-ldap.5.xml:989 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:962 +#: sssd-ldap.5.xml:1000 msgid "ldap_group_objectsid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:965 +#: sssd-ldap.5.xml:1003 msgid "" "The LDAP attribute that contains the objectSID of an LDAP group object. This " "is usually only necessary for ActiveDirectory servers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:977 +#: sssd-ldap.5.xml:1015 msgid "ldap_group_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:990 +#: sssd-ldap.5.xml:1028 msgid "ldap_group_type (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:993 +#: sssd-ldap.5.xml:1031 msgid "" "The LDAP attribute that contains an integer value indicating the type of the " "group and maybe other flags." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:998 +#: sssd-ldap.5.xml:1036 msgid "" "This attribute is currently only used by the AD provider to determine if a " "group is a domain local groups and has to be filtered out for trusted " @@ -5294,34 +5525,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1004 +#: sssd-ldap.5.xml:1042 msgid "Default: groupType in the AD provider, otherwise not set" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1011 +#: sssd-ldap.5.xml:1049 msgid "ldap_group_external_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1014 +#: sssd-ldap.5.xml:1052 msgid "" "The LDAP attribute that references group members that are defined in an " "external domain. At the moment, only IPA's external members are supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1020 +#: sssd-ldap.5.xml:1058 msgid "Default: ipaExternalMember in the IPA provider, otherwise unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1027 +#: sssd-ldap.5.xml:1065 msgid "ldap_group_nesting_level (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1030 +#: sssd-ldap.5.xml:1068 msgid "" "If ldap_schema is set to a schema format that supports nested groups (e.g. " "RFC2307bis), then this option controls how many levels of nesting SSSD will " @@ -5329,7 +5560,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1037 +#: sssd-ldap.5.xml:1075 msgid "" "Note: This option specifies the guaranteed level of nested groups to be " "processed for any lookup. However, nested groups beyond this limit " @@ -5339,7 +5570,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1046 +#: sssd-ldap.5.xml:1084 msgid "" "If ldap_group_nesting_level is set to 0 then no nested groups are processed " "at all. However, when connected to Active-Directory Server 2008 and later " @@ -5349,177 +5580,177 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1055 +#: sssd-ldap.5.xml:1093 msgid "Default: 2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1064 +#: sssd-ldap.5.xml:1102 msgid "" "This options enables or disables use of Token-Groups attribute when " "performing initgroup for users from Active Directory Server 2008 and later." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1069 +#: sssd-ldap.5.xml:1107 msgid "Default: True for AD and IPA otherwise False." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1075 +#: sssd-ldap.5.xml:1113 msgid "ldap_netgroup_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1078 +#: sssd-ldap.5.xml:1116 msgid "The object class of a netgroup entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1081 +#: sssd-ldap.5.xml:1119 msgid "In IPA provider, ipa_netgroup_object_class should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1085 +#: sssd-ldap.5.xml:1123 msgid "Default: nisNetgroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1091 +#: sssd-ldap.5.xml:1129 msgid "ldap_netgroup_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1094 +#: sssd-ldap.5.xml:1132 msgid "The LDAP attribute that corresponds to the netgroup name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1098 +#: sssd-ldap.5.xml:1136 msgid "In IPA provider, ipa_netgroup_name should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1108 +#: sssd-ldap.5.xml:1146 msgid "ldap_netgroup_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1111 +#: sssd-ldap.5.xml:1149 msgid "The LDAP attribute that contains the names of the netgroup's members." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1115 +#: sssd-ldap.5.xml:1153 msgid "In IPA provider, ipa_netgroup_member should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1119 +#: sssd-ldap.5.xml:1157 msgid "Default: memberNisNetgroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1125 +#: sssd-ldap.5.xml:1163 msgid "ldap_netgroup_triple (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1128 +#: sssd-ldap.5.xml:1166 msgid "" "The LDAP attribute that contains the (host, user, domain) netgroup triples." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1132 sssd-ldap.5.xml:1148 +#: sssd-ldap.5.xml:1170 sssd-ldap.5.xml:1186 msgid "This option is not available in IPA provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1135 +#: sssd-ldap.5.xml:1173 msgid "Default: nisNetgroupTriple" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1141 +#: sssd-ldap.5.xml:1179 msgid "ldap_netgroup_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1157 +#: sssd-ldap.5.xml:1195 msgid "ldap_host_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1160 +#: sssd-ldap.5.xml:1198 msgid "The object class of a host entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1163 sssd-ldap.5.xml:1272 +#: sssd-ldap.5.xml:1201 sssd-ldap.5.xml:1310 msgid "Default: ipService" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1169 +#: sssd-ldap.5.xml:1207 msgid "ldap_host_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1172 sssd-ldap.5.xml:1198 +#: sssd-ldap.5.xml:1210 sssd-ldap.5.xml:1236 msgid "The LDAP attribute that corresponds to the host's name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1182 +#: sssd-ldap.5.xml:1220 msgid "ldap_host_fqdn (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1185 +#: sssd-ldap.5.xml:1223 msgid "" "The LDAP attribute that corresponds to the host's fully-qualified domain " "name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1189 +#: sssd-ldap.5.xml:1227 msgid "Default: fqdn" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1195 +#: sssd-ldap.5.xml:1233 msgid "ldap_host_serverhostname (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1202 +#: sssd-ldap.5.xml:1240 msgid "Default: serverHostname" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1208 +#: sssd-ldap.5.xml:1246 msgid "ldap_host_member_of (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1211 +#: sssd-ldap.5.xml:1249 msgid "The LDAP attribute that lists the host's group memberships." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1221 +#: sssd-ldap.5.xml:1259 msgid "ldap_host_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1224 +#: sssd-ldap.5.xml:1262 msgid "Optional. Use the given string as search base for host objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1228 sssd-ipa.5.xml:374 sssd-ipa.5.xml:393 +#: sssd-ldap.5.xml:1266 sssd-ipa.5.xml:374 sssd-ipa.5.xml:393 #: sssd-ipa.5.xml:412 sssd-ipa.5.xml:431 msgid "" "See <quote>ldap_search_base</quote> for information about configuring " @@ -5527,95 +5758,95 @@ msgid "" msgstr "" #. type: Content of: <listitem><para> -#: sssd-ldap.5.xml:1233 sssd-ipa.5.xml:379 include/ldap_search_bases.xml:27 +#: sssd-ldap.5.xml:1271 sssd-ipa.5.xml:379 include/ldap_search_bases.xml:27 msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1240 +#: sssd-ldap.5.xml:1278 msgid "ldap_host_ssh_public_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1243 +#: sssd-ldap.5.xml:1281 msgid "The LDAP attribute that contains the host's SSH public keys." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1253 +#: sssd-ldap.5.xml:1291 msgid "ldap_host_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1256 +#: sssd-ldap.5.xml:1294 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP host object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1266 +#: sssd-ldap.5.xml:1304 msgid "ldap_service_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1269 +#: sssd-ldap.5.xml:1307 msgid "The object class of a service entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1278 +#: sssd-ldap.5.xml:1316 msgid "ldap_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1281 +#: sssd-ldap.5.xml:1319 msgid "" "The LDAP attribute that contains the name of service attributes and their " "aliases." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1291 +#: sssd-ldap.5.xml:1329 msgid "ldap_service_port (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1294 +#: sssd-ldap.5.xml:1332 msgid "The LDAP attribute that contains the port managed by this service." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1298 +#: sssd-ldap.5.xml:1336 msgid "Default: ipServicePort" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1304 +#: sssd-ldap.5.xml:1342 msgid "ldap_service_proto (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1307 +#: sssd-ldap.5.xml:1345 msgid "" "The LDAP attribute that contains the protocols understood by this service." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1311 +#: sssd-ldap.5.xml:1349 msgid "Default: ipServiceProtocol" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1317 +#: sssd-ldap.5.xml:1355 msgid "ldap_service_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1322 +#: sssd-ldap.5.xml:1360 msgid "ldap_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1325 +#: sssd-ldap.5.xml:1363 msgid "" "Specifies the timeout (in seconds) that ldap searches are allowed to run " "before they are cancelled and cached results are returned (and offline mode " @@ -5623,7 +5854,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1331 +#: sssd-ldap.5.xml:1369 msgid "" "Note: this option is subject to change in future versions of the SSSD. It " "will likely be replaced at some point by a series of timeouts for specific " @@ -5631,12 +5862,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1343 +#: sssd-ldap.5.xml:1381 msgid "ldap_enumeration_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1346 +#: sssd-ldap.5.xml:1384 msgid "" "Specifies the timeout (in seconds) that ldap searches for user and group " "enumerations are allowed to run before they are cancelled and cached results " @@ -5644,12 +5875,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1359 +#: sssd-ldap.5.xml:1397 msgid "ldap_network_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1362 +#: sssd-ldap.5.xml:1400 msgid "" "Specifies the timeout (in seconds) after which the <citerefentry> " "<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" @@ -5660,12 +5891,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1385 +#: sssd-ldap.5.xml:1423 msgid "ldap_opt_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1388 +#: sssd-ldap.5.xml:1426 msgid "" "Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " "will abort if no response is received. Also controls the timeout when " @@ -5674,12 +5905,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1403 +#: sssd-ldap.5.xml:1441 msgid "ldap_connection_expire_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1406 +#: sssd-ldap.5.xml:1444 msgid "" "Specifies a timeout (in seconds) that a connection to an LDAP server will be " "maintained. After this time, the connection will be re-established. If used " @@ -5688,34 +5919,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1414 sssd-ldap.5.xml:2503 +#: sssd-ldap.5.xml:1452 sssd-ldap.5.xml:2572 msgid "Default: 900 (15 minutes)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1420 +#: sssd-ldap.5.xml:1458 msgid "ldap_page_size (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1423 +#: sssd-ldap.5.xml:1461 msgid "" "Specify the number of records to retrieve from LDAP in a single request. " "Some LDAP servers enforce a maximum limit per-request." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1428 +#: sssd-ldap.5.xml:1466 msgid "Default: 1000" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1434 +#: sssd-ldap.5.xml:1472 msgid "ldap_disable_paging (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1437 +#: sssd-ldap.5.xml:1475 msgid "" "Disable the LDAP paging control. This option should be used if the LDAP " "server reports that it supports the LDAP paging control in its RootDSE but " @@ -5723,14 +5954,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1443 +#: sssd-ldap.5.xml:1481 msgid "" "Example: OpenLDAP servers with the paging control module installed on the " "server but not enabled will report it in the RootDSE but be unable to use it." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1449 +#: sssd-ldap.5.xml:1487 msgid "" "Example: 389 DS has a bug where it can only support a one paging control at " "a time on a single connection. On busy clients, this can result in some " @@ -5738,17 +5969,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1461 +#: sssd-ldap.5.xml:1499 msgid "ldap_disable_range_retrieval (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1464 +#: sssd-ldap.5.xml:1502 msgid "Disable Active Directory range retrieval." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1467 +#: sssd-ldap.5.xml:1505 msgid "" "Active Directory limits the number of members to be retrieved in a single " "lookup using the MaxValRange policy (which defaults to 1500 members). If a " @@ -5758,12 +5989,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1482 +#: sssd-ldap.5.xml:1520 msgid "ldap_sasl_minssf (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1485 +#: sssd-ldap.5.xml:1523 msgid "" "When communicating with an LDAP server using SASL, specify the minimum " "security level necessary to establish the connection. The values of this " @@ -5771,17 +6002,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1491 +#: sssd-ldap.5.xml:1529 msgid "Default: Use the system default (usually specified by ldap.conf)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1498 +#: sssd-ldap.5.xml:1536 msgid "ldap_deref_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1501 +#: sssd-ldap.5.xml:1539 msgid "" "Specify the number of group members that must be missing from the internal " "cache in order to trigger a dereference lookup. If less members are missing, " @@ -5789,13 +6020,18 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1507 +#: sssd-ldap.5.xml:1545 msgid "" -"You can turn off dereference lookups completely by setting the value to 0." +"You can turn off dereference lookups completely by setting the value to 0. " +"Please note that there are some codepaths in SSSD, like the IPA HBAC " +"provider, that are only implemented using the dereference call, so even with " +"dereference explicitly disabled, those parts will still use dereference if " +"the server supports it and advertises the dereference control in the rootDSE " +"object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1511 +#: sssd-ldap.5.xml:1556 msgid "" "A dereference lookup is a means of fetching all group members in a single " "LDAP call. Different LDAP servers may implement different dereference " @@ -5804,7 +6040,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1519 +#: sssd-ldap.5.xml:1564 msgid "" "<emphasis>Note:</emphasis> If any of the search bases specifies a search " "filter, then the dereference lookup performance enhancement will be disabled " @@ -5812,26 +6048,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1532 +#: sssd-ldap.5.xml:1577 msgid "ldap_tls_reqcert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1535 +#: sssd-ldap.5.xml:1580 msgid "" "Specifies what checks to perform on server certificates in a TLS session, if " "any. It can be specified as one of the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1541 +#: sssd-ldap.5.xml:1586 msgid "" "<emphasis>never</emphasis> = The client will not request or check any server " "certificate." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1545 +#: sssd-ldap.5.xml:1590 msgid "" "<emphasis>allow</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -5839,7 +6075,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1552 +#: sssd-ldap.5.xml:1597 msgid "" "<emphasis>try</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -5847,7 +6083,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1558 +#: sssd-ldap.5.xml:1603 msgid "" "<emphasis>demand</emphasis> = The server certificate is requested. If no " "certificate is provided, or a bad certificate is provided, the session is " @@ -5855,41 +6091,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1564 +#: sssd-ldap.5.xml:1609 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1568 +#: sssd-ldap.5.xml:1613 msgid "Default: hard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1574 +#: sssd-ldap.5.xml:1619 msgid "ldap_tls_cacert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1577 +#: sssd-ldap.5.xml:1622 msgid "" "Specifies the file that contains certificates for all of the Certificate " "Authorities that <command>sssd</command> will recognize." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1582 sssd-ldap.5.xml:1600 sssd-ldap.5.xml:1641 +#: sssd-ldap.5.xml:1627 sssd-ldap.5.xml:1645 sssd-ldap.5.xml:1686 msgid "" "Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." "conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1589 +#: sssd-ldap.5.xml:1634 msgid "ldap_tls_cacertdir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1592 +#: sssd-ldap.5.xml:1637 msgid "" "Specifies the path of a directory that contains Certificate Authority " "certificates in separate individual files. Typically the file names need to " @@ -5898,32 +6134,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1607 +#: sssd-ldap.5.xml:1652 msgid "ldap_tls_cert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1610 +#: sssd-ldap.5.xml:1655 msgid "Specifies the file that contains the certificate for the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1620 +#: sssd-ldap.5.xml:1665 msgid "ldap_tls_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1623 +#: sssd-ldap.5.xml:1668 msgid "Specifies the file that contains the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1632 +#: sssd-ldap.5.xml:1677 msgid "ldap_tls_cipher_suite (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1635 +#: sssd-ldap.5.xml:1680 msgid "" "Specifies acceptable cipher suites. Typically this is a colon separated " "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " @@ -5931,24 +6167,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1648 +#: sssd-ldap.5.xml:1693 msgid "ldap_id_use_start_tls (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1651 +#: sssd-ldap.5.xml:1696 msgid "" "Specifies that the id_provider connection must also use <systemitem class=" "\"protocol\">tls</systemitem> to protect the channel." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1661 +#: sssd-ldap.5.xml:1706 msgid "ldap_id_mapping (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1664 +#: sssd-ldap.5.xml:1709 msgid "" "Specifies that SSSD should attempt to map user and group IDs from the " "ldap_user_objectsid and ldap_group_objectsid attributes instead of relying " @@ -5956,17 +6192,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1670 +#: sssd-ldap.5.xml:1715 msgid "Currently this feature supports only ActiveDirectory objectSID mapping." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1680 +#: sssd-ldap.5.xml:1725 msgid "ldap_min_id, ldap_max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1683 +#: sssd-ldap.5.xml:1728 msgid "" "In contrast to the SID based ID mapping which is used if ldap_id_mapping is " "set to true the allowed ID range for ldap_user_uid_number and " @@ -5977,29 +6213,40 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1695 +#: sssd-ldap.5.xml:1740 msgid "Default: not set (both options are set to 0)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1701 +#: sssd-ldap.5.xml:1746 msgid "ldap_sasl_mech (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1704 +#: sssd-ldap.5.xml:1749 +msgid "" +"Specify the SASL mechanism to use. Currently only GSSAPI and GSS-SPNEGO are " +"tested and supported." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1753 msgid "" -"Specify the SASL mechanism to use. Currently only GSSAPI is tested and " -"supported." +"If the backend supports sub-domains the value of ldap_sasl_mech is " +"automatically inherited to the sub-domains. If a different value is needed " +"for a sub-domain it can be overwritten by setting ldap_sasl_mech for this " +"sub-domain explicitly. Please see TRUSTED DOMAIN SECTION in " +"<citerefentry><refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" +"manvolnum></citerefentry> for details." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1714 +#: sssd-ldap.5.xml:1769 msgid "ldap_sasl_authid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ldap.5.xml:1725 +#: sssd-ldap.5.xml:1781 #, no-wrap msgid "" "hostname@REALM\n" @@ -6012,29 +6259,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1717 +#: sssd-ldap.5.xml:1772 msgid "" -"Specify the SASL authorization id to use. When GSSAPI is used, this " -"represents the Kerberos principal used for authentication to the directory. " -"This option can either contain the full principal (for example host/" -"myhost@EXAMPLE.COM) or just the principal name (for example host/myhost). By " -"default, the value is not set and the following principals are used: " -"<placeholder type=\"programlisting\" id=\"0\"/> If none of them are found, " -"the first principal in keytab is returned." +"Specify the SASL authorization id to use. When GSSAPI/GSS-SPNEGO are used, " +"this represents the Kerberos principal used for authentication to the " +"directory. This option can either contain the full principal (for example " +"host/myhost@EXAMPLE.COM) or just the principal name (for example host/" +"myhost). By default, the value is not set and the following principals are " +"used: <placeholder type=\"programlisting\" id=\"0\"/> If none of them are " +"found, the first principal in keytab is returned." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1736 +#: sssd-ldap.5.xml:1792 msgid "Default: host/hostname@REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1742 +#: sssd-ldap.5.xml:1798 msgid "ldap_sasl_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1745 +#: sssd-ldap.5.xml:1801 msgid "" "Specify the SASL realm to use. When not specified, this option defaults to " "the value of krb5_realm. If the ldap_sasl_authid contains the realm as " @@ -6042,77 +6289,78 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1751 +#: sssd-ldap.5.xml:1807 msgid "Default: the value of krb5_realm." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1757 +#: sssd-ldap.5.xml:1813 msgid "ldap_sasl_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1760 +#: sssd-ldap.5.xml:1816 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1765 +#: sssd-ldap.5.xml:1821 msgid "Default: false;" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1771 +#: sssd-ldap.5.xml:1827 msgid "ldap_krb5_keytab (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1774 -msgid "Specify the keytab to use when using SASL/GSSAPI." +#: sssd-ldap.5.xml:1830 +msgid "Specify the keytab to use when using SASL/GSSAPI/GSS-SPNEGO." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1777 +#: sssd-ldap.5.xml:1834 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1783 +#: sssd-ldap.5.xml:1840 msgid "ldap_krb5_init_creds (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1786 +#: sssd-ldap.5.xml:1843 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " -"GSSAPI." +"GSSAPI or GSS-SPNEGO." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1798 +#: sssd-ldap.5.xml:1855 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1801 -msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." +#: sssd-ldap.5.xml:1858 +msgid "" +"Specifies the lifetime in seconds of the TGT if GSSAPI or GSS-SPNEGO is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1805 sssd-ad.5.xml:959 +#: sssd-ldap.5.xml:1862 sssd-ad.5.xml:978 msgid "Default: 86400 (24 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1811 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:1868 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1814 +#: sssd-ldap.5.xml:1871 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of preference. " @@ -6124,7 +6372,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1826 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:1883 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -6132,7 +6380,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1831 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1888 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " @@ -6140,39 +6388,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1840 sssd-ipa.5.xml:443 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1897 sssd-ipa.5.xml:443 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1843 -msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." +#: sssd-ldap.5.xml:1900 +msgid "Specify the Kerberos REALM (for SASL/GSSAPI/GSS-SPNEGO auth)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1846 +#: sssd-ldap.5.xml:1904 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1852 sssd-krb5.5.xml:462 +#: sssd-ldap.5.xml:1910 sssd-krb5.5.xml:462 msgid "krb5_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1855 +#: sssd-ldap.5.xml:1913 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1867 sssd-krb5.5.xml:477 +#: sssd-ldap.5.xml:1925 sssd-krb5.5.xml:477 msgid "krb5_use_kdcinfo (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1870 sssd-krb5.5.xml:480 +#: sssd-ldap.5.xml:1928 sssd-krb5.5.xml:480 msgid "" "Specifies if the SSSD should instruct the Kerberos libraries what realm and " "which KDCs to use. This option is on by default, if you disable it, you need " @@ -6182,7 +6430,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1881 sssd-krb5.5.xml:491 +#: sssd-ldap.5.xml:1939 sssd-krb5.5.xml:491 msgid "" "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more " @@ -6190,26 +6438,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1895 +#: sssd-ldap.5.xml:1953 msgid "ldap_pwd_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1898 +#: sssd-ldap.5.xml:1956 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1903 +#: sssd-ldap.5.xml:1961 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1908 +#: sssd-ldap.5.xml:1966 msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " @@ -6217,7 +6465,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1914 +#: sssd-ldap.5.xml:1972 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " @@ -6225,31 +6473,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1923 +#: sssd-ldap.5.xml:1981 msgid "" "<emphasis>Note</emphasis>: if a password policy is configured on server " "side, it always takes precedence over policy set with this option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1931 +#: sssd-ldap.5.xml:1989 msgid "ldap_referrals (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1934 +#: sssd-ldap.5.xml:1992 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1938 +#: sssd-ldap.5.xml:1996 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1943 +#: sssd-ldap.5.xml:2001 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " @@ -6258,56 +6506,56 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1957 +#: sssd-ldap.5.xml:2015 msgid "ldap_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1960 +#: sssd-ldap.5.xml:2018 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1964 +#: sssd-ldap.5.xml:2022 msgid "Default: ldap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1970 +#: sssd-ldap.5.xml:2028 msgid "ldap_chpass_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1973 +#: sssd-ldap.5.xml:2031 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1978 +#: sssd-ldap.5.xml:2036 msgid "Default: not set, i.e. service discovery is disabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1984 +#: sssd-ldap.5.xml:2042 msgid "ldap_chpass_update_last_change (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1987 +#: sssd-ldap.5.xml:2045 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1999 +#: sssd-ldap.5.xml:2057 msgid "ldap_access_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2002 +#: sssd-ldap.5.xml:2060 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -6323,12 +6571,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2022 +#: sssd-ldap.5.xml:2080 msgid "Example:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:2025 +#: sssd-ldap.5.xml:2083 #, no-wrap msgid "" "access_provider = ldap\n" @@ -6337,14 +6585,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2029 +#: sssd-ldap.5.xml:2087 msgid "" "This example means that access to this host is restricted to users whose " "employeeType attribute is set to \"admin\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2034 +#: sssd-ldap.5.xml:2092 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -6353,24 +6601,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2042 sssd-ldap.5.xml:2099 +#: sssd-ldap.5.xml:2100 sssd-ldap.5.xml:2157 msgid "Default: Empty" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2048 +#: sssd-ldap.5.xml:2106 msgid "ldap_account_expire_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2051 +#: sssd-ldap.5.xml:2109 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2055 +#: sssd-ldap.5.xml:2113 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -6378,19 +6626,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2062 +#: sssd-ldap.5.xml:2120 msgid "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2065 +#: sssd-ldap.5.xml:2123 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2070 +#: sssd-ldap.5.xml:2128 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -6399,7 +6647,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2077 +#: sssd-ldap.5.xml:2135 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " @@ -6407,7 +6655,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2083 +#: sssd-ldap.5.xml:2141 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -6416,7 +6664,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2092 +#: sssd-ldap.5.xml:2150 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>expire</quote> in order for the " @@ -6424,22 +6672,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2105 +#: sssd-ldap.5.xml:2163 msgid "ldap_access_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2108 +#: sssd-ldap.5.xml:2166 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2112 +#: sssd-ldap.5.xml:2170 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2115 +#: sssd-ldap.5.xml:2173 msgid "" "<emphasis>lockout</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -6449,14 +6697,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2125 +#: sssd-ldap.5.xml:2183 msgid "" "<emphasis> Please note that this option is superseded by the <quote>ppolicy</" "quote> option and might be removed in a future release. </emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2132 +#: sssd-ldap.5.xml:2190 msgid "" "<emphasis>ppolicy</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -6469,12 +6717,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2149 +#: sssd-ldap.5.xml:2207 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2153 +#: sssd-ldap.5.xml:2211 msgid "" "<emphasis>pwd_expire_policy_reject, pwd_expire_policy_warn, " "pwd_expire_policy_renew: </emphasis> These options are useful if users are " @@ -6484,7 +6732,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2163 +#: sssd-ldap.5.xml:2221 msgid "" "The difference between these options is the action taken if user password is " "expired: pwd_expire_policy_reject - user is denied to log in, " @@ -6494,63 +6742,63 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2171 +#: sssd-ldap.5.xml:2229 msgid "" "Note If user password is expired no explicit message is prompted by SSSD." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2175 +#: sssd-ldap.5.xml:2233 msgid "" "Please note that 'access_provider = ldap' must be set for this feature to " "work. Also 'ldap_pwd_policy' must be set to an appropriate password policy." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2180 +#: sssd-ldap.5.xml:2238 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2185 +#: sssd-ldap.5.xml:2243 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2189 +#: sssd-ldap.5.xml:2247 msgid "" "<emphasis>rhost</emphasis>: use the rhost attribute to determine whether " "remote host can access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2193 +#: sssd-ldap.5.xml:2251 msgid "" "Please note, rhost field in pam is set by application, it is better to check " "what the application sends to pam, before enabling this access control option" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2198 +#: sssd-ldap.5.xml:2256 msgid "Default: filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2201 +#: sssd-ldap.5.xml:2259 msgid "" "Please note that it is a configuration error if a value is used more than " "once." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2208 +#: sssd-ldap.5.xml:2266 msgid "ldap_pwdlockout_dn (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2211 +#: sssd-ldap.5.xml:2269 msgid "" "This option specifies the DN of password policy entry on LDAP server. Please " "note that absence of this option in sssd.conf in case of enabled account " @@ -6559,74 +6807,74 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2219 +#: sssd-ldap.5.xml:2277 msgid "Example: cn=ppolicy,ou=policies,dc=example,dc=com" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2222 +#: sssd-ldap.5.xml:2280 msgid "Default: cn=ppolicy,ou=policies,$ldap_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2228 +#: sssd-ldap.5.xml:2286 msgid "ldap_deref (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2231 +#: sssd-ldap.5.xml:2289 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2236 +#: sssd-ldap.5.xml:2294 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2240 +#: sssd-ldap.5.xml:2298 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2245 +#: sssd-ldap.5.xml:2303 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2250 +#: sssd-ldap.5.xml:2308 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2255 +#: sssd-ldap.5.xml:2313 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2263 +#: sssd-ldap.5.xml:2321 msgid "ldap_rfc2307_fallback_to_local_users (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2266 +#: sssd-ldap.5.xml:2324 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2270 +#: sssd-ldap.5.xml:2328 msgid "" "In some environments where the RFC2307 schema is used, local users are made " "members of LDAP groups by adding their names to the memberUid attribute. " @@ -6637,7 +6885,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2281 +#: sssd-ldap.5.xml:2339 msgid "" "This option falls back to checking if local users are referenced, and caches " "them so that later initgroups() calls will augment the local users with the " @@ -6645,24 +6893,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2293 sssd-ifp.5.xml:136 +#: sssd-ldap.5.xml:2351 sssd-ifp.5.xml:136 msgid "wildcard_limit (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2296 +#: sssd-ldap.5.xml:2354 msgid "" "Specifies an upper limit on the number of entries that are downloaded during " "a wildcard lookup." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2300 +#: sssd-ldap.5.xml:2358 msgid "At the moment, only the InfoPipe responder supports wildcard lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2304 +#: sssd-ldap.5.xml:2362 msgid "Default: 1000 (often the size of one page)" msgstr "" @@ -6677,12 +6925,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2314 +#: sssd-ldap.5.xml:2372 msgid "SUDO OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2316 +#: sssd-ldap.5.xml:2374 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -6690,317 +6938,327 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2327 +#: sssd-ldap.5.xml:2385 msgid "ldap_sudorule_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2330 +#: sssd-ldap.5.xml:2388 msgid "The object class of a sudo rule entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2333 +#: sssd-ldap.5.xml:2391 msgid "Default: sudoRole" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2339 +#: sssd-ldap.5.xml:2397 msgid "ldap_sudorule_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2342 +#: sssd-ldap.5.xml:2400 msgid "The LDAP attribute that corresponds to the sudo rule name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2352 +#: sssd-ldap.5.xml:2410 msgid "ldap_sudorule_command (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2355 +#: sssd-ldap.5.xml:2413 msgid "The LDAP attribute that corresponds to the command name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2359 +#: sssd-ldap.5.xml:2417 msgid "Default: sudoCommand" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2365 +#: sssd-ldap.5.xml:2423 msgid "ldap_sudorule_host (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2368 +#: sssd-ldap.5.xml:2426 msgid "" "The LDAP attribute that corresponds to the host name (or host IP address, " "host IP network, or host netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2373 +#: sssd-ldap.5.xml:2431 msgid "Default: sudoHost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2379 +#: sssd-ldap.5.xml:2437 msgid "ldap_sudorule_user (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2382 +#: sssd-ldap.5.xml:2440 msgid "" "The LDAP attribute that corresponds to the user name (or UID, group name or " "user's netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2386 +#: sssd-ldap.5.xml:2444 msgid "Default: sudoUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2392 +#: sssd-ldap.5.xml:2450 msgid "ldap_sudorule_option (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2395 +#: sssd-ldap.5.xml:2453 msgid "The LDAP attribute that corresponds to the sudo options." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2399 +#: sssd-ldap.5.xml:2457 msgid "Default: sudoOption" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2405 +#: sssd-ldap.5.xml:2463 msgid "ldap_sudorule_runasuser (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2408 +#: sssd-ldap.5.xml:2466 msgid "" "The LDAP attribute that corresponds to the user name that commands may be " "run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2412 +#: sssd-ldap.5.xml:2470 msgid "Default: sudoRunAsUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2418 +#: sssd-ldap.5.xml:2476 msgid "ldap_sudorule_runasgroup (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2421 +#: sssd-ldap.5.xml:2479 msgid "" "The LDAP attribute that corresponds to the group name or group GID that " "commands may be run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2425 +#: sssd-ldap.5.xml:2483 msgid "Default: sudoRunAsGroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2431 +#: sssd-ldap.5.xml:2489 msgid "ldap_sudorule_notbefore (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2434 +#: sssd-ldap.5.xml:2492 msgid "" "The LDAP attribute that corresponds to the start date/time for when the sudo " "rule is valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2438 +#: sssd-ldap.5.xml:2496 msgid "Default: sudoNotBefore" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2444 +#: sssd-ldap.5.xml:2502 msgid "ldap_sudorule_notafter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2447 +#: sssd-ldap.5.xml:2505 msgid "" "The LDAP attribute that corresponds to the expiration date/time, after which " "the sudo rule will no longer be valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2452 +#: sssd-ldap.5.xml:2510 msgid "Default: sudoNotAfter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2458 +#: sssd-ldap.5.xml:2516 msgid "ldap_sudorule_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2461 +#: sssd-ldap.5.xml:2519 msgid "The LDAP attribute that corresponds to the ordering index of the rule." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2465 +#: sssd-ldap.5.xml:2523 msgid "Default: sudoOrder" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2471 +#: sssd-ldap.5.xml:2529 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2474 +#: sssd-ldap.5.xml:2532 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2479 +#: sssd-ldap.5.xml:2537 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </" "emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2484 +#: sssd-ldap.5.xml:2542 msgid "Default: 21600 (6 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2490 +#: sssd-ldap.5.xml:2548 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2493 +#: sssd-ldap.5.xml:2551 msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " -"rules (which downloads all rules that have USN higher than the highest USN " -"of cached rules)." +"rules (which downloads all rules that have USN higher than the highest " +"server USN value that is currently known by SSSD)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2499 +#: sssd-ldap.5.xml:2557 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:2561 +msgid "" +"<emphasis>Note:</emphasis> the highest USN value can be updated by three " +"tasks: 1) By sudo full and smart refresh (if updated rules are found), 2) by " +"enumeration of users and groups (if enabled and updated users or groups are " +"found) and 3) by reconnecting to the server (by default every 15 minutes, " +"see <emphasis>ldap_connection_expire_timeout</emphasis>)." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2509 +#: sssd-ldap.5.xml:2578 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2512 +#: sssd-ldap.5.xml:2581 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2523 +#: sssd-ldap.5.xml:2592 msgid "ldap_sudo_hostnames (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2526 +#: sssd-ldap.5.xml:2595 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2531 +#: sssd-ldap.5.xml:2600 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2536 sssd-ldap.5.xml:2559 sssd-ldap.5.xml:2577 -#: sssd-ldap.5.xml:2595 +#: sssd-ldap.5.xml:2605 sssd-ldap.5.xml:2628 sssd-ldap.5.xml:2646 +#: sssd-ldap.5.xml:2664 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</" "emphasis> then this option has no effect." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2541 sssd-ldap.5.xml:2564 +#: sssd-ldap.5.xml:2610 sssd-ldap.5.xml:2633 msgid "Default: not specified" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2547 +#: sssd-ldap.5.xml:2616 msgid "ldap_sudo_ip (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2550 +#: sssd-ldap.5.xml:2619 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2555 +#: sssd-ldap.5.xml:2624 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2570 +#: sssd-ldap.5.xml:2639 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2573 +#: sssd-ldap.5.xml:2642 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2588 +#: sssd-ldap.5.xml:2657 msgid "ldap_sudo_include_regexp (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2591 +#: sssd-ldap.5.xml:2660 msgid "" "If true then SSSD will download every rule that contains a wildcard in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><note><para> -#: sssd-ldap.5.xml:2601 +#: sssd-ldap.5.xml:2670 msgid "" "Using wildcard is an operation that is very costly to evaluate on the LDAP " "server side!" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2613 +#: sssd-ldap.5.xml:2682 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -7009,111 +7267,111 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2623 +#: sssd-ldap.5.xml:2692 msgid "AUTOFS OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2625 +#: sssd-ldap.5.xml:2694 msgid "" "Some of the defaults for the parameters below are dependent on the LDAP " "schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2631 +#: sssd-ldap.5.xml:2700 msgid "ldap_autofs_map_master_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2634 +#: sssd-ldap.5.xml:2703 msgid "The name of the automount master map in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2637 +#: sssd-ldap.5.xml:2706 msgid "Default: auto.master" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2644 +#: sssd-ldap.5.xml:2713 msgid "ldap_autofs_map_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2647 +#: sssd-ldap.5.xml:2716 msgid "The object class of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2650 +#: sssd-ldap.5.xml:2719 msgid "Default: nisMap (rfc2307, autofs_provider=ad), otherwise automountMap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2658 +#: sssd-ldap.5.xml:2727 msgid "ldap_autofs_map_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2661 +#: sssd-ldap.5.xml:2730 msgid "The name of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2664 +#: sssd-ldap.5.xml:2733 msgid "" "Default: nisMapName (rfc2307, autofs_provider=ad), otherwise automountMapName" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2672 +#: sssd-ldap.5.xml:2741 msgid "ldap_autofs_entry_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2675 +#: sssd-ldap.5.xml:2744 msgid "" "The object class of an automount entry in LDAP. The entry usually " "corresponds to a mount point." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2680 +#: sssd-ldap.5.xml:2749 msgid "Default: nisObject (rfc2307, autofs_provider=ad), otherwise automount" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2688 +#: sssd-ldap.5.xml:2757 msgid "ldap_autofs_entry_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2691 sssd-ldap.5.xml:2706 +#: sssd-ldap.5.xml:2760 sssd-ldap.5.xml:2775 msgid "" "The key of an automount entry in LDAP. The entry usually corresponds to a " "mount point." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2695 +#: sssd-ldap.5.xml:2764 msgid "Default: cn (rfc2307, autofs_provider=ad), otherwise automountKey" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2703 +#: sssd-ldap.5.xml:2772 msgid "ldap_autofs_entry_value (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2710 +#: sssd-ldap.5.xml:2779 msgid "" "Default: nisMapEntry (rfc2307, autofs_provider=ad), otherwise " "automountInformation" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2629 +#: sssd-ldap.5.xml:2698 msgid "" "<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" "\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " @@ -7122,32 +7380,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2721 +#: sssd-ldap.5.xml:2790 msgid "ADVANCED OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2728 +#: sssd-ldap.5.xml:2797 msgid "ldap_netgroup_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2733 +#: sssd-ldap.5.xml:2802 msgid "ldap_user_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2738 +#: sssd-ldap.5.xml:2807 msgid "ldap_group_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note> -#: sssd-ldap.5.xml:2743 +#: sssd-ldap.5.xml:2812 msgid "<note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note><para> -#: sssd-ldap.5.xml:2745 +#: sssd-ldap.5.xml:2814 msgid "" "If the option <quote>ldap_use_tokengroups</quote> is enabled, the searches " "against Active Directory will not be restricted and return all groups " @@ -7156,22 +7414,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist> -#: sssd-ldap.5.xml:2752 +#: sssd-ldap.5.xml:2821 msgid "</note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2754 +#: sssd-ldap.5.xml:2823 msgid "ldap_sudo_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2759 +#: sssd-ldap.5.xml:2828 msgid "ldap_autofs_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2723 +#: sssd-ldap.5.xml:2792 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -7180,14 +7438,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2774 sssd-simple.5.xml:131 sssd-ipa.5.xml:843 -#: sssd-ad.5.xml:1078 sssd-krb5.5.xml:570 sss_rpcidmapd.5.xml:98 +#: sssd-ldap.5.xml:2843 sssd-simple.5.xml:131 sssd-ipa.5.xml:843 +#: sssd-ad.5.xml:1097 sssd-krb5.5.xml:604 sss_rpcidmapd.5.xml:98 #: sssd-files.5.xml:130 sssd-session-recording.5.xml:144 msgid "EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2776 +#: sssd-ldap.5.xml:2845 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -7195,7 +7453,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2782 +#: sssd-ldap.5.xml:2851 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -7208,27 +7466,27 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:2781 sssd-ldap.5.xml:2799 sssd-simple.5.xml:139 -#: sssd-ipa.5.xml:851 sssd-ad.5.xml:1086 sssd-sudo.5.xml:56 sssd-krb5.5.xml:579 +#: sssd-ldap.5.xml:2850 sssd-ldap.5.xml:2868 sssd-simple.5.xml:139 +#: sssd-ipa.5.xml:851 sssd-ad.5.xml:1105 sssd-sudo.5.xml:56 sssd-krb5.5.xml:613 #: sssd-files.5.xml:137 sssd-files.5.xml:148 sssd-session-recording.5.xml:150 #: include/ldap_id_mapping.xml:105 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2793 +#: sssd-ldap.5.xml:2862 msgid "LDAP ACCESS FILTER EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2795 +#: sssd-ldap.5.xml:2864 msgid "" "The following example assumes that SSSD is correctly configured and to use " "the ldap_access_order=lockout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2800 +#: sssd-ldap.5.xml:2869 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -7244,13 +7502,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2815 sssd_krb5_locator_plugin.8.xml:81 sssd-simple.5.xml:148 -#: sssd-ad.5.xml:1101 sssd.8.xml:257 sss_seed.8.xml:163 +#: sssd-ldap.5.xml:2884 sssd_krb5_locator_plugin.8.xml:83 sssd-simple.5.xml:148 +#: sssd-ad.5.xml:1120 sssd.8.xml:257 sss_seed.8.xml:163 msgid "NOTES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2817 +#: sssd-ldap.5.xml:2886 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -7463,7 +7721,7 @@ msgstr "" msgid "" "Try to use certificate based authentication, i.e. authentication with a " "Smartcard or similar devices. If a Smartcard is available and the service is " -"allowed for Smartcard authentication the use will be prompted for a PIN and " +"allowed for Smartcard authentication the user will be prompted for a PIN and " "the certificate based authentication will continue" msgstr "" @@ -7510,13 +7768,22 @@ msgid "" "<option>password</option> and <option>session</option>) are provided." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para> +#: pam_sss.8.xml:259 +msgid "" +"If SSSD's PAM responder is not running, e.g. if the PAM responder socket is " +"not available, pam_sss will return PAM_USER_UNKNOWN when called as " +"<option>account</option> module to avoid issues with users from other " +"sources during access control." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><title> -#: pam_sss.8.xml:262 +#: pam_sss.8.xml:266 msgid "FILES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:263 +#: pam_sss.8.xml:267 msgid "" "If a password reset by root fails, because the corresponding SSSD provider " "does not support password resets, an individual message can be displayed. " @@ -7524,7 +7791,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:268 +#: pam_sss.8.xml:272 msgid "" "The message is read from the file <filename>pam_sss_pw_reset_message.LOC</" "filename> where LOC stands for a locale string returned by <citerefentry> " @@ -7536,7 +7803,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:278 +#: pam_sss.8.xml:282 msgid "" "These files are searched in the directory <filename>/etc/sssd/customize/" "DOMAIN_NAME/</filename>. If no matching file is present a generic message is " @@ -7586,34 +7853,44 @@ msgstr "" msgid "" "The plugin reads the information about the KDCs of a given realm from a file " "called <filename>kdcinfo.REALM</filename>. The file should contain one or " -"more IP addresses either in dotted-decimal IPv4 notation or the hexadecimal " -"IPv6 notation. An optional port number can be added to the end separated " -"with a colon, the IPv6 address has to be enclosed in squared brackets in " -"this case as usual. Valid entries are:" +"more DNS names or IP addresses either in dotted-decimal IPv4 notation or the " +"hexadecimal IPv6 notation. An optional port number can be added to the end " +"separated with a colon, the IPv6 address has to be enclosed in squared " +"brackets in this case as usual. Valid entries are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> #: sssd_krb5_locator_plugin.8.xml:58 -msgid "1.2.3.4" +msgid "kdc.example.com" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> #: sssd_krb5_locator_plugin.8.xml:59 -msgid "5.6.7.8:99" +msgid "kdc.example.com:321" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> #: sssd_krb5_locator_plugin.8.xml:60 -msgid "2001:db8:85a3::8a2e:370:7334" +msgid "1.2.3.4" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> #: sssd_krb5_locator_plugin.8.xml:61 +msgid "5.6.7.8:99" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd_krb5_locator_plugin.8.xml:62 +msgid "2001:db8:85a3::8a2e:370:7334" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd_krb5_locator_plugin.8.xml:63 msgid "[2001:db8:85a3::8a2e:370:7334]:321" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:63 +#: sssd_krb5_locator_plugin.8.xml:65 msgid "" "SSSD's krb5 auth-provider which is used by the IPA and AD providers as well " "adds the address of the current KDC or domain controller SSSD is using to " @@ -7621,7 +7898,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:68 +#: sssd_krb5_locator_plugin.8.xml:70 msgid "" "In environments with read-only and read-write KDCs where clients are " "expected to use the read-only instances for the general operations and only " @@ -7634,7 +7911,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:83 +#: sssd_krb5_locator_plugin.8.xml:85 msgid "" "Not all Kerberos implementations support the use of plugins. If " "<command>sssd_krb5_locator_plugin</command> is not available on your system " @@ -7642,20 +7919,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:89 +#: sssd_krb5_locator_plugin.8.xml:91 msgid "" "If the environment variable SSSD_KRB5_LOCATOR_DEBUG is set to any value " "debug messages will be sent to stderr." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:93 +#: sssd_krb5_locator_plugin.8.xml:95 msgid "" "If the environment variable SSSD_KRB5_LOCATOR_DISABLE is set to any value " "the plugin is disabled and will just return KRB5_PLUGIN_NO_HANDLE to the " "caller." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:100 +msgid "" +"If the environment variable SSSD_KRB5_LOCATOR_IGNORE_DNS_FAILURES is set to " +"any value plugin will try to resolve all DNS names in kdcinfo file. By " +"default plugin returns KRB5_PLUGIN_NO_HANDLE to the caller immediately on " +"first DNS resolving failure." +msgstr "" + #. type: Content of: <reference><refentry><refnamediv><refname> #: sssd-simple.5.xml:10 sssd-simple.5.xml:16 msgid "sssd-simple" @@ -8752,7 +9038,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:128 sssd-ad.5.xml:888 +#: sssd-ipa.5.xml:128 sssd-ad.5.xml:907 msgid "dyndns_update (boolean)" msgstr "" @@ -8767,7 +9053,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:140 sssd-ad.5.xml:902 +#: sssd-ipa.5.xml:140 sssd-ad.5.xml:921 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" @@ -8782,12 +9068,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:157 sssd-ad.5.xml:913 +#: sssd-ipa.5.xml:157 sssd-ad.5.xml:932 msgid "dyndns_ttl (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:160 sssd-ad.5.xml:916 +#: sssd-ipa.5.xml:160 sssd-ad.5.xml:935 msgid "" "The TTL to apply to the client DNS record when updating it. If " "dyndns_update is false this has no effect. This will override the TTL " @@ -8808,12 +9094,12 @@ msgid "Default: 1200 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:177 sssd-ad.5.xml:927 +#: sssd-ipa.5.xml:177 sssd-ad.5.xml:946 msgid "dyndns_iface (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:180 sssd-ad.5.xml:930 +#: sssd-ipa.5.xml:180 sssd-ad.5.xml:949 msgid "" "Optional. Applicable only when dyndns_update is true. Choose the interface " "or a list of interfaces whose IP addresses should be used for dynamic DNS " @@ -8837,17 +9123,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:197 sssd-ad.5.xml:941 +#: sssd-ipa.5.xml:197 sssd-ad.5.xml:960 msgid "Example: dyndns_iface = em1, vnet1, vnet2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:203 sssd-ad.5.xml:992 +#: sssd-ipa.5.xml:203 sssd-ad.5.xml:1011 msgid "dyndns_auth (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:206 sssd-ad.5.xml:995 +#: sssd-ipa.5.xml:206 sssd-ad.5.xml:1014 msgid "" "Whether the nsupdate utility should use GSS-TSIG authentication for secure " "updates with the DNS server, insecure updates can be sent by setting this " @@ -8855,7 +9141,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:212 sssd-ad.5.xml:1001 +#: sssd-ipa.5.xml:212 sssd-ad.5.xml:1020 msgid "Default: GSS-TSIG" msgstr "" @@ -8882,7 +9168,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:244 sssd-ad.5.xml:947 +#: sssd-ipa.5.xml:244 sssd-ad.5.xml:966 msgid "dyndns_refresh_interval (integer)" msgstr "" @@ -8895,12 +9181,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:260 sssd-ad.5.xml:965 +#: sssd-ipa.5.xml:260 sssd-ad.5.xml:984 msgid "dyndns_update_ptr (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:263 sssd-ad.5.xml:968 +#: sssd-ipa.5.xml:263 sssd-ad.5.xml:987 msgid "" "Whether the PTR record should also be explicitly updated when updating the " "client's DNS records. Applicable only when dyndns_update is true." @@ -8919,60 +9205,60 @@ msgid "Default: False (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:280 sssd-ad.5.xml:979 +#: sssd-ipa.5.xml:280 sssd-ad.5.xml:998 msgid "dyndns_force_tcp (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:283 sssd-ad.5.xml:982 +#: sssd-ipa.5.xml:283 sssd-ad.5.xml:1001 msgid "" "Whether the nsupdate utility should default to using TCP for communicating " "with the DNS server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:287 sssd-ad.5.xml:986 +#: sssd-ipa.5.xml:287 sssd-ad.5.xml:1005 msgid "Default: False (let nsupdate choose the protocol)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:293 sssd-ad.5.xml:1007 +#: sssd-ipa.5.xml:293 sssd-ad.5.xml:1026 msgid "dyndns_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:296 sssd-ad.5.xml:1010 +#: sssd-ipa.5.xml:296 sssd-ad.5.xml:1029 msgid "" "The DNS server to use when performing a DNS update. In most setups, it's " "recommended to leave this option unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:301 sssd-ad.5.xml:1015 +#: sssd-ipa.5.xml:301 sssd-ad.5.xml:1034 msgid "" "Setting this option makes sense for environments where the DNS server is " "different from the identity server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:306 sssd-ad.5.xml:1020 +#: sssd-ipa.5.xml:306 sssd-ad.5.xml:1039 msgid "" "Please note that this option will be only used in fallback attempt when " "previous attempt using autodetected settings failed." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:311 sssd-ad.5.xml:1025 +#: sssd-ipa.5.xml:311 sssd-ad.5.xml:1044 msgid "Default: None (let nsupdate choose the server)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:317 sssd-ad.5.xml:1031 +#: sssd-ipa.5.xml:317 sssd-ad.5.xml:1050 msgid "dyndns_update_per_family (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:320 sssd-ad.5.xml:1034 +#: sssd-ipa.5.xml:320 sssd-ad.5.xml:1053 msgid "" "DNS update is by default performed in two steps - IPv4 update and then IPv6 " "update. In some cases it might be desirable to perform IPv4 and IPv6 update " @@ -9086,26 +9372,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:458 sssd-ad.5.xml:1049 +#: sssd-ipa.5.xml:458 sssd-ad.5.xml:1068 msgid "krb5_confd_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:461 sssd-ad.5.xml:1052 +#: sssd-ipa.5.xml:461 sssd-ad.5.xml:1071 msgid "" "Absolute path of a directory where SSSD should place Kerberos configuration " "snippets." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:465 sssd-ad.5.xml:1056 +#: sssd-ipa.5.xml:465 sssd-ad.5.xml:1075 msgid "" "To disable the creation of the configuration snippets set the parameter to " "'none'." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:469 sssd-ad.5.xml:1060 +#: sssd-ipa.5.xml:469 sssd-ad.5.xml:1079 msgid "" "Default: not set (krb5.include.d subdirectory of SSSD's pubconf directory)" msgstr "" @@ -9124,7 +9410,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:486 sssd-ipa.5.xml:516 sssd-ipa.5.xml:532 sssd-ad.5.xml:452 +#: sssd-ipa.5.xml:486 sssd-ipa.5.xml:516 sssd-ipa.5.xml:532 sssd-ad.5.xml:471 msgid "Default: 5 (seconds)" msgstr "" @@ -10000,12 +10286,27 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:442 +#: sssd-ad.5.xml:441 +msgid "ad_gpo_ignore_unreadable (boolean)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:444 +msgid "" +"Normally when some group policy containers (AD object) of applicable group " +"policy objects are not readable by SSSD then users are denied access. This " +"option allows to ignore group policy containers and with them associated " +"policies if their attributes in group policy containers are not readable for " +"SSSD." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:461 msgid "ad_gpo_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:445 +#: sssd-ad.5.xml:464 msgid "" "The amount of time between lookups of GPO policy files against the AD " "server. This will reduce the latency and load on the AD server if there are " @@ -10013,12 +10314,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:458 +#: sssd-ad.5.xml:477 msgid "ad_gpo_map_interactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:461 +#: sssd-ad.5.xml:480 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the InteractiveLogonRight and " @@ -10026,14 +10327,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:467 +#: sssd-ad.5.xml:486 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on locally\" and \"Deny log on locally\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:481 +#: sssd-ad.5.xml:500 #, no-wrap msgid "" "ad_gpo_map_interactive = +my_pam_service, -login\n" @@ -10041,7 +10342,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:472 +#: sssd-ad.5.xml:491 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -10053,42 +10354,42 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:504 +#: sssd-ad.5.xml:523 msgid "gdm-fingerprint" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:524 +#: sssd-ad.5.xml:543 msgid "lightdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:529 +#: sssd-ad.5.xml:548 msgid "lxdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:534 +#: sssd-ad.5.xml:553 msgid "sddm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:539 +#: sssd-ad.5.xml:558 msgid "unity" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:544 +#: sssd-ad.5.xml:563 msgid "xdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:553 +#: sssd-ad.5.xml:572 msgid "ad_gpo_map_remote_interactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:556 +#: sssd-ad.5.xml:575 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the RemoteInteractiveLogonRight and " @@ -10096,7 +10397,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:562 +#: sssd-ad.5.xml:581 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on through Remote Desktop Services\" and \"Deny log on through Remote " @@ -10104,7 +10405,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:577 +#: sssd-ad.5.xml:596 #, no-wrap msgid "" "ad_gpo_map_remote_interactive = +my_pam_service, -sshd\n" @@ -10112,7 +10413,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:568 +#: sssd-ad.5.xml:587 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -10124,22 +10425,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:585 +#: sssd-ad.5.xml:604 msgid "sshd" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:590 +#: sssd-ad.5.xml:609 msgid "cockpit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:599 +#: sssd-ad.5.xml:618 msgid "ad_gpo_map_network (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:602 +#: sssd-ad.5.xml:621 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the NetworkLogonRight and " @@ -10147,7 +10448,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:608 +#: sssd-ad.5.xml:627 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Access " "this computer from the network\" and \"Deny access to this computer from the " @@ -10155,7 +10456,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:623 +#: sssd-ad.5.xml:642 #, no-wrap msgid "" "ad_gpo_map_network = +my_pam_service, -ftp\n" @@ -10163,7 +10464,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:614 +#: sssd-ad.5.xml:633 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -10175,22 +10476,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:631 +#: sssd-ad.5.xml:650 msgid "ftp" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:636 +#: sssd-ad.5.xml:655 msgid "samba" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:645 +#: sssd-ad.5.xml:664 msgid "ad_gpo_map_batch (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:648 +#: sssd-ad.5.xml:667 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the BatchLogonRight and DenyBatchLogonRight " @@ -10198,14 +10499,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:654 +#: sssd-ad.5.xml:673 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a batch job\" and \"Deny log on as a batch job\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:668 +#: sssd-ad.5.xml:687 #, no-wrap msgid "" "ad_gpo_map_batch = +my_pam_service, -crond\n" @@ -10213,7 +10514,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:659 +#: sssd-ad.5.xml:678 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -10225,23 +10526,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:671 +#: sssd-ad.5.xml:690 msgid "" "Note: Cron service name may differ depending on Linux distribution used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:677 +#: sssd-ad.5.xml:696 msgid "crond" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:686 +#: sssd-ad.5.xml:705 msgid "ad_gpo_map_service (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:689 +#: sssd-ad.5.xml:708 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the ServiceLogonRight and " @@ -10249,14 +10550,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:695 +#: sssd-ad.5.xml:714 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a service\" and \"Deny log on as a service\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:708 +#: sssd-ad.5.xml:727 #, no-wrap msgid "" "ad_gpo_map_service = +my_pam_service\n" @@ -10264,7 +10565,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:700 sssd-ad.5.xml:775 +#: sssd-ad.5.xml:719 sssd-ad.5.xml:794 msgid "" "It is possible to add a PAM service name to the default set by using <quote>" "+service_name</quote>. Since the default set is empty, it is not possible " @@ -10275,19 +10576,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:718 +#: sssd-ad.5.xml:737 msgid "ad_gpo_map_permit (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:721 +#: sssd-ad.5.xml:740 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always granted, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:735 +#: sssd-ad.5.xml:754 #, no-wrap msgid "" "ad_gpo_map_permit = +my_pam_service, -sudo\n" @@ -10295,7 +10596,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:726 +#: sssd-ad.5.xml:745 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -10307,29 +10608,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:743 +#: sssd-ad.5.xml:762 msgid "polkit-1" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:758 +#: sssd-ad.5.xml:777 msgid "systemd-user" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:767 +#: sssd-ad.5.xml:786 msgid "ad_gpo_map_deny (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:770 +#: sssd-ad.5.xml:789 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always denied, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:783 +#: sssd-ad.5.xml:802 #, no-wrap msgid "" "ad_gpo_map_deny = +my_pam_service\n" @@ -10337,12 +10638,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:793 +#: sssd-ad.5.xml:812 msgid "ad_gpo_default_right (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:796 +#: sssd-ad.5.xml:815 msgid "" "This option defines how access control is evaluated for PAM service names " "that are not explicitly listed in one of the ad_gpo_map_* options. This " @@ -10355,57 +10656,57 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:809 +#: sssd-ad.5.xml:828 msgid "Supported values for this option include:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:813 +#: sssd-ad.5.xml:832 msgid "interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:818 +#: sssd-ad.5.xml:837 msgid "remote_interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:823 +#: sssd-ad.5.xml:842 msgid "network" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:828 +#: sssd-ad.5.xml:847 msgid "batch" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:833 +#: sssd-ad.5.xml:852 msgid "service" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:838 +#: sssd-ad.5.xml:857 msgid "permit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:843 +#: sssd-ad.5.xml:862 msgid "deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:849 +#: sssd-ad.5.xml:868 msgid "Default: deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:855 +#: sssd-ad.5.xml:874 msgid "ad_maximum_machine_account_password_age (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:858 +#: sssd-ad.5.xml:877 msgid "" "SSSD will check once a day if the machine account password is older than the " "given age in days and try to renew it. A value of 0 will disable the renewal " @@ -10413,17 +10714,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:864 +#: sssd-ad.5.xml:883 msgid "Default: 30 days" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:870 +#: sssd-ad.5.xml:889 msgid "ad_machine_account_password_renewal_opts (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:873 +#: sssd-ad.5.xml:892 msgid "" "This option should only be used to test the machine account renewal task. " "The option expects 2 integers separated by a colon (':'). The first integer " @@ -10433,12 +10734,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:882 +#: sssd-ad.5.xml:901 msgid "Default: 86400:750 (24h and 15m)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:891 +#: sssd-ad.5.xml:910 msgid "" "Optional. This option tells SSSD to automatically update the Active " "Directory DNS server with the IP address of this client. The update is " @@ -10449,19 +10750,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:921 +#: sssd-ad.5.xml:940 msgid "Default: 3600 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:937 +#: sssd-ad.5.xml:956 msgid "" "Default: Use the IP addresses of the interface which is used for AD LDAP " "connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:950 +#: sssd-ad.5.xml:969 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -10471,12 +10772,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:973 sss_rpcidmapd.5.xml:76 +#: sssd-ad.5.xml:992 sss_rpcidmapd.5.xml:76 msgid "Default: True" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1080 +#: sssd-ad.5.xml:1099 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -10484,7 +10785,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1087 +#: sssd-ad.5.xml:1106 #, no-wrap msgid "" "[domain/EXAMPLE]\n" @@ -10499,7 +10800,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1107 +#: sssd-ad.5.xml:1126 #, no-wrap msgid "" "access_provider = ldap\n" @@ -10508,7 +10809,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1103 +#: sssd-ad.5.xml:1122 msgid "" "The AD access control provider checks if the account is expired. It has the " "same effect as the following configuration of the LDAP provider: " @@ -10516,7 +10817,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1113 +#: sssd-ad.5.xml:1132 msgid "" "However, unless the <quote>ad</quote> access control provider is explicitly " "configured, the default access provider is <quote>permit</quote>. Please " @@ -10526,7 +10827,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1121 +#: sssd-ad.5.xml:1140 msgid "" "When the autofs provider is set to <quote>ad</quote>, the RFC2307 schema " "attribute mapping (nisMap, nisObject, ...) is used, because these attributes " @@ -12010,23 +12311,59 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-krb5.5.xml:505 -msgid "krb5_use_enterprise_principal (boolean)" +msgid "krb5_kdcinfo_lookahead (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:508 msgid "" +"When krb5_use_kdcinfo is set to true, you can limit the amount of servers " +"handed to <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" +"refentrytitle> <manvolnum>8</manvolnum> </citerefentry>. This might be " +"helpful when there are too many servers discovered using SRV record." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:518 +msgid "" +"The krb5_kdcinfo_lookahead option contains two numbers seperated by a colon. " +"The first number represents number of primary servers used and the second " +"number specifies the number of backup servers." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:524 +msgid "" +"For example <emphasis>10:0</emphasis> means that up to 10 primary servers " +"will be handed to <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" +"refentrytitle> <manvolnum>8</manvolnum> </citerefentry>. but no backup " +"servers." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:533 +msgid "Default: 3:1" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-krb5.5.xml:539 +msgid "krb5_use_enterprise_principal (boolean)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:542 +msgid "" "Specifies if the user principal should be treated as enterprise principal. " "See section 5 of RFC 6806 for more details about enterprise principals." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:514 +#: sssd-krb5.5.xml:548 msgid "Default: false (AD provider: true)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:517 +#: sssd-krb5.5.xml:551 msgid "" "The IPA provider will set to option to 'true' if it detects that the server " "is capable of handling enterprise principals and the option is not set " @@ -12034,12 +12371,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:526 +#: sssd-krb5.5.xml:560 msgid "krb5_map_user (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:529 +#: sssd-krb5.5.xml:563 msgid "" "The list of mappings is given as a comma-separated list of pairs " "<quote>username:primary</quote> where <quote>username</quote> is a UNIX user " @@ -12049,7 +12386,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-krb5.5.xml:541 +#: sssd-krb5.5.xml:575 #, no-wrap msgid "" "krb5_realm = REALM\n" @@ -12057,7 +12394,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:546 +#: sssd-krb5.5.xml:580 msgid "" "<quote>joe</quote> and <quote>dick</quote> are UNIX user names and " "<quote>juser</quote> and <quote>richard</quote> are primaries of kerberos " @@ -12077,7 +12414,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:572 +#: sssd-krb5.5.xml:606 msgid "" "The following example assumes that SSSD is correctly configured and FOO is " "one of the domains in the <replaceable>[sssd]</replaceable> section. This " @@ -12086,7 +12423,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-krb5.5.xml:580 +#: sssd-krb5.5.xml:614 #, no-wrap msgid "" "[domain/FOO]\n" diff --git a/src/man/po/fi.po b/src/man/po/fi.po index 8588d20d6d5..ca39f44d8c7 100644 --- a/src/man/po/fi.po +++ b/src/man/po/fi.po @@ -1,9 +1,9 @@ # Toni Rantala <trantalafilo@gmail.com>, 2017. #zanata msgid "" msgstr "" -"Project-Id-Version: sssd-docs 1.16.2\n" +"Project-Id-Version: sssd-docs 2.0.99\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2019-02-27 19:54+0100\n" +"POT-Creation-Date: 2019-06-13 20:34+0200\n" "PO-Revision-Date: 2017-03-24 08:46+0000\n" "Last-Translator: Toni Rantala <trantalafilo@gmail.com>\n" "Language-Team: Finnish\n" @@ -287,11 +287,11 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:133 sssd.conf.5.xml:579 sssd.conf.5.xml:875 -#: sssd.conf.5.xml:1648 sssd.conf.5.xml:1678 sssd-ldap.5.xml:1792 -#: sssd-ldap.5.xml:1889 sssd-ldap.5.xml:1951 sssd-ldap.5.xml:2517 -#: sssd-ldap.5.xml:2582 sssd-ipa.5.xml:326 sssd-ad.5.xml:227 sssd-ad.5.xml:341 -#: sssd-ad.5.xml:907 sssd-ad.5.xml:1040 sssd-krb5.5.xml:499 +#: sssd.conf.5.xml:133 sssd.conf.5.xml:579 sssd.conf.5.xml:876 +#: sssd.conf.5.xml:1649 sssd.conf.5.xml:1679 sssd-ldap.5.xml:1849 +#: sssd-ldap.5.xml:1947 sssd-ldap.5.xml:2009 sssd-ldap.5.xml:2586 +#: sssd-ldap.5.xml:2651 sssd-ipa.5.xml:326 sssd-ad.5.xml:227 sssd-ad.5.xml:341 +#: sssd-ad.5.xml:926 sssd-ad.5.xml:1059 sssd-krb5.5.xml:499 #: sssd-secrets.5.xml:351 sssd-secrets.5.xml:364 msgid "Default: true" msgstr "Oletus:tosi" @@ -310,16 +310,16 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:146 sssd.conf.5.xml:576 sssd.conf.5.xml:758 -#: sssd.conf.5.xml:1581 sssd.conf.5.xml:3140 sssd-ldap.5.xml:708 -#: sssd-ldap.5.xml:1655 sssd-ldap.5.xml:1674 sssd-ldap.5.xml:1861 -#: sssd-ldap.5.xml:2287 sssd-ldap.5.xml:2606 sssd-ipa.5.xml:151 +#: sssd.conf.5.xml:1582 sssd.conf.5.xml:3207 sssd-ldap.5.xml:746 +#: sssd-ldap.5.xml:1700 sssd-ldap.5.xml:1719 sssd-ldap.5.xml:1919 +#: sssd-ldap.5.xml:2345 sssd-ldap.5.xml:2675 sssd-ipa.5.xml:151 #: sssd-ipa.5.xml:238 sssd-ipa.5.xml:574 sssd-krb5.5.xml:266 #: sssd-krb5.5.xml:300 sssd-krb5.5.xml:471 msgid "Default: false" msgstr "Oletus:epätosi" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:2325 +#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:2383 #: sssd-systemtap.5.xml:82 sssd-systemtap.5.xml:143 sssd-systemtap.5.xml:210 #: sssd-systemtap.5.xml:248 sssd-systemtap.5.xml:304 msgid "<placeholder type=\"variablelist\" id=\"0\"/>" @@ -344,8 +344,8 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:169 sssd.conf.5.xml:1412 sssd.conf.5.xml:3156 -#: sssd-ldap.5.xml:1526 include/ldap_id_mapping.xml:264 +#: sssd.conf.5.xml:169 sssd.conf.5.xml:1413 sssd.conf.5.xml:3223 +#: sssd-ldap.5.xml:1571 include/ldap_id_mapping.xml:264 msgid "Default: 10" msgstr "" @@ -360,7 +360,7 @@ msgid "The [sssd] section" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:191 sssd.conf.5.xml:3245 +#: sssd.conf.5.xml:191 sssd.conf.5.xml:3312 msgid "Section parameters" msgstr "" @@ -440,7 +440,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:259 sssd.conf.5.xml:2754 +#: sssd.conf.5.xml:259 sssd.conf.5.xml:2755 msgid "re_expression (string)" msgstr "" @@ -460,12 +460,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:276 sssd.conf.5.xml:2802 +#: sssd.conf.5.xml:276 sssd.conf.5.xml:2803 msgid "full_name_format (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:279 sssd.conf.5.xml:2805 +#: sssd.conf.5.xml:279 sssd.conf.5.xml:2806 msgid "" "A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" "manvolnum> </citerefentry>-compatible format that describes how to compose a " @@ -473,39 +473,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:290 sssd.conf.5.xml:2816 +#: sssd.conf.5.xml:290 sssd.conf.5.xml:2817 msgid "%1$s" msgstr "%1$s" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:291 sssd.conf.5.xml:2817 +#: sssd.conf.5.xml:291 sssd.conf.5.xml:2818 msgid "user name" msgstr "käyttäjänimi" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:294 sssd.conf.5.xml:2820 +#: sssd.conf.5.xml:294 sssd.conf.5.xml:2821 msgid "%2$s" msgstr "%2$s" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:297 sssd.conf.5.xml:2823 +#: sssd.conf.5.xml:297 sssd.conf.5.xml:2824 msgid "domain name as specified in the SSSD config file." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:303 sssd.conf.5.xml:2829 +#: sssd.conf.5.xml:303 sssd.conf.5.xml:2830 msgid "%3$s" msgstr "%3$s" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:306 sssd.conf.5.xml:2832 +#: sssd.conf.5.xml:306 sssd.conf.5.xml:2833 msgid "" "domain flat name. Mostly usable for Active Directory domains, both directly " "configured or discovered via IPA trusts." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:287 sssd.conf.5.xml:2813 +#: sssd.conf.5.xml:287 sssd.conf.5.xml:2814 msgid "" "The following expansions are supported: <placeholder type=\"variablelist\" " "id=\"0\"/>" @@ -629,10 +629,10 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:418 sssd.conf.5.xml:1201 sssd-ldap.5.xml:679 -#: sssd-ldap.5.xml:1260 sssd-ldap.5.xml:1614 sssd-ldap.5.xml:1626 -#: sssd-ldap.5.xml:1708 sssd-ad.5.xml:712 sssd-ad.5.xml:787 sssd.8.xml:126 -#: sssd-krb5.5.xml:410 sssd-krb5.5.xml:556 sssd-secrets.5.xml:339 +#: sssd.conf.5.xml:418 sssd.conf.5.xml:1202 sssd-ldap.5.xml:717 +#: sssd-ldap.5.xml:1298 sssd-ldap.5.xml:1659 sssd-ldap.5.xml:1671 +#: sssd-ldap.5.xml:1763 sssd-ad.5.xml:731 sssd-ad.5.xml:806 sssd.8.xml:126 +#: sssd-krb5.5.xml:410 sssd-krb5.5.xml:590 sssd-secrets.5.xml:339 #: sssd-secrets.5.xml:377 sssd-secrets.5.xml:390 sssd-secrets.5.xml:404 #: sssd-secrets.5.xml:415 include/ldap_id_mapping.xml:205 #: include/ldap_id_mapping.xml:216 @@ -775,12 +775,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:533 sssd.conf.5.xml:1397 sssd.conf.5.xml:1703 +#: sssd.conf.5.xml:533 sssd.conf.5.xml:1398 sssd.conf.5.xml:1704 msgid "This man page was generated for the NSS version." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:536 sssd.conf.5.xml:1400 sssd.conf.5.xml:1706 +#: sssd.conf.5.xml:536 sssd.conf.5.xml:1401 sssd.conf.5.xml:1707 msgid "This man page was generated for the OpenSSL version." msgstr "" @@ -864,7 +864,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:624 sssd.conf.5.xml:1424 sssd.conf.5.xml:3206 +#: sssd.conf.5.xml:624 sssd.conf.5.xml:1425 sssd.conf.5.xml:3273 #: sssd-ad.5.xml:164 sssd-ad.5.xml:302 sssd-ad.5.xml:316 msgid "Default: Not set" msgstr "" @@ -940,8 +940,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:692 sssd.conf.5.xml:724 sssd.conf.5.xml:1006 -#: sssd.conf.5.xml:1267 sssd.conf.5.xml:1513 sssd-ldap.5.xml:1353 +#: sssd.conf.5.xml:692 sssd.conf.5.xml:724 sssd.conf.5.xml:1007 +#: sssd.conf.5.xml:1268 sssd.conf.5.xml:1514 sssd-ldap.5.xml:1391 msgid "Default: 60" msgstr "" @@ -1001,8 +1001,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:746 sssd.conf.5.xml:1019 sssd.conf.5.xml:1773 -#: sssd-ldap.5.xml:722 +#: sssd.conf.5.xml:746 sssd.conf.5.xml:1020 sssd.conf.5.xml:1774 +#: sssd-ldap.5.xml:760 msgid "Default: 300" msgstr "" @@ -1079,7 +1079,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:812 sssd.conf.5.xml:1602 +#: sssd.conf.5.xml:812 sssd.conf.5.xml:1603 msgid "Default: 50" msgstr "" @@ -1097,7 +1097,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:826 sssd.conf.5.xml:1626 +#: sssd.conf.5.xml:826 sssd.conf.5.xml:1627 msgid "Default: 15" msgstr "" @@ -1130,11 +1130,11 @@ msgid "" "Exclude certain users or groups from being fetched from the sss NSS " "database. This is particularly useful for system accounts. This option can " "also be set per-domain or include fully-qualified names to filter only users " -"from the particular domain." +"from the particular domain or by a user principal name (UPN)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:855 +#: sssd.conf.5.xml:856 msgid "" "NOTE: The filter_groups option doesn't affect inheritance of nested group " "members, since filtering happens after they are propagated for returning via " @@ -1143,41 +1143,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:863 +#: sssd.conf.5.xml:864 msgid "Default: root" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:868 +#: sssd.conf.5.xml:869 msgid "filter_users_in_groups (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:871 +#: sssd.conf.5.xml:872 msgid "" "If you want filtered user still be group members set this option to false." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:882 +#: sssd.conf.5.xml:883 msgid "fallback_homedir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:885 +#: sssd.conf.5.xml:886 msgid "" "Set a default template for a user's home directory if one is not specified " "explicitly by the domain's data provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:890 +#: sssd.conf.5.xml:891 msgid "" "The available values for this option are the same as for override_homedir." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:896 +#: sssd.conf.5.xml:897 #, no-wrap msgid "" "fallback_homedir = /home/%u\n" @@ -1185,23 +1185,23 @@ msgid "" msgstr "" #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:894 sssd.conf.5.xml:1334 sssd.conf.5.xml:1353 -#: sssd-krb5.5.xml:539 include/override_homedir.xml:59 +#: sssd.conf.5.xml:895 sssd.conf.5.xml:1335 sssd.conf.5.xml:1354 +#: sssd-krb5.5.xml:573 include/override_homedir.xml:59 msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:900 +#: sssd.conf.5.xml:901 msgid "Default: not set (no substitution for unset home directories)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:906 +#: sssd.conf.5.xml:907 msgid "override_shell (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:909 +#: sssd.conf.5.xml:910 msgid "" "Override the login shell for all users. This option supersedes any other " "shell options if it takes effect and can be set either in the [nss] section " @@ -1209,47 +1209,47 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:915 +#: sssd.conf.5.xml:916 msgid "Default: not set (SSSD will use the value retrieved from LDAP)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:921 +#: sssd.conf.5.xml:922 msgid "allowed_shells (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:924 +#: sssd.conf.5.xml:925 msgid "" "Restrict user shell to one of the listed values. The order of evaluation is:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:927 +#: sssd.conf.5.xml:928 msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:931 +#: sssd.conf.5.xml:932 msgid "" "2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</" "quote>, use the value of the shell_fallback parameter." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:936 +#: sssd.conf.5.xml:937 msgid "" "3. If the shell is not in the allowed_shells list and not in <quote>/etc/" "shells</quote>, a nologin shell is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:941 +#: sssd.conf.5.xml:942 msgid "The wildcard (*) can be used to allow any shell." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:944 +#: sssd.conf.5.xml:945 msgid "" "The (*) is useful if you want to use shell_fallback in case that user's " "shell is not in <quote>/etc/shells</quote> and maintaining list of all " @@ -1257,112 +1257,112 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:951 +#: sssd.conf.5.xml:952 msgid "An empty string for shell is passed as-is to libc." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:954 +#: sssd.conf.5.xml:955 msgid "" "The <quote>/etc/shells</quote> is only read on SSSD start up, which means " "that a restart of the SSSD is required in case a new shell is installed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:958 +#: sssd.conf.5.xml:959 msgid "Default: Not set. The user shell is automatically used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:963 +#: sssd.conf.5.xml:964 msgid "vetoed_shells (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:966 +#: sssd.conf.5.xml:967 msgid "Replace any instance of these shells with the shell_fallback" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:971 +#: sssd.conf.5.xml:972 msgid "shell_fallback (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:974 +#: sssd.conf.5.xml:975 msgid "" "The default shell to use if an allowed shell is not installed on the machine." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:978 +#: sssd.conf.5.xml:979 msgid "Default: /bin/sh" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:983 +#: sssd.conf.5.xml:984 msgid "default_shell" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:986 +#: sssd.conf.5.xml:987 msgid "" "The default shell to use if the provider does not return one during lookup. " "This option can be specified globally in the [nss] section or per-domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:992 +#: sssd.conf.5.xml:993 msgid "" "Default: not set (Return NULL if no shell is specified and rely on libc to " "substitute something sensible when necessary, usually /bin/sh)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:999 sssd.conf.5.xml:1260 +#: sssd.conf.5.xml:1000 sssd.conf.5.xml:1261 msgid "get_domains_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1002 sssd.conf.5.xml:1263 +#: sssd.conf.5.xml:1003 sssd.conf.5.xml:1264 msgid "" "Specifies time in seconds for which the list of subdomains will be " "considered valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1011 +#: sssd.conf.5.xml:1012 msgid "memcache_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1014 +#: sssd.conf.5.xml:1015 msgid "" "Specifies time in seconds for which records in the in-memory cache will be " "valid. Setting this option to zero will disable the in-memory cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1022 +#: sssd.conf.5.xml:1023 msgid "" "WARNING: Disabling the in-memory cache will have significant negative impact " "on SSSD's performance and should only be used for testing." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1028 +#: sssd.conf.5.xml:1029 msgid "" "NOTE: If the environment variable SSS_NSS_USE_MEMCACHE is set to \"NO\", " "client applications will not use the fast in-memory cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1036 sssd-ifp.5.xml:74 +#: sssd.conf.5.xml:1037 sssd-ifp.5.xml:74 msgid "user_attributes (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1039 +#: sssd.conf.5.xml:1040 msgid "" "Some of the additional NSS responder requests can return more attributes " "than just the POSIX ones defined by the NSS interface. The list of " @@ -1373,96 +1373,96 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1052 +#: sssd.conf.5.xml:1053 msgid "" "To make configuration more easy the NSS responder will check the InfoPipe " "option if it is not set for the NSS responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1057 +#: sssd.conf.5.xml:1058 msgid "Default: not set, fallback to InfoPipe option" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1062 +#: sssd.conf.5.xml:1063 msgid "pwfield (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1065 +#: sssd.conf.5.xml:1066 msgid "" "The value that NSS operations that return users or groups will return for " "the <quote>password</quote> field." msgstr "" #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:1070 include/override_homedir.xml:56 +#: sssd.conf.5.xml:1071 include/override_homedir.xml:56 msgid "This option can also be set per-domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1073 +#: sssd.conf.5.xml:1074 msgid "" "Default: <quote>*</quote> (remote domains) or <quote>x</quote> (the files " "domain)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1081 +#: sssd.conf.5.xml:1082 msgid "PAM configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1083 +#: sssd.conf.5.xml:1084 msgid "" "These options can be used to configure the Pluggable Authentication Module " "(PAM) service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1088 +#: sssd.conf.5.xml:1089 msgid "offline_credentials_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1091 +#: sssd.conf.5.xml:1092 msgid "" "If the authentication provider is offline, how long should we allow cached " "logins (in days since the last successful online login)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1096 sssd.conf.5.xml:1109 +#: sssd.conf.5.xml:1097 sssd.conf.5.xml:1110 msgid "Default: 0 (No limit)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1102 +#: sssd.conf.5.xml:1103 msgid "offline_failed_login_attempts (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1105 +#: sssd.conf.5.xml:1106 msgid "" "If the authentication provider is offline, how many failed login attempts " "are allowed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1115 +#: sssd.conf.5.xml:1116 msgid "offline_failed_login_delay (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1118 +#: sssd.conf.5.xml:1119 msgid "" "The time in minutes which has to pass after offline_failed_login_attempts " "has been reached before a new login attempt is possible." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1123 +#: sssd.conf.5.xml:1124 msgid "" "If set to 0 the user cannot authenticate offline if " "offline_failed_login_attempts has been reached. Only a successful online " @@ -1470,59 +1470,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1129 sssd.conf.5.xml:1227 +#: sssd.conf.5.xml:1130 sssd.conf.5.xml:1228 msgid "Default: 5" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1135 +#: sssd.conf.5.xml:1136 msgid "pam_verbosity (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1138 +#: sssd.conf.5.xml:1139 msgid "" "Controls what kind of messages are shown to the user during authentication. " "The higher the number to more messages are displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1143 +#: sssd.conf.5.xml:1144 msgid "Currently sssd supports the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1146 +#: sssd.conf.5.xml:1147 msgid "<emphasis>0</emphasis>: do not show any message" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1149 +#: sssd.conf.5.xml:1150 msgid "<emphasis>1</emphasis>: show only important messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1153 +#: sssd.conf.5.xml:1154 msgid "<emphasis>2</emphasis>: show informational messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1156 +#: sssd.conf.5.xml:1157 msgid "<emphasis>3</emphasis>: show all messages and debug information" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1160 sssd.8.xml:63 +#: sssd.conf.5.xml:1161 sssd.8.xml:63 msgid "Default: 1" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1166 +#: sssd.conf.5.xml:1167 msgid "pam_response_filter (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1169 +#: sssd.conf.5.xml:1170 msgid "" "A comma separated list of strings which allows to remove (filter) data sent " "by the PAM responder to pam_sss PAM module. There are different kind of " @@ -1531,61 +1531,61 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1177 +#: sssd.conf.5.xml:1178 msgid "" "While messages already can be controlled with the help of the pam_verbosity " "option this option allows to filter out other kind of responses as well." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1184 +#: sssd.conf.5.xml:1185 msgid "ENV" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1185 +#: sssd.conf.5.xml:1186 msgid "Do not send any environment variables to any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1188 +#: sssd.conf.5.xml:1189 msgid "ENV:var_name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1189 +#: sssd.conf.5.xml:1190 msgid "Do not send environment variable var_name to any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1193 +#: sssd.conf.5.xml:1194 msgid "ENV:var_name:service" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1194 +#: sssd.conf.5.xml:1195 msgid "Do not send environment variable var_name to service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1182 +#: sssd.conf.5.xml:1183 msgid "" "Currently the following filters are supported: <placeholder type=" "\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1204 +#: sssd.conf.5.xml:1205 msgid "Example: ENV:KRB5CCNAME:sudo-i" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1210 +#: sssd.conf.5.xml:1211 msgid "pam_id_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1213 +#: sssd.conf.5.xml:1214 msgid "" "For any PAM request while SSSD is online, the SSSD will attempt to " "immediately update the cached identity information for the user in order to " @@ -1593,7 +1593,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1219 +#: sssd.conf.5.xml:1220 msgid "" "A complete PAM conversation may perform multiple PAM requests, such as " "account management and session opening. This option controls (on a per-" @@ -1602,17 +1602,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1233 +#: sssd.conf.5.xml:1234 msgid "pam_pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1236 sssd.conf.5.xml:2235 +#: sssd.conf.5.xml:1237 sssd.conf.5.xml:2236 msgid "Display a warning N days before the password expires." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1239 +#: sssd.conf.5.xml:1240 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -1620,31 +1620,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1245 sssd.conf.5.xml:2238 +#: sssd.conf.5.xml:1246 sssd.conf.5.xml:2239 msgid "" "If zero is set, then this filter is not applied, i.e. if the expiration " "warning was received from backend server, it will automatically be displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1250 +#: sssd.conf.5.xml:1251 msgid "" "This setting can be overridden by setting <emphasis>pwd_expiration_warning</" "emphasis> for a particular domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1255 sssd.conf.5.xml:3061 sssd.8.xml:79 +#: sssd.conf.5.xml:1256 sssd.conf.5.xml:3069 sssd.8.xml:79 msgid "Default: 0" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1272 +#: sssd.conf.5.xml:1273 msgid "pam_trusted_users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1275 +#: sssd.conf.5.xml:1276 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to run PAM conversations against trusted domains. Users not " @@ -1654,75 +1654,75 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1285 +#: sssd.conf.5.xml:1286 msgid "Default: All users are considered trusted by default" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1289 +#: sssd.conf.5.xml:1290 msgid "" "Please note that UID 0 is always allowed to access the PAM responder even in " "case it is not in the pam_trusted_users list." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1296 +#: sssd.conf.5.xml:1297 msgid "pam_public_domains (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1299 +#: sssd.conf.5.xml:1300 msgid "" "Specifies the comma-separated list of domain names that are accessible even " "to untrusted users." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1303 +#: sssd.conf.5.xml:1304 msgid "Two special values for pam_public_domains option are defined:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1307 +#: sssd.conf.5.xml:1308 msgid "" "all (Untrusted users are allowed to access all domains in PAM responder.)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1311 +#: sssd.conf.5.xml:1312 msgid "" "none (Untrusted users are not allowed to access any domains PAM in " "responder.)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1315 sssd.conf.5.xml:1340 sssd.conf.5.xml:1359 -#: sssd.conf.5.xml:1546 sssd.conf.5.xml:2032 sssd.conf.5.xml:2997 -#: sssd-ldap.5.xml:1920 +#: sssd.conf.5.xml:1316 sssd.conf.5.xml:1341 sssd.conf.5.xml:1360 +#: sssd.conf.5.xml:1547 sssd.conf.5.xml:2033 sssd.conf.5.xml:2998 +#: sssd-ldap.5.xml:1978 msgid "Default: none" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1320 +#: sssd.conf.5.xml:1321 msgid "pam_account_expired_message (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1323 +#: sssd.conf.5.xml:1324 msgid "" "Allows a custom expiration message to be set, replacing the default " "'Permission denied' message." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1328 +#: sssd.conf.5.xml:1329 msgid "" "Note: Please be aware that message is only printed for the SSH service " "unless pam_verbosity is set to 3 (show all messages and debug information)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1336 +#: sssd.conf.5.xml:1337 #, no-wrap msgid "" "pam_account_expired_message = Account expired, please contact help desk.\n" @@ -1730,19 +1730,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1345 +#: sssd.conf.5.xml:1346 msgid "pam_account_locked_message (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1348 +#: sssd.conf.5.xml:1349 msgid "" "Allows a custom lockout message to be set, replacing the default 'Permission " "denied' message." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1355 +#: sssd.conf.5.xml:1356 #, no-wrap msgid "" "pam_account_locked_message = Account locked, please contact help desk.\n" @@ -1750,12 +1750,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1364 +#: sssd.conf.5.xml:1365 msgid "pam_cert_auth (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1367 +#: sssd.conf.5.xml:1368 msgid "" "Enable certificate based Smartcard authentication. Since this requires " "additional communication with the Smartcard which will delay the " @@ -1763,77 +1763,77 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1373 sssd.conf.5.xml:3090 sssd-ldap.5.xml:1455 -#: sssd-ldap.5.xml:1476 sssd-ldap.5.xml:1993 sssd-ad.5.xml:435 +#: sssd.conf.5.xml:1374 sssd-ldap.5.xml:1493 sssd-ldap.5.xml:1514 +#: sssd-ldap.5.xml:2051 sssd-ad.5.xml:435 sssd-ad.5.xml:453 #: include/ldap_id_mapping.xml:244 msgid "Default: False" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1378 +#: sssd.conf.5.xml:1379 msgid "pam_cert_db_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1381 +#: sssd.conf.5.xml:1382 msgid "" "The path to the certificate database which contain the PKCS#11 modules to " "access the Smartcard." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1385 sssd.conf.5.xml:1691 sssd.conf.5.xml:3441 +#: sssd.conf.5.xml:1386 sssd.conf.5.xml:1692 sssd.conf.5.xml:3509 msgid "Default:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1387 sssd.conf.5.xml:1693 +#: sssd.conf.5.xml:1388 sssd.conf.5.xml:1694 msgid "/etc/pki/nssdb (NSS version, path to a NSS database)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1390 sssd.conf.5.xml:1696 +#: sssd.conf.5.xml:1391 sssd.conf.5.xml:1697 msgid "" "/etc/sssd/pki/sssd_auth_ca_db.pem (OpenSSL version, path to a file with " "trusted CA certificates in PEM format)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1405 +#: sssd.conf.5.xml:1406 msgid "p11_child_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1408 +#: sssd.conf.5.xml:1409 msgid "How many seconds will pam_sss wait for p11_child to finish." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1417 +#: sssd.conf.5.xml:1418 msgid "pam_app_services (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1420 +#: sssd.conf.5.xml:1421 msgid "" "Which PAM services are permitted to contact domains of type " "<quote>application</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1429 +#: sssd.conf.5.xml:1430 msgid "pam_p11_allowed_services (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1432 +#: sssd.conf.5.xml:1433 msgid "" "A comma-separated list of PAM service names for which it will be allowed to " "use Smartcards." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1447 +#: sssd.conf.5.xml:1448 #, no-wrap msgid "" "pam_p11_allowed_services = +my_pam_service, -login\n" @@ -1841,7 +1841,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1436 +#: sssd.conf.5.xml:1437 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -1853,65 +1853,63 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1451 sssd-ad.5.xml:485 sssd-ad.5.xml:581 sssd-ad.5.xml:627 -#: sssd-ad.5.xml:673 sssd-ad.5.xml:739 +#: sssd.conf.5.xml:1452 sssd-ad.5.xml:504 sssd-ad.5.xml:600 sssd-ad.5.xml:646 +#: sssd-ad.5.xml:692 sssd-ad.5.xml:758 msgid "Default: the default set of PAM service names includes:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1456 sssd-ad.5.xml:489 +#: sssd.conf.5.xml:1457 sssd-ad.5.xml:508 msgid "login" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1461 sssd-ad.5.xml:494 +#: sssd.conf.5.xml:1462 sssd-ad.5.xml:513 msgid "su" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1466 sssd-ad.5.xml:499 +#: sssd.conf.5.xml:1467 sssd-ad.5.xml:518 msgid "su-l" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1471 sssd-ad.5.xml:514 +#: sssd.conf.5.xml:1472 sssd-ad.5.xml:533 msgid "gdm-smartcard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1476 sssd-ad.5.xml:509 +#: sssd.conf.5.xml:1477 sssd-ad.5.xml:528 msgid "gdm-password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1481 sssd-ad.5.xml:519 +#: sssd.conf.5.xml:1482 sssd-ad.5.xml:538 msgid "kdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1486 sssd-ad.5.xml:748 +#: sssd.conf.5.xml:1487 sssd-ad.5.xml:767 msgid "sudo" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1491 sssd-ad.5.xml:753 +#: sssd.conf.5.xml:1492 sssd-ad.5.xml:772 msgid "sudo-i" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1496 +#: sssd.conf.5.xml:1497 msgid "gnome-screensaver" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1504 -#, fuzzy -#| msgid "enum_cache_timeout (integer)" +#: sssd.conf.5.xml:1505 msgid "p11_wait_for_card_timeout (integer)" -msgstr "enum_cache_timeout (integer)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1507 +#: sssd.conf.5.xml:1508 msgid "" "If Smartcard authentication is required how many extra seconds in addition " "to p11_child_timeout should the PAM responder wait until a Smartcard is " @@ -1919,23 +1917,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1518 +#: sssd.conf.5.xml:1519 msgid "p11_uri (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1521 +#: sssd.conf.5.xml:1522 msgid "" "PKCS#11 URI (see RFC-7512 for details) which can be used to restrict the " "selection of devices used for Smartcard authentication. By default SSSD's " "p11_child will search for a PKCS#11 slot (reader) where the 'removable' " "flags is set and read the certificates from the inserted token from the " -"first slot found. If multiple readers are connected p11_uri can be use to " +"first slot found. If multiple readers are connected p11_uri can be used to " "tell p11_child to use a specific reader." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1534 +#: sssd.conf.5.xml:1535 #, no-wrap msgid "" "p11_uri = slot-description=My%20Smartcar%20Reader\n" @@ -1943,7 +1941,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1538 +#: sssd.conf.5.xml:1539 #, no-wrap msgid "" "p11_uri = library-description=OpenSC%20smartcard%20framework;slot-id=2\n" @@ -1951,7 +1949,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1532 +#: sssd.conf.5.xml:1533 msgid "" "Example: <placeholder type=\"programlisting\" id=\"0\"/> or <placeholder " "type=\"programlisting\" id=\"1\"/> To find suitable URI please check the " @@ -1960,12 +1958,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1554 +#: sssd.conf.5.xml:1555 msgid "SUDO configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1556 +#: sssd.conf.5.xml:1557 msgid "" "These options can be used to configure the sudo service. The detailed " "instructions for configuration of <citerefentry> <refentrytitle>sudo</" @@ -1976,24 +1974,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1573 +#: sssd.conf.5.xml:1574 msgid "sudo_timed (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1576 +#: sssd.conf.5.xml:1577 msgid "" "Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " "that implement time-dependent sudoers entries." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1588 +#: sssd.conf.5.xml:1589 msgid "sudo_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1591 +#: sssd.conf.5.xml:1592 msgid "" "Maximum number of expired rules that can be refreshed at once. If number of " "expired rules is below threshold, those rules are refreshed with " @@ -2003,22 +2001,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1610 +#: sssd.conf.5.xml:1611 msgid "AUTOFS configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1612 +#: sssd.conf.5.xml:1613 msgid "These options can be used to configure the autofs service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1616 +#: sssd.conf.5.xml:1617 msgid "autofs_negative_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1619 +#: sssd.conf.5.xml:1620 msgid "" "Specifies for how many seconds should the autofs responder negative cache " "hits (that is, queries for invalid map entries, like nonexistent ones) " @@ -2026,51 +2024,51 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1635 +#: sssd.conf.5.xml:1636 msgid "SSH configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1637 +#: sssd.conf.5.xml:1638 msgid "These options can be used to configure the SSH service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1641 +#: sssd.conf.5.xml:1642 msgid "ssh_hash_known_hosts (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1644 +#: sssd.conf.5.xml:1645 msgid "" "Whether or not to hash host names and addresses in the managed known_hosts " "file." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1653 +#: sssd.conf.5.xml:1654 msgid "ssh_known_hosts_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1656 +#: sssd.conf.5.xml:1657 msgid "" "How many seconds to keep a host in the managed known_hosts file after its " "host keys were requested." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1660 +#: sssd.conf.5.xml:1661 msgid "Default: 180" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1665 +#: sssd.conf.5.xml:1666 msgid "ssh_use_certificate_keys (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1668 +#: sssd.conf.5.xml:1669 msgid "" "If set to true the <command>sss_ssh_authorizedkeys</command> will return ssh " "keys derived from the public key of X.509 certificates stored in the user " @@ -2079,24 +2077,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1683 +#: sssd.conf.5.xml:1684 msgid "ca_db (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1686 +#: sssd.conf.5.xml:1687 msgid "" "Path to a storage of trusted CA certificates. The option is used to validate " "user certificates before deriving public ssh keys from them." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1714 +#: sssd.conf.5.xml:1715 msgid "PAC responder configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1716 +#: sssd.conf.5.xml:1717 msgid "" "The PAC responder works together with the authorization data plugin for MIT " "Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the " @@ -2107,7 +2105,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1725 +#: sssd.conf.5.xml:1726 msgid "" "If the remote user does not exist in the cache, it is created. The UID is " "determined with the help of the SID, trusted domains will have UPGs and the " @@ -2118,24 +2116,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1733 +#: sssd.conf.5.xml:1734 msgid "" "If there are SIDs of groups from domains sssd knows about, the user will be " "added to those groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1739 +#: sssd.conf.5.xml:1740 msgid "These options can be used to configure the PAC responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1743 sssd-ifp.5.xml:50 +#: sssd.conf.5.xml:1744 sssd-ifp.5.xml:50 msgid "allowed_uids (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1746 +#: sssd.conf.5.xml:1747 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to access the PAC responder. User names are resolved to UIDs at " @@ -2143,12 +2141,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1752 +#: sssd.conf.5.xml:1753 msgid "Default: 0 (only the root user is allowed to access the PAC responder)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1756 +#: sssd.conf.5.xml:1757 msgid "" "Please note that although the UID 0 is used as the default it will be " "overwritten with this option. If you still want to allow the root user to " @@ -2157,24 +2155,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1765 +#: sssd.conf.5.xml:1766 msgid "pac_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1768 +#: sssd.conf.5.xml:1769 msgid "" "Lifetime of the PAC entry in seconds. As long as the PAC is valid the PAC " "data can be used to determine the group memberships of a user." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1781 +#: sssd.conf.5.xml:1782 msgid "Session recording configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1783 +#: sssd.conf.5.xml:1784 msgid "" "Session recording works in conjunction with <citerefentry> " "<refentrytitle>tlog-rec-session</refentrytitle> <manvolnum>8</manvolnum> </" @@ -2184,66 +2182,66 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1796 +#: sssd.conf.5.xml:1797 msgid "These options can be used to configure session recording." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1800 sssd-session-recording.5.xml:64 +#: sssd.conf.5.xml:1801 sssd-session-recording.5.xml:64 msgid "scope (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1807 sssd-session-recording.5.xml:71 +#: sssd.conf.5.xml:1808 sssd-session-recording.5.xml:71 msgid "\"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1810 sssd-session-recording.5.xml:74 +#: sssd.conf.5.xml:1811 sssd-session-recording.5.xml:74 msgid "No users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1815 sssd-session-recording.5.xml:79 +#: sssd.conf.5.xml:1816 sssd-session-recording.5.xml:79 msgid "\"some\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1818 sssd-session-recording.5.xml:82 +#: sssd.conf.5.xml:1819 sssd-session-recording.5.xml:82 msgid "" "Users/groups specified by <replaceable>users</replaceable> and " "<replaceable>groups</replaceable> options are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1827 sssd-session-recording.5.xml:91 +#: sssd.conf.5.xml:1828 sssd-session-recording.5.xml:91 msgid "\"all\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1830 sssd-session-recording.5.xml:94 +#: sssd.conf.5.xml:1831 sssd-session-recording.5.xml:94 msgid "All users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1803 sssd-session-recording.5.xml:67 +#: sssd.conf.5.xml:1804 sssd-session-recording.5.xml:67 msgid "" "One of the following strings specifying the scope of session recording: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1837 sssd-session-recording.5.xml:101 +#: sssd.conf.5.xml:1838 sssd-session-recording.5.xml:101 msgid "Default: \"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1842 sssd-session-recording.5.xml:106 +#: sssd.conf.5.xml:1843 sssd-session-recording.5.xml:106 msgid "users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1845 sssd-session-recording.5.xml:109 +#: sssd.conf.5.xml:1846 sssd-session-recording.5.xml:109 msgid "" "A comma-separated list of users which should have session recording enabled. " "Matches user names as returned by NSS. I.e. after the possible space " @@ -2251,17 +2249,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1851 sssd-session-recording.5.xml:115 +#: sssd.conf.5.xml:1852 sssd-session-recording.5.xml:115 msgid "Default: Empty. Matches no users." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1856 sssd-session-recording.5.xml:120 +#: sssd.conf.5.xml:1857 sssd-session-recording.5.xml:120 msgid "groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1859 sssd-session-recording.5.xml:123 +#: sssd.conf.5.xml:1860 sssd-session-recording.5.xml:123 msgid "" "A comma-separated list of groups, members of which should have session " "recording enabled. Matches group names as returned by NSS. I.e. after the " @@ -2269,7 +2267,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1865 sssd-session-recording.5.xml:129 +#: sssd.conf.5.xml:1866 sssd-session-recording.5.xml:129 msgid "" "NOTE: using this option (having it set to anything) has a considerable " "performance cost, because each uncached request for a user requires " @@ -2277,22 +2275,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1872 sssd-session-recording.5.xml:136 +#: sssd.conf.5.xml:1873 sssd-session-recording.5.xml:136 msgid "Default: Empty. Matches no groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1882 +#: sssd.conf.5.xml:1883 msgid "DOMAIN SECTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1889 +#: sssd.conf.5.xml:1890 msgid "domain_type (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1892 +#: sssd.conf.5.xml:1893 msgid "" "Specifies whether the domain is meant to be used by POSIX-aware clients such " "as the Name Service Switch or by applications that do not need POSIX data to " @@ -2301,14 +2299,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1900 +#: sssd.conf.5.xml:1901 msgid "" "Allowed values for this option are <quote>posix</quote> and " "<quote>application</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1904 +#: sssd.conf.5.xml:1905 msgid "" "POSIX domains are reachable by all services. Application domains are only " "reachable from the InfoPipe responder (see <citerefentry> " @@ -2317,38 +2315,38 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1912 +#: sssd.conf.5.xml:1913 msgid "" "NOTE: The application domains are currently well tested with " "<quote>id_provider=ldap</quote> only." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1916 +#: sssd.conf.5.xml:1917 msgid "" "For an easy way to configure a non-POSIX domains, please see the " "<quote>Application domains</quote> section." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1920 +#: sssd.conf.5.xml:1921 msgid "Default: posix" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1926 +#: sssd.conf.5.xml:1927 msgid "min_id,max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1929 +#: sssd.conf.5.xml:1930 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1934 +#: sssd.conf.5.xml:1935 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For non-" @@ -2357,24 +2355,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1941 +#: sssd.conf.5.xml:1942 msgid "" "These ID limits affect even saving entries to cache, not only returning them " "by name or ID." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1945 +#: sssd.conf.5.xml:1946 msgid "Default: 1 for min_id, 0 (no limit) for max_id" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1951 +#: sssd.conf.5.xml:1952 msgid "enumerate (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1954 +#: sssd.conf.5.xml:1955 msgid "" "Determines if a domain can be enumerated, that is, whether the domain can " "list all the users and group it contains. Note that it is not required to " @@ -2383,29 +2381,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1962 +#: sssd.conf.5.xml:1963 msgid "TRUE = Users and groups are enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1965 +#: sssd.conf.5.xml:1966 msgid "FALSE = No enumerations for this domain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1968 sssd.conf.5.xml:2190 sssd.conf.5.xml:2365 +#: sssd.conf.5.xml:1969 sssd.conf.5.xml:2191 sssd.conf.5.xml:2366 msgid "Default: FALSE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1971 +#: sssd.conf.5.xml:1972 msgid "" "Enumerating a domain requires SSSD to download and store ALL user and group " "entries from the remote server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1976 +#: sssd.conf.5.xml:1977 msgid "" "Note: Enabling enumeration has a moderate performance impact on SSSD while " "enumeration is running. It may take up to several minutes after SSSD startup " @@ -2419,14 +2417,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1991 +#: sssd.conf.5.xml:1992 msgid "" "While the first enumeration is running, requests for the complete user or " "group lists may return no results until it completes." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1996 +#: sssd.conf.5.xml:1997 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " @@ -2435,39 +2433,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2004 +#: sssd.conf.5.xml:2005 msgid "" "For the reasons cited above, enabling enumeration is not recommended, " "especially in large environments." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2012 +#: sssd.conf.5.xml:2013 msgid "subdomain_enumerate (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2019 +#: sssd.conf.5.xml:2020 msgid "all" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2020 +#: sssd.conf.5.xml:2021 msgid "All discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2023 +#: sssd.conf.5.xml:2024 msgid "none" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2024 +#: sssd.conf.5.xml:2025 msgid "No discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2015 +#: sssd.conf.5.xml:2016 msgid "" "Whether any of autodetected trusted domains should be enumerated. The " "supported values are: <placeholder type=\"variablelist\" id=\"0\"/> " @@ -2476,19 +2474,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2038 +#: sssd.conf.5.xml:2039 msgid "entry_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2041 +#: sssd.conf.5.xml:2042 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2045 +#: sssd.conf.5.xml:2046 msgid "" "The cache expiration timestamps are stored as attributes of individual " "objects in the cache. Therefore, changing the cache timeout only has effect " @@ -2499,151 +2497,151 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2058 +#: sssd.conf.5.xml:2059 msgid "Default: 5400" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2064 +#: sssd.conf.5.xml:2065 msgid "entry_cache_user_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2067 +#: sssd.conf.5.xml:2068 msgid "" "How many seconds should nss_sss consider user entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2071 sssd.conf.5.xml:2084 sssd.conf.5.xml:2097 -#: sssd.conf.5.xml:2110 sssd.conf.5.xml:2123 sssd.conf.5.xml:2137 -#: sssd.conf.5.xml:2151 +#: sssd.conf.5.xml:2072 sssd.conf.5.xml:2085 sssd.conf.5.xml:2098 +#: sssd.conf.5.xml:2111 sssd.conf.5.xml:2124 sssd.conf.5.xml:2138 +#: sssd.conf.5.xml:2152 msgid "Default: entry_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2077 +#: sssd.conf.5.xml:2078 msgid "entry_cache_group_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2080 +#: sssd.conf.5.xml:2081 msgid "" "How many seconds should nss_sss consider group entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2090 +#: sssd.conf.5.xml:2091 msgid "entry_cache_netgroup_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2093 +#: sssd.conf.5.xml:2094 msgid "" "How many seconds should nss_sss consider netgroup entries valid before " "asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2103 +#: sssd.conf.5.xml:2104 msgid "entry_cache_service_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2106 +#: sssd.conf.5.xml:2107 msgid "" "How many seconds should nss_sss consider service entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2116 +#: sssd.conf.5.xml:2117 msgid "entry_cache_sudo_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2119 +#: sssd.conf.5.xml:2120 msgid "" "How many seconds should sudo consider rules valid before asking the backend " "again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2129 +#: sssd.conf.5.xml:2130 msgid "entry_cache_autofs_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2132 +#: sssd.conf.5.xml:2133 msgid "" "How many seconds should the autofs service consider automounter maps valid " "before asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2143 +#: sssd.conf.5.xml:2144 msgid "entry_cache_ssh_host_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2146 +#: sssd.conf.5.xml:2147 msgid "" "How many seconds to keep a host ssh key after refresh. IE how long to cache " "the host key for." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2157 +#: sssd.conf.5.xml:2158 msgid "refresh_expired_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2160 +#: sssd.conf.5.xml:2161 msgid "" "Specifies how many seconds SSSD has to wait before triggering a background " "refresh task which will refresh all expired or nearly expired records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2165 +#: sssd.conf.5.xml:2166 msgid "" "The background refresh will process users, groups and netgroups in the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2169 +#: sssd.conf.5.xml:2170 msgid "You can consider setting this value to 3/4 * entry_cache_timeout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2173 sssd-ldap.5.xml:746 sssd-ipa.5.xml:254 +#: sssd.conf.5.xml:2174 sssd-ldap.5.xml:784 sssd-ipa.5.xml:254 msgid "Default: 0 (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2179 +#: sssd.conf.5.xml:2180 msgid "cache_credentials (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2182 +#: sssd.conf.5.xml:2183 msgid "Determines if user credentials are also cached in the local LDB cache" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2186 +#: sssd.conf.5.xml:2187 msgid "User credentials are stored in a SHA512 hash, not in plaintext" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2196 +#: sssd.conf.5.xml:2197 msgid "cache_credentials_minimal_first_factor_length (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2199 +#: sssd.conf.5.xml:2200 msgid "" "If 2-Factor-Authentication (2FA) is used and credentials should be saved " "this value determines the minimal length the first authentication factor " @@ -2651,24 +2649,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2206 +#: sssd.conf.5.xml:2207 msgid "" "This should avoid that the short PINs of a PIN based 2FA scheme are saved in " "the cache which would make them easy targets for brute-force attacks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2211 +#: sssd.conf.5.xml:2212 msgid "Default: 8" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2217 +#: sssd.conf.5.xml:2218 msgid "account_cache_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2220 +#: sssd.conf.5.xml:2221 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " @@ -2677,17 +2675,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2227 +#: sssd.conf.5.xml:2228 msgid "Default: 0 (unlimited)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2232 +#: sssd.conf.5.xml:2233 msgid "pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2243 +#: sssd.conf.5.xml:2244 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -2696,34 +2694,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2250 +#: sssd.conf.5.xml:2251 msgid "Default: 7 (Kerberos), 0 (LDAP)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2256 +#: sssd.conf.5.xml:2257 msgid "id_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2259 +#: sssd.conf.5.xml:2260 msgid "" "The identification provider used for the domain. Supported ID providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2263 +#: sssd.conf.5.xml:2264 msgid "<quote>proxy</quote>: Support a legacy NSS provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2266 +#: sssd.conf.5.xml:2267 msgid "" "<quote>local</quote>: SSSD internal provider for local users (DEPRECATED)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2270 +#: sssd.conf.5.xml:2271 msgid "" "<quote>files</quote>: FILES provider. See <citerefentry> <refentrytitle>sssd-" "files</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -2731,7 +2729,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2278 +#: sssd.conf.5.xml:2279 msgid "" "<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -2739,8 +2737,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2286 sssd.conf.5.xml:2391 sssd.conf.5.xml:2446 -#: sssd.conf.5.xml:2509 +#: sssd.conf.5.xml:2287 sssd.conf.5.xml:2392 sssd.conf.5.xml:2447 +#: sssd.conf.5.xml:2510 msgid "" "<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management " "provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " @@ -2749,8 +2747,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2295 sssd.conf.5.xml:2400 sssd.conf.5.xml:2455 -#: sssd.conf.5.xml:2518 +#: sssd.conf.5.xml:2296 sssd.conf.5.xml:2401 sssd.conf.5.xml:2456 +#: sssd.conf.5.xml:2519 msgid "" "<quote>ad</quote>: Active Directory provider. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2758,19 +2756,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2306 +#: sssd.conf.5.xml:2307 msgid "use_fully_qualified_names (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2309 +#: sssd.conf.5.xml:2310 msgid "" "Use the full name and domain (as formatted by the domain's full_name_format) " "as the user's login name reported to NSS." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2314 +#: sssd.conf.5.xml:2315 msgid "" "If set to TRUE, all requests to this domain must use fully qualified names. " "For example, if used in LOCAL domain that contains a \"test\" user, " @@ -2779,7 +2777,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2322 +#: sssd.conf.5.xml:2323 msgid "" "NOTE: This option has no effect on netgroup lookups due to their tendency to " "include nested netgroups without qualified names. For netgroups, all domains " @@ -2787,22 +2785,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2329 +#: sssd.conf.5.xml:2330 msgid "Default: FALSE (TRUE if default_domain_suffix is used)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2335 +#: sssd.conf.5.xml:2336 msgid "ignore_group_members (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2338 +#: sssd.conf.5.xml:2339 msgid "Do not return group members for group lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2341 +#: sssd.conf.5.xml:2342 msgid "" "If set to TRUE, the group membership attribute is not requested from the " "ldap server, and group members are not returned when processing group lookup " @@ -2814,7 +2812,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2359 +#: sssd.conf.5.xml:2360 msgid "" "Enabling this option can also make access provider checks for group " "membership significantly faster, especially for groups containing many " @@ -2822,19 +2820,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2370 +#: sssd.conf.5.xml:2371 msgid "auth_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2373 +#: sssd.conf.5.xml:2374 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2377 sssd.conf.5.xml:2439 +#: sssd.conf.5.xml:2378 sssd.conf.5.xml:2440 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2842,7 +2840,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2384 +#: sssd.conf.5.xml:2385 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2850,35 +2848,35 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2408 +#: sssd.conf.5.xml:2409 msgid "" "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2411 +#: sssd.conf.5.xml:2412 msgid "<quote>local</quote>: SSSD internal provider for local users" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2415 +#: sssd.conf.5.xml:2416 msgid "<quote>none</quote> disables authentication explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2418 +#: sssd.conf.5.xml:2419 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2424 +#: sssd.conf.5.xml:2425 msgid "access_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2427 +#: sssd.conf.5.xml:2428 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " @@ -2886,19 +2884,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2433 +#: sssd.conf.5.xml:2434 msgid "" "<quote>permit</quote> always allow access. It's the only permitted access " "provider for a local domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2436 +#: sssd.conf.5.xml:2437 msgid "<quote>deny</quote> always deny access." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2463 +#: sssd.conf.5.xml:2464 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" @@ -2907,7 +2905,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2470 +#: sssd.conf.5.xml:2471 msgid "" "<quote>krb5</quote>: .k5login based access control. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum></" @@ -2915,29 +2913,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2477 +#: sssd.conf.5.xml:2478 msgid "<quote>proxy</quote> for relaying access control to another PAM module." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2480 +#: sssd.conf.5.xml:2481 msgid "Default: <quote>permit</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2485 +#: sssd.conf.5.xml:2486 msgid "chpass_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2488 +#: sssd.conf.5.xml:2489 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2493 +#: sssd.conf.5.xml:2494 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -2945,7 +2943,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2501 +#: sssd.conf.5.xml:2502 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2953,35 +2951,35 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2526 +#: sssd.conf.5.xml:2527 msgid "" "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2530 +#: sssd.conf.5.xml:2531 msgid "<quote>none</quote> disallows password changes explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2533 +#: sssd.conf.5.xml:2534 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2540 +#: sssd.conf.5.xml:2541 msgid "sudo_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2543 +#: sssd.conf.5.xml:2544 msgid "The SUDO provider used for the domain. Supported SUDO providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2547 +#: sssd.conf.5.xml:2548 msgid "" "<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2989,32 +2987,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2555 +#: sssd.conf.5.xml:2556 msgid "" "<quote>ipa</quote> the same as <quote>ldap</quote> but with IPA default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2559 +#: sssd.conf.5.xml:2560 msgid "" "<quote>ad</quote> the same as <quote>ldap</quote> but with AD default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2563 +#: sssd.conf.5.xml:2564 msgid "<quote>none</quote> disables SUDO explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2566 sssd.conf.5.xml:2652 sssd.conf.5.xml:2722 -#: sssd.conf.5.xml:2747 +#: sssd.conf.5.xml:2567 sssd.conf.5.xml:2653 sssd.conf.5.xml:2723 +#: sssd.conf.5.xml:2748 msgid "Default: The value of <quote>id_provider</quote> is used if it is set." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2570 +#: sssd.conf.5.xml:2571 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -3025,7 +3023,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2585 +#: sssd.conf.5.xml:2586 msgid "" "<emphasis>NOTE:</emphasis> Sudo rules are periodically downloaded in the " "background unless the sudo provider is explicitly disabled. Set " @@ -3034,12 +3032,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2595 +#: sssd.conf.5.xml:2596 msgid "selinux_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2598 +#: sssd.conf.5.xml:2599 msgid "" "The provider which should handle loading of selinux settings. Note that this " "provider will be called right after access provider ends. Supported selinux " @@ -3047,7 +3045,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2604 +#: sssd.conf.5.xml:2605 msgid "" "<quote>ipa</quote> to load selinux settings from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3055,31 +3053,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2612 +#: sssd.conf.5.xml:2613 msgid "<quote>none</quote> disallows fetching selinux settings explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2615 +#: sssd.conf.5.xml:2616 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "selinux loading requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2621 +#: sssd.conf.5.xml:2622 msgid "subdomains_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2624 +#: sssd.conf.5.xml:2625 msgid "" "The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider. Supported subdomain providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2630 +#: sssd.conf.5.xml:2631 msgid "" "<quote>ipa</quote> to load a list of subdomains from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3087,7 +3085,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2639 +#: sssd.conf.5.xml:2640 msgid "" "<quote>ad</quote> to load a list of subdomains from an Active Directory " "server. See <citerefentry> <refentrytitle>sssd-ad</refentrytitle> " @@ -3096,17 +3094,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2648 +#: sssd.conf.5.xml:2649 msgid "<quote>none</quote> disallows fetching subdomains explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2658 +#: sssd.conf.5.xml:2659 msgid "session_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2661 +#: sssd.conf.5.xml:2662 msgid "" "The provider which configures and manages user session related tasks. The " "only user session task currently provided is the integration with Fleet " @@ -3114,43 +3112,43 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2668 +#: sssd.conf.5.xml:2669 msgid "<quote>ipa</quote> to allow performing user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2672 +#: sssd.conf.5.xml:2673 msgid "" "<quote>none</quote> does not perform any kind of user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2676 +#: sssd.conf.5.xml:2677 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can perform " "session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2680 +#: sssd.conf.5.xml:2681 msgid "" "<emphasis>NOTE:</emphasis> In order to have this feature working as expected " "SSSD must be running as \"root\" and not as the unprivileged user." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2688 +#: sssd.conf.5.xml:2689 msgid "autofs_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2691 +#: sssd.conf.5.xml:2692 msgid "" "The autofs provider used for the domain. Supported autofs providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2695 +#: sssd.conf.5.xml:2696 msgid "" "<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3158,7 +3156,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2702 +#: sssd.conf.5.xml:2703 msgid "" "<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> " "<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3166,7 +3164,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2710 +#: sssd.conf.5.xml:2711 msgid "" "<quote>ad</quote> to load maps stored in an AD server. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3174,24 +3172,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2719 +#: sssd.conf.5.xml:2720 msgid "<quote>none</quote> disables autofs explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2729 +#: sssd.conf.5.xml:2730 msgid "hostid_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2732 +#: sssd.conf.5.xml:2733 msgid "" "The provider used for retrieving host identity information. Supported " "hostid providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2736 +#: sssd.conf.5.xml:2737 msgid "" "<quote>ipa</quote> to load host identity stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3199,12 +3197,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2744 +#: sssd.conf.5.xml:2745 msgid "<quote>none</quote> disables hostid explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2757 +#: sssd.conf.5.xml:2758 msgid "" "Regular expression for this domain that describes how to parse the string " "containing user name and domain into these components. The \"domain\" can " @@ -3214,7 +3212,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2766 +#: sssd.conf.5.xml:2767 msgid "" "Default for the AD and IPA provider: <quote>(((?P<domain>[^\\\\]+)\\" "\\(?P<name>.+$))|((?P<name>[^@]+)@(?P<domain>.+$))|(^(?" @@ -3223,29 +3221,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2771 +#: sssd.conf.5.xml:2772 msgid "username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2774 +#: sssd.conf.5.xml:2775 msgid "username@domain.name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2777 +#: sssd.conf.5.xml:2778 msgid "domain\\username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2780 +#: sssd.conf.5.xml:2781 msgid "" "While the first two correspond to the general default the third one is " "introduced to allow easy integration of users from Windows domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2785 +#: sssd.conf.5.xml:2786 msgid "" "Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " "which translates to \"the name is everything up to the <quote>@</quote> " @@ -3253,7 +3251,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2791 +#: sssd.conf.5.xml:2792 msgid "" "NOTE: Some Active Directory groups, typically those used for MS Exchange " "contain an <quote>@</quote> sign in the name, which clashes with the default " @@ -3263,59 +3261,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2842 +#: sssd.conf.5.xml:2843 msgid "Default: <quote>%1$s@%2$s</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2848 +#: sssd.conf.5.xml:2849 msgid "lookup_family_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2851 +#: sssd.conf.5.xml:2852 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2855 +#: sssd.conf.5.xml:2856 msgid "Supported values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2858 +#: sssd.conf.5.xml:2859 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2861 +#: sssd.conf.5.xml:2862 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2864 +#: sssd.conf.5.xml:2865 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2867 +#: sssd.conf.5.xml:2868 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2870 +#: sssd.conf.5.xml:2871 msgid "Default: ipv4_first" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2876 +#: sssd.conf.5.xml:2877 msgid "dns_resolver_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2879 +#: sssd.conf.5.xml:2880 msgid "" "Defines the amount of time (in seconds) to wait for a reply from the " "internal fail over service before assuming that the service is unreachable. " @@ -3324,77 +3322,77 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2886 +#: sssd.conf.5.xml:2887 msgid "" "Please see the section <quote>FAILOVER</quote> for more information about " "the service resolution." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2891 sssd-ldap.5.xml:1337 sssd-ldap.5.xml:1379 -#: sssd-ldap.5.xml:1397 sssd-krb5.5.xml:248 +#: sssd.conf.5.xml:2892 sssd-ldap.5.xml:1375 sssd-ldap.5.xml:1417 +#: sssd-ldap.5.xml:1435 sssd-krb5.5.xml:248 msgid "Default: 6" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2897 +#: sssd.conf.5.xml:2898 msgid "dns_discovery_domain (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2900 +#: sssd.conf.5.xml:2901 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2904 +#: sssd.conf.5.xml:2905 msgid "Default: Use the domain part of machine's hostname" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2910 +#: sssd.conf.5.xml:2911 msgid "override_gid (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2913 +#: sssd.conf.5.xml:2914 msgid "Override the primary GID value with the one specified." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2919 +#: sssd.conf.5.xml:2920 msgid "case_sensitive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2930 +#: sssd.conf.5.xml:2931 msgid "True" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2933 +#: sssd.conf.5.xml:2934 msgid "Case sensitive. This value is invalid for AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2939 +#: sssd.conf.5.xml:2940 msgid "False" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2941 +#: sssd.conf.5.xml:2942 msgid "Case insensitive." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2945 +#: sssd.conf.5.xml:2946 msgid "Preserving" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2948 +#: sssd.conf.5.xml:2949 msgid "" "Same as False (case insensitive), but does not lowercase names in the result " "of NSS operations. Note that name aliases (and in case of services also " @@ -3402,7 +3400,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2922 +#: sssd.conf.5.xml:2923 msgid "" "Treat user and group names as case sensitive. <phrase condition=" "\"enable_local_provider\"> At the moment, this option is not supported in " @@ -3411,17 +3409,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2960 +#: sssd.conf.5.xml:2961 msgid "Default: True (False for AD provider)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2966 +#: sssd.conf.5.xml:2967 msgid "subdomain_inherit (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2969 +#: sssd.conf.5.xml:2970 msgid "" "Specifies a list of configuration parameters that should be inherited by a " "subdomain. Please note that only selected parameters can be inherited. " @@ -3429,34 +3427,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2975 +#: sssd.conf.5.xml:2976 msgid "ignore_group_members" msgstr "ignore_group_members" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2978 +#: sssd.conf.5.xml:2979 msgid "ldap_purge_cache_timeout" msgstr "ldap_purge_cache_timeout" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2981 sssd-ldap.5.xml:1061 +#: sssd.conf.5.xml:2982 sssd-ldap.5.xml:1099 msgid "ldap_use_tokengroups" msgstr "ldap_use_tokengroups" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2984 +#: sssd.conf.5.xml:2985 msgid "ldap_user_principal" msgstr "ldap_user_principal" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2987 +#: sssd.conf.5.xml:2988 msgid "" "ldap_krb5_keytab (the value of krb5_keytab will be used if ldap_krb5_keytab " "is not set explicitly)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:2993 +#: sssd.conf.5.xml:2994 #, no-wrap msgid "" "subdomain_inherit = ldap_purge_cache_timeout\n" @@ -3466,32 +3464,32 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2991 sssd-secrets.5.xml:448 +#: sssd.conf.5.xml:2992 sssd-secrets.5.xml:448 msgid "Example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "Esimerkki: <placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3000 +#: sssd.conf.5.xml:3001 msgid "Note: This option only works with the IPA and AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3007 +#: sssd.conf.5.xml:3008 msgid "subdomain_homedir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3018 +#: sssd.conf.5.xml:3019 msgid "%F" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3019 +#: sssd.conf.5.xml:3020 msgid "flat (NetBIOS) name of a subdomain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3010 +#: sssd.conf.5.xml:3011 msgid "" "Use this homedir as default value for all subdomains within this domain in " "IPA AD trust. See <emphasis>override_homedir</emphasis> for info about " @@ -3501,47 +3499,55 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3024 +#: sssd.conf.5.xml:3025 msgid "" "The value can be overridden by <emphasis>override_homedir</emphasis> option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3028 +#: sssd.conf.5.xml:3029 msgid "Default: <filename>/home/%d/%u</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3033 +#: sssd.conf.5.xml:3034 msgid "realmd_tags (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3036 +#: sssd.conf.5.xml:3037 msgid "" "Various tags stored by the realmd configuration service for this domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3042 +#: sssd.conf.5.xml:3043 msgid "cached_auth_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3045 +#: sssd.conf.5.xml:3046 msgid "" "Specifies time in seconds since last successful online authentication for " "which user will be authenticated using cached credentials while SSSD is in " -"the online mode." +"the online mode. If the credentials are incorrect, SSSD falls back to online " +"authentication." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3051 +#: sssd.conf.5.xml:3054 +msgid "" +"This option's value is inherited by all trusted domains. At the moment it is " +"not possible to set a different value per trusted domain." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3059 msgid "Special value 0 implies that this feature is disabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3055 +#: sssd.conf.5.xml:3063 msgid "" "Please note that if <quote>cached_auth_timeout</quote> is longer than " "<quote>pam_id_timeout</quote> then the back end could be called to handle " @@ -3549,43 +3555,117 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3066 +#: sssd.conf.5.xml:3074 msgid "auto_private_groups (string)" msgstr "" -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3069 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3080 +msgid "true" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3083 msgid "" -"If this option is enabled, SSSD will automatically create user private " -"groups based on user's UID number. The GID number is ignored in this case." +"Create user's private group unconditionally from user's UID number. The GID " +"number is ignored in this case." msgstr "" -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3074 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3087 +msgid "" +"NOTE: Because the GID number and the user private group are inferred from " +"the UID number, it is not supported to have multiple entries with the same " +"UID or GID number with this option. In other words, enabling this option " +"enforces uniqueness across the ID space." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3096 +msgid "false" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3099 msgid "" -"For POSIX subdomains, setting the option in the main domain is inherited in " -"the subdomain." +"Always use the user's primary GID number. The GID number must refer to a " +"group object in the LDAP database." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3105 +msgid "hybrid" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3108 +msgid "" +"A primary group is autogenerated for user entries whose UID and GID numbers " +"have the same value and at the same time the GID number does not correspond " +"to a real group object in LDAP If the values are the same, but the primary " +"GID in the user entry is also used by a group object, the primary GID of the " +"user resolves to that group object." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3121 +msgid "" +"If the UID and GID of a user are different, then the GID must correspond to " +"a group entry, otherwise the GID is simply not resolvable." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3128 +msgid "" +"This feature is useful for environments that wish to stop maintaining a " +"separate group objects for the user private groups, but also wish to retain " +"the existing user private groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3078 +#: sssd.conf.5.xml:3077 +#, fuzzy +#| msgid "<placeholder type=\"variablelist\" id=\"0\"/>" +msgid "" +"This option takes any of three available values: <placeholder type=" +"\"variablelist\" id=\"0\"/>" +msgstr "<placeholder type=\"variablelist\" id=\"0\"/>" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3140 +msgid "" +"For subdomains, the default value is False for subdomains that use assigned " +"POSIX IDs and True for subdomains that use automatic ID-mapping." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd.conf.5.xml:3148 +#, no-wrap msgid "" -"For ID-mapping subdomains, auto_private_groups is already enabled for the " -"subdomains and setting it to false will not have any effect for the " -"subdomain." +"[domain/forest.domain/sub.domain]\n" +"auto_private_groups = false\n" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd.conf.5.xml:3154 +#, no-wrap +msgid "" +"[domain/forest.domain]\n" +"subdomain_inherit = auto_private_groups\n" +"auto_private_groups = false\n" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3083 +#: sssd.conf.5.xml:3145 msgid "" -"NOTE: Because the GID number and the user private group are inferred from " -"the UID number, it is not supported to have multiple entries with the same " -"UID or GID number with this option. In other words, enabling this option " -"enforces uniqueness across the ID space." +"The value of auto_private_groups can either be set per subdomains in a " +"subsection, for example: <placeholder type=\"programlisting\" id=\"0\"/> or " +"globally for all subdomains in the main domain section using the " +"subdomain_inherit option: <placeholder type=\"programlisting\" id=\"1\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1884 +#: sssd.conf.5.xml:1885 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called <quote>[domain/<replaceable>NAME</" @@ -3593,29 +3673,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3102 +#: sssd.conf.5.xml:3169 msgid "proxy_pam_target (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3105 +#: sssd.conf.5.xml:3172 msgid "The proxy target PAM proxies to." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3108 +#: sssd.conf.5.xml:3175 msgid "" "Default: not set by default, you have to take an existing pam configuration " "or create a new one and add the service name here." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3116 +#: sssd.conf.5.xml:3183 msgid "proxy_lib_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3119 +#: sssd.conf.5.xml:3186 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " @@ -3623,12 +3703,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3129 +#: sssd.conf.5.xml:3196 msgid "proxy_fast_alias (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3132 +#: sssd.conf.5.xml:3199 msgid "" "When a user or group is looked up by name in the proxy provider, a second " "lookup by ID is performed to \"canonicalize\" the name in case the requested " @@ -3637,12 +3717,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3146 +#: sssd.conf.5.xml:3213 msgid "proxy_max_children (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3149 +#: sssd.conf.5.xml:3216 msgid "" "This option specifies the number of pre-forked proxy children. It is useful " "for high-load SSSD environments where sssd may run out of available child " @@ -3650,19 +3730,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3098 +#: sssd.conf.5.xml:3165 msgid "" "Options valid for proxy domains. <placeholder type=\"variablelist\" id=" "\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:3165 +#: sssd.conf.5.xml:3232 msgid "Application domains" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3167 +#: sssd.conf.5.xml:3234 msgid "" "SSSD, with its D-Bus interface (see <citerefentry> <refentrytitle>sssd-ifp</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry>) is appealing to " @@ -3679,7 +3759,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3187 +#: sssd.conf.5.xml:3254 msgid "" "Please note that the application domain must still be explicitly enabled in " "the <quote>domains</quote> parameter so that the lookup order between the " @@ -3687,17 +3767,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:3193 +#: sssd.conf.5.xml:3260 msgid "Application domain parameters" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3195 +#: sssd.conf.5.xml:3262 msgid "inherit_from (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3198 +#: sssd.conf.5.xml:3265 msgid "" "The SSSD POSIX-type domain the application domain inherits all settings " "from. The application domain can moreover add its own settings to the " @@ -3706,7 +3786,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3212 +#: sssd.conf.5.xml:3279 msgid "" "The following example illustrates the use of an application domain. In this " "setup, the POSIX domain is connected to an LDAP server and is used by the OS " @@ -3716,7 +3796,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><programlisting> -#: sssd.conf.5.xml:3220 +#: sssd.conf.5.xml:3287 #, no-wrap msgid "" "[sssd]\n" @@ -3736,12 +3816,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:3238 +#: sssd.conf.5.xml:3305 msgid "The local domain section" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3240 +#: sssd.conf.5.xml:3307 msgid "" "This section contains settings for domain that stores users and groups in " "SSSD native database, that is, a domain that uses " @@ -3749,73 +3829,73 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3247 +#: sssd.conf.5.xml:3314 msgid "default_shell (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3250 +#: sssd.conf.5.xml:3317 msgid "The default shell for users created with SSSD userspace tools." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3254 +#: sssd.conf.5.xml:3321 msgid "Default: <filename>/bin/bash</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3259 +#: sssd.conf.5.xml:3326 msgid "base_directory (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3262 +#: sssd.conf.5.xml:3329 msgid "" "The tools append the login name to <replaceable>base_directory</replaceable> " "and use that as the home directory." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3267 +#: sssd.conf.5.xml:3334 msgid "Default: <filename>/home</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3272 +#: sssd.conf.5.xml:3339 msgid "create_homedir (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3275 +#: sssd.conf.5.xml:3342 msgid "" "Indicate if a home directory should be created by default for new users. " "Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3279 sssd.conf.5.xml:3291 +#: sssd.conf.5.xml:3346 sssd.conf.5.xml:3358 msgid "Default: TRUE" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3284 +#: sssd.conf.5.xml:3351 msgid "remove_homedir (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3287 +#: sssd.conf.5.xml:3354 msgid "" "Indicate if a home directory should be removed by default for deleted " "users. Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3296 +#: sssd.conf.5.xml:3363 msgid "homedir_umask (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3299 +#: sssd.conf.5.xml:3366 msgid "" "Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " @@ -3823,17 +3903,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3307 +#: sssd.conf.5.xml:3374 msgid "Default: 077" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3312 +#: sssd.conf.5.xml:3379 msgid "skel_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3315 +#: sssd.conf.5.xml:3382 msgid "" "The skeleton directory, which contains files and directories to be copied in " "the user's home directory, when the home directory is created by " @@ -3842,17 +3922,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3325 +#: sssd.conf.5.xml:3392 msgid "Default: <filename>/etc/skel</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3330 +#: sssd.conf.5.xml:3397 msgid "mail_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3333 +#: sssd.conf.5.xml:3400 msgid "" "The mail spool directory. This is needed to manipulate the mailbox when its " "corresponding user account is modified or deleted. If not specified, a " @@ -3860,17 +3940,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3340 +#: sssd.conf.5.xml:3407 msgid "Default: <filename>/var/mail</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3345 +#: sssd.conf.5.xml:3412 msgid "userdel_cmd (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3348 +#: sssd.conf.5.xml:3415 msgid "" "The command that is run after a user is removed. The command us passed the " "username of the user being removed as the first and only parameter. The " @@ -3878,17 +3958,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3354 +#: sssd.conf.5.xml:3421 msgid "Default: None, no command is run" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3364 +#: sssd.conf.5.xml:3431 msgid "TRUSTED DOMAIN SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3366 +#: sssd.conf.5.xml:3433 msgid "" "Some options used in the domain section can also be used in the trusted " "domain section, that is, in a section called <quote>[domain/" @@ -3899,64 +3979,69 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3373 +#: sssd.conf.5.xml:3440 msgid "ldap_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3374 +#: sssd.conf.5.xml:3441 msgid "ldap_user_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3375 +#: sssd.conf.5.xml:3442 msgid "ldap_group_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3376 +#: sssd.conf.5.xml:3443 msgid "ldap_netgroup_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3377 +#: sssd.conf.5.xml:3444 msgid "ldap_service_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3378 +#: sssd.conf.5.xml:3445 +msgid "ldap_sasl_mech," +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:3446 msgid "ad_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3379 +#: sssd.conf.5.xml:3447 msgid "ad_backup_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3380 +#: sssd.conf.5.xml:3448 msgid "ad_site," msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3381 sssd-ipa.5.xml:797 +#: sssd.conf.5.xml:3449 sssd-ipa.5.xml:797 msgid "use_fully_qualified_names" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3383 +#: sssd.conf.5.xml:3451 msgid "" "For more details about these options see their individual description in the " "manual page." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3389 +#: sssd.conf.5.xml:3457 msgid "CERTIFICATE MAPPING SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3391 +#: sssd.conf.5.xml:3459 msgid "" "To allow authentication with Smartcards and certificates SSSD must be able " "to map certificates to users. This can be done by adding the full " @@ -3969,7 +4054,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3405 +#: sssd.conf.5.xml:3473 msgid "" "To make the mapping more flexible mapping and matching rules were added to " "SSSD (see <citerefentry> <refentrytitle>sss-certmap</refentrytitle> " @@ -3977,7 +4062,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3414 +#: sssd.conf.5.xml:3482 msgid "" "A mapping and matching rule can be added to the SSSD configuration in a " "section on its own with a name like <quote>[certmap/" @@ -3986,57 +4071,55 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3421 +#: sssd.conf.5.xml:3489 msgid "matchrule (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3424 +#: sssd.conf.5.xml:3492 msgid "" "Only certificates from the Smartcard which matches this rule will be " "processed, all others are ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3428 +#: sssd.conf.5.xml:3496 msgid "" "Default: KRB5:<EKU>clientAuth, i.e. only certificates which have the " "Extended Key Usage <quote>clientAuth</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3435 +#: sssd.conf.5.xml:3503 msgid "maprule (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3438 +#: sssd.conf.5.xml:3506 msgid "Defines how the user is found for a given certificate." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3444 +#: sssd.conf.5.xml:3512 msgid "" "LDAP:(userCertificate;binary={cert!bin}) for LDAP based providers like " "<quote>ldap</quote>, <quote>AD</quote> or <quote>ipa</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3450 +#: sssd.conf.5.xml:3518 msgid "" "The RULE_NAME for the <quote>files</quote> provider which tries to find a " "user with the same name." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3459 -#, fuzzy -#| msgid "domains" +#: sssd.conf.5.xml:3527 msgid "domains (string)" -msgstr "toimialueet" +msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3462 +#: sssd.conf.5.xml:3530 msgid "" "Comma separated list of domain names the rule should be applied. By default " "a rule is only valid in the domain configured in sssd.conf. If the provider " @@ -4045,19 +4128,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3469 +#: sssd.conf.5.xml:3537 msgid "Default: the configured domain in sssd.conf" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3474 -#, fuzzy -#| msgid "offline_timeout (integer)" +#: sssd.conf.5.xml:3542 msgid "priority (integer)" -msgstr "offline_timeout (integer)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3477 +#: sssd.conf.5.xml:3545 msgid "" "Unsigned integer value defining the priority of the rule. The higher the " "number the lower the priority. <quote>0</quote> stands for the highest " @@ -4065,26 +4146,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3483 +#: sssd.conf.5.xml:3551 msgid "Default: the lowest priority" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3489 +#: sssd.conf.5.xml:3557 msgid "" "To make the configuration simple and reduce the amount of configuration " "options the <quote>files</quote> provider has some special properties:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3495 +#: sssd.conf.5.xml:3563 msgid "" "if maprule is not set the RULE_NAME name is assumed to be the name of the " "matching user" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3501 +#: sssd.conf.5.xml:3569 msgid "" "if a maprule is used both a single user name or a template like " "<quote>{subject_rfc822_name.short_name}</quote> must be in braces like e.g. " @@ -4093,17 +4174,126 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3510 +#: sssd.conf.5.xml:3578 msgid "the <quote>domains</quote> option is ignored" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3518 idmap_sss.8.xml:43 +#: sssd.conf.5.xml:3586 +msgid "PROMPTING CONFIGURATION SECTION" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:3588 +msgid "" +"If a special file (<filename>/var/lib/sss/pubconf/pam_preauth_available</" +"filename>) exists SSSD's PAM module pam_sss will ask SSSD to figure out " +"which authentication methods are available for the user trying to log in. " +"Based on the results pam_sss will prompt the user for appropriate " +"credentials." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:3596 +msgid "" +"With the growing number of authentication methods and the possibility that " +"there are multiple ones for a single user the heuristic used by pam_sss to " +"select the prompting might not be suitable for all use cases. To following " +"options should provide a better flexibility here." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3608 +msgid "[prompting/password]" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3611 +msgid "password_prompt" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3612 +msgid "to change the string of the password prompt" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3610 +#, fuzzy +#| msgid "<placeholder type=\"variablelist\" id=\"0\"/>" +msgid "" +"to configure password prompting, allowed options are: <placeholder type=" +"\"variablelist\" id=\"0\"/>" +msgstr "<placeholder type=\"variablelist\" id=\"0\"/>" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3620 +msgid "[prompting/2fa]" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3624 +msgid "first_prompt" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3625 +msgid "to change the string of the prompt for the first factor" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3628 +msgid "second_prompt" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3629 +msgid "to change the string of the prompt for the second factor" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3632 +msgid "single_prompt" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3633 +msgid "" +"boolean value, if True there will be only a single prompt using the value of " +"first_prompt where it is expected that both factor are entered as a single " +"string" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3622 +msgid "" +"to configure two-factor authentication prompting, allowed options are: " +"<placeholder type=\"variablelist\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:3603 +msgid "" +"Each supported authentication method has it's own configuration sub-section " +"under <quote>[prompting/...]</quote>. Currently there are: <placeholder type=" +"\"variablelist\" id=\"0\"/> <placeholder type=\"variablelist\" id=\"1\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:3645 +msgid "" +"It is possible to add a sub-section for specific PAM services like e.g. " +"<quote>[prompting/password/sshd]</quote> to individual change the prompting " +"for this service." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sssd.conf.5.xml:3652 idmap_sss.8.xml:43 msgid "EXAMPLES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3524 +#: sssd.conf.5.xml:3658 #, no-wrap msgid "" "[sssd]\n" @@ -4133,7 +4323,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3520 +#: sssd.conf.5.xml:3654 msgid "" "1. The following example shows a typical SSSD config. It does not describe " "configuration of the domains themselves - refer to documentation on " @@ -4142,7 +4332,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3557 +#: sssd.conf.5.xml:3691 #, no-wrap msgid "" "[domain/ipa.com/child.ad.com]\n" @@ -4150,7 +4340,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3551 +#: sssd.conf.5.xml:3685 msgid "" "2. The following example shows configuration of IPA AD trust where the AD " "forest consists of two domains in a parent-child structure. Suppose IPA " @@ -4161,7 +4351,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3571 +#: sssd.conf.5.xml:3705 #, no-wrap msgid "" "[certmap/my.domain/rule_name]\n" @@ -4175,7 +4365,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3562 +#: sssd.conf.5.xml:3696 msgid "" "3. The following example shows the configuration for two certificate mapping " "rules. The first is valid for the configured domain <quote>my.domain</quote> " @@ -4325,7 +4515,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:662 sssd-ad.5.xml:286 +#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:700 sssd-ad.5.xml:286 #: sss_override.8.xml:137 sss_override.8.xml:234 msgid "Examples:" msgstr "" @@ -4420,123 +4610,164 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:209 -msgid "ldap_default_bind_dn (string)" +msgid "ldap_pwmodify_mode (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:212 +msgid "Specify the operation that is used to modify user password." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:216 +msgid "Two modes are currently supported:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ldap.5.xml:220 +msgid "exop - Password Modify Extended Operation (RFC 3062)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ldap.5.xml:226 +msgid "ldap_modify - Direct modification of userPassword (not recommended)." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:233 +msgid "" +"Note: First, a new connection is established to verify current password by " +"binding as the user that requested password change. If successful, this " +"connection is used to change the password therefore the user must have write " +"access to userPassword attribute." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:241 +#, fuzzy +#| msgid "Default: true" +msgid "Default: exop" +msgstr "Oletus:tosi" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:247 +msgid "ldap_default_bind_dn (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:250 msgid "The default bind DN to use for performing LDAP operations." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:219 +#: sssd-ldap.5.xml:257 msgid "ldap_default_authtok_type (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:222 +#: sssd-ldap.5.xml:260 msgid "The type of the authentication token of the default bind DN." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:226 +#: sssd-ldap.5.xml:264 msgid "The two mechanisms currently supported are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:229 +#: sssd-ldap.5.xml:267 msgid "password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:232 +#: sssd-ldap.5.xml:270 msgid "obfuscated_password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:235 +#: sssd-ldap.5.xml:273 msgid "Default: password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:241 +#: sssd-ldap.5.xml:279 msgid "ldap_default_authtok (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:244 +#: sssd-ldap.5.xml:282 msgid "" "The authentication token of the default bind DN. Only clear text passwords " "are currently supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:251 +#: sssd-ldap.5.xml:289 msgid "ldap_user_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:254 +#: sssd-ldap.5.xml:292 msgid "The object class of a user entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:257 +#: sssd-ldap.5.xml:295 msgid "Default: posixAccount" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:263 +#: sssd-ldap.5.xml:301 msgid "ldap_user_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:266 +#: sssd-ldap.5.xml:304 msgid "The LDAP attribute that corresponds to the user's login name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:270 +#: sssd-ldap.5.xml:308 msgid "Default: uid (rfc2307, rfc2307bis and IPA), sAMAccountName (AD)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:277 +#: sssd-ldap.5.xml:315 msgid "ldap_user_uid_number (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:280 +#: sssd-ldap.5.xml:318 msgid "The LDAP attribute that corresponds to the user's id." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:284 +#: sssd-ldap.5.xml:322 msgid "Default: uidNumber" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:290 +#: sssd-ldap.5.xml:328 msgid "ldap_user_gid_number (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:293 +#: sssd-ldap.5.xml:331 msgid "The LDAP attribute that corresponds to the user's primary group id." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:297 sssd-ldap.5.xml:929 +#: sssd-ldap.5.xml:335 sssd-ldap.5.xml:967 msgid "Default: gidNumber" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:303 +#: sssd-ldap.5.xml:341 msgid "ldap_user_primary_group (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:306 +#: sssd-ldap.5.xml:344 msgid "" "Active Directory primary group attribute for ID-mapping. Note that this " "attribute should only be set manually if you are running the <quote>ldap</" @@ -4544,113 +4775,113 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:312 +#: sssd-ldap.5.xml:350 msgid "Default: unset (LDAP), primaryGroupID (AD)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:318 +#: sssd-ldap.5.xml:356 msgid "ldap_user_gecos (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:321 +#: sssd-ldap.5.xml:359 msgid "The LDAP attribute that corresponds to the user's gecos field." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:325 +#: sssd-ldap.5.xml:363 msgid "Default: gecos" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:331 +#: sssd-ldap.5.xml:369 msgid "ldap_user_home_directory (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:334 +#: sssd-ldap.5.xml:372 msgid "The LDAP attribute that contains the name of the user's home directory." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:338 +#: sssd-ldap.5.xml:376 msgid "Default: homeDirectory" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:344 +#: sssd-ldap.5.xml:382 msgid "ldap_user_shell (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:347 +#: sssd-ldap.5.xml:385 msgid "The LDAP attribute that contains the path to the user's default shell." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:351 +#: sssd-ldap.5.xml:389 msgid "Default: loginShell" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:357 +#: sssd-ldap.5.xml:395 msgid "ldap_user_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:360 +#: sssd-ldap.5.xml:398 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:364 sssd-ldap.5.xml:955 +#: sssd-ldap.5.xml:402 sssd-ldap.5.xml:993 msgid "" "Default: not set in the general case, objectGUID for AD and ipaUniqueID for " "IPA" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:371 +#: sssd-ldap.5.xml:409 msgid "ldap_user_objectsid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:374 +#: sssd-ldap.5.xml:412 msgid "" "The LDAP attribute that contains the objectSID of an LDAP user object. This " "is usually only necessary for ActiveDirectory servers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:379 sssd-ldap.5.xml:970 +#: sssd-ldap.5.xml:417 sssd-ldap.5.xml:1008 msgid "Default: objectSid for ActiveDirectory, not set for other servers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:386 +#: sssd-ldap.5.xml:424 msgid "ldap_user_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:389 sssd-ldap.5.xml:980 sssd-ldap.5.xml:1144 +#: sssd-ldap.5.xml:427 sssd-ldap.5.xml:1018 sssd-ldap.5.xml:1182 msgid "" "The LDAP attribute that contains timestamp of the last modification of the " "parent object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:393 sssd-ldap.5.xml:984 sssd-ldap.5.xml:1151 +#: sssd-ldap.5.xml:431 sssd-ldap.5.xml:1022 sssd-ldap.5.xml:1189 msgid "Default: modifyTimestamp" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:399 +#: sssd-ldap.5.xml:437 msgid "ldap_user_shadow_last_change (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:402 +#: sssd-ldap.5.xml:440 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -4659,17 +4890,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:412 +#: sssd-ldap.5.xml:450 msgid "Default: shadowLastChange" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:418 +#: sssd-ldap.5.xml:456 msgid "ldap_user_shadow_min (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:421 +#: sssd-ldap.5.xml:459 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -4678,17 +4909,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:430 +#: sssd-ldap.5.xml:468 msgid "Default: shadowMin" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:436 +#: sssd-ldap.5.xml:474 msgid "ldap_user_shadow_max (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:439 +#: sssd-ldap.5.xml:477 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -4697,17 +4928,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:448 +#: sssd-ldap.5.xml:486 msgid "Default: shadowMax" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:454 +#: sssd-ldap.5.xml:492 msgid "ldap_user_shadow_warning (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:457 +#: sssd-ldap.5.xml:495 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -4716,17 +4947,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:467 +#: sssd-ldap.5.xml:505 msgid "Default: shadowWarning" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:473 +#: sssd-ldap.5.xml:511 msgid "ldap_user_shadow_inactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:476 +#: sssd-ldap.5.xml:514 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -4735,17 +4966,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:486 +#: sssd-ldap.5.xml:524 msgid "Default: shadowInactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:492 +#: sssd-ldap.5.xml:530 msgid "ldap_user_shadow_expire (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:495 +#: sssd-ldap.5.xml:533 msgid "" "When using ldap_pwd_policy=shadow or ldap_account_expire_policy=shadow, this " "parameter contains the name of an LDAP attribute corresponding to its " @@ -4754,17 +4985,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:505 +#: sssd-ldap.5.xml:543 msgid "Default: shadowExpire" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:511 +#: sssd-ldap.5.xml:549 msgid "ldap_user_krb_last_pwd_change (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:514 +#: sssd-ldap.5.xml:552 msgid "" "When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " "an LDAP attribute storing the date and time of last password change in " @@ -4772,155 +5003,155 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:520 +#: sssd-ldap.5.xml:558 msgid "Default: krbLastPwdChange" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:526 +#: sssd-ldap.5.xml:564 msgid "ldap_user_krb_password_expiration (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:529 +#: sssd-ldap.5.xml:567 msgid "" "When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " "an LDAP attribute storing the date and time when current password expires." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:535 +#: sssd-ldap.5.xml:573 msgid "Default: krbPasswordExpiration" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:541 +#: sssd-ldap.5.xml:579 msgid "ldap_user_ad_account_expires (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:544 +#: sssd-ldap.5.xml:582 msgid "" "When using ldap_account_expire_policy=ad, this parameter contains the name " "of an LDAP attribute storing the expiration time of the account." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:549 +#: sssd-ldap.5.xml:587 msgid "Default: accountExpires" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:555 +#: sssd-ldap.5.xml:593 msgid "ldap_user_ad_user_account_control (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:558 +#: sssd-ldap.5.xml:596 msgid "" "When using ldap_account_expire_policy=ad, this parameter contains the name " "of an LDAP attribute storing the user account control bit field." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:563 +#: sssd-ldap.5.xml:601 msgid "Default: userAccountControl" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:569 +#: sssd-ldap.5.xml:607 msgid "ldap_ns_account_lock (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:572 +#: sssd-ldap.5.xml:610 msgid "" "When using ldap_account_expire_policy=rhds or equivalent, this parameter " "determines if access is allowed or not." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:577 +#: sssd-ldap.5.xml:615 msgid "Default: nsAccountLock" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:583 +#: sssd-ldap.5.xml:621 msgid "ldap_user_nds_login_disabled (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:586 +#: sssd-ldap.5.xml:624 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines if " "access is allowed or not." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:590 sssd-ldap.5.xml:604 +#: sssd-ldap.5.xml:628 sssd-ldap.5.xml:642 msgid "Default: loginDisabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:596 +#: sssd-ldap.5.xml:634 msgid "ldap_user_nds_login_expiration_time (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:599 +#: sssd-ldap.5.xml:637 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines until " "which date access is granted." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:610 +#: sssd-ldap.5.xml:648 msgid "ldap_user_nds_login_allowed_time_map (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:613 +#: sssd-ldap.5.xml:651 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines the " "hours of a day in a week when access is granted." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:618 +#: sssd-ldap.5.xml:656 msgid "Default: loginAllowedTimeMap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:624 +#: sssd-ldap.5.xml:662 msgid "ldap_user_principal (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:627 +#: sssd-ldap.5.xml:665 msgid "" "The LDAP attribute that contains the user's Kerberos User Principal Name " "(UPN)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:631 +#: sssd-ldap.5.xml:669 msgid "Default: krbPrincipalName" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:637 +#: sssd-ldap.5.xml:675 msgid "ldap_user_extra_attrs (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:640 +#: sssd-ldap.5.xml:678 msgid "" "Comma-separated list of LDAP attributes that SSSD would fetch along with the " "usual set of user attributes." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:645 +#: sssd-ldap.5.xml:683 msgid "" "The list can either contain LDAP attribute names only, or colon-separated " "tuples of SSSD cache attribute name and LDAP attribute name. In case only " @@ -4930,7 +5161,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:655 +#: sssd-ldap.5.xml:693 msgid "" "Please note that several attribute names are reserved by SSSD, notably the " "<quote>name</quote> attribute. SSSD would report an error if any of the " @@ -4938,51 +5169,51 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:665 +#: sssd-ldap.5.xml:703 msgid "ldap_user_extra_attrs = telephoneNumber" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:668 +#: sssd-ldap.5.xml:706 msgid "" "Save the <quote>telephoneNumber</quote> attribute from LDAP as " "<quote>telephoneNumber</quote> to the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:672 +#: sssd-ldap.5.xml:710 msgid "ldap_user_extra_attrs = phone:telephoneNumber" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:675 +#: sssd-ldap.5.xml:713 msgid "" "Save the <quote>telephoneNumber</quote> attribute from LDAP as <quote>phone</" "quote> to the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:685 +#: sssd-ldap.5.xml:723 msgid "ldap_user_ssh_public_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:688 +#: sssd-ldap.5.xml:726 msgid "The LDAP attribute that contains the user's SSH public keys." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:692 sssd-ldap.5.xml:1247 +#: sssd-ldap.5.xml:730 sssd-ldap.5.xml:1285 msgid "Default: sshPublicKey" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:698 +#: sssd-ldap.5.xml:736 msgid "ldap_force_upper_case_realm (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:701 +#: sssd-ldap.5.xml:739 msgid "" "Some directory servers, for example Active Directory, might deliver the " "realm part of the UPN in lower case, which might cause the authentication to " @@ -4991,24 +5222,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:714 +#: sssd-ldap.5.xml:752 msgid "ldap_enumeration_refresh_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:717 +#: sssd-ldap.5.xml:755 msgid "" "Specifies how many seconds SSSD has to wait before refreshing its cache of " "enumerated records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:728 +#: sssd-ldap.5.xml:766 msgid "ldap_purge_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:731 +#: sssd-ldap.5.xml:769 msgid "" "Determine how often to check the cache for inactive entries (such as groups " "with no members and users who have never logged in) and remove them to save " @@ -5016,7 +5247,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:737 +#: sssd-ldap.5.xml:775 msgid "" "Setting this option to zero will disable the cache cleanup operation. Please " "note that if enumeration is enabled, the cleanup task is required in order " @@ -5025,43 +5256,43 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:752 +#: sssd-ldap.5.xml:790 msgid "ldap_user_fullname (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:755 +#: sssd-ldap.5.xml:793 msgid "The LDAP attribute that corresponds to the user's full name." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:759 sssd-ldap.5.xml:1102 sssd-ldap.5.xml:1176 -#: sssd-ldap.5.xml:1285 sssd-ldap.5.xml:2346 sssd-ipa.5.xml:622 +#: sssd-ldap.5.xml:797 sssd-ldap.5.xml:1140 sssd-ldap.5.xml:1214 +#: sssd-ldap.5.xml:1323 sssd-ldap.5.xml:2404 sssd-ipa.5.xml:622 msgid "Default: cn" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:765 +#: sssd-ldap.5.xml:803 msgid "ldap_user_member_of (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:768 +#: sssd-ldap.5.xml:806 msgid "The LDAP attribute that lists the user's group memberships." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:772 sssd-ldap.5.xml:1215 +#: sssd-ldap.5.xml:810 sssd-ldap.5.xml:1253 msgid "Default: memberOf" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:778 +#: sssd-ldap.5.xml:816 msgid "ldap_user_authorized_service (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:781 +#: sssd-ldap.5.xml:819 msgid "" "If access_provider=ldap and ldap_access_order=authorized_service, SSSD will " "use the presence of the authorizedService attribute in the user's LDAP entry " @@ -5069,14 +5300,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:788 +#: sssd-ldap.5.xml:826 msgid "" "An explicit deny (!svc) is resolved first. Second, SSSD searches for " "explicit allow (svc) and finally for allow_all (*)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:793 +#: sssd-ldap.5.xml:831 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>authorized_service</quote> in order for the " @@ -5084,17 +5315,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:800 +#: sssd-ldap.5.xml:838 msgid "Default: authorizedService" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:806 +#: sssd-ldap.5.xml:844 msgid "ldap_user_authorized_host (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:809 +#: sssd-ldap.5.xml:847 msgid "" "If access_provider=ldap and ldap_access_order=host, SSSD will use the " "presence of the host attribute in the user's LDAP entry to determine access " @@ -5102,14 +5333,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:815 +#: sssd-ldap.5.xml:853 msgid "" "An explicit deny (!host) is resolved first. Second, SSSD searches for " "explicit allow (host) and finally for allow_all (*)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:820 +#: sssd-ldap.5.xml:858 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>host</quote> in order for the " @@ -5117,17 +5348,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:827 +#: sssd-ldap.5.xml:865 msgid "Default: host" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:833 +#: sssd-ldap.5.xml:871 msgid "ldap_user_authorized_rhost (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:836 +#: sssd-ldap.5.xml:874 msgid "" "If access_provider=ldap and ldap_access_order=rhost, SSSD will use the " "presence of the rhost attribute in the user's LDAP entry to determine access " @@ -5135,14 +5366,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:843 +#: sssd-ldap.5.xml:881 msgid "" "An explicit deny (!rhost) is resolved first. Second, SSSD searches for " "explicit allow (rhost) and finally for allow_all (*)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:848 +#: sssd-ldap.5.xml:886 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>rhost</quote> in order for the " @@ -5150,37 +5381,37 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:855 +#: sssd-ldap.5.xml:893 msgid "Default: rhost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:861 +#: sssd-ldap.5.xml:899 msgid "ldap_user_certificate (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:864 +#: sssd-ldap.5.xml:902 msgid "Name of the LDAP attribute containing the X509 certificate of the user." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:868 +#: sssd-ldap.5.xml:906 msgid "Default: userCertificate;binary" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:874 +#: sssd-ldap.5.xml:912 msgid "ldap_user_email (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:877 +#: sssd-ldap.5.xml:915 msgid "Name of the LDAP attribute containing the email address of the user." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:881 +#: sssd-ldap.5.xml:919 msgid "" "Note: If an email address of a user conflicts with an email address or fully " "qualified name of another user, then SSSD will not be able to serve those " @@ -5190,106 +5421,106 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:890 +#: sssd-ldap.5.xml:928 msgid "Default: mail" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:896 +#: sssd-ldap.5.xml:934 msgid "ldap_group_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:899 +#: sssd-ldap.5.xml:937 msgid "The object class of a group entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:902 +#: sssd-ldap.5.xml:940 msgid "Default: posixGroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:908 +#: sssd-ldap.5.xml:946 msgid "ldap_group_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:911 +#: sssd-ldap.5.xml:949 msgid "The LDAP attribute that corresponds to the group name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:915 +#: sssd-ldap.5.xml:953 msgid "Default: cn (rfc2307, rfc2307bis and IPA), sAMAccountName (AD)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:922 +#: sssd-ldap.5.xml:960 msgid "ldap_group_gid_number (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:925 +#: sssd-ldap.5.xml:963 msgid "The LDAP attribute that corresponds to the group's id." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:935 +#: sssd-ldap.5.xml:973 msgid "ldap_group_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:938 +#: sssd-ldap.5.xml:976 msgid "The LDAP attribute that contains the names of the group's members." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:942 +#: sssd-ldap.5.xml:980 msgid "Default: memberuid (rfc2307) / member (rfc2307bis)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:948 +#: sssd-ldap.5.xml:986 msgid "ldap_group_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:951 +#: sssd-ldap.5.xml:989 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:962 +#: sssd-ldap.5.xml:1000 msgid "ldap_group_objectsid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:965 +#: sssd-ldap.5.xml:1003 msgid "" "The LDAP attribute that contains the objectSID of an LDAP group object. This " "is usually only necessary for ActiveDirectory servers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:977 +#: sssd-ldap.5.xml:1015 msgid "ldap_group_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:990 +#: sssd-ldap.5.xml:1028 msgid "ldap_group_type (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:993 +#: sssd-ldap.5.xml:1031 msgid "" "The LDAP attribute that contains an integer value indicating the type of the " "group and maybe other flags." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:998 +#: sssd-ldap.5.xml:1036 msgid "" "This attribute is currently only used by the AD provider to determine if a " "group is a domain local groups and has to be filtered out for trusted " @@ -5297,34 +5528,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1004 +#: sssd-ldap.5.xml:1042 msgid "Default: groupType in the AD provider, otherwise not set" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1011 +#: sssd-ldap.5.xml:1049 msgid "ldap_group_external_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1014 +#: sssd-ldap.5.xml:1052 msgid "" "The LDAP attribute that references group members that are defined in an " "external domain. At the moment, only IPA's external members are supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1020 +#: sssd-ldap.5.xml:1058 msgid "Default: ipaExternalMember in the IPA provider, otherwise unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1027 +#: sssd-ldap.5.xml:1065 msgid "ldap_group_nesting_level (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1030 +#: sssd-ldap.5.xml:1068 msgid "" "If ldap_schema is set to a schema format that supports nested groups (e.g. " "RFC2307bis), then this option controls how many levels of nesting SSSD will " @@ -5332,7 +5563,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1037 +#: sssd-ldap.5.xml:1075 msgid "" "Note: This option specifies the guaranteed level of nested groups to be " "processed for any lookup. However, nested groups beyond this limit " @@ -5342,7 +5573,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1046 +#: sssd-ldap.5.xml:1084 msgid "" "If ldap_group_nesting_level is set to 0 then no nested groups are processed " "at all. However, when connected to Active-Directory Server 2008 and later " @@ -5352,177 +5583,177 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1055 +#: sssd-ldap.5.xml:1093 msgid "Default: 2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1064 +#: sssd-ldap.5.xml:1102 msgid "" "This options enables or disables use of Token-Groups attribute when " "performing initgroup for users from Active Directory Server 2008 and later." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1069 +#: sssd-ldap.5.xml:1107 msgid "Default: True for AD and IPA otherwise False." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1075 +#: sssd-ldap.5.xml:1113 msgid "ldap_netgroup_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1078 +#: sssd-ldap.5.xml:1116 msgid "The object class of a netgroup entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1081 +#: sssd-ldap.5.xml:1119 msgid "In IPA provider, ipa_netgroup_object_class should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1085 +#: sssd-ldap.5.xml:1123 msgid "Default: nisNetgroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1091 +#: sssd-ldap.5.xml:1129 msgid "ldap_netgroup_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1094 +#: sssd-ldap.5.xml:1132 msgid "The LDAP attribute that corresponds to the netgroup name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1098 +#: sssd-ldap.5.xml:1136 msgid "In IPA provider, ipa_netgroup_name should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1108 +#: sssd-ldap.5.xml:1146 msgid "ldap_netgroup_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1111 +#: sssd-ldap.5.xml:1149 msgid "The LDAP attribute that contains the names of the netgroup's members." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1115 +#: sssd-ldap.5.xml:1153 msgid "In IPA provider, ipa_netgroup_member should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1119 +#: sssd-ldap.5.xml:1157 msgid "Default: memberNisNetgroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1125 +#: sssd-ldap.5.xml:1163 msgid "ldap_netgroup_triple (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1128 +#: sssd-ldap.5.xml:1166 msgid "" "The LDAP attribute that contains the (host, user, domain) netgroup triples." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1132 sssd-ldap.5.xml:1148 +#: sssd-ldap.5.xml:1170 sssd-ldap.5.xml:1186 msgid "This option is not available in IPA provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1135 +#: sssd-ldap.5.xml:1173 msgid "Default: nisNetgroupTriple" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1141 +#: sssd-ldap.5.xml:1179 msgid "ldap_netgroup_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1157 +#: sssd-ldap.5.xml:1195 msgid "ldap_host_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1160 +#: sssd-ldap.5.xml:1198 msgid "The object class of a host entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1163 sssd-ldap.5.xml:1272 +#: sssd-ldap.5.xml:1201 sssd-ldap.5.xml:1310 msgid "Default: ipService" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1169 +#: sssd-ldap.5.xml:1207 msgid "ldap_host_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1172 sssd-ldap.5.xml:1198 +#: sssd-ldap.5.xml:1210 sssd-ldap.5.xml:1236 msgid "The LDAP attribute that corresponds to the host's name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1182 +#: sssd-ldap.5.xml:1220 msgid "ldap_host_fqdn (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1185 +#: sssd-ldap.5.xml:1223 msgid "" "The LDAP attribute that corresponds to the host's fully-qualified domain " "name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1189 +#: sssd-ldap.5.xml:1227 msgid "Default: fqdn" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1195 +#: sssd-ldap.5.xml:1233 msgid "ldap_host_serverhostname (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1202 +#: sssd-ldap.5.xml:1240 msgid "Default: serverHostname" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1208 +#: sssd-ldap.5.xml:1246 msgid "ldap_host_member_of (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1211 +#: sssd-ldap.5.xml:1249 msgid "The LDAP attribute that lists the host's group memberships." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1221 +#: sssd-ldap.5.xml:1259 msgid "ldap_host_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1224 +#: sssd-ldap.5.xml:1262 msgid "Optional. Use the given string as search base for host objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1228 sssd-ipa.5.xml:374 sssd-ipa.5.xml:393 +#: sssd-ldap.5.xml:1266 sssd-ipa.5.xml:374 sssd-ipa.5.xml:393 #: sssd-ipa.5.xml:412 sssd-ipa.5.xml:431 msgid "" "See <quote>ldap_search_base</quote> for information about configuring " @@ -5530,95 +5761,95 @@ msgid "" msgstr "" #. type: Content of: <listitem><para> -#: sssd-ldap.5.xml:1233 sssd-ipa.5.xml:379 include/ldap_search_bases.xml:27 +#: sssd-ldap.5.xml:1271 sssd-ipa.5.xml:379 include/ldap_search_bases.xml:27 msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1240 +#: sssd-ldap.5.xml:1278 msgid "ldap_host_ssh_public_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1243 +#: sssd-ldap.5.xml:1281 msgid "The LDAP attribute that contains the host's SSH public keys." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1253 +#: sssd-ldap.5.xml:1291 msgid "ldap_host_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1256 +#: sssd-ldap.5.xml:1294 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP host object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1266 +#: sssd-ldap.5.xml:1304 msgid "ldap_service_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1269 +#: sssd-ldap.5.xml:1307 msgid "The object class of a service entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1278 +#: sssd-ldap.5.xml:1316 msgid "ldap_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1281 +#: sssd-ldap.5.xml:1319 msgid "" "The LDAP attribute that contains the name of service attributes and their " "aliases." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1291 +#: sssd-ldap.5.xml:1329 msgid "ldap_service_port (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1294 +#: sssd-ldap.5.xml:1332 msgid "The LDAP attribute that contains the port managed by this service." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1298 +#: sssd-ldap.5.xml:1336 msgid "Default: ipServicePort" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1304 +#: sssd-ldap.5.xml:1342 msgid "ldap_service_proto (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1307 +#: sssd-ldap.5.xml:1345 msgid "" "The LDAP attribute that contains the protocols understood by this service." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1311 +#: sssd-ldap.5.xml:1349 msgid "Default: ipServiceProtocol" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1317 +#: sssd-ldap.5.xml:1355 msgid "ldap_service_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1322 +#: sssd-ldap.5.xml:1360 msgid "ldap_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1325 +#: sssd-ldap.5.xml:1363 msgid "" "Specifies the timeout (in seconds) that ldap searches are allowed to run " "before they are cancelled and cached results are returned (and offline mode " @@ -5626,7 +5857,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1331 +#: sssd-ldap.5.xml:1369 msgid "" "Note: this option is subject to change in future versions of the SSSD. It " "will likely be replaced at some point by a series of timeouts for specific " @@ -5634,12 +5865,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1343 +#: sssd-ldap.5.xml:1381 msgid "ldap_enumeration_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1346 +#: sssd-ldap.5.xml:1384 msgid "" "Specifies the timeout (in seconds) that ldap searches for user and group " "enumerations are allowed to run before they are cancelled and cached results " @@ -5647,12 +5878,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1359 +#: sssd-ldap.5.xml:1397 msgid "ldap_network_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1362 +#: sssd-ldap.5.xml:1400 msgid "" "Specifies the timeout (in seconds) after which the <citerefentry> " "<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" @@ -5663,12 +5894,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1385 +#: sssd-ldap.5.xml:1423 msgid "ldap_opt_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1388 +#: sssd-ldap.5.xml:1426 msgid "" "Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " "will abort if no response is received. Also controls the timeout when " @@ -5677,12 +5908,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1403 +#: sssd-ldap.5.xml:1441 msgid "ldap_connection_expire_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1406 +#: sssd-ldap.5.xml:1444 msgid "" "Specifies a timeout (in seconds) that a connection to an LDAP server will be " "maintained. After this time, the connection will be re-established. If used " @@ -5691,34 +5922,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1414 sssd-ldap.5.xml:2503 +#: sssd-ldap.5.xml:1452 sssd-ldap.5.xml:2572 msgid "Default: 900 (15 minutes)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1420 +#: sssd-ldap.5.xml:1458 msgid "ldap_page_size (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1423 +#: sssd-ldap.5.xml:1461 msgid "" "Specify the number of records to retrieve from LDAP in a single request. " "Some LDAP servers enforce a maximum limit per-request." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1428 +#: sssd-ldap.5.xml:1466 msgid "Default: 1000" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1434 +#: sssd-ldap.5.xml:1472 msgid "ldap_disable_paging (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1437 +#: sssd-ldap.5.xml:1475 msgid "" "Disable the LDAP paging control. This option should be used if the LDAP " "server reports that it supports the LDAP paging control in its RootDSE but " @@ -5726,14 +5957,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1443 +#: sssd-ldap.5.xml:1481 msgid "" "Example: OpenLDAP servers with the paging control module installed on the " "server but not enabled will report it in the RootDSE but be unable to use it." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1449 +#: sssd-ldap.5.xml:1487 msgid "" "Example: 389 DS has a bug where it can only support a one paging control at " "a time on a single connection. On busy clients, this can result in some " @@ -5741,17 +5972,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1461 +#: sssd-ldap.5.xml:1499 msgid "ldap_disable_range_retrieval (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1464 +#: sssd-ldap.5.xml:1502 msgid "Disable Active Directory range retrieval." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1467 +#: sssd-ldap.5.xml:1505 msgid "" "Active Directory limits the number of members to be retrieved in a single " "lookup using the MaxValRange policy (which defaults to 1500 members). If a " @@ -5761,12 +5992,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1482 +#: sssd-ldap.5.xml:1520 msgid "ldap_sasl_minssf (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1485 +#: sssd-ldap.5.xml:1523 msgid "" "When communicating with an LDAP server using SASL, specify the minimum " "security level necessary to establish the connection. The values of this " @@ -5774,17 +6005,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1491 +#: sssd-ldap.5.xml:1529 msgid "Default: Use the system default (usually specified by ldap.conf)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1498 +#: sssd-ldap.5.xml:1536 msgid "ldap_deref_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1501 +#: sssd-ldap.5.xml:1539 msgid "" "Specify the number of group members that must be missing from the internal " "cache in order to trigger a dereference lookup. If less members are missing, " @@ -5792,13 +6023,18 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1507 +#: sssd-ldap.5.xml:1545 msgid "" -"You can turn off dereference lookups completely by setting the value to 0." +"You can turn off dereference lookups completely by setting the value to 0. " +"Please note that there are some codepaths in SSSD, like the IPA HBAC " +"provider, that are only implemented using the dereference call, so even with " +"dereference explicitly disabled, those parts will still use dereference if " +"the server supports it and advertises the dereference control in the rootDSE " +"object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1511 +#: sssd-ldap.5.xml:1556 msgid "" "A dereference lookup is a means of fetching all group members in a single " "LDAP call. Different LDAP servers may implement different dereference " @@ -5807,7 +6043,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1519 +#: sssd-ldap.5.xml:1564 msgid "" "<emphasis>Note:</emphasis> If any of the search bases specifies a search " "filter, then the dereference lookup performance enhancement will be disabled " @@ -5815,26 +6051,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1532 +#: sssd-ldap.5.xml:1577 msgid "ldap_tls_reqcert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1535 +#: sssd-ldap.5.xml:1580 msgid "" "Specifies what checks to perform on server certificates in a TLS session, if " "any. It can be specified as one of the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1541 +#: sssd-ldap.5.xml:1586 msgid "" "<emphasis>never</emphasis> = The client will not request or check any server " "certificate." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1545 +#: sssd-ldap.5.xml:1590 msgid "" "<emphasis>allow</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -5842,7 +6078,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1552 +#: sssd-ldap.5.xml:1597 msgid "" "<emphasis>try</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -5850,7 +6086,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1558 +#: sssd-ldap.5.xml:1603 msgid "" "<emphasis>demand</emphasis> = The server certificate is requested. If no " "certificate is provided, or a bad certificate is provided, the session is " @@ -5858,41 +6094,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1564 +#: sssd-ldap.5.xml:1609 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1568 +#: sssd-ldap.5.xml:1613 msgid "Default: hard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1574 +#: sssd-ldap.5.xml:1619 msgid "ldap_tls_cacert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1577 +#: sssd-ldap.5.xml:1622 msgid "" "Specifies the file that contains certificates for all of the Certificate " "Authorities that <command>sssd</command> will recognize." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1582 sssd-ldap.5.xml:1600 sssd-ldap.5.xml:1641 +#: sssd-ldap.5.xml:1627 sssd-ldap.5.xml:1645 sssd-ldap.5.xml:1686 msgid "" "Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." "conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1589 +#: sssd-ldap.5.xml:1634 msgid "ldap_tls_cacertdir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1592 +#: sssd-ldap.5.xml:1637 msgid "" "Specifies the path of a directory that contains Certificate Authority " "certificates in separate individual files. Typically the file names need to " @@ -5901,32 +6137,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1607 +#: sssd-ldap.5.xml:1652 msgid "ldap_tls_cert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1610 +#: sssd-ldap.5.xml:1655 msgid "Specifies the file that contains the certificate for the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1620 +#: sssd-ldap.5.xml:1665 msgid "ldap_tls_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1623 +#: sssd-ldap.5.xml:1668 msgid "Specifies the file that contains the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1632 +#: sssd-ldap.5.xml:1677 msgid "ldap_tls_cipher_suite (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1635 +#: sssd-ldap.5.xml:1680 msgid "" "Specifies acceptable cipher suites. Typically this is a colon separated " "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " @@ -5934,24 +6170,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1648 +#: sssd-ldap.5.xml:1693 msgid "ldap_id_use_start_tls (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1651 +#: sssd-ldap.5.xml:1696 msgid "" "Specifies that the id_provider connection must also use <systemitem class=" "\"protocol\">tls</systemitem> to protect the channel." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1661 +#: sssd-ldap.5.xml:1706 msgid "ldap_id_mapping (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1664 +#: sssd-ldap.5.xml:1709 msgid "" "Specifies that SSSD should attempt to map user and group IDs from the " "ldap_user_objectsid and ldap_group_objectsid attributes instead of relying " @@ -5959,17 +6195,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1670 +#: sssd-ldap.5.xml:1715 msgid "Currently this feature supports only ActiveDirectory objectSID mapping." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1680 +#: sssd-ldap.5.xml:1725 msgid "ldap_min_id, ldap_max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1683 +#: sssd-ldap.5.xml:1728 msgid "" "In contrast to the SID based ID mapping which is used if ldap_id_mapping is " "set to true the allowed ID range for ldap_user_uid_number and " @@ -5980,29 +6216,40 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1695 +#: sssd-ldap.5.xml:1740 msgid "Default: not set (both options are set to 0)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1701 +#: sssd-ldap.5.xml:1746 msgid "ldap_sasl_mech (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1704 +#: sssd-ldap.5.xml:1749 msgid "" -"Specify the SASL mechanism to use. Currently only GSSAPI is tested and " -"supported." +"Specify the SASL mechanism to use. Currently only GSSAPI and GSS-SPNEGO are " +"tested and supported." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1753 +msgid "" +"If the backend supports sub-domains the value of ldap_sasl_mech is " +"automatically inherited to the sub-domains. If a different value is needed " +"for a sub-domain it can be overwritten by setting ldap_sasl_mech for this " +"sub-domain explicitly. Please see TRUSTED DOMAIN SECTION in " +"<citerefentry><refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" +"manvolnum></citerefentry> for details." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1714 +#: sssd-ldap.5.xml:1769 msgid "ldap_sasl_authid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ldap.5.xml:1725 +#: sssd-ldap.5.xml:1781 #, no-wrap msgid "" "hostname@REALM\n" @@ -6015,29 +6262,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1717 +#: sssd-ldap.5.xml:1772 msgid "" -"Specify the SASL authorization id to use. When GSSAPI is used, this " -"represents the Kerberos principal used for authentication to the directory. " -"This option can either contain the full principal (for example host/" -"myhost@EXAMPLE.COM) or just the principal name (for example host/myhost). By " -"default, the value is not set and the following principals are used: " -"<placeholder type=\"programlisting\" id=\"0\"/> If none of them are found, " -"the first principal in keytab is returned." +"Specify the SASL authorization id to use. When GSSAPI/GSS-SPNEGO are used, " +"this represents the Kerberos principal used for authentication to the " +"directory. This option can either contain the full principal (for example " +"host/myhost@EXAMPLE.COM) or just the principal name (for example host/" +"myhost). By default, the value is not set and the following principals are " +"used: <placeholder type=\"programlisting\" id=\"0\"/> If none of them are " +"found, the first principal in keytab is returned." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1736 +#: sssd-ldap.5.xml:1792 msgid "Default: host/hostname@REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1742 +#: sssd-ldap.5.xml:1798 msgid "ldap_sasl_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1745 +#: sssd-ldap.5.xml:1801 msgid "" "Specify the SASL realm to use. When not specified, this option defaults to " "the value of krb5_realm. If the ldap_sasl_authid contains the realm as " @@ -6045,77 +6292,78 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1751 +#: sssd-ldap.5.xml:1807 msgid "Default: the value of krb5_realm." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1757 +#: sssd-ldap.5.xml:1813 msgid "ldap_sasl_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1760 +#: sssd-ldap.5.xml:1816 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1765 +#: sssd-ldap.5.xml:1821 msgid "Default: false;" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1771 +#: sssd-ldap.5.xml:1827 msgid "ldap_krb5_keytab (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1774 -msgid "Specify the keytab to use when using SASL/GSSAPI." +#: sssd-ldap.5.xml:1830 +msgid "Specify the keytab to use when using SASL/GSSAPI/GSS-SPNEGO." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1777 +#: sssd-ldap.5.xml:1834 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1783 +#: sssd-ldap.5.xml:1840 msgid "ldap_krb5_init_creds (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1786 +#: sssd-ldap.5.xml:1843 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " -"GSSAPI." +"GSSAPI or GSS-SPNEGO." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1798 +#: sssd-ldap.5.xml:1855 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1801 -msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." +#: sssd-ldap.5.xml:1858 +msgid "" +"Specifies the lifetime in seconds of the TGT if GSSAPI or GSS-SPNEGO is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1805 sssd-ad.5.xml:959 +#: sssd-ldap.5.xml:1862 sssd-ad.5.xml:978 msgid "Default: 86400 (24 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1811 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:1868 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1814 +#: sssd-ldap.5.xml:1871 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of preference. " @@ -6127,7 +6375,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1826 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:1883 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -6135,7 +6383,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1831 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1888 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " @@ -6143,39 +6391,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1840 sssd-ipa.5.xml:443 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1897 sssd-ipa.5.xml:443 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1843 -msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." +#: sssd-ldap.5.xml:1900 +msgid "Specify the Kerberos REALM (for SASL/GSSAPI/GSS-SPNEGO auth)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1846 +#: sssd-ldap.5.xml:1904 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1852 sssd-krb5.5.xml:462 +#: sssd-ldap.5.xml:1910 sssd-krb5.5.xml:462 msgid "krb5_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1855 +#: sssd-ldap.5.xml:1913 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1867 sssd-krb5.5.xml:477 +#: sssd-ldap.5.xml:1925 sssd-krb5.5.xml:477 msgid "krb5_use_kdcinfo (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1870 sssd-krb5.5.xml:480 +#: sssd-ldap.5.xml:1928 sssd-krb5.5.xml:480 msgid "" "Specifies if the SSSD should instruct the Kerberos libraries what realm and " "which KDCs to use. This option is on by default, if you disable it, you need " @@ -6185,7 +6433,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1881 sssd-krb5.5.xml:491 +#: sssd-ldap.5.xml:1939 sssd-krb5.5.xml:491 msgid "" "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more " @@ -6193,26 +6441,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1895 +#: sssd-ldap.5.xml:1953 msgid "ldap_pwd_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1898 +#: sssd-ldap.5.xml:1956 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1903 +#: sssd-ldap.5.xml:1961 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1908 +#: sssd-ldap.5.xml:1966 msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " @@ -6220,7 +6468,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1914 +#: sssd-ldap.5.xml:1972 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " @@ -6228,31 +6476,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1923 +#: sssd-ldap.5.xml:1981 msgid "" "<emphasis>Note</emphasis>: if a password policy is configured on server " "side, it always takes precedence over policy set with this option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1931 +#: sssd-ldap.5.xml:1989 msgid "ldap_referrals (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1934 +#: sssd-ldap.5.xml:1992 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1938 +#: sssd-ldap.5.xml:1996 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1943 +#: sssd-ldap.5.xml:2001 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " @@ -6261,56 +6509,56 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1957 +#: sssd-ldap.5.xml:2015 msgid "ldap_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1960 +#: sssd-ldap.5.xml:2018 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1964 +#: sssd-ldap.5.xml:2022 msgid "Default: ldap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1970 +#: sssd-ldap.5.xml:2028 msgid "ldap_chpass_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1973 +#: sssd-ldap.5.xml:2031 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1978 +#: sssd-ldap.5.xml:2036 msgid "Default: not set, i.e. service discovery is disabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1984 +#: sssd-ldap.5.xml:2042 msgid "ldap_chpass_update_last_change (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1987 +#: sssd-ldap.5.xml:2045 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1999 +#: sssd-ldap.5.xml:2057 msgid "ldap_access_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2002 +#: sssd-ldap.5.xml:2060 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -6326,12 +6574,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2022 +#: sssd-ldap.5.xml:2080 msgid "Example:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:2025 +#: sssd-ldap.5.xml:2083 #, no-wrap msgid "" "access_provider = ldap\n" @@ -6340,14 +6588,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2029 +#: sssd-ldap.5.xml:2087 msgid "" "This example means that access to this host is restricted to users whose " "employeeType attribute is set to \"admin\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2034 +#: sssd-ldap.5.xml:2092 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -6356,24 +6604,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2042 sssd-ldap.5.xml:2099 +#: sssd-ldap.5.xml:2100 sssd-ldap.5.xml:2157 msgid "Default: Empty" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2048 +#: sssd-ldap.5.xml:2106 msgid "ldap_account_expire_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2051 +#: sssd-ldap.5.xml:2109 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2055 +#: sssd-ldap.5.xml:2113 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -6381,19 +6629,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2062 +#: sssd-ldap.5.xml:2120 msgid "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2065 +#: sssd-ldap.5.xml:2123 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2070 +#: sssd-ldap.5.xml:2128 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -6402,7 +6650,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2077 +#: sssd-ldap.5.xml:2135 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " @@ -6410,7 +6658,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2083 +#: sssd-ldap.5.xml:2141 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -6419,7 +6667,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2092 +#: sssd-ldap.5.xml:2150 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>expire</quote> in order for the " @@ -6427,22 +6675,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2105 +#: sssd-ldap.5.xml:2163 msgid "ldap_access_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2108 +#: sssd-ldap.5.xml:2166 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2112 +#: sssd-ldap.5.xml:2170 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2115 +#: sssd-ldap.5.xml:2173 msgid "" "<emphasis>lockout</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -6452,14 +6700,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2125 +#: sssd-ldap.5.xml:2183 msgid "" "<emphasis> Please note that this option is superseded by the <quote>ppolicy</" "quote> option and might be removed in a future release. </emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2132 +#: sssd-ldap.5.xml:2190 msgid "" "<emphasis>ppolicy</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -6472,12 +6720,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2149 +#: sssd-ldap.5.xml:2207 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2153 +#: sssd-ldap.5.xml:2211 msgid "" "<emphasis>pwd_expire_policy_reject, pwd_expire_policy_warn, " "pwd_expire_policy_renew: </emphasis> These options are useful if users are " @@ -6487,7 +6735,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2163 +#: sssd-ldap.5.xml:2221 msgid "" "The difference between these options is the action taken if user password is " "expired: pwd_expire_policy_reject - user is denied to log in, " @@ -6497,63 +6745,63 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2171 +#: sssd-ldap.5.xml:2229 msgid "" "Note If user password is expired no explicit message is prompted by SSSD." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2175 +#: sssd-ldap.5.xml:2233 msgid "" "Please note that 'access_provider = ldap' must be set for this feature to " "work. Also 'ldap_pwd_policy' must be set to an appropriate password policy." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2180 +#: sssd-ldap.5.xml:2238 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2185 +#: sssd-ldap.5.xml:2243 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2189 +#: sssd-ldap.5.xml:2247 msgid "" "<emphasis>rhost</emphasis>: use the rhost attribute to determine whether " "remote host can access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2193 +#: sssd-ldap.5.xml:2251 msgid "" "Please note, rhost field in pam is set by application, it is better to check " "what the application sends to pam, before enabling this access control option" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2198 +#: sssd-ldap.5.xml:2256 msgid "Default: filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2201 +#: sssd-ldap.5.xml:2259 msgid "" "Please note that it is a configuration error if a value is used more than " "once." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2208 +#: sssd-ldap.5.xml:2266 msgid "ldap_pwdlockout_dn (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2211 +#: sssd-ldap.5.xml:2269 msgid "" "This option specifies the DN of password policy entry on LDAP server. Please " "note that absence of this option in sssd.conf in case of enabled account " @@ -6562,74 +6810,74 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2219 +#: sssd-ldap.5.xml:2277 msgid "Example: cn=ppolicy,ou=policies,dc=example,dc=com" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2222 +#: sssd-ldap.5.xml:2280 msgid "Default: cn=ppolicy,ou=policies,$ldap_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2228 +#: sssd-ldap.5.xml:2286 msgid "ldap_deref (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2231 +#: sssd-ldap.5.xml:2289 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2236 +#: sssd-ldap.5.xml:2294 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2240 +#: sssd-ldap.5.xml:2298 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2245 +#: sssd-ldap.5.xml:2303 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2250 +#: sssd-ldap.5.xml:2308 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2255 +#: sssd-ldap.5.xml:2313 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2263 +#: sssd-ldap.5.xml:2321 msgid "ldap_rfc2307_fallback_to_local_users (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2266 +#: sssd-ldap.5.xml:2324 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2270 +#: sssd-ldap.5.xml:2328 msgid "" "In some environments where the RFC2307 schema is used, local users are made " "members of LDAP groups by adding their names to the memberUid attribute. " @@ -6640,7 +6888,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2281 +#: sssd-ldap.5.xml:2339 msgid "" "This option falls back to checking if local users are referenced, and caches " "them so that later initgroups() calls will augment the local users with the " @@ -6648,24 +6896,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2293 sssd-ifp.5.xml:136 +#: sssd-ldap.5.xml:2351 sssd-ifp.5.xml:136 msgid "wildcard_limit (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2296 +#: sssd-ldap.5.xml:2354 msgid "" "Specifies an upper limit on the number of entries that are downloaded during " "a wildcard lookup." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2300 +#: sssd-ldap.5.xml:2358 msgid "At the moment, only the InfoPipe responder supports wildcard lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2304 +#: sssd-ldap.5.xml:2362 msgid "Default: 1000 (often the size of one page)" msgstr "" @@ -6680,12 +6928,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2314 +#: sssd-ldap.5.xml:2372 msgid "SUDO OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2316 +#: sssd-ldap.5.xml:2374 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -6693,317 +6941,327 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2327 +#: sssd-ldap.5.xml:2385 msgid "ldap_sudorule_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2330 +#: sssd-ldap.5.xml:2388 msgid "The object class of a sudo rule entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2333 +#: sssd-ldap.5.xml:2391 msgid "Default: sudoRole" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2339 +#: sssd-ldap.5.xml:2397 msgid "ldap_sudorule_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2342 +#: sssd-ldap.5.xml:2400 msgid "The LDAP attribute that corresponds to the sudo rule name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2352 +#: sssd-ldap.5.xml:2410 msgid "ldap_sudorule_command (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2355 +#: sssd-ldap.5.xml:2413 msgid "The LDAP attribute that corresponds to the command name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2359 +#: sssd-ldap.5.xml:2417 msgid "Default: sudoCommand" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2365 +#: sssd-ldap.5.xml:2423 msgid "ldap_sudorule_host (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2368 +#: sssd-ldap.5.xml:2426 msgid "" "The LDAP attribute that corresponds to the host name (or host IP address, " "host IP network, or host netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2373 +#: sssd-ldap.5.xml:2431 msgid "Default: sudoHost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2379 +#: sssd-ldap.5.xml:2437 msgid "ldap_sudorule_user (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2382 +#: sssd-ldap.5.xml:2440 msgid "" "The LDAP attribute that corresponds to the user name (or UID, group name or " "user's netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2386 +#: sssd-ldap.5.xml:2444 msgid "Default: sudoUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2392 +#: sssd-ldap.5.xml:2450 msgid "ldap_sudorule_option (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2395 +#: sssd-ldap.5.xml:2453 msgid "The LDAP attribute that corresponds to the sudo options." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2399 +#: sssd-ldap.5.xml:2457 msgid "Default: sudoOption" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2405 +#: sssd-ldap.5.xml:2463 msgid "ldap_sudorule_runasuser (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2408 +#: sssd-ldap.5.xml:2466 msgid "" "The LDAP attribute that corresponds to the user name that commands may be " "run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2412 +#: sssd-ldap.5.xml:2470 msgid "Default: sudoRunAsUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2418 +#: sssd-ldap.5.xml:2476 msgid "ldap_sudorule_runasgroup (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2421 +#: sssd-ldap.5.xml:2479 msgid "" "The LDAP attribute that corresponds to the group name or group GID that " "commands may be run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2425 +#: sssd-ldap.5.xml:2483 msgid "Default: sudoRunAsGroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2431 +#: sssd-ldap.5.xml:2489 msgid "ldap_sudorule_notbefore (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2434 +#: sssd-ldap.5.xml:2492 msgid "" "The LDAP attribute that corresponds to the start date/time for when the sudo " "rule is valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2438 +#: sssd-ldap.5.xml:2496 msgid "Default: sudoNotBefore" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2444 +#: sssd-ldap.5.xml:2502 msgid "ldap_sudorule_notafter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2447 +#: sssd-ldap.5.xml:2505 msgid "" "The LDAP attribute that corresponds to the expiration date/time, after which " "the sudo rule will no longer be valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2452 +#: sssd-ldap.5.xml:2510 msgid "Default: sudoNotAfter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2458 +#: sssd-ldap.5.xml:2516 msgid "ldap_sudorule_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2461 +#: sssd-ldap.5.xml:2519 msgid "The LDAP attribute that corresponds to the ordering index of the rule." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2465 +#: sssd-ldap.5.xml:2523 msgid "Default: sudoOrder" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2471 +#: sssd-ldap.5.xml:2529 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2474 +#: sssd-ldap.5.xml:2532 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2479 +#: sssd-ldap.5.xml:2537 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </" "emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2484 +#: sssd-ldap.5.xml:2542 msgid "Default: 21600 (6 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2490 +#: sssd-ldap.5.xml:2548 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2493 +#: sssd-ldap.5.xml:2551 msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " -"rules (which downloads all rules that have USN higher than the highest USN " -"of cached rules)." +"rules (which downloads all rules that have USN higher than the highest " +"server USN value that is currently known by SSSD)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2499 +#: sssd-ldap.5.xml:2557 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:2561 +msgid "" +"<emphasis>Note:</emphasis> the highest USN value can be updated by three " +"tasks: 1) By sudo full and smart refresh (if updated rules are found), 2) by " +"enumeration of users and groups (if enabled and updated users or groups are " +"found) and 3) by reconnecting to the server (by default every 15 minutes, " +"see <emphasis>ldap_connection_expire_timeout</emphasis>)." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2509 +#: sssd-ldap.5.xml:2578 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2512 +#: sssd-ldap.5.xml:2581 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2523 +#: sssd-ldap.5.xml:2592 msgid "ldap_sudo_hostnames (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2526 +#: sssd-ldap.5.xml:2595 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2531 +#: sssd-ldap.5.xml:2600 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2536 sssd-ldap.5.xml:2559 sssd-ldap.5.xml:2577 -#: sssd-ldap.5.xml:2595 +#: sssd-ldap.5.xml:2605 sssd-ldap.5.xml:2628 sssd-ldap.5.xml:2646 +#: sssd-ldap.5.xml:2664 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</" "emphasis> then this option has no effect." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2541 sssd-ldap.5.xml:2564 +#: sssd-ldap.5.xml:2610 sssd-ldap.5.xml:2633 msgid "Default: not specified" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2547 +#: sssd-ldap.5.xml:2616 msgid "ldap_sudo_ip (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2550 +#: sssd-ldap.5.xml:2619 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2555 +#: sssd-ldap.5.xml:2624 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2570 +#: sssd-ldap.5.xml:2639 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2573 +#: sssd-ldap.5.xml:2642 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2588 +#: sssd-ldap.5.xml:2657 msgid "ldap_sudo_include_regexp (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2591 +#: sssd-ldap.5.xml:2660 msgid "" "If true then SSSD will download every rule that contains a wildcard in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><note><para> -#: sssd-ldap.5.xml:2601 +#: sssd-ldap.5.xml:2670 msgid "" "Using wildcard is an operation that is very costly to evaluate on the LDAP " "server side!" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2613 +#: sssd-ldap.5.xml:2682 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -7012,111 +7270,111 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2623 +#: sssd-ldap.5.xml:2692 msgid "AUTOFS OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2625 +#: sssd-ldap.5.xml:2694 msgid "" "Some of the defaults for the parameters below are dependent on the LDAP " "schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2631 +#: sssd-ldap.5.xml:2700 msgid "ldap_autofs_map_master_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2634 +#: sssd-ldap.5.xml:2703 msgid "The name of the automount master map in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2637 +#: sssd-ldap.5.xml:2706 msgid "Default: auto.master" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2644 +#: sssd-ldap.5.xml:2713 msgid "ldap_autofs_map_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2647 +#: sssd-ldap.5.xml:2716 msgid "The object class of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2650 +#: sssd-ldap.5.xml:2719 msgid "Default: nisMap (rfc2307, autofs_provider=ad), otherwise automountMap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2658 +#: sssd-ldap.5.xml:2727 msgid "ldap_autofs_map_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2661 +#: sssd-ldap.5.xml:2730 msgid "The name of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2664 +#: sssd-ldap.5.xml:2733 msgid "" "Default: nisMapName (rfc2307, autofs_provider=ad), otherwise automountMapName" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2672 +#: sssd-ldap.5.xml:2741 msgid "ldap_autofs_entry_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2675 +#: sssd-ldap.5.xml:2744 msgid "" "The object class of an automount entry in LDAP. The entry usually " "corresponds to a mount point." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2680 +#: sssd-ldap.5.xml:2749 msgid "Default: nisObject (rfc2307, autofs_provider=ad), otherwise automount" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2688 +#: sssd-ldap.5.xml:2757 msgid "ldap_autofs_entry_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2691 sssd-ldap.5.xml:2706 +#: sssd-ldap.5.xml:2760 sssd-ldap.5.xml:2775 msgid "" "The key of an automount entry in LDAP. The entry usually corresponds to a " "mount point." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2695 +#: sssd-ldap.5.xml:2764 msgid "Default: cn (rfc2307, autofs_provider=ad), otherwise automountKey" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2703 +#: sssd-ldap.5.xml:2772 msgid "ldap_autofs_entry_value (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2710 +#: sssd-ldap.5.xml:2779 msgid "" "Default: nisMapEntry (rfc2307, autofs_provider=ad), otherwise " "automountInformation" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2629 +#: sssd-ldap.5.xml:2698 msgid "" "<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" "\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " @@ -7125,32 +7383,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2721 +#: sssd-ldap.5.xml:2790 msgid "ADVANCED OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2728 +#: sssd-ldap.5.xml:2797 msgid "ldap_netgroup_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2733 +#: sssd-ldap.5.xml:2802 msgid "ldap_user_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2738 +#: sssd-ldap.5.xml:2807 msgid "ldap_group_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note> -#: sssd-ldap.5.xml:2743 +#: sssd-ldap.5.xml:2812 msgid "<note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note><para> -#: sssd-ldap.5.xml:2745 +#: sssd-ldap.5.xml:2814 msgid "" "If the option <quote>ldap_use_tokengroups</quote> is enabled, the searches " "against Active Directory will not be restricted and return all groups " @@ -7159,22 +7417,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist> -#: sssd-ldap.5.xml:2752 +#: sssd-ldap.5.xml:2821 msgid "</note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2754 +#: sssd-ldap.5.xml:2823 msgid "ldap_sudo_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2759 +#: sssd-ldap.5.xml:2828 msgid "ldap_autofs_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2723 +#: sssd-ldap.5.xml:2792 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -7183,14 +7441,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2774 sssd-simple.5.xml:131 sssd-ipa.5.xml:843 -#: sssd-ad.5.xml:1078 sssd-krb5.5.xml:570 sss_rpcidmapd.5.xml:98 +#: sssd-ldap.5.xml:2843 sssd-simple.5.xml:131 sssd-ipa.5.xml:843 +#: sssd-ad.5.xml:1097 sssd-krb5.5.xml:604 sss_rpcidmapd.5.xml:98 #: sssd-files.5.xml:130 sssd-session-recording.5.xml:144 msgid "EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2776 +#: sssd-ldap.5.xml:2845 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -7198,7 +7456,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2782 +#: sssd-ldap.5.xml:2851 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -7211,27 +7469,27 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:2781 sssd-ldap.5.xml:2799 sssd-simple.5.xml:139 -#: sssd-ipa.5.xml:851 sssd-ad.5.xml:1086 sssd-sudo.5.xml:56 sssd-krb5.5.xml:579 +#: sssd-ldap.5.xml:2850 sssd-ldap.5.xml:2868 sssd-simple.5.xml:139 +#: sssd-ipa.5.xml:851 sssd-ad.5.xml:1105 sssd-sudo.5.xml:56 sssd-krb5.5.xml:613 #: sssd-files.5.xml:137 sssd-files.5.xml:148 sssd-session-recording.5.xml:150 #: include/ldap_id_mapping.xml:105 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2793 +#: sssd-ldap.5.xml:2862 msgid "LDAP ACCESS FILTER EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2795 +#: sssd-ldap.5.xml:2864 msgid "" "The following example assumes that SSSD is correctly configured and to use " "the ldap_access_order=lockout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2800 +#: sssd-ldap.5.xml:2869 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -7247,13 +7505,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2815 sssd_krb5_locator_plugin.8.xml:81 sssd-simple.5.xml:148 -#: sssd-ad.5.xml:1101 sssd.8.xml:257 sss_seed.8.xml:163 +#: sssd-ldap.5.xml:2884 sssd_krb5_locator_plugin.8.xml:83 sssd-simple.5.xml:148 +#: sssd-ad.5.xml:1120 sssd.8.xml:257 sss_seed.8.xml:163 msgid "NOTES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2817 +#: sssd-ldap.5.xml:2886 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -7466,7 +7724,7 @@ msgstr "" msgid "" "Try to use certificate based authentication, i.e. authentication with a " "Smartcard or similar devices. If a Smartcard is available and the service is " -"allowed for Smartcard authentication the use will be prompted for a PIN and " +"allowed for Smartcard authentication the user will be prompted for a PIN and " "the certificate based authentication will continue" msgstr "" @@ -7513,13 +7771,22 @@ msgid "" "<option>password</option> and <option>session</option>) are provided." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para> +#: pam_sss.8.xml:259 +msgid "" +"If SSSD's PAM responder is not running, e.g. if the PAM responder socket is " +"not available, pam_sss will return PAM_USER_UNKNOWN when called as " +"<option>account</option> module to avoid issues with users from other " +"sources during access control." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><title> -#: pam_sss.8.xml:262 +#: pam_sss.8.xml:266 msgid "FILES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:263 +#: pam_sss.8.xml:267 msgid "" "If a password reset by root fails, because the corresponding SSSD provider " "does not support password resets, an individual message can be displayed. " @@ -7527,7 +7794,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:268 +#: pam_sss.8.xml:272 msgid "" "The message is read from the file <filename>pam_sss_pw_reset_message.LOC</" "filename> where LOC stands for a locale string returned by <citerefentry> " @@ -7539,7 +7806,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:278 +#: pam_sss.8.xml:282 msgid "" "These files are searched in the directory <filename>/etc/sssd/customize/" "DOMAIN_NAME/</filename>. If no matching file is present a generic message is " @@ -7589,34 +7856,44 @@ msgstr "" msgid "" "The plugin reads the information about the KDCs of a given realm from a file " "called <filename>kdcinfo.REALM</filename>. The file should contain one or " -"more IP addresses either in dotted-decimal IPv4 notation or the hexadecimal " -"IPv6 notation. An optional port number can be added to the end separated " -"with a colon, the IPv6 address has to be enclosed in squared brackets in " -"this case as usual. Valid entries are:" +"more DNS names or IP addresses either in dotted-decimal IPv4 notation or the " +"hexadecimal IPv6 notation. An optional port number can be added to the end " +"separated with a colon, the IPv6 address has to be enclosed in squared " +"brackets in this case as usual. Valid entries are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> #: sssd_krb5_locator_plugin.8.xml:58 -msgid "1.2.3.4" +msgid "kdc.example.com" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> #: sssd_krb5_locator_plugin.8.xml:59 -msgid "5.6.7.8:99" +msgid "kdc.example.com:321" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> #: sssd_krb5_locator_plugin.8.xml:60 -msgid "2001:db8:85a3::8a2e:370:7334" +msgid "1.2.3.4" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> #: sssd_krb5_locator_plugin.8.xml:61 +msgid "5.6.7.8:99" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd_krb5_locator_plugin.8.xml:62 +msgid "2001:db8:85a3::8a2e:370:7334" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd_krb5_locator_plugin.8.xml:63 msgid "[2001:db8:85a3::8a2e:370:7334]:321" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:63 +#: sssd_krb5_locator_plugin.8.xml:65 msgid "" "SSSD's krb5 auth-provider which is used by the IPA and AD providers as well " "adds the address of the current KDC or domain controller SSSD is using to " @@ -7624,7 +7901,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:68 +#: sssd_krb5_locator_plugin.8.xml:70 msgid "" "In environments with read-only and read-write KDCs where clients are " "expected to use the read-only instances for the general operations and only " @@ -7637,7 +7914,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:83 +#: sssd_krb5_locator_plugin.8.xml:85 msgid "" "Not all Kerberos implementations support the use of plugins. If " "<command>sssd_krb5_locator_plugin</command> is not available on your system " @@ -7645,20 +7922,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:89 +#: sssd_krb5_locator_plugin.8.xml:91 msgid "" "If the environment variable SSSD_KRB5_LOCATOR_DEBUG is set to any value " "debug messages will be sent to stderr." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:93 +#: sssd_krb5_locator_plugin.8.xml:95 msgid "" "If the environment variable SSSD_KRB5_LOCATOR_DISABLE is set to any value " "the plugin is disabled and will just return KRB5_PLUGIN_NO_HANDLE to the " "caller." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:100 +msgid "" +"If the environment variable SSSD_KRB5_LOCATOR_IGNORE_DNS_FAILURES is set to " +"any value plugin will try to resolve all DNS names in kdcinfo file. By " +"default plugin returns KRB5_PLUGIN_NO_HANDLE to the caller immediately on " +"first DNS resolving failure." +msgstr "" + #. type: Content of: <reference><refentry><refnamediv><refname> #: sssd-simple.5.xml:10 sssd-simple.5.xml:16 msgid "sssd-simple" @@ -8755,7 +9041,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:128 sssd-ad.5.xml:888 +#: sssd-ipa.5.xml:128 sssd-ad.5.xml:907 msgid "dyndns_update (boolean)" msgstr "" @@ -8770,7 +9056,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:140 sssd-ad.5.xml:902 +#: sssd-ipa.5.xml:140 sssd-ad.5.xml:921 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" @@ -8785,12 +9071,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:157 sssd-ad.5.xml:913 +#: sssd-ipa.5.xml:157 sssd-ad.5.xml:932 msgid "dyndns_ttl (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:160 sssd-ad.5.xml:916 +#: sssd-ipa.5.xml:160 sssd-ad.5.xml:935 msgid "" "The TTL to apply to the client DNS record when updating it. If " "dyndns_update is false this has no effect. This will override the TTL " @@ -8811,12 +9097,12 @@ msgid "Default: 1200 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:177 sssd-ad.5.xml:927 +#: sssd-ipa.5.xml:177 sssd-ad.5.xml:946 msgid "dyndns_iface (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:180 sssd-ad.5.xml:930 +#: sssd-ipa.5.xml:180 sssd-ad.5.xml:949 msgid "" "Optional. Applicable only when dyndns_update is true. Choose the interface " "or a list of interfaces whose IP addresses should be used for dynamic DNS " @@ -8840,17 +9126,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:197 sssd-ad.5.xml:941 +#: sssd-ipa.5.xml:197 sssd-ad.5.xml:960 msgid "Example: dyndns_iface = em1, vnet1, vnet2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:203 sssd-ad.5.xml:992 +#: sssd-ipa.5.xml:203 sssd-ad.5.xml:1011 msgid "dyndns_auth (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:206 sssd-ad.5.xml:995 +#: sssd-ipa.5.xml:206 sssd-ad.5.xml:1014 msgid "" "Whether the nsupdate utility should use GSS-TSIG authentication for secure " "updates with the DNS server, insecure updates can be sent by setting this " @@ -8858,7 +9144,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:212 sssd-ad.5.xml:1001 +#: sssd-ipa.5.xml:212 sssd-ad.5.xml:1020 msgid "Default: GSS-TSIG" msgstr "" @@ -8885,7 +9171,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:244 sssd-ad.5.xml:947 +#: sssd-ipa.5.xml:244 sssd-ad.5.xml:966 msgid "dyndns_refresh_interval (integer)" msgstr "" @@ -8898,12 +9184,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:260 sssd-ad.5.xml:965 +#: sssd-ipa.5.xml:260 sssd-ad.5.xml:984 msgid "dyndns_update_ptr (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:263 sssd-ad.5.xml:968 +#: sssd-ipa.5.xml:263 sssd-ad.5.xml:987 msgid "" "Whether the PTR record should also be explicitly updated when updating the " "client's DNS records. Applicable only when dyndns_update is true." @@ -8922,60 +9208,60 @@ msgid "Default: False (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:280 sssd-ad.5.xml:979 +#: sssd-ipa.5.xml:280 sssd-ad.5.xml:998 msgid "dyndns_force_tcp (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:283 sssd-ad.5.xml:982 +#: sssd-ipa.5.xml:283 sssd-ad.5.xml:1001 msgid "" "Whether the nsupdate utility should default to using TCP for communicating " "with the DNS server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:287 sssd-ad.5.xml:986 +#: sssd-ipa.5.xml:287 sssd-ad.5.xml:1005 msgid "Default: False (let nsupdate choose the protocol)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:293 sssd-ad.5.xml:1007 +#: sssd-ipa.5.xml:293 sssd-ad.5.xml:1026 msgid "dyndns_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:296 sssd-ad.5.xml:1010 +#: sssd-ipa.5.xml:296 sssd-ad.5.xml:1029 msgid "" "The DNS server to use when performing a DNS update. In most setups, it's " "recommended to leave this option unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:301 sssd-ad.5.xml:1015 +#: sssd-ipa.5.xml:301 sssd-ad.5.xml:1034 msgid "" "Setting this option makes sense for environments where the DNS server is " "different from the identity server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:306 sssd-ad.5.xml:1020 +#: sssd-ipa.5.xml:306 sssd-ad.5.xml:1039 msgid "" "Please note that this option will be only used in fallback attempt when " "previous attempt using autodetected settings failed." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:311 sssd-ad.5.xml:1025 +#: sssd-ipa.5.xml:311 sssd-ad.5.xml:1044 msgid "Default: None (let nsupdate choose the server)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:317 sssd-ad.5.xml:1031 +#: sssd-ipa.5.xml:317 sssd-ad.5.xml:1050 msgid "dyndns_update_per_family (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:320 sssd-ad.5.xml:1034 +#: sssd-ipa.5.xml:320 sssd-ad.5.xml:1053 msgid "" "DNS update is by default performed in two steps - IPv4 update and then IPv6 " "update. In some cases it might be desirable to perform IPv4 and IPv6 update " @@ -9089,26 +9375,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:458 sssd-ad.5.xml:1049 +#: sssd-ipa.5.xml:458 sssd-ad.5.xml:1068 msgid "krb5_confd_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:461 sssd-ad.5.xml:1052 +#: sssd-ipa.5.xml:461 sssd-ad.5.xml:1071 msgid "" "Absolute path of a directory where SSSD should place Kerberos configuration " "snippets." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:465 sssd-ad.5.xml:1056 +#: sssd-ipa.5.xml:465 sssd-ad.5.xml:1075 msgid "" "To disable the creation of the configuration snippets set the parameter to " "'none'." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:469 sssd-ad.5.xml:1060 +#: sssd-ipa.5.xml:469 sssd-ad.5.xml:1079 msgid "" "Default: not set (krb5.include.d subdirectory of SSSD's pubconf directory)" msgstr "" @@ -9127,7 +9413,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:486 sssd-ipa.5.xml:516 sssd-ipa.5.xml:532 sssd-ad.5.xml:452 +#: sssd-ipa.5.xml:486 sssd-ipa.5.xml:516 sssd-ipa.5.xml:532 sssd-ad.5.xml:471 msgid "Default: 5 (seconds)" msgstr "" @@ -9493,10 +9779,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> #: sssd-ipa.5.xml:791 -#, fuzzy -#| msgid "ldap_user_principal" msgid "ldap_user_search_base" -msgstr "ldap_user_principal" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> #: sssd-ipa.5.xml:794 @@ -10005,12 +10289,27 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:442 +#: sssd-ad.5.xml:441 +msgid "ad_gpo_ignore_unreadable (boolean)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:444 +msgid "" +"Normally when some group policy containers (AD object) of applicable group " +"policy objects are not readable by SSSD then users are denied access. This " +"option allows to ignore group policy containers and with them associated " +"policies if their attributes in group policy containers are not readable for " +"SSSD." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:461 msgid "ad_gpo_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:445 +#: sssd-ad.5.xml:464 msgid "" "The amount of time between lookups of GPO policy files against the AD " "server. This will reduce the latency and load on the AD server if there are " @@ -10018,12 +10317,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:458 +#: sssd-ad.5.xml:477 msgid "ad_gpo_map_interactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:461 +#: sssd-ad.5.xml:480 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the InteractiveLogonRight and " @@ -10031,14 +10330,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:467 +#: sssd-ad.5.xml:486 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on locally\" and \"Deny log on locally\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:481 +#: sssd-ad.5.xml:500 #, no-wrap msgid "" "ad_gpo_map_interactive = +my_pam_service, -login\n" @@ -10046,7 +10345,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:472 +#: sssd-ad.5.xml:491 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -10058,42 +10357,42 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:504 +#: sssd-ad.5.xml:523 msgid "gdm-fingerprint" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:524 +#: sssd-ad.5.xml:543 msgid "lightdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:529 +#: sssd-ad.5.xml:548 msgid "lxdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:534 +#: sssd-ad.5.xml:553 msgid "sddm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:539 +#: sssd-ad.5.xml:558 msgid "unity" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:544 +#: sssd-ad.5.xml:563 msgid "xdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:553 +#: sssd-ad.5.xml:572 msgid "ad_gpo_map_remote_interactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:556 +#: sssd-ad.5.xml:575 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the RemoteInteractiveLogonRight and " @@ -10101,7 +10400,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:562 +#: sssd-ad.5.xml:581 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on through Remote Desktop Services\" and \"Deny log on through Remote " @@ -10109,7 +10408,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:577 +#: sssd-ad.5.xml:596 #, no-wrap msgid "" "ad_gpo_map_remote_interactive = +my_pam_service, -sshd\n" @@ -10117,7 +10416,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:568 +#: sssd-ad.5.xml:587 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -10129,22 +10428,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:585 +#: sssd-ad.5.xml:604 msgid "sshd" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:590 +#: sssd-ad.5.xml:609 msgid "cockpit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:599 +#: sssd-ad.5.xml:618 msgid "ad_gpo_map_network (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:602 +#: sssd-ad.5.xml:621 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the NetworkLogonRight and " @@ -10152,7 +10451,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:608 +#: sssd-ad.5.xml:627 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Access " "this computer from the network\" and \"Deny access to this computer from the " @@ -10160,7 +10459,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:623 +#: sssd-ad.5.xml:642 #, no-wrap msgid "" "ad_gpo_map_network = +my_pam_service, -ftp\n" @@ -10168,7 +10467,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:614 +#: sssd-ad.5.xml:633 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -10180,22 +10479,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:631 +#: sssd-ad.5.xml:650 msgid "ftp" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:636 +#: sssd-ad.5.xml:655 msgid "samba" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:645 +#: sssd-ad.5.xml:664 msgid "ad_gpo_map_batch (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:648 +#: sssd-ad.5.xml:667 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the BatchLogonRight and DenyBatchLogonRight " @@ -10203,14 +10502,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:654 +#: sssd-ad.5.xml:673 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a batch job\" and \"Deny log on as a batch job\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:668 +#: sssd-ad.5.xml:687 #, no-wrap msgid "" "ad_gpo_map_batch = +my_pam_service, -crond\n" @@ -10218,7 +10517,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:659 +#: sssd-ad.5.xml:678 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -10230,23 +10529,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:671 +#: sssd-ad.5.xml:690 msgid "" "Note: Cron service name may differ depending on Linux distribution used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:677 +#: sssd-ad.5.xml:696 msgid "crond" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:686 +#: sssd-ad.5.xml:705 msgid "ad_gpo_map_service (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:689 +#: sssd-ad.5.xml:708 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the ServiceLogonRight and " @@ -10254,14 +10553,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:695 +#: sssd-ad.5.xml:714 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a service\" and \"Deny log on as a service\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:708 +#: sssd-ad.5.xml:727 #, no-wrap msgid "" "ad_gpo_map_service = +my_pam_service\n" @@ -10269,7 +10568,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:700 sssd-ad.5.xml:775 +#: sssd-ad.5.xml:719 sssd-ad.5.xml:794 msgid "" "It is possible to add a PAM service name to the default set by using <quote>" "+service_name</quote>. Since the default set is empty, it is not possible " @@ -10280,19 +10579,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:718 +#: sssd-ad.5.xml:737 msgid "ad_gpo_map_permit (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:721 +#: sssd-ad.5.xml:740 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always granted, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:735 +#: sssd-ad.5.xml:754 #, no-wrap msgid "" "ad_gpo_map_permit = +my_pam_service, -sudo\n" @@ -10300,7 +10599,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:726 +#: sssd-ad.5.xml:745 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -10312,29 +10611,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:743 +#: sssd-ad.5.xml:762 msgid "polkit-1" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:758 +#: sssd-ad.5.xml:777 msgid "systemd-user" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:767 +#: sssd-ad.5.xml:786 msgid "ad_gpo_map_deny (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:770 +#: sssd-ad.5.xml:789 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always denied, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:783 +#: sssd-ad.5.xml:802 #, no-wrap msgid "" "ad_gpo_map_deny = +my_pam_service\n" @@ -10342,12 +10641,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:793 +#: sssd-ad.5.xml:812 msgid "ad_gpo_default_right (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:796 +#: sssd-ad.5.xml:815 msgid "" "This option defines how access control is evaluated for PAM service names " "that are not explicitly listed in one of the ad_gpo_map_* options. This " @@ -10360,57 +10659,57 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:809 +#: sssd-ad.5.xml:828 msgid "Supported values for this option include:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:813 +#: sssd-ad.5.xml:832 msgid "interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:818 +#: sssd-ad.5.xml:837 msgid "remote_interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:823 +#: sssd-ad.5.xml:842 msgid "network" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:828 +#: sssd-ad.5.xml:847 msgid "batch" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:833 +#: sssd-ad.5.xml:852 msgid "service" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:838 +#: sssd-ad.5.xml:857 msgid "permit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:843 +#: sssd-ad.5.xml:862 msgid "deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:849 +#: sssd-ad.5.xml:868 msgid "Default: deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:855 +#: sssd-ad.5.xml:874 msgid "ad_maximum_machine_account_password_age (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:858 +#: sssd-ad.5.xml:877 msgid "" "SSSD will check once a day if the machine account password is older than the " "given age in days and try to renew it. A value of 0 will disable the renewal " @@ -10418,17 +10717,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:864 +#: sssd-ad.5.xml:883 msgid "Default: 30 days" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:870 +#: sssd-ad.5.xml:889 msgid "ad_machine_account_password_renewal_opts (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:873 +#: sssd-ad.5.xml:892 msgid "" "This option should only be used to test the machine account renewal task. " "The option expects 2 integers separated by a colon (':'). The first integer " @@ -10438,12 +10737,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:882 +#: sssd-ad.5.xml:901 msgid "Default: 86400:750 (24h and 15m)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:891 +#: sssd-ad.5.xml:910 msgid "" "Optional. This option tells SSSD to automatically update the Active " "Directory DNS server with the IP address of this client. The update is " @@ -10454,19 +10753,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:921 +#: sssd-ad.5.xml:940 msgid "Default: 3600 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:937 +#: sssd-ad.5.xml:956 msgid "" "Default: Use the IP addresses of the interface which is used for AD LDAP " "connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:950 +#: sssd-ad.5.xml:969 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -10476,12 +10775,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:973 sss_rpcidmapd.5.xml:76 +#: sssd-ad.5.xml:992 sss_rpcidmapd.5.xml:76 msgid "Default: True" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1080 +#: sssd-ad.5.xml:1099 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -10489,7 +10788,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1087 +#: sssd-ad.5.xml:1106 #, no-wrap msgid "" "[domain/EXAMPLE]\n" @@ -10504,7 +10803,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1107 +#: sssd-ad.5.xml:1126 #, no-wrap msgid "" "access_provider = ldap\n" @@ -10513,7 +10812,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1103 +#: sssd-ad.5.xml:1122 msgid "" "The AD access control provider checks if the account is expired. It has the " "same effect as the following configuration of the LDAP provider: " @@ -10521,7 +10820,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1113 +#: sssd-ad.5.xml:1132 msgid "" "However, unless the <quote>ad</quote> access control provider is explicitly " "configured, the default access provider is <quote>permit</quote>. Please " @@ -10531,7 +10830,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1121 +#: sssd-ad.5.xml:1140 msgid "" "When the autofs provider is set to <quote>ad</quote>, the RFC2307 schema " "attribute mapping (nisMap, nisObject, ...) is used, because these attributes " @@ -12015,23 +12314,61 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-krb5.5.xml:505 -msgid "krb5_use_enterprise_principal (boolean)" +msgid "krb5_kdcinfo_lookahead (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:508 msgid "" +"When krb5_use_kdcinfo is set to true, you can limit the amount of servers " +"handed to <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" +"refentrytitle> <manvolnum>8</manvolnum> </citerefentry>. This might be " +"helpful when there are too many servers discovered using SRV record." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:518 +msgid "" +"The krb5_kdcinfo_lookahead option contains two numbers seperated by a colon. " +"The first number represents number of primary servers used and the second " +"number specifies the number of backup servers." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:524 +msgid "" +"For example <emphasis>10:0</emphasis> means that up to 10 primary servers " +"will be handed to <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" +"refentrytitle> <manvolnum>8</manvolnum> </citerefentry>. but no backup " +"servers." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:533 +#, fuzzy +#| msgid "Default: true" +msgid "Default: 3:1" +msgstr "Oletus:tosi" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-krb5.5.xml:539 +msgid "krb5_use_enterprise_principal (boolean)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:542 +msgid "" "Specifies if the user principal should be treated as enterprise principal. " "See section 5 of RFC 6806 for more details about enterprise principals." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:514 +#: sssd-krb5.5.xml:548 msgid "Default: false (AD provider: true)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:517 +#: sssd-krb5.5.xml:551 msgid "" "The IPA provider will set to option to 'true' if it detects that the server " "is capable of handling enterprise principals and the option is not set " @@ -12039,12 +12376,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:526 +#: sssd-krb5.5.xml:560 msgid "krb5_map_user (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:529 +#: sssd-krb5.5.xml:563 msgid "" "The list of mappings is given as a comma-separated list of pairs " "<quote>username:primary</quote> where <quote>username</quote> is a UNIX user " @@ -12054,7 +12391,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-krb5.5.xml:541 +#: sssd-krb5.5.xml:575 #, no-wrap msgid "" "krb5_realm = REALM\n" @@ -12062,7 +12399,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:546 +#: sssd-krb5.5.xml:580 msgid "" "<quote>joe</quote> and <quote>dick</quote> are UNIX user names and " "<quote>juser</quote> and <quote>richard</quote> are primaries of kerberos " @@ -12082,7 +12419,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:572 +#: sssd-krb5.5.xml:606 msgid "" "The following example assumes that SSSD is correctly configured and FOO is " "one of the domains in the <replaceable>[sssd]</replaceable> section. This " @@ -12091,7 +12428,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-krb5.5.xml:580 +#: sssd-krb5.5.xml:614 #, no-wrap msgid "" "[domain/FOO]\n" diff --git a/src/man/po/fr.po b/src/man/po/fr.po index 8a898085fe4..3f37f05be27 100644 --- a/src/man/po/fr.po +++ b/src/man/po/fr.po @@ -14,9 +14,9 @@ # Jérôme Fenal <jfenal@gmail.com>, 2016. #zanata msgid "" msgstr "" -"Project-Id-Version: sssd-docs 1.16.2\n" +"Project-Id-Version: sssd-docs 2.0.99\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2019-02-27 19:54+0100\n" +"POT-Creation-Date: 2019-06-13 20:34+0200\n" "PO-Revision-Date: 2016-03-19 03:04+0000\n" "Last-Translator: Jean-Baptiste Holcroft <jean-baptiste@holcroft.fr>\n" "Language-Team: French (http://www.transifex.com/projects/p/sssd/language/" @@ -336,11 +336,11 @@ msgstr "" "la journalisation de débogage de SSSD, cette option sera ignorée." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:133 sssd.conf.5.xml:579 sssd.conf.5.xml:875 -#: sssd.conf.5.xml:1648 sssd.conf.5.xml:1678 sssd-ldap.5.xml:1792 -#: sssd-ldap.5.xml:1889 sssd-ldap.5.xml:1951 sssd-ldap.5.xml:2517 -#: sssd-ldap.5.xml:2582 sssd-ipa.5.xml:326 sssd-ad.5.xml:227 sssd-ad.5.xml:341 -#: sssd-ad.5.xml:907 sssd-ad.5.xml:1040 sssd-krb5.5.xml:499 +#: sssd.conf.5.xml:133 sssd.conf.5.xml:579 sssd.conf.5.xml:876 +#: sssd.conf.5.xml:1649 sssd.conf.5.xml:1679 sssd-ldap.5.xml:1849 +#: sssd-ldap.5.xml:1947 sssd-ldap.5.xml:2009 sssd-ldap.5.xml:2586 +#: sssd-ldap.5.xml:2651 sssd-ipa.5.xml:326 sssd-ad.5.xml:227 sssd-ad.5.xml:341 +#: sssd-ad.5.xml:926 sssd-ad.5.xml:1059 sssd-krb5.5.xml:499 #: sssd-secrets.5.xml:351 sssd-secrets.5.xml:364 msgid "Default: true" msgstr "Par défaut : true" @@ -362,16 +362,16 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:146 sssd.conf.5.xml:576 sssd.conf.5.xml:758 -#: sssd.conf.5.xml:1581 sssd.conf.5.xml:3140 sssd-ldap.5.xml:708 -#: sssd-ldap.5.xml:1655 sssd-ldap.5.xml:1674 sssd-ldap.5.xml:1861 -#: sssd-ldap.5.xml:2287 sssd-ldap.5.xml:2606 sssd-ipa.5.xml:151 +#: sssd.conf.5.xml:1582 sssd.conf.5.xml:3207 sssd-ldap.5.xml:746 +#: sssd-ldap.5.xml:1700 sssd-ldap.5.xml:1719 sssd-ldap.5.xml:1919 +#: sssd-ldap.5.xml:2345 sssd-ldap.5.xml:2675 sssd-ipa.5.xml:151 #: sssd-ipa.5.xml:238 sssd-ipa.5.xml:574 sssd-krb5.5.xml:266 #: sssd-krb5.5.xml:300 sssd-krb5.5.xml:471 msgid "Default: false" msgstr "Par défaut : false" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:2325 +#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:2383 #: sssd-systemtap.5.xml:82 sssd-systemtap.5.xml:143 sssd-systemtap.5.xml:210 #: sssd-systemtap.5.xml:248 sssd-systemtap.5.xml:304 msgid "<placeholder type=\"variablelist\" id=\"0\"/>" @@ -396,8 +396,8 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:169 sssd.conf.5.xml:1412 sssd.conf.5.xml:3156 -#: sssd-ldap.5.xml:1526 include/ldap_id_mapping.xml:264 +#: sssd.conf.5.xml:169 sssd.conf.5.xml:1413 sssd.conf.5.xml:3223 +#: sssd-ldap.5.xml:1571 include/ldap_id_mapping.xml:264 msgid "Default: 10" msgstr "Par défaut : 10" @@ -412,7 +412,7 @@ msgid "The [sssd] section" msgstr "La section [sssd]" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:191 sssd.conf.5.xml:3245 +#: sssd.conf.5.xml:191 sssd.conf.5.xml:3312 msgid "Section parameters" msgstr "Paramètres de sections" @@ -501,7 +501,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:259 sssd.conf.5.xml:2754 +#: sssd.conf.5.xml:259 sssd.conf.5.xml:2755 msgid "re_expression (string)" msgstr "re_expression (chaîne)" @@ -523,12 +523,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:276 sssd.conf.5.xml:2802 +#: sssd.conf.5.xml:276 sssd.conf.5.xml:2803 msgid "full_name_format (string)" msgstr "full_name_format (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:279 sssd.conf.5.xml:2805 +#: sssd.conf.5.xml:279 sssd.conf.5.xml:2806 msgid "" "A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" "manvolnum> </citerefentry>-compatible format that describes how to compose a " @@ -540,33 +540,33 @@ msgstr "" "domaine." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:290 sssd.conf.5.xml:2816 +#: sssd.conf.5.xml:290 sssd.conf.5.xml:2817 msgid "%1$s" msgstr "%1$s" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:291 sssd.conf.5.xml:2817 +#: sssd.conf.5.xml:291 sssd.conf.5.xml:2818 msgid "user name" msgstr "nom d'utilisateur" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:294 sssd.conf.5.xml:2820 +#: sssd.conf.5.xml:294 sssd.conf.5.xml:2821 msgid "%2$s" msgstr "%2$s" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:297 sssd.conf.5.xml:2823 +#: sssd.conf.5.xml:297 sssd.conf.5.xml:2824 msgid "domain name as specified in the SSSD config file." msgstr "" "nom de domaine tel qu'indiqué dans le fichier de configuration de SSSD." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:303 sssd.conf.5.xml:2829 +#: sssd.conf.5.xml:303 sssd.conf.5.xml:2830 msgid "%3$s" msgstr "%3$s" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:306 sssd.conf.5.xml:2832 +#: sssd.conf.5.xml:306 sssd.conf.5.xml:2833 msgid "" "domain flat name. Mostly usable for Active Directory domains, both directly " "configured or discovered via IPA trusts." @@ -576,7 +576,7 @@ msgstr "" "d'approbation IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:287 sssd.conf.5.xml:2813 +#: sssd.conf.5.xml:287 sssd.conf.5.xml:2814 msgid "" "The following expansions are supported: <placeholder type=\"variablelist\" " "id=\"0\"/>" @@ -734,10 +734,10 @@ msgstr "" "use_fully_qualified_names à False." #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:418 sssd.conf.5.xml:1201 sssd-ldap.5.xml:679 -#: sssd-ldap.5.xml:1260 sssd-ldap.5.xml:1614 sssd-ldap.5.xml:1626 -#: sssd-ldap.5.xml:1708 sssd-ad.5.xml:712 sssd-ad.5.xml:787 sssd.8.xml:126 -#: sssd-krb5.5.xml:410 sssd-krb5.5.xml:556 sssd-secrets.5.xml:339 +#: sssd.conf.5.xml:418 sssd.conf.5.xml:1202 sssd-ldap.5.xml:717 +#: sssd-ldap.5.xml:1298 sssd-ldap.5.xml:1659 sssd-ldap.5.xml:1671 +#: sssd-ldap.5.xml:1763 sssd-ad.5.xml:731 sssd-ad.5.xml:806 sssd.8.xml:126 +#: sssd-krb5.5.xml:410 sssd-krb5.5.xml:590 sssd-secrets.5.xml:339 #: sssd-secrets.5.xml:377 sssd-secrets.5.xml:390 sssd-secrets.5.xml:404 #: sssd-secrets.5.xml:415 include/ldap_id_mapping.xml:205 #: include/ldap_id_mapping.xml:216 @@ -861,38 +861,21 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:509 -#, fuzzy -#| msgid "" -#| "<quote>ipa</quote> to load maps stored in an IPA server. See " -#| "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" -#| "manvolnum> </citerefentry> for more information on configuring IPA." msgid "" "(NSS Version) This option is ignored, please see <citerefentry> " "<refentrytitle>crlutil</refentrytitle> <manvolnum>1</manvolnum> </" "citerefentry> how to import a Certificate Revocation List (CRL) into a NSS " "database." msgstr "" -"<quote>ipa</quote> pour charger les cartes stockées sur un serveur IPA. Cf. " -"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> pour plus d'information sur la configuration de " -"IPA." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:518 -#, fuzzy -#| msgid "" -#| "Please refer to the <quote>dns_discovery_domain</quote> parameter in the " -#| "<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -#| "manvolnum> </citerefentry> manual page for more details." msgid "" "(OpenSSL Version) Use the Certificate Revocation List (CRL) from the given " "file during the verification of the certificate. The CRL must be given in " "PEM format, see <citerefentry> <refentrytitle>crl</refentrytitle> " "<manvolnum>1ssl</manvolnum> </citerefentry> for details." msgstr "" -"Se reporter au paramètre <quote>dns_discovery_domain</quote> dans la page de " -"manuel <citerefentry><refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum></citerefentry> pour plus de détails." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:451 @@ -903,12 +886,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:533 sssd.conf.5.xml:1397 sssd.conf.5.xml:1703 +#: sssd.conf.5.xml:533 sssd.conf.5.xml:1398 sssd.conf.5.xml:1704 msgid "This man page was generated for the NSS version." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:536 sssd.conf.5.xml:1400 sssd.conf.5.xml:1706 +#: sssd.conf.5.xml:536 sssd.conf.5.xml:1401 sssd.conf.5.xml:1707 msgid "This man page was generated for the OpenSSL version." msgstr "" @@ -992,7 +975,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:624 sssd.conf.5.xml:1424 sssd.conf.5.xml:3206 +#: sssd.conf.5.xml:624 sssd.conf.5.xml:1425 sssd.conf.5.xml:3273 #: sssd-ad.5.xml:164 sssd-ad.5.xml:302 sssd-ad.5.xml:316 msgid "Default: Not set" msgstr "Par défaut : non défini" @@ -1083,8 +1066,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:692 sssd.conf.5.xml:724 sssd.conf.5.xml:1006 -#: sssd.conf.5.xml:1267 sssd.conf.5.xml:1513 sssd-ldap.5.xml:1353 +#: sssd.conf.5.xml:692 sssd.conf.5.xml:724 sssd.conf.5.xml:1007 +#: sssd.conf.5.xml:1268 sssd.conf.5.xml:1514 sssd-ldap.5.xml:1391 msgid "Default: 60" msgstr "Par défaut : 60" @@ -1144,8 +1127,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:746 sssd.conf.5.xml:1019 sssd.conf.5.xml:1773 -#: sssd-ldap.5.xml:722 +#: sssd.conf.5.xml:746 sssd.conf.5.xml:1020 sssd.conf.5.xml:1774 +#: sssd-ldap.5.xml:760 msgid "Default: 300" msgstr "Par défaut : 300" @@ -1239,7 +1222,7 @@ msgstr "" "de non réponse à moins de 10 secondes (0 pour désactiver l'option)." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:812 sssd.conf.5.xml:1602 +#: sssd.conf.5.xml:812 sssd.conf.5.xml:1603 msgid "Default: 50" msgstr "Par défaut : 50" @@ -1261,7 +1244,7 @@ msgstr "" "appel au moteur." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:826 sssd.conf.5.xml:1626 +#: sssd.conf.5.xml:826 sssd.conf.5.xml:1627 msgid "Default: 15" msgstr "Par défaut : 15" @@ -1294,11 +1277,11 @@ msgid "" "Exclude certain users or groups from being fetched from the sss NSS " "database. This is particularly useful for system accounts. This option can " "also be set per-domain or include fully-qualified names to filter only users " -"from the particular domain." +"from the particular domain or by a user principal name (UPN)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:855 +#: sssd.conf.5.xml:856 msgid "" "NOTE: The filter_groups option doesn't affect inheritance of nested group " "members, since filtering happens after they are propagated for returning via " @@ -1307,17 +1290,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:863 +#: sssd.conf.5.xml:864 msgid "Default: root" msgstr "Par défaut : root" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:868 +#: sssd.conf.5.xml:869 msgid "filter_users_in_groups (bool)" msgstr "filter_users_in_groups (booléen)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:871 +#: sssd.conf.5.xml:872 msgid "" "If you want filtered user still be group members set this option to false." msgstr "" @@ -1325,12 +1308,12 @@ msgstr "" "membres de groupes." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:882 +#: sssd.conf.5.xml:883 msgid "fallback_homedir (string)" msgstr "fallback_homedir (string)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:885 +#: sssd.conf.5.xml:886 msgid "" "Set a default template for a user's home directory if one is not specified " "explicitly by the domain's data provider." @@ -1339,7 +1322,7 @@ msgstr "" "explicitement spécifié par le fournisseur de données du domaine." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:890 +#: sssd.conf.5.xml:891 msgid "" "The available values for this option are the same as for override_homedir." msgstr "" @@ -1347,7 +1330,7 @@ msgstr "" "override_homedir." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:896 +#: sssd.conf.5.xml:897 #, no-wrap msgid "" "fallback_homedir = /home/%u\n" @@ -1357,25 +1340,25 @@ msgstr "" " " #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:894 sssd.conf.5.xml:1334 sssd.conf.5.xml:1353 -#: sssd-krb5.5.xml:539 include/override_homedir.xml:59 +#: sssd.conf.5.xml:895 sssd.conf.5.xml:1335 sssd.conf.5.xml:1354 +#: sssd-krb5.5.xml:573 include/override_homedir.xml:59 msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "exemple : <placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:900 +#: sssd.conf.5.xml:901 msgid "Default: not set (no substitution for unset home directories)" msgstr "" "Par défaut : non défini (aucune substitution pour les répertoires d'accueil " "non définis)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:906 +#: sssd.conf.5.xml:907 msgid "override_shell (string)" msgstr "override_shell (string)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:909 +#: sssd.conf.5.xml:910 msgid "" "Override the login shell for all users. This option supersedes any other " "shell options if it takes effect and can be set either in the [nss] section " @@ -1387,17 +1370,17 @@ msgstr "" "section [nss], soit par domaine." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:915 +#: sssd.conf.5.xml:916 msgid "Default: not set (SSSD will use the value retrieved from LDAP)" msgstr "Par défaut : indéfini (SSSD utilisera la valeur récupérée de LDAP)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:921 +#: sssd.conf.5.xml:922 msgid "allowed_shells (string)" msgstr "allowed_shells (chaîne)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:924 +#: sssd.conf.5.xml:925 msgid "" "Restrict user shell to one of the listed values. The order of evaluation is:" msgstr "" @@ -1405,14 +1388,14 @@ msgstr "" "indiquées. L'ordre d'évaluation est :" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:927 +#: sssd.conf.5.xml:928 msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used." msgstr "" "1. Si l'interpréteur de commandes est présent dans <quote>/etc/shells</" "quote>, il est utilisé." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:931 +#: sssd.conf.5.xml:932 msgid "" "2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</" "quote>, use the value of the shell_fallback parameter." @@ -1422,7 +1405,7 @@ msgstr "" "shell_fallback » sera utilisée." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:936 +#: sssd.conf.5.xml:937 msgid "" "3. If the shell is not in the allowed_shells list and not in <quote>/etc/" "shells</quote>, a nologin shell is used." @@ -1431,12 +1414,12 @@ msgstr "" "ni dans <quote>/etc/shells</quote>, une connexion sans shell est utilisée." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:941 +#: sssd.conf.5.xml:942 msgid "The wildcard (*) can be used to allow any shell." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:944 +#: sssd.conf.5.xml:945 msgid "" "The (*) is useful if you want to use shell_fallback in case that user's " "shell is not in <quote>/etc/shells</quote> and maintaining list of all " @@ -1444,14 +1427,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:951 +#: sssd.conf.5.xml:952 msgid "An empty string for shell is passed as-is to libc." msgstr "" "Une chaîne vide pour l'interpréteur de commandes est passée telle quelle est " "à la libc." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:954 +#: sssd.conf.5.xml:955 msgid "" "The <quote>/etc/shells</quote> is only read on SSSD start up, which means " "that a restart of the SSSD is required in case a new shell is installed." @@ -1461,31 +1444,31 @@ msgstr "" "est installé." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:958 +#: sssd.conf.5.xml:959 msgid "Default: Not set. The user shell is automatically used." msgstr "" "Par défaut : non défini. L'interpréteur de commandes de l'utilisateur est " "utilisé automatiquement." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:963 +#: sssd.conf.5.xml:964 msgid "vetoed_shells (string)" msgstr "vetoed_shells (chaîne)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:966 +#: sssd.conf.5.xml:967 msgid "Replace any instance of these shells with the shell_fallback" msgstr "" "Remplace toutes les occurences de ces interpréteurs de commandes par " "l'interpréteur de commandes par défaut" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:971 +#: sssd.conf.5.xml:972 msgid "shell_fallback (string)" msgstr "shell_fallback (chaîne)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:974 +#: sssd.conf.5.xml:975 msgid "" "The default shell to use if an allowed shell is not installed on the machine." msgstr "" @@ -1493,17 +1476,17 @@ msgstr "" "commandes autorisé n'est pas installé sur la machine." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:978 +#: sssd.conf.5.xml:979 msgid "Default: /bin/sh" msgstr "Par défaut : /bin/sh" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:983 +#: sssd.conf.5.xml:984 msgid "default_shell" msgstr "default_shell" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:986 +#: sssd.conf.5.xml:987 msgid "" "The default shell to use if the provider does not return one during lookup. " "This option can be specified globally in the [nss] section or per-domain." @@ -1513,7 +1496,7 @@ msgstr "" "choix soit dans la section [nss], soit par domaine." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:992 +#: sssd.conf.5.xml:993 msgid "" "Default: not set (Return NULL if no shell is specified and rely on libc to " "substitute something sensible when necessary, usually /bin/sh)" @@ -1523,12 +1506,12 @@ msgstr "" "nécessaire, habituellement /bin/sh)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:999 sssd.conf.5.xml:1260 +#: sssd.conf.5.xml:1000 sssd.conf.5.xml:1261 msgid "get_domains_timeout (int)" msgstr "get_domains_timeout (int)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1002 sssd.conf.5.xml:1263 +#: sssd.conf.5.xml:1003 sssd.conf.5.xml:1264 msgid "" "Specifies time in seconds for which the list of subdomains will be " "considered valid." @@ -1537,38 +1520,38 @@ msgstr "" "jugée valide." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1011 +#: sssd.conf.5.xml:1012 msgid "memcache_timeout (int)" msgstr "memcache_timeout (int)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1014 +#: sssd.conf.5.xml:1015 msgid "" "Specifies time in seconds for which records in the in-memory cache will be " "valid. Setting this option to zero will disable the in-memory cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1022 +#: sssd.conf.5.xml:1023 msgid "" "WARNING: Disabling the in-memory cache will have significant negative impact " "on SSSD's performance and should only be used for testing." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1028 +#: sssd.conf.5.xml:1029 msgid "" "NOTE: If the environment variable SSS_NSS_USE_MEMCACHE is set to \"NO\", " "client applications will not use the fast in-memory cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1036 sssd-ifp.5.xml:74 +#: sssd.conf.5.xml:1037 sssd-ifp.5.xml:74 msgid "user_attributes (string)" msgstr "user_attributes (chaîne)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1039 +#: sssd.conf.5.xml:1040 msgid "" "Some of the additional NSS responder requests can return more attributes " "than just the POSIX ones defined by the NSS interface. The list of " @@ -1579,48 +1562,48 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1052 +#: sssd.conf.5.xml:1053 msgid "" "To make configuration more easy the NSS responder will check the InfoPipe " "option if it is not set for the NSS responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1057 +#: sssd.conf.5.xml:1058 msgid "Default: not set, fallback to InfoPipe option" msgstr "Par défaut : non défini, repli sur l'option InfoPipe" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1062 +#: sssd.conf.5.xml:1063 msgid "pwfield (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1065 +#: sssd.conf.5.xml:1066 msgid "" "The value that NSS operations that return users or groups will return for " "the <quote>password</quote> field." msgstr "" #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:1070 include/override_homedir.xml:56 +#: sssd.conf.5.xml:1071 include/override_homedir.xml:56 msgid "This option can also be set per-domain." msgstr "Cette option peut aussi être définie pour chaque domaine." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1073 +#: sssd.conf.5.xml:1074 msgid "" "Default: <quote>*</quote> (remote domains) or <quote>x</quote> (the files " "domain)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1081 +#: sssd.conf.5.xml:1082 msgid "PAM configuration options" msgstr "Options de configuration de PAM" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1083 +#: sssd.conf.5.xml:1084 msgid "" "These options can be used to configure the Pluggable Authentication Module " "(PAM) service." @@ -1629,12 +1612,12 @@ msgstr "" "Module (PAM)." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1088 +#: sssd.conf.5.xml:1089 msgid "offline_credentials_expiration (integer)" msgstr "offline_credentials_expiration (entier)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1091 +#: sssd.conf.5.xml:1092 msgid "" "If the authentication provider is offline, how long should we allow cached " "logins (in days since the last successful online login)." @@ -1644,17 +1627,17 @@ msgstr "" "connexion réussie)." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1096 sssd.conf.5.xml:1109 +#: sssd.conf.5.xml:1097 sssd.conf.5.xml:1110 msgid "Default: 0 (No limit)" msgstr "Par défaut : 0 (pas de limite)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1102 +#: sssd.conf.5.xml:1103 msgid "offline_failed_login_attempts (integer)" msgstr "offline_failed_login_attempts (entier)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1105 +#: sssd.conf.5.xml:1106 msgid "" "If the authentication provider is offline, how many failed login attempts " "are allowed." @@ -1663,12 +1646,12 @@ msgstr "" "échouées sont autorisées." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1115 +#: sssd.conf.5.xml:1116 msgid "offline_failed_login_delay (integer)" msgstr "offline_failed_login_delay (entier)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1118 +#: sssd.conf.5.xml:1119 msgid "" "The time in minutes which has to pass after offline_failed_login_attempts " "has been reached before a new login attempt is possible." @@ -1678,7 +1661,7 @@ msgstr "" "soit possible." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1123 +#: sssd.conf.5.xml:1124 msgid "" "If set to 0 the user cannot authenticate offline if " "offline_failed_login_attempts has been reached. Only a successful online " @@ -1689,17 +1672,17 @@ msgstr "" "connexion réussie en ligne peut réactiver l'authentification." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1129 sssd.conf.5.xml:1227 +#: sssd.conf.5.xml:1130 sssd.conf.5.xml:1228 msgid "Default: 5" msgstr "Par défaut : 5" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1135 +#: sssd.conf.5.xml:1136 msgid "pam_verbosity (integer)" msgstr "pam_verbosity (entier)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1138 +#: sssd.conf.5.xml:1139 msgid "" "Controls what kind of messages are shown to the user during authentication. " "The higher the number to more messages are displayed." @@ -1709,44 +1692,44 @@ msgstr "" "affichés sera important." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1143 +#: sssd.conf.5.xml:1144 msgid "Currently sssd supports the following values:" msgstr "Actuellement sssd supporte les valeurs suivantes :" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1146 +#: sssd.conf.5.xml:1147 msgid "<emphasis>0</emphasis>: do not show any message" msgstr "<emphasis>0</emphasis> : ne pas afficher de message" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1149 +#: sssd.conf.5.xml:1150 msgid "<emphasis>1</emphasis>: show only important messages" msgstr "<emphasis>1</emphasis> : afficher seulement les messages importants" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1153 +#: sssd.conf.5.xml:1154 msgid "<emphasis>2</emphasis>: show informational messages" msgstr "<emphasis>2</emphasis> : afficher les messages d'information" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1156 +#: sssd.conf.5.xml:1157 msgid "<emphasis>3</emphasis>: show all messages and debug information" msgstr "" "<emphasis>3</emphasis> : afficher tous les messages et informations de " "débogage" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1160 sssd.8.xml:63 +#: sssd.conf.5.xml:1161 sssd.8.xml:63 msgid "Default: 1" msgstr "Par défaut : 1" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1166 +#: sssd.conf.5.xml:1167 msgid "pam_response_filter (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1169 +#: sssd.conf.5.xml:1170 msgid "" "A comma separated list of strings which allows to remove (filter) data sent " "by the PAM responder to pam_sss PAM module. There are different kind of " @@ -1755,61 +1738,61 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1177 +#: sssd.conf.5.xml:1178 msgid "" "While messages already can be controlled with the help of the pam_verbosity " "option this option allows to filter out other kind of responses as well." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1184 +#: sssd.conf.5.xml:1185 msgid "ENV" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1185 +#: sssd.conf.5.xml:1186 msgid "Do not send any environment variables to any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1188 +#: sssd.conf.5.xml:1189 msgid "ENV:var_name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1189 +#: sssd.conf.5.xml:1190 msgid "Do not send environment variable var_name to any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1193 +#: sssd.conf.5.xml:1194 msgid "ENV:var_name:service" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1194 +#: sssd.conf.5.xml:1195 msgid "Do not send environment variable var_name to service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1182 +#: sssd.conf.5.xml:1183 msgid "" "Currently the following filters are supported: <placeholder type=" "\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1204 +#: sssd.conf.5.xml:1205 msgid "Example: ENV:KRB5CCNAME:sudo-i" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1210 +#: sssd.conf.5.xml:1211 msgid "pam_id_timeout (integer)" msgstr "pam_id_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1213 +#: sssd.conf.5.xml:1214 msgid "" "For any PAM request while SSSD is online, the SSSD will attempt to " "immediately update the cached identity information for the user in order to " @@ -1821,7 +1804,7 @@ msgstr "" "les dernières informations." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1219 +#: sssd.conf.5.xml:1220 msgid "" "A complete PAM conversation may perform multiple PAM requests, such as " "account management and session opening. This option controls (on a per-" @@ -1835,17 +1818,17 @@ msgstr "" "fournisseur d'identité." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1233 +#: sssd.conf.5.xml:1234 msgid "pam_pwd_expiration_warning (integer)" msgstr "pam_pwd_expiration_warning (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1236 sssd.conf.5.xml:2235 +#: sssd.conf.5.xml:1237 sssd.conf.5.xml:2236 msgid "Display a warning N days before the password expires." msgstr "Afficher une alerte N jours avant l'expiration du mot de passe." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1239 +#: sssd.conf.5.xml:1240 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -1856,7 +1839,7 @@ msgstr "" "ne peut afficher de message d'alerte." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1245 sssd.conf.5.xml:2238 +#: sssd.conf.5.xml:1246 sssd.conf.5.xml:2239 msgid "" "If zero is set, then this filter is not applied, i.e. if the expiration " "warning was received from backend server, it will automatically be displayed." @@ -1866,7 +1849,7 @@ msgstr "" "sera automatiquement affiché." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1250 +#: sssd.conf.5.xml:1251 msgid "" "This setting can be overridden by setting <emphasis>pwd_expiration_warning</" "emphasis> for a particular domain." @@ -1875,17 +1858,17 @@ msgstr "" "<emphasis>pwd_expiration_warning</emphasis> pour un domaine particulier." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1255 sssd.conf.5.xml:3061 sssd.8.xml:79 +#: sssd.conf.5.xml:1256 sssd.conf.5.xml:3069 sssd.8.xml:79 msgid "Default: 0" msgstr "Par défaut : 0" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1272 +#: sssd.conf.5.xml:1273 msgid "pam_trusted_users (string)" msgstr "pam_trusted_users (chaîne)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1275 +#: sssd.conf.5.xml:1276 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to run PAM conversations against trusted domains. Users not " @@ -1895,37 +1878,37 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1285 +#: sssd.conf.5.xml:1286 msgid "Default: All users are considered trusted by default" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1289 +#: sssd.conf.5.xml:1290 msgid "" "Please note that UID 0 is always allowed to access the PAM responder even in " "case it is not in the pam_trusted_users list." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1296 +#: sssd.conf.5.xml:1297 msgid "pam_public_domains (string)" msgstr "pam_public_domains (chaîne)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1299 +#: sssd.conf.5.xml:1300 msgid "" "Specifies the comma-separated list of domain names that are accessible even " "to untrusted users." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1303 +#: sssd.conf.5.xml:1304 msgid "Two special values for pam_public_domains option are defined:" msgstr "" "Deux valeurs spéciales pour l'option pam_public_domains sont définies :" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1307 +#: sssd.conf.5.xml:1308 msgid "" "all (Untrusted users are allowed to access all domains in PAM responder.)" msgstr "" @@ -1933,7 +1916,7 @@ msgstr "" "à tous les domaines PAM dans le répondeur.)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1311 +#: sssd.conf.5.xml:1312 msgid "" "none (Untrusted users are not allowed to access any domains PAM in " "responder.)" @@ -1942,33 +1925,33 @@ msgstr "" "autorisés à accéder à un des domaines PAM dans le répondeur.)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1315 sssd.conf.5.xml:1340 sssd.conf.5.xml:1359 -#: sssd.conf.5.xml:1546 sssd.conf.5.xml:2032 sssd.conf.5.xml:2997 -#: sssd-ldap.5.xml:1920 +#: sssd.conf.5.xml:1316 sssd.conf.5.xml:1341 sssd.conf.5.xml:1360 +#: sssd.conf.5.xml:1547 sssd.conf.5.xml:2033 sssd.conf.5.xml:2998 +#: sssd-ldap.5.xml:1978 msgid "Default: none" msgstr "Par défaut : aucun" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1320 +#: sssd.conf.5.xml:1321 msgid "pam_account_expired_message (string)" msgstr "pam_account_expired_message (chaîne)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1323 +#: sssd.conf.5.xml:1324 msgid "" "Allows a custom expiration message to be set, replacing the default " "'Permission denied' message." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1328 +#: sssd.conf.5.xml:1329 msgid "" "Note: Please be aware that message is only printed for the SSH service " "unless pam_verbosity is set to 3 (show all messages and debug information)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1336 +#: sssd.conf.5.xml:1337 #, no-wrap msgid "" "pam_account_expired_message = Account expired, please contact help desk.\n" @@ -1976,19 +1959,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1345 +#: sssd.conf.5.xml:1346 msgid "pam_account_locked_message (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1348 +#: sssd.conf.5.xml:1349 msgid "" "Allows a custom lockout message to be set, replacing the default 'Permission " "denied' message." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1355 +#: sssd.conf.5.xml:1356 #, no-wrap msgid "" "pam_account_locked_message = Account locked, please contact help desk.\n" @@ -1996,12 +1979,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1364 +#: sssd.conf.5.xml:1365 msgid "pam_cert_auth (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1367 +#: sssd.conf.5.xml:1368 msgid "" "Enable certificate based Smartcard authentication. Since this requires " "additional communication with the Smartcard which will delay the " @@ -2009,95 +1992,85 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1373 sssd.conf.5.xml:3090 sssd-ldap.5.xml:1455 -#: sssd-ldap.5.xml:1476 sssd-ldap.5.xml:1993 sssd-ad.5.xml:435 +#: sssd.conf.5.xml:1374 sssd-ldap.5.xml:1493 sssd-ldap.5.xml:1514 +#: sssd-ldap.5.xml:2051 sssd-ad.5.xml:435 sssd-ad.5.xml:453 #: include/ldap_id_mapping.xml:244 msgid "Default: False" msgstr "Par défaut : False" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1378 +#: sssd.conf.5.xml:1379 msgid "pam_cert_db_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1381 +#: sssd.conf.5.xml:1382 msgid "" "The path to the certificate database which contain the PKCS#11 modules to " "access the Smartcard." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1385 sssd.conf.5.xml:1691 sssd.conf.5.xml:3441 +#: sssd.conf.5.xml:1386 sssd.conf.5.xml:1692 sssd.conf.5.xml:3509 msgid "Default:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1387 sssd.conf.5.xml:1693 +#: sssd.conf.5.xml:1388 sssd.conf.5.xml:1694 msgid "/etc/pki/nssdb (NSS version, path to a NSS database)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1390 sssd.conf.5.xml:1696 +#: sssd.conf.5.xml:1391 sssd.conf.5.xml:1697 msgid "" "/etc/sssd/pki/sssd_auth_ca_db.pem (OpenSSL version, path to a file with " "trusted CA certificates in PEM format)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1405 +#: sssd.conf.5.xml:1406 msgid "p11_child_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1408 +#: sssd.conf.5.xml:1409 msgid "How many seconds will pam_sss wait for p11_child to finish." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1417 +#: sssd.conf.5.xml:1418 msgid "pam_app_services (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1420 +#: sssd.conf.5.xml:1421 msgid "" "Which PAM services are permitted to contact domains of type " "<quote>application</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1429 -#, fuzzy -#| msgid "ldap_page_size (integer)" +#: sssd.conf.5.xml:1430 msgid "pam_p11_allowed_services (integer)" -msgstr "ldap_page_size (entier)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1432 -#, fuzzy -#| msgid "Comma separated list of users who are allowed to log in." +#: sssd.conf.5.xml:1433 msgid "" "A comma-separated list of PAM service names for which it will be allowed to " "use Smartcards." msgstr "" -"Liste séparée par des virgules d'utilisateurs autorisés à se connecter." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1447 -#, fuzzy, no-wrap -#| msgid "" -#| "user_attributes = +telephoneNumber, -loginShell\n" -#| " " +#: sssd.conf.5.xml:1448 +#, no-wrap msgid "" "pam_p11_allowed_services = +my_pam_service, -login\n" " " msgstr "" -"user_attributes = +telephoneNumber, -loginShell\n" -" " #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1436 +#: sssd.conf.5.xml:1437 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -2109,65 +2082,63 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1451 sssd-ad.5.xml:485 sssd-ad.5.xml:581 sssd-ad.5.xml:627 -#: sssd-ad.5.xml:673 sssd-ad.5.xml:739 +#: sssd.conf.5.xml:1452 sssd-ad.5.xml:504 sssd-ad.5.xml:600 sssd-ad.5.xml:646 +#: sssd-ad.5.xml:692 sssd-ad.5.xml:758 msgid "Default: the default set of PAM service names includes:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1456 sssd-ad.5.xml:489 +#: sssd.conf.5.xml:1457 sssd-ad.5.xml:508 msgid "login" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1461 sssd-ad.5.xml:494 +#: sssd.conf.5.xml:1462 sssd-ad.5.xml:513 msgid "su" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1466 sssd-ad.5.xml:499 +#: sssd.conf.5.xml:1467 sssd-ad.5.xml:518 msgid "su-l" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1471 sssd-ad.5.xml:514 +#: sssd.conf.5.xml:1472 sssd-ad.5.xml:533 msgid "gdm-smartcard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1476 sssd-ad.5.xml:509 +#: sssd.conf.5.xml:1477 sssd-ad.5.xml:528 msgid "gdm-password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1481 sssd-ad.5.xml:519 +#: sssd.conf.5.xml:1482 sssd-ad.5.xml:538 msgid "kdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1486 sssd-ad.5.xml:748 +#: sssd.conf.5.xml:1487 sssd-ad.5.xml:767 msgid "sudo" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1491 sssd-ad.5.xml:753 +#: sssd.conf.5.xml:1492 sssd-ad.5.xml:772 msgid "sudo-i" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1496 +#: sssd.conf.5.xml:1497 msgid "gnome-screensaver" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1504 -#, fuzzy -#| msgid "pam_id_timeout (integer)" +#: sssd.conf.5.xml:1505 msgid "p11_wait_for_card_timeout (integer)" -msgstr "pam_id_timeout (entier)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1507 +#: sssd.conf.5.xml:1508 msgid "" "If Smartcard authentication is required how many extra seconds in addition " "to p11_child_timeout should the PAM responder wait until a Smartcard is " @@ -2175,25 +2146,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1518 -#, fuzzy -#| msgid "user (string)" +#: sssd.conf.5.xml:1519 msgid "p11_uri (string)" -msgstr "user (chaîne)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1521 +#: sssd.conf.5.xml:1522 msgid "" "PKCS#11 URI (see RFC-7512 for details) which can be used to restrict the " "selection of devices used for Smartcard authentication. By default SSSD's " "p11_child will search for a PKCS#11 slot (reader) where the 'removable' " "flags is set and read the certificates from the inserted token from the " -"first slot found. If multiple readers are connected p11_uri can be use to " +"first slot found. If multiple readers are connected p11_uri can be used to " "tell p11_child to use a specific reader." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1534 +#: sssd.conf.5.xml:1535 #, no-wrap msgid "" "p11_uri = slot-description=My%20Smartcar%20Reader\n" @@ -2201,7 +2170,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1538 +#: sssd.conf.5.xml:1539 #, no-wrap msgid "" "p11_uri = library-description=OpenSC%20smartcard%20framework;slot-id=2\n" @@ -2209,7 +2178,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1532 +#: sssd.conf.5.xml:1533 msgid "" "Example: <placeholder type=\"programlisting\" id=\"0\"/> or <placeholder " "type=\"programlisting\" id=\"1\"/> To find suitable URI please check the " @@ -2218,12 +2187,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1554 +#: sssd.conf.5.xml:1555 msgid "SUDO configuration options" msgstr "Options de configuration de SUDO" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1556 +#: sssd.conf.5.xml:1557 msgid "" "These options can be used to configure the sudo service. The detailed " "instructions for configuration of <citerefentry> <refentrytitle>sudo</" @@ -2240,12 +2209,12 @@ msgstr "" "sudo</refentrytitle> <manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1573 +#: sssd.conf.5.xml:1574 msgid "sudo_timed (bool)" msgstr "sudo_timed (booléen)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1576 +#: sssd.conf.5.xml:1577 msgid "" "Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " "that implement time-dependent sudoers entries." @@ -2254,12 +2223,12 @@ msgstr "" "les entrées sudoers sensibles au temps." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1588 +#: sssd.conf.5.xml:1589 msgid "sudo_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1591 +#: sssd.conf.5.xml:1592 msgid "" "Maximum number of expired rules that can be refreshed at once. If number of " "expired rules is below threshold, those rules are refreshed with " @@ -2269,22 +2238,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1610 +#: sssd.conf.5.xml:1611 msgid "AUTOFS configuration options" msgstr "Options de configuration AUTOFS" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1612 +#: sssd.conf.5.xml:1613 msgid "These options can be used to configure the autofs service." msgstr "Ces options peuvent être utilisées pour configurer le service autofs." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1616 +#: sssd.conf.5.xml:1617 msgid "autofs_negative_timeout (integer)" msgstr "autofs_negative_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1619 +#: sssd.conf.5.xml:1620 msgid "" "Specifies for how many seconds should the autofs responder negative cache " "hits (that is, queries for invalid map entries, like nonexistent ones) " @@ -2296,23 +2265,23 @@ msgstr "" "moteur." #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1635 +#: sssd.conf.5.xml:1636 msgid "SSH configuration options" msgstr "Options de configuration SSH" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1637 +#: sssd.conf.5.xml:1638 msgid "These options can be used to configure the SSH service." msgstr "" "Les options suivantes peuvent être utilisées pour configurer le service SSH." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1641 +#: sssd.conf.5.xml:1642 msgid "ssh_hash_known_hosts (bool)" msgstr "ssh_hash_known_hosts (bool)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1644 +#: sssd.conf.5.xml:1645 msgid "" "Whether or not to hash host names and addresses in the managed known_hosts " "file." @@ -2320,12 +2289,12 @@ msgstr "" "Condenser ou non les noms de systèmes et adresses du fichier known_hosts" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1653 +#: sssd.conf.5.xml:1654 msgid "ssh_known_hosts_timeout (integer)" msgstr "ssh_known_hosts_timeout (integer)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1656 +#: sssd.conf.5.xml:1657 msgid "" "How many seconds to keep a host in the managed known_hosts file after its " "host keys were requested." @@ -2334,17 +2303,17 @@ msgstr "" "known_hosts géré après que ses clés de système ont été demandés." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1660 +#: sssd.conf.5.xml:1661 msgid "Default: 180" msgstr "Par défaut : 180" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1665 +#: sssd.conf.5.xml:1666 msgid "ssh_use_certificate_keys (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1668 +#: sssd.conf.5.xml:1669 msgid "" "If set to true the <command>sss_ssh_authorizedkeys</command> will return ssh " "keys derived from the public key of X.509 certificates stored in the user " @@ -2353,24 +2322,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1683 +#: sssd.conf.5.xml:1684 msgid "ca_db (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1686 +#: sssd.conf.5.xml:1687 msgid "" "Path to a storage of trusted CA certificates. The option is used to validate " "user certificates before deriving public ssh keys from them." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1714 +#: sssd.conf.5.xml:1715 msgid "PAC responder configuration options" msgstr "Options de configuration du répondeur PAC" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1716 +#: sssd.conf.5.xml:1717 msgid "" "The PAC responder works together with the authorization data plugin for MIT " "Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the " @@ -2381,7 +2350,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1725 +#: sssd.conf.5.xml:1726 msgid "" "If the remote user does not exist in the cache, it is created. The UID is " "determined with the help of the SID, trusted domains will have UPGs and the " @@ -2392,7 +2361,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1733 +#: sssd.conf.5.xml:1734 msgid "" "If there are SIDs of groups from domains sssd knows about, the user will be " "added to those groups." @@ -2401,19 +2370,19 @@ msgstr "" "ajouté à ces groupes." #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1739 +#: sssd.conf.5.xml:1740 msgid "These options can be used to configure the PAC responder." msgstr "" "Les options suivantes peuvent être utilisées pour configurer le répondeur " "PAC." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1743 sssd-ifp.5.xml:50 +#: sssd.conf.5.xml:1744 sssd-ifp.5.xml:50 msgid "allowed_uids (string)" msgstr "allowed_uids (string)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1746 +#: sssd.conf.5.xml:1747 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to access the PAC responder. User names are resolved to UIDs at " @@ -2424,14 +2393,14 @@ msgstr "" "seront résolus en UID au démarrage." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1752 +#: sssd.conf.5.xml:1753 msgid "Default: 0 (only the root user is allowed to access the PAC responder)" msgstr "" "Par défaut : 0 (seul l'utilisateur root est autorisé à accéder au répondeur " "PAC)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1756 +#: sssd.conf.5.xml:1757 msgid "" "Please note that although the UID 0 is used as the default it will be " "overwritten with this option. If you still want to allow the root user to " @@ -2444,24 +2413,24 @@ msgstr "" "0 à la liste des UID d'utilisateurs autorisés." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1765 +#: sssd.conf.5.xml:1766 msgid "pac_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1768 +#: sssd.conf.5.xml:1769 msgid "" "Lifetime of the PAC entry in seconds. As long as the PAC is valid the PAC " "data can be used to determine the group memberships of a user." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1781 +#: sssd.conf.5.xml:1782 msgid "Session recording configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1783 +#: sssd.conf.5.xml:1784 msgid "" "Session recording works in conjunction with <citerefentry> " "<refentrytitle>tlog-rec-session</refentrytitle> <manvolnum>8</manvolnum> </" @@ -2471,66 +2440,66 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1796 +#: sssd.conf.5.xml:1797 msgid "These options can be used to configure session recording." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1800 sssd-session-recording.5.xml:64 +#: sssd.conf.5.xml:1801 sssd-session-recording.5.xml:64 msgid "scope (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1807 sssd-session-recording.5.xml:71 +#: sssd.conf.5.xml:1808 sssd-session-recording.5.xml:71 msgid "\"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1810 sssd-session-recording.5.xml:74 +#: sssd.conf.5.xml:1811 sssd-session-recording.5.xml:74 msgid "No users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1815 sssd-session-recording.5.xml:79 +#: sssd.conf.5.xml:1816 sssd-session-recording.5.xml:79 msgid "\"some\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1818 sssd-session-recording.5.xml:82 +#: sssd.conf.5.xml:1819 sssd-session-recording.5.xml:82 msgid "" "Users/groups specified by <replaceable>users</replaceable> and " "<replaceable>groups</replaceable> options are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1827 sssd-session-recording.5.xml:91 +#: sssd.conf.5.xml:1828 sssd-session-recording.5.xml:91 msgid "\"all\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1830 sssd-session-recording.5.xml:94 +#: sssd.conf.5.xml:1831 sssd-session-recording.5.xml:94 msgid "All users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1803 sssd-session-recording.5.xml:67 +#: sssd.conf.5.xml:1804 sssd-session-recording.5.xml:67 msgid "" "One of the following strings specifying the scope of session recording: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1837 sssd-session-recording.5.xml:101 +#: sssd.conf.5.xml:1838 sssd-session-recording.5.xml:101 msgid "Default: \"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1842 sssd-session-recording.5.xml:106 +#: sssd.conf.5.xml:1843 sssd-session-recording.5.xml:106 msgid "users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1845 sssd-session-recording.5.xml:109 +#: sssd.conf.5.xml:1846 sssd-session-recording.5.xml:109 msgid "" "A comma-separated list of users which should have session recording enabled. " "Matches user names as returned by NSS. I.e. after the possible space " @@ -2538,17 +2507,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1851 sssd-session-recording.5.xml:115 +#: sssd.conf.5.xml:1852 sssd-session-recording.5.xml:115 msgid "Default: Empty. Matches no users." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1856 sssd-session-recording.5.xml:120 +#: sssd.conf.5.xml:1857 sssd-session-recording.5.xml:120 msgid "groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1859 sssd-session-recording.5.xml:123 +#: sssd.conf.5.xml:1860 sssd-session-recording.5.xml:123 msgid "" "A comma-separated list of groups, members of which should have session " "recording enabled. Matches group names as returned by NSS. I.e. after the " @@ -2556,7 +2525,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1865 sssd-session-recording.5.xml:129 +#: sssd.conf.5.xml:1866 sssd-session-recording.5.xml:129 msgid "" "NOTE: using this option (having it set to anything) has a considerable " "performance cost, because each uncached request for a user requires " @@ -2564,22 +2533,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1872 sssd-session-recording.5.xml:136 +#: sssd.conf.5.xml:1873 sssd-session-recording.5.xml:136 msgid "Default: Empty. Matches no groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1882 +#: sssd.conf.5.xml:1883 msgid "DOMAIN SECTIONS" msgstr "SECTIONS DOMAINES" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1889 +#: sssd.conf.5.xml:1890 msgid "domain_type (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1892 +#: sssd.conf.5.xml:1893 msgid "" "Specifies whether the domain is meant to be used by POSIX-aware clients such " "as the Name Service Switch or by applications that do not need POSIX data to " @@ -2588,14 +2557,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1900 +#: sssd.conf.5.xml:1901 msgid "" "Allowed values for this option are <quote>posix</quote> and " "<quote>application</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1904 +#: sssd.conf.5.xml:1905 msgid "" "POSIX domains are reachable by all services. Application domains are only " "reachable from the InfoPipe responder (see <citerefentry> " @@ -2604,31 +2573,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1912 +#: sssd.conf.5.xml:1913 msgid "" "NOTE: The application domains are currently well tested with " "<quote>id_provider=ldap</quote> only." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1916 +#: sssd.conf.5.xml:1917 msgid "" "For an easy way to configure a non-POSIX domains, please see the " "<quote>Application domains</quote> section." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1920 +#: sssd.conf.5.xml:1921 msgid "Default: posix" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1926 +#: sssd.conf.5.xml:1927 msgid "min_id,max_id (integer)" msgstr "min_id,max_id (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1929 +#: sssd.conf.5.xml:1930 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." @@ -2637,7 +2606,7 @@ msgstr "" "dehors de ces limites, elle est ignorée." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1934 +#: sssd.conf.5.xml:1935 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For non-" @@ -2650,7 +2619,7 @@ msgstr "" "qui sont dans la plage seront rapportés comme prévu." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1941 +#: sssd.conf.5.xml:1942 msgid "" "These ID limits affect even saving entries to cache, not only returning them " "by name or ID." @@ -2659,17 +2628,17 @@ msgstr "" "pas seulement leur recherche par nom ou identifiant." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1945 +#: sssd.conf.5.xml:1946 msgid "Default: 1 for min_id, 0 (no limit) for max_id" msgstr "Default: 1 for min_id, 0 (no limit) for max_id" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1951 +#: sssd.conf.5.xml:1952 msgid "enumerate (bool)" msgstr "enumerate (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1954 +#: sssd.conf.5.xml:1955 msgid "" "Determines if a domain can be enumerated, that is, whether the domain can " "list all the users and group it contains. Note that it is not required to " @@ -2678,29 +2647,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1962 +#: sssd.conf.5.xml:1963 msgid "TRUE = Users and groups are enumerated" msgstr "TRUE = utilisateurs et groupes sont énumérés" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1965 +#: sssd.conf.5.xml:1966 msgid "FALSE = No enumerations for this domain" msgstr "FALSE = aucune énumération pour ce domaine" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1968 sssd.conf.5.xml:2190 sssd.conf.5.xml:2365 +#: sssd.conf.5.xml:1969 sssd.conf.5.xml:2191 sssd.conf.5.xml:2366 msgid "Default: FALSE" msgstr "Par défaut : FALSE" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1971 +#: sssd.conf.5.xml:1972 msgid "" "Enumerating a domain requires SSSD to download and store ALL user and group " "entries from the remote server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1976 +#: sssd.conf.5.xml:1977 msgid "" "Note: Enabling enumeration has a moderate performance impact on SSSD while " "enumeration is running. It may take up to several minutes after SSSD startup " @@ -2714,7 +2683,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1991 +#: sssd.conf.5.xml:1992 msgid "" "While the first enumeration is running, requests for the complete user or " "group lists may return no results until it completes." @@ -2724,7 +2693,7 @@ msgstr "" "l'énumération ne se termine." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1996 +#: sssd.conf.5.xml:1997 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " @@ -2738,7 +2707,7 @@ msgstr "" "fournisseur d'identité spécifique utilisé." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2004 +#: sssd.conf.5.xml:2005 msgid "" "For the reasons cited above, enabling enumeration is not recommended, " "especially in large environments." @@ -2747,32 +2716,32 @@ msgstr "" "déconseillée, surtout dans les environnements de grande taille." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2012 +#: sssd.conf.5.xml:2013 msgid "subdomain_enumerate (string)" msgstr "subdomain_enumerate (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2019 +#: sssd.conf.5.xml:2020 msgid "all" msgstr "all" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2020 +#: sssd.conf.5.xml:2021 msgid "All discovered trusted domains will be enumerated" msgstr "Tous les domaines approuvés découverts seront énumérés" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2023 +#: sssd.conf.5.xml:2024 msgid "none" msgstr "none" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2024 +#: sssd.conf.5.xml:2025 msgid "No discovered trusted domains will be enumerated" msgstr "Aucun domaine approuvé découvert ne sera énuméré" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2015 +#: sssd.conf.5.xml:2016 msgid "" "Whether any of autodetected trusted domains should be enumerated. The " "supported values are: <placeholder type=\"variablelist\" id=\"0\"/> " @@ -2786,12 +2755,12 @@ msgstr "" "activer l'énumération pour ces seuls domaines." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2038 +#: sssd.conf.5.xml:2039 msgid "entry_cache_timeout (integer)" msgstr "entry_cache_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2041 +#: sssd.conf.5.xml:2042 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" @@ -2800,7 +2769,7 @@ msgstr "" "comme valides avant de les redemander au moteur" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2045 +#: sssd.conf.5.xml:2046 msgid "" "The cache expiration timestamps are stored as attributes of individual " "objects in the cache. Therefore, changing the cache timeout only has effect " @@ -2818,17 +2787,17 @@ msgstr "" "rafraîchissement des entrées qui sont déjà en cache." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2058 +#: sssd.conf.5.xml:2059 msgid "Default: 5400" msgstr "Par défaut : 5400" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2064 +#: sssd.conf.5.xml:2065 msgid "entry_cache_user_timeout (integer)" msgstr "entry_cache_user_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2067 +#: sssd.conf.5.xml:2068 msgid "" "How many seconds should nss_sss consider user entries valid before asking " "the backend again" @@ -2837,19 +2806,19 @@ msgstr "" "d'utilisateurs comme valides avant de les redemander au moteur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2071 sssd.conf.5.xml:2084 sssd.conf.5.xml:2097 -#: sssd.conf.5.xml:2110 sssd.conf.5.xml:2123 sssd.conf.5.xml:2137 -#: sssd.conf.5.xml:2151 +#: sssd.conf.5.xml:2072 sssd.conf.5.xml:2085 sssd.conf.5.xml:2098 +#: sssd.conf.5.xml:2111 sssd.conf.5.xml:2124 sssd.conf.5.xml:2138 +#: sssd.conf.5.xml:2152 msgid "Default: entry_cache_timeout" msgstr "Par défaut : entry_cache_timeout" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2077 +#: sssd.conf.5.xml:2078 msgid "entry_cache_group_timeout (integer)" msgstr "entry_cache_group_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2080 +#: sssd.conf.5.xml:2081 msgid "" "How many seconds should nss_sss consider group entries valid before asking " "the backend again" @@ -2858,12 +2827,12 @@ msgstr "" "groupes comme valides avant de les redemander au moteur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2090 +#: sssd.conf.5.xml:2091 msgid "entry_cache_netgroup_timeout (integer)" msgstr "entry_cache_netgroup_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2093 +#: sssd.conf.5.xml:2094 msgid "" "How many seconds should nss_sss consider netgroup entries valid before " "asking the backend again" @@ -2872,12 +2841,12 @@ msgstr "" "netgroup comme valides avant de les redemander au moteur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2103 +#: sssd.conf.5.xml:2104 msgid "entry_cache_service_timeout (integer)" msgstr "entry_cache_service_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2106 +#: sssd.conf.5.xml:2107 msgid "" "How many seconds should nss_sss consider service entries valid before asking " "the backend again" @@ -2886,12 +2855,12 @@ msgstr "" "service valides avant de les redemander au moteur" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2116 +#: sssd.conf.5.xml:2117 msgid "entry_cache_sudo_timeout (integer)" msgstr "entry_cache_sudo_timeout (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2119 +#: sssd.conf.5.xml:2120 msgid "" "How many seconds should sudo consider rules valid before asking the backend " "again" @@ -2900,12 +2869,12 @@ msgstr "" "valides avant de les redemander au moteur" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2129 +#: sssd.conf.5.xml:2130 msgid "entry_cache_autofs_timeout (integer)" msgstr "entry_cache_autofs_timeout (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2132 +#: sssd.conf.5.xml:2133 msgid "" "How many seconds should the autofs service consider automounter maps valid " "before asking the backend again" @@ -2914,12 +2883,12 @@ msgstr "" "cartes d'automontage comme valides avant de les redemander au moteur" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2143 +#: sssd.conf.5.xml:2144 msgid "entry_cache_ssh_host_timeout (integer)" msgstr "entry_cache_ssh_host_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2146 +#: sssd.conf.5.xml:2147 msgid "" "How many seconds to keep a host ssh key after refresh. IE how long to cache " "the host key for." @@ -2928,12 +2897,12 @@ msgstr "" "rafraichissement. I.e. combien de temps mettre la clé en cache." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2157 +#: sssd.conf.5.xml:2158 msgid "refresh_expired_interval (integer)" msgstr "refresh_expired_interval (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2160 +#: sssd.conf.5.xml:2161 msgid "" "Specifies how many seconds SSSD has to wait before triggering a background " "refresh task which will refresh all expired or nearly expired records." @@ -2943,48 +2912,48 @@ msgstr "" "enregistrements expirés ou sur le point de l'être." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2165 +#: sssd.conf.5.xml:2166 msgid "" "The background refresh will process users, groups and netgroups in the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2169 +#: sssd.conf.5.xml:2170 msgid "You can consider setting this value to 3/4 * entry_cache_timeout." msgstr "" "Il est envisageable de configurer cette valeur à 3/4 * entry_cache_timeout." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2173 sssd-ldap.5.xml:746 sssd-ipa.5.xml:254 +#: sssd.conf.5.xml:2174 sssd-ldap.5.xml:784 sssd-ipa.5.xml:254 msgid "Default: 0 (disabled)" msgstr "Par défaut : 0 (désactivé)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2179 +#: sssd.conf.5.xml:2180 msgid "cache_credentials (bool)" msgstr "cache_credentials (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2182 +#: sssd.conf.5.xml:2183 msgid "Determines if user credentials are also cached in the local LDB cache" msgstr "" "Détermine si les données d'identification de l'utilisateur sont aussi mis en " "cache dans le cache LDB local" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2186 +#: sssd.conf.5.xml:2187 msgid "User credentials are stored in a SHA512 hash, not in plaintext" msgstr "" "Les informations d'identification utilisateur sont stockées dans une table " "de hachage SHA512, et non en texte brut" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2196 +#: sssd.conf.5.xml:2197 msgid "cache_credentials_minimal_first_factor_length (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2199 +#: sssd.conf.5.xml:2200 msgid "" "If 2-Factor-Authentication (2FA) is used and credentials should be saved " "this value determines the minimal length the first authentication factor " @@ -2992,24 +2961,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2206 +#: sssd.conf.5.xml:2207 msgid "" "This should avoid that the short PINs of a PIN based 2FA scheme are saved in " "the cache which would make them easy targets for brute-force attacks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2211 +#: sssd.conf.5.xml:2212 msgid "Default: 8" msgstr "Par défaut : 8" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2217 +#: sssd.conf.5.xml:2218 msgid "account_cache_expiration (integer)" msgstr "account_cache_expiration (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2220 +#: sssd.conf.5.xml:2221 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " @@ -3022,17 +2991,17 @@ msgstr "" "paramètre doit être supérieur ou égal à offline_credentials_expiration." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2227 +#: sssd.conf.5.xml:2228 msgid "Default: 0 (unlimited)" msgstr "Par défaut : 0 (illimité)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2232 +#: sssd.conf.5.xml:2233 msgid "pwd_expiration_warning (integer)" msgstr "pwd_expiration_warning (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2243 +#: sssd.conf.5.xml:2244 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -3045,17 +3014,17 @@ msgstr "" "fournisseur oauth doit être configuré pour le moteur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2250 +#: sssd.conf.5.xml:2251 msgid "Default: 7 (Kerberos), 0 (LDAP)" msgstr "Par défaut : 7 (Kerberos), 0 (LDAP)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2256 +#: sssd.conf.5.xml:2257 msgid "id_provider (string)" msgstr "id_provider (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2259 +#: sssd.conf.5.xml:2260 msgid "" "The identification provider used for the domain. Supported ID providers are:" msgstr "" @@ -3063,18 +3032,18 @@ msgstr "" "d'identification pris en charge sont :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2263 +#: sssd.conf.5.xml:2264 msgid "<quote>proxy</quote>: Support a legacy NSS provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2266 +#: sssd.conf.5.xml:2267 msgid "" "<quote>local</quote>: SSSD internal provider for local users (DEPRECATED)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2270 +#: sssd.conf.5.xml:2271 msgid "" "<quote>files</quote>: FILES provider. See <citerefentry> <refentrytitle>sssd-" "files</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -3082,7 +3051,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2278 +#: sssd.conf.5.xml:2279 msgid "" "<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -3094,8 +3063,8 @@ msgstr "" "LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2286 sssd.conf.5.xml:2391 sssd.conf.5.xml:2446 -#: sssd.conf.5.xml:2509 +#: sssd.conf.5.xml:2287 sssd.conf.5.xml:2392 sssd.conf.5.xml:2447 +#: sssd.conf.5.xml:2510 msgid "" "<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management " "provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " @@ -3108,8 +3077,8 @@ msgstr "" "configuration de FreeIPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2295 sssd.conf.5.xml:2400 sssd.conf.5.xml:2455 -#: sssd.conf.5.xml:2518 +#: sssd.conf.5.xml:2296 sssd.conf.5.xml:2401 sssd.conf.5.xml:2456 +#: sssd.conf.5.xml:2519 msgid "" "<quote>ad</quote>: Active Directory provider. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3121,12 +3090,12 @@ msgstr "" "d'Active Directory." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2306 +#: sssd.conf.5.xml:2307 msgid "use_fully_qualified_names (bool)" msgstr "use_fully_qualified_names (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2309 +#: sssd.conf.5.xml:2310 msgid "" "Use the full name and domain (as formatted by the domain's full_name_format) " "as the user's login name reported to NSS." @@ -3136,7 +3105,7 @@ msgstr "" "communiqué à NSS." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2314 +#: sssd.conf.5.xml:2315 msgid "" "If set to TRUE, all requests to this domain must use fully qualified names. " "For example, if used in LOCAL domain that contains a \"test\" user, " @@ -3150,7 +3119,7 @@ msgstr "" "trouve." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2322 +#: sssd.conf.5.xml:2323 msgid "" "NOTE: This option has no effect on netgroup lookups due to their tendency to " "include nested netgroups without qualified names. For netgroups, all domains " @@ -3162,22 +3131,22 @@ msgstr "" "qualifié sera demandé." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2329 +#: sssd.conf.5.xml:2330 msgid "Default: FALSE (TRUE if default_domain_suffix is used)" msgstr "Par défaut : false (true si default_domain_suffix est utilisée)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2335 +#: sssd.conf.5.xml:2336 msgid "ignore_group_members (bool)" msgstr "ignore_group_members (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2338 +#: sssd.conf.5.xml:2339 msgid "Do not return group members for group lookups." msgstr "Ne pas envoyer les membres des groupes sur les recherches de groupes." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2341 +#: sssd.conf.5.xml:2342 msgid "" "If set to TRUE, the group membership attribute is not requested from the " "ldap server, and group members are not returned when processing group lookup " @@ -3189,7 +3158,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2359 +#: sssd.conf.5.xml:2360 msgid "" "Enabling this option can also make access provider checks for group " "membership significantly faster, especially for groups containing many " @@ -3197,12 +3166,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2370 +#: sssd.conf.5.xml:2371 msgid "auth_provider (string)" msgstr "auth_provider (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2373 +#: sssd.conf.5.xml:2374 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" @@ -3211,7 +3180,7 @@ msgstr "" "pris en charge sont :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2377 sssd.conf.5.xml:2439 +#: sssd.conf.5.xml:2378 sssd.conf.5.xml:2440 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3223,7 +3192,7 @@ msgstr "" "LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2384 +#: sssd.conf.5.xml:2385 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3234,7 +3203,7 @@ msgstr "" "citerefentry> pour plus d'informations sur la configuration de Kerberos." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2408 +#: sssd.conf.5.xml:2409 msgid "" "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "" @@ -3242,18 +3211,18 @@ msgstr "" "PAM." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2411 +#: sssd.conf.5.xml:2412 msgid "<quote>local</quote>: SSSD internal provider for local users" msgstr "" "<quote>local</quote> : Fournisseur interne SSSD pour les utilisateurs locaux" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2415 +#: sssd.conf.5.xml:2416 msgid "<quote>none</quote> disables authentication explicitly." msgstr "<quote>none</quote> désactive l'authentification explicitement." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2418 +#: sssd.conf.5.xml:2419 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." @@ -3262,12 +3231,12 @@ msgstr "" "gérer les requêtes d'authentification." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2424 +#: sssd.conf.5.xml:2425 msgid "access_provider (string)" msgstr "access_provider (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2427 +#: sssd.conf.5.xml:2428 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " @@ -3278,7 +3247,7 @@ msgstr "" "installés). Les fournisseurs internes spécifiques sont :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2433 +#: sssd.conf.5.xml:2434 msgid "" "<quote>permit</quote> always allow access. It's the only permitted access " "provider for a local domain." @@ -3287,12 +3256,12 @@ msgstr "" "d'accès autorisé pour un domaine local." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2436 +#: sssd.conf.5.xml:2437 msgid "<quote>deny</quote> always deny access." msgstr "<quote>deny</quote> toujours refuser les accès." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2463 +#: sssd.conf.5.xml:2464 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" @@ -3305,7 +3274,7 @@ msgstr "" "d'informations sur la configuration du module d'accès simple." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2470 +#: sssd.conf.5.xml:2471 msgid "" "<quote>krb5</quote>: .k5login based access control. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum></" @@ -3313,22 +3282,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2477 +#: sssd.conf.5.xml:2478 msgid "<quote>proxy</quote> for relaying access control to another PAM module." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2480 +#: sssd.conf.5.xml:2481 msgid "Default: <quote>permit</quote>" msgstr "Par défaut : <quote>permit</quote>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2485 +#: sssd.conf.5.xml:2486 msgid "chpass_provider (string)" msgstr "chpass_provider (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2488 +#: sssd.conf.5.xml:2489 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" @@ -3337,7 +3306,7 @@ msgstr "" "domaine. Les fournisseurs pris en charge sont :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2493 +#: sssd.conf.5.xml:2494 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -3345,7 +3314,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2501 +#: sssd.conf.5.xml:2502 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3357,7 +3326,7 @@ msgstr "" "Kerberos." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2526 +#: sssd.conf.5.xml:2527 msgid "" "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "" @@ -3365,14 +3334,14 @@ msgstr "" "autre cible PAM." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2530 +#: sssd.conf.5.xml:2531 msgid "<quote>none</quote> disallows password changes explicitly." msgstr "" "<quote>none</quote> pour désactiver explicitement le changement de mot de " "passe." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2533 +#: sssd.conf.5.xml:2534 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." @@ -3381,19 +3350,19 @@ msgstr "" "peut gérer les changements de mot de passe." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2540 +#: sssd.conf.5.xml:2541 msgid "sudo_provider (string)" msgstr "sudo_provider (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2543 +#: sssd.conf.5.xml:2544 msgid "The SUDO provider used for the domain. Supported SUDO providers are:" msgstr "" "Le fournisseur SUDO, utilisé pour le domaine. Les fournisseurs SUDO pris en " "charge sont :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2547 +#: sssd.conf.5.xml:2548 msgid "" "<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3405,7 +3374,7 @@ msgstr "" "LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2555 +#: sssd.conf.5.xml:2556 msgid "" "<quote>ipa</quote> the same as <quote>ldap</quote> but with IPA default " "settings." @@ -3414,7 +3383,7 @@ msgstr "" "par défaut pour IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2559 +#: sssd.conf.5.xml:2560 msgid "" "<quote>ad</quote> the same as <quote>ldap</quote> but with AD default " "settings." @@ -3423,20 +3392,20 @@ msgstr "" "par défaut pour AD." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2563 +#: sssd.conf.5.xml:2564 msgid "<quote>none</quote> disables SUDO explicitly." msgstr "<quote>none</quote> désactive explicitement SUDO." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2566 sssd.conf.5.xml:2652 sssd.conf.5.xml:2722 -#: sssd.conf.5.xml:2747 +#: sssd.conf.5.xml:2567 sssd.conf.5.xml:2653 sssd.conf.5.xml:2723 +#: sssd.conf.5.xml:2748 msgid "Default: The value of <quote>id_provider</quote> is used if it is set." msgstr "" "Par défaut : La valeur de <quote>id_provider</quote> est utilisée si elle " "est définie." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2570 +#: sssd.conf.5.xml:2571 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -3447,7 +3416,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2585 +#: sssd.conf.5.xml:2586 msgid "" "<emphasis>NOTE:</emphasis> Sudo rules are periodically downloaded in the " "background unless the sudo provider is explicitly disabled. Set " @@ -3456,12 +3425,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2595 +#: sssd.conf.5.xml:2596 msgid "selinux_provider (string)" msgstr "selinux_provider (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2598 +#: sssd.conf.5.xml:2599 msgid "" "The provider which should handle loading of selinux settings. Note that this " "provider will be called right after access provider ends. Supported selinux " @@ -3472,7 +3441,7 @@ msgstr "" "fournisseur d'accès. Les fournisseurs selinux pris en charge sont :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2604 +#: sssd.conf.5.xml:2605 msgid "" "<quote>ipa</quote> to load selinux settings from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3484,14 +3453,14 @@ msgstr "" "IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2612 +#: sssd.conf.5.xml:2613 msgid "<quote>none</quote> disallows fetching selinux settings explicitly." msgstr "" "<quote>none</quote> n'autorise pas la récupération explicite des paramètres " "selinux." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2615 +#: sssd.conf.5.xml:2616 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "selinux loading requests." @@ -3500,12 +3469,12 @@ msgstr "" "gérer le chargement selinux" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2621 +#: sssd.conf.5.xml:2622 msgid "subdomains_provider (string)" msgstr "subdomains_provider (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2624 +#: sssd.conf.5.xml:2625 msgid "" "The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider. Supported subdomain providers are:" @@ -3515,7 +3484,7 @@ msgstr "" "fournisseurs de sous-domaine pris en charge sont :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2630 +#: sssd.conf.5.xml:2631 msgid "" "<quote>ipa</quote> to load a list of subdomains from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3527,7 +3496,7 @@ msgstr "" "IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2639 +#: sssd.conf.5.xml:2640 msgid "" "<quote>ad</quote> to load a list of subdomains from an Active Directory " "server. See <citerefentry> <refentrytitle>sssd-ad</refentrytitle> " @@ -3536,18 +3505,18 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2648 +#: sssd.conf.5.xml:2649 msgid "<quote>none</quote> disallows fetching subdomains explicitly." msgstr "" "<quote>none</quote> désactive la récupération explicite des sous-domaines." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2658 +#: sssd.conf.5.xml:2659 msgid "session_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2661 +#: sssd.conf.5.xml:2662 msgid "" "The provider which configures and manages user session related tasks. The " "only user session task currently provided is the integration with Fleet " @@ -3555,37 +3524,37 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2668 +#: sssd.conf.5.xml:2669 msgid "<quote>ipa</quote> to allow performing user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2672 +#: sssd.conf.5.xml:2673 msgid "" "<quote>none</quote> does not perform any kind of user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2676 +#: sssd.conf.5.xml:2677 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can perform " "session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2680 +#: sssd.conf.5.xml:2681 msgid "" "<emphasis>NOTE:</emphasis> In order to have this feature working as expected " "SSSD must be running as \"root\" and not as the unprivileged user." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2688 +#: sssd.conf.5.xml:2689 msgid "autofs_provider (string)" msgstr "autofs_provider (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2691 +#: sssd.conf.5.xml:2692 msgid "" "The autofs provider used for the domain. Supported autofs providers are:" msgstr "" @@ -3593,7 +3562,7 @@ msgstr "" "en charge sont :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2695 +#: sssd.conf.5.xml:2696 msgid "" "<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3605,7 +3574,7 @@ msgstr "" "LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2702 +#: sssd.conf.5.xml:2703 msgid "" "<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> " "<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3617,7 +3586,7 @@ msgstr "" "IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2710 +#: sssd.conf.5.xml:2711 msgid "" "<quote>ad</quote> to load maps stored in an AD server. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3625,17 +3594,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2719 +#: sssd.conf.5.xml:2720 msgid "<quote>none</quote> disables autofs explicitly." msgstr "<quote>none</quote> désactive explicitement autofs." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2729 +#: sssd.conf.5.xml:2730 msgid "hostid_provider (string)" msgstr "hostid_provider (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2732 +#: sssd.conf.5.xml:2733 msgid "" "The provider used for retrieving host identity information. Supported " "hostid providers are:" @@ -3644,7 +3613,7 @@ msgstr "" "systèmes. Les fournisseurs de hostid pris en charge sont :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2736 +#: sssd.conf.5.xml:2737 msgid "" "<quote>ipa</quote> to load host identity stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3656,12 +3625,12 @@ msgstr "" "configuration de IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2744 +#: sssd.conf.5.xml:2745 msgid "<quote>none</quote> disables hostid explicitly." msgstr "<quote>none</quote> désactive explicitement hostid." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2757 +#: sssd.conf.5.xml:2758 msgid "" "Regular expression for this domain that describes how to parse the string " "containing user name and domain into these components. The \"domain\" can " @@ -3677,7 +3646,7 @@ msgstr "" "domaine." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2766 +#: sssd.conf.5.xml:2767 msgid "" "Default for the AD and IPA provider: <quote>(((?P<domain>[^\\\\]+)\\" "\\(?P<name>.+$))|((?P<name>[^@]+)@(?P<domain>.+$))|(^(?" @@ -3690,22 +3659,22 @@ msgstr "" "styles différents pour les noms d'utilisateurs :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2771 +#: sssd.conf.5.xml:2772 msgid "username" msgstr "username" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2774 +#: sssd.conf.5.xml:2775 msgid "username@domain.name" msgstr "username@domain.name" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2777 +#: sssd.conf.5.xml:2778 msgid "domain\\username" msgstr "domain\\username" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2780 +#: sssd.conf.5.xml:2781 msgid "" "While the first two correspond to the general default the third one is " "introduced to allow easy integration of users from Windows domains." @@ -3715,7 +3684,7 @@ msgstr "" "utilisateurs de domaines Windows." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2785 +#: sssd.conf.5.xml:2786 msgid "" "Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " "which translates to \"the name is everything up to the <quote>@</quote> " @@ -3726,7 +3695,7 @@ msgstr "" "importe le domaine après »" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2791 +#: sssd.conf.5.xml:2792 msgid "" "NOTE: Some Active Directory groups, typically those used for MS Exchange " "contain an <quote>@</quote> sign in the name, which clashes with the default " @@ -3736,17 +3705,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2842 +#: sssd.conf.5.xml:2843 msgid "Default: <quote>%1$s@%2$s</quote>." msgstr "Par défaut : <quote>%1$s@%2$s</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2848 +#: sssd.conf.5.xml:2849 msgid "lookup_family_order (string)" msgstr "lookup_family_order (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2851 +#: sssd.conf.5.xml:2852 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." @@ -3755,48 +3724,48 @@ msgstr "" "utiliser pour effectuer les requêtes DNS." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2855 +#: sssd.conf.5.xml:2856 msgid "Supported values:" msgstr "Valeurs prises en charge :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2858 +#: sssd.conf.5.xml:2859 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" msgstr "" "ipv4_first : essayer de chercher une adresse IPv4, et en cas d'échec, " "essayer IPv6." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2861 +#: sssd.conf.5.xml:2862 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." msgstr "" "ipv4_only : ne tenter de résoudre les noms de systèmes qu'en adresses IPv4." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2864 +#: sssd.conf.5.xml:2865 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" msgstr "" "ipv6_first : essayer de chercher une adresse IPv6, et en cas d'échec, tenter " "IPv4." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2867 +#: sssd.conf.5.xml:2868 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." msgstr "" "ipv6_only : ne tenter de résoudre les noms de systèmes qu'en adresses IPv6." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2870 +#: sssd.conf.5.xml:2871 msgid "Default: ipv4_first" msgstr "Par défaut : ipv4_first" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2876 +#: sssd.conf.5.xml:2877 msgid "dns_resolver_timeout (integer)" msgstr "dns_resolver_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2879 +#: sssd.conf.5.xml:2880 msgid "" "Defines the amount of time (in seconds) to wait for a reply from the " "internal fail over service before assuming that the service is unreachable. " @@ -3805,25 +3774,25 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2886 +#: sssd.conf.5.xml:2887 msgid "" "Please see the section <quote>FAILOVER</quote> for more information about " "the service resolution." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2891 sssd-ldap.5.xml:1337 sssd-ldap.5.xml:1379 -#: sssd-ldap.5.xml:1397 sssd-krb5.5.xml:248 +#: sssd.conf.5.xml:2892 sssd-ldap.5.xml:1375 sssd-ldap.5.xml:1417 +#: sssd-ldap.5.xml:1435 sssd-krb5.5.xml:248 msgid "Default: 6" msgstr "Par défaut : 6" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2897 +#: sssd.conf.5.xml:2898 msgid "dns_discovery_domain (string)" msgstr "dns_discovery_domain (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2900 +#: sssd.conf.5.xml:2901 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." @@ -3832,54 +3801,54 @@ msgstr "" "du domaine faisant partie de la requête DNS de découverte de services." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2904 +#: sssd.conf.5.xml:2905 msgid "Default: Use the domain part of machine's hostname" msgstr "" "Par défaut : utiliser la partie du domaine qui est dans le nom de système de " "la machine." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2910 +#: sssd.conf.5.xml:2911 msgid "override_gid (integer)" msgstr "override_gid (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2913 +#: sssd.conf.5.xml:2914 msgid "Override the primary GID value with the one specified." msgstr "Redéfinit le GID primaire avec la valeur spécifiée." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2919 +#: sssd.conf.5.xml:2920 msgid "case_sensitive (string)" msgstr "case_sensitive (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2930 +#: sssd.conf.5.xml:2931 msgid "True" msgstr "True" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2933 +#: sssd.conf.5.xml:2934 msgid "Case sensitive. This value is invalid for AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2939 +#: sssd.conf.5.xml:2940 msgid "False" msgstr "False" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2941 +#: sssd.conf.5.xml:2942 msgid "Case insensitive." msgstr "Insensible à la casse." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2945 +#: sssd.conf.5.xml:2946 msgid "Preserving" msgstr "Preserving" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2948 +#: sssd.conf.5.xml:2949 msgid "" "Same as False (case insensitive), but does not lowercase names in the result " "of NSS operations. Note that name aliases (and in case of services also " @@ -3891,7 +3860,7 @@ msgstr "" "sortie." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2922 +#: sssd.conf.5.xml:2923 msgid "" "Treat user and group names as case sensitive. <phrase condition=" "\"enable_local_provider\"> At the moment, this option is not supported in " @@ -3900,17 +3869,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2960 +#: sssd.conf.5.xml:2961 msgid "Default: True (False for AD provider)" msgstr "Par défaut : true (false pour le fournisseur AD)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2966 +#: sssd.conf.5.xml:2967 msgid "subdomain_inherit (string)" msgstr "subdomain_inherit (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2969 +#: sssd.conf.5.xml:2970 msgid "" "Specifies a list of configuration parameters that should be inherited by a " "subdomain. Please note that only selected parameters can be inherited. " @@ -3918,34 +3887,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2975 +#: sssd.conf.5.xml:2976 msgid "ignore_group_members" msgstr "ignore_group_members" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2978 +#: sssd.conf.5.xml:2979 msgid "ldap_purge_cache_timeout" msgstr "ldap_purge_cache_timeout" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2981 sssd-ldap.5.xml:1061 +#: sssd.conf.5.xml:2982 sssd-ldap.5.xml:1099 msgid "ldap_use_tokengroups" msgstr "ldap_use_tokengroups" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2984 +#: sssd.conf.5.xml:2985 msgid "ldap_user_principal" msgstr "ldap_user_principal" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2987 +#: sssd.conf.5.xml:2988 msgid "" "ldap_krb5_keytab (the value of krb5_keytab will be used if ldap_krb5_keytab " "is not set explicitly)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:2993 +#: sssd.conf.5.xml:2994 #, no-wrap msgid "" "subdomain_inherit = ldap_purge_cache_timeout\n" @@ -3955,32 +3924,32 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2991 sssd-secrets.5.xml:448 +#: sssd.conf.5.xml:2992 sssd-secrets.5.xml:448 msgid "Example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "Exemple : <placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3000 +#: sssd.conf.5.xml:3001 msgid "Note: This option only works with the IPA and AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3007 +#: sssd.conf.5.xml:3008 msgid "subdomain_homedir (string)" msgstr "subdomain_homedir (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3018 +#: sssd.conf.5.xml:3019 msgid "%F" msgstr "%F" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3019 +#: sssd.conf.5.xml:3020 msgid "flat (NetBIOS) name of a subdomain." msgstr "nom plat (NetBIOS) d'un sous-domaine." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3010 +#: sssd.conf.5.xml:3011 msgid "" "Use this homedir as default value for all subdomains within this domain in " "IPA AD trust. See <emphasis>override_homedir</emphasis> for info about " @@ -3996,7 +3965,7 @@ msgstr "" "\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3024 +#: sssd.conf.5.xml:3025 msgid "" "The value can be overridden by <emphasis>override_homedir</emphasis> option." msgstr "" @@ -4004,17 +3973,17 @@ msgstr "" "emphasis>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3028 +#: sssd.conf.5.xml:3029 msgid "Default: <filename>/home/%d/%u</filename>" msgstr "Par défaut : <filename>/home/%d/%u</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3033 +#: sssd.conf.5.xml:3034 msgid "realmd_tags (string)" msgstr "realmd_tags (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3036 +#: sssd.conf.5.xml:3037 msgid "" "Various tags stored by the realmd configuration service for this domain." msgstr "" @@ -4022,25 +3991,33 @@ msgstr "" "ce domaine." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3042 +#: sssd.conf.5.xml:3043 msgid "cached_auth_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3045 +#: sssd.conf.5.xml:3046 msgid "" "Specifies time in seconds since last successful online authentication for " "which user will be authenticated using cached credentials while SSSD is in " -"the online mode." +"the online mode. If the credentials are incorrect, SSSD falls back to online " +"authentication." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3051 +#: sssd.conf.5.xml:3054 +msgid "" +"This option's value is inherited by all trusted domains. At the moment it is " +"not possible to set a different value per trusted domain." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3059 msgid "Special value 0 implies that this feature is disabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3055 +#: sssd.conf.5.xml:3063 msgid "" "Please note that if <quote>cached_auth_timeout</quote> is longer than " "<quote>pam_id_timeout</quote> then the back end could be called to handle " @@ -4048,43 +4025,123 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3066 +#: sssd.conf.5.xml:3074 msgid "auto_private_groups (string)" msgstr "" -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3069 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3080 +msgid "true" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3083 +msgid "" +"Create user's private group unconditionally from user's UID number. The GID " +"number is ignored in this case." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3087 +msgid "" +"NOTE: Because the GID number and the user private group are inferred from " +"the UID number, it is not supported to have multiple entries with the same " +"UID or GID number with this option. In other words, enabling this option " +"enforces uniqueness across the ID space." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3096 +#, fuzzy +#| msgid "False" +msgid "false" +msgstr "False" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3099 +msgid "" +"Always use the user's primary GID number. The GID number must refer to a " +"group object in the LDAP database." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3105 +msgid "hybrid" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3108 +msgid "" +"A primary group is autogenerated for user entries whose UID and GID numbers " +"have the same value and at the same time the GID number does not correspond " +"to a real group object in LDAP If the values are the same, but the primary " +"GID in the user entry is also used by a group object, the primary GID of the " +"user resolves to that group object." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3121 +msgid "" +"If the UID and GID of a user are different, then the GID must correspond to " +"a group entry, otherwise the GID is simply not resolvable." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3128 msgid "" -"If this option is enabled, SSSD will automatically create user private " -"groups based on user's UID number. The GID number is ignored in this case." +"This feature is useful for environments that wish to stop maintaining a " +"separate group objects for the user private groups, but also wish to retain " +"the existing user private groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3074 +#: sssd.conf.5.xml:3077 +#, fuzzy +#| msgid "" +#| "Options valid for proxy domains. <placeholder type=\"variablelist\" id=" +#| "\"0\"/>" msgid "" -"For POSIX subdomains, setting the option in the main domain is inherited in " -"the subdomain." +"This option takes any of three available values: <placeholder type=" +"\"variablelist\" id=\"0\"/>" msgstr "" +"Options valides pour les domaines proxy. <placeholder type=\"variablelist\" " +"id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3078 +#: sssd.conf.5.xml:3140 +msgid "" +"For subdomains, the default value is False for subdomains that use assigned " +"POSIX IDs and True for subdomains that use automatic ID-mapping." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd.conf.5.xml:3148 +#, no-wrap msgid "" -"For ID-mapping subdomains, auto_private_groups is already enabled for the " -"subdomains and setting it to false will not have any effect for the " -"subdomain." +"[domain/forest.domain/sub.domain]\n" +"auto_private_groups = false\n" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd.conf.5.xml:3154 +#, no-wrap +msgid "" +"[domain/forest.domain]\n" +"subdomain_inherit = auto_private_groups\n" +"auto_private_groups = false\n" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3083 +#: sssd.conf.5.xml:3145 msgid "" -"NOTE: Because the GID number and the user private group are inferred from " -"the UID number, it is not supported to have multiple entries with the same " -"UID or GID number with this option. In other words, enabling this option " -"enforces uniqueness across the ID space." +"The value of auto_private_groups can either be set per subdomains in a " +"subsection, for example: <placeholder type=\"programlisting\" id=\"0\"/> or " +"globally for all subdomains in the main domain section using the " +"subdomain_inherit option: <placeholder type=\"programlisting\" id=\"1\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1884 +#: sssd.conf.5.xml:1885 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called <quote>[domain/<replaceable>NAME</" @@ -4096,17 +4153,17 @@ msgstr "" "id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3102 +#: sssd.conf.5.xml:3169 msgid "proxy_pam_target (string)" msgstr "proxy_pam_target (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3105 +#: sssd.conf.5.xml:3172 msgid "The proxy target PAM proxies to." msgstr "Le proxy cible duquel PAM devient mandataire." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3108 +#: sssd.conf.5.xml:3175 msgid "" "Default: not set by default, you have to take an existing pam configuration " "or create a new one and add the service name here." @@ -4115,12 +4172,12 @@ msgstr "" "ou en créer une nouvelle et ajouter le nom de service ici." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3116 +#: sssd.conf.5.xml:3183 msgid "proxy_lib_name (string)" msgstr "proxy_lib_name (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3119 +#: sssd.conf.5.xml:3186 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " @@ -4131,12 +4188,12 @@ msgstr "" "$(libName)_$(function), par exemple _nss_files_getpwent." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3129 +#: sssd.conf.5.xml:3196 msgid "proxy_fast_alias (boolean)" msgstr "proxy_fast_alias (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3132 +#: sssd.conf.5.xml:3199 msgid "" "When a user or group is looked up by name in the proxy provider, a second " "lookup by ID is performed to \"canonicalize\" the name in case the requested " @@ -4150,12 +4207,12 @@ msgstr "" "afin d'améliorer les performances." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3146 +#: sssd.conf.5.xml:3213 msgid "proxy_max_children (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3149 +#: sssd.conf.5.xml:3216 msgid "" "This option specifies the number of pre-forked proxy children. It is useful " "for high-load SSSD environments where sssd may run out of available child " @@ -4163,7 +4220,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3098 +#: sssd.conf.5.xml:3165 msgid "" "Options valid for proxy domains. <placeholder type=\"variablelist\" id=" "\"0\"/>" @@ -4172,12 +4229,12 @@ msgstr "" "id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:3165 +#: sssd.conf.5.xml:3232 msgid "Application domains" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3167 +#: sssd.conf.5.xml:3234 msgid "" "SSSD, with its D-Bus interface (see <citerefentry> <refentrytitle>sssd-ifp</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry>) is appealing to " @@ -4194,7 +4251,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3187 +#: sssd.conf.5.xml:3254 msgid "" "Please note that the application domain must still be explicitly enabled in " "the <quote>domains</quote> parameter so that the lookup order between the " @@ -4202,17 +4259,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:3193 +#: sssd.conf.5.xml:3260 msgid "Application domain parameters" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3195 +#: sssd.conf.5.xml:3262 msgid "inherit_from (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3198 +#: sssd.conf.5.xml:3265 msgid "" "The SSSD POSIX-type domain the application domain inherits all settings " "from. The application domain can moreover add its own settings to the " @@ -4221,7 +4278,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3212 +#: sssd.conf.5.xml:3279 msgid "" "The following example illustrates the use of an application domain. In this " "setup, the POSIX domain is connected to an LDAP server and is used by the OS " @@ -4231,7 +4288,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><programlisting> -#: sssd.conf.5.xml:3220 +#: sssd.conf.5.xml:3287 #, no-wrap msgid "" "[sssd]\n" @@ -4251,12 +4308,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:3238 +#: sssd.conf.5.xml:3305 msgid "The local domain section" msgstr "La section du domaine local" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3240 +#: sssd.conf.5.xml:3307 msgid "" "This section contains settings for domain that stores users and groups in " "SSSD native database, that is, a domain that uses " @@ -4267,29 +4324,29 @@ msgstr "" "dire un domaine qui utilise <replaceable>id_provider=local</replaceable>." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3247 +#: sssd.conf.5.xml:3314 msgid "default_shell (string)" msgstr "default_shell (chaîne)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3250 +#: sssd.conf.5.xml:3317 msgid "The default shell for users created with SSSD userspace tools." msgstr "" "L'interpréteur de commandes par défaut pour les utilisateurs créés avec les " "outils en espace utilisateur SSSD." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3254 +#: sssd.conf.5.xml:3321 msgid "Default: <filename>/bin/bash</filename>" msgstr "Par défaut : <filename>/bin/bash</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3259 +#: sssd.conf.5.xml:3326 msgid "base_directory (string)" msgstr "base_directory (chaîne)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3262 +#: sssd.conf.5.xml:3329 msgid "" "The tools append the login name to <replaceable>base_directory</replaceable> " "and use that as the home directory." @@ -4298,17 +4355,17 @@ msgstr "" "replaceable> et l'utilisent comme dossier personnel." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3267 +#: sssd.conf.5.xml:3334 msgid "Default: <filename>/home</filename>" msgstr "Par défaut : <filename>/home</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3272 +#: sssd.conf.5.xml:3339 msgid "create_homedir (bool)" msgstr "create_homedir (booléen)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3275 +#: sssd.conf.5.xml:3342 msgid "" "Indicate if a home directory should be created by default for new users. " "Can be overridden on command line." @@ -4317,17 +4374,17 @@ msgstr "" "utilisateurs. Peut être outrepassé par la ligne de commande." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3279 sssd.conf.5.xml:3291 +#: sssd.conf.5.xml:3346 sssd.conf.5.xml:3358 msgid "Default: TRUE" msgstr "Par défaut : TRUE" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3284 +#: sssd.conf.5.xml:3351 msgid "remove_homedir (bool)" msgstr "remove_homedir (booléen)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3287 +#: sssd.conf.5.xml:3354 msgid "" "Indicate if a home directory should be removed by default for deleted " "users. Can be overridden on command line." @@ -4336,12 +4393,12 @@ msgstr "" "suppression des utilisateurs. Peut être outrepassé par la ligne de commande." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3296 +#: sssd.conf.5.xml:3363 msgid "homedir_umask (integer)" msgstr "homedir_umask (entier)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3299 +#: sssd.conf.5.xml:3366 msgid "" "Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " @@ -4352,17 +4409,17 @@ msgstr "" "défaut sur un répertoire personnel nouvellement créé." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3307 +#: sssd.conf.5.xml:3374 msgid "Default: 077" msgstr "Par défaut : 077" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3312 +#: sssd.conf.5.xml:3379 msgid "skel_dir (string)" msgstr "skel_dir (chaîne)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3315 +#: sssd.conf.5.xml:3382 msgid "" "The skeleton directory, which contains files and directories to be copied in " "the user's home directory, when the home directory is created by " @@ -4375,17 +4432,17 @@ msgstr "" "manvolnum> </citerefentry>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3325 +#: sssd.conf.5.xml:3392 msgid "Default: <filename>/etc/skel</filename>" msgstr "Par défaut : <filename>/etc/skel</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3330 +#: sssd.conf.5.xml:3397 msgid "mail_dir (string)" msgstr "mail_dir (chaîne)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3333 +#: sssd.conf.5.xml:3400 msgid "" "The mail spool directory. This is needed to manipulate the mailbox when its " "corresponding user account is modified or deleted. If not specified, a " @@ -4396,17 +4453,17 @@ msgstr "" "précisé, la valeur par défaut est utilisée." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3340 +#: sssd.conf.5.xml:3407 msgid "Default: <filename>/var/mail</filename>" msgstr "Par défaut : <filename>/var/mail</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3345 +#: sssd.conf.5.xml:3412 msgid "userdel_cmd (string)" msgstr "userdel_cmd (chaîne)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3348 +#: sssd.conf.5.xml:3415 msgid "" "The command that is run after a user is removed. The command us passed the " "username of the user being removed as the first and only parameter. The " @@ -4417,17 +4474,17 @@ msgstr "" "code en retour de la commande n'est pas pris en compte." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3354 +#: sssd.conf.5.xml:3421 msgid "Default: None, no command is run" msgstr "Par défaut : None, aucune commande lancée" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3364 +#: sssd.conf.5.xml:3431 msgid "TRUSTED DOMAIN SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3366 +#: sssd.conf.5.xml:3433 msgid "" "Some options used in the domain section can also be used in the trusted " "domain section, that is, in a section called <quote>[domain/" @@ -4438,64 +4495,71 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3373 +#: sssd.conf.5.xml:3440 msgid "ldap_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3374 +#: sssd.conf.5.xml:3441 msgid "ldap_user_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3375 +#: sssd.conf.5.xml:3442 msgid "ldap_group_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3376 +#: sssd.conf.5.xml:3443 msgid "ldap_netgroup_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3377 +#: sssd.conf.5.xml:3444 msgid "ldap_service_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3378 +#: sssd.conf.5.xml:3445 +#, fuzzy +#| msgid "ldap_sasl_mech (string)" +msgid "ldap_sasl_mech," +msgstr "ldap_sasl_mech (chaîne)" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:3446 msgid "ad_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3379 +#: sssd.conf.5.xml:3447 msgid "ad_backup_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3380 +#: sssd.conf.5.xml:3448 msgid "ad_site," msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3381 sssd-ipa.5.xml:797 +#: sssd.conf.5.xml:3449 sssd-ipa.5.xml:797 msgid "use_fully_qualified_names" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3383 +#: sssd.conf.5.xml:3451 msgid "" "For more details about these options see their individual description in the " "manual page." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3389 +#: sssd.conf.5.xml:3457 msgid "CERTIFICATE MAPPING SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3391 +#: sssd.conf.5.xml:3459 msgid "" "To allow authentication with Smartcards and certificates SSSD must be able " "to map certificates to users. This can be done by adding the full " @@ -4508,25 +4572,15 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3405 -#, fuzzy -#| msgid "" -#| "This manual page only describes attribute name mapping. For detailed " -#| "explanation of sudo related attribute semantics, see <citerefentry> " -#| "<refentrytitle>sudoers.ldap</refentrytitle><manvolnum>5</manvolnum> </" -#| "citerefentry>" +#: sssd.conf.5.xml:3473 msgid "" "To make the mapping more flexible mapping and matching rules were added to " "SSSD (see <citerefentry> <refentrytitle>sss-certmap</refentrytitle> " "<manvolnum>5</manvolnum> </citerefentry> for details)." msgstr "" -"Cette page de manuel décrit uniquement le mappage de noms d'attribut. Pour " -"une explication détaillée des sémantiques d'attributs relatives à sudo, cf. " -"<citerefentry><refentrytitle>sudoers.ldap</refentrytitle> <manvolnum>5</" -"manvolnum></citerefentry>" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3414 +#: sssd.conf.5.xml:3482 msgid "" "A mapping and matching rule can be added to the SSSD configuration in a " "section on its own with a name like <quote>[certmap/" @@ -4535,61 +4589,55 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3421 -#, fuzzy -#| msgid "user (string)" +#: sssd.conf.5.xml:3489 msgid "matchrule (string)" -msgstr "user (chaîne)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3424 +#: sssd.conf.5.xml:3492 msgid "" "Only certificates from the Smartcard which matches this rule will be " "processed, all others are ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3428 +#: sssd.conf.5.xml:3496 msgid "" "Default: KRB5:<EKU>clientAuth, i.e. only certificates which have the " "Extended Key Usage <quote>clientAuth</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3435 -#, fuzzy -#| msgid "user (string)" +#: sssd.conf.5.xml:3503 msgid "maprule (string)" -msgstr "user (chaîne)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3438 +#: sssd.conf.5.xml:3506 msgid "Defines how the user is found for a given certificate." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3444 +#: sssd.conf.5.xml:3512 msgid "" "LDAP:(userCertificate;binary={cert!bin}) for LDAP based providers like " "<quote>ldap</quote>, <quote>AD</quote> or <quote>ipa</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3450 +#: sssd.conf.5.xml:3518 msgid "" "The RULE_NAME for the <quote>files</quote> provider which tries to find a " "user with the same name." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3459 -#, fuzzy -#| msgid "ad_domain (string)" +#: sssd.conf.5.xml:3527 msgid "domains (string)" -msgstr "ad_domain (string)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3462 +#: sssd.conf.5.xml:3530 msgid "" "Comma separated list of domain names the rule should be applied. By default " "a rule is only valid in the domain configured in sssd.conf. If the provider " @@ -4598,19 +4646,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3469 +#: sssd.conf.5.xml:3537 msgid "Default: the configured domain in sssd.conf" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3474 -#, fuzzy -#| msgid "pam_verbosity (integer)" +#: sssd.conf.5.xml:3542 msgid "priority (integer)" -msgstr "pam_verbosity (entier)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3477 +#: sssd.conf.5.xml:3545 msgid "" "Unsigned integer value defining the priority of the rule. The higher the " "number the lower the priority. <quote>0</quote> stands for the highest " @@ -4618,28 +4664,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3483 -#, fuzzy -#| msgid "Default: homeDirectory" +#: sssd.conf.5.xml:3551 msgid "Default: the lowest priority" -msgstr "Par défaut : homeDirectory" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3489 +#: sssd.conf.5.xml:3557 msgid "" "To make the configuration simple and reduce the amount of configuration " "options the <quote>files</quote> provider has some special properties:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3495 +#: sssd.conf.5.xml:3563 msgid "" "if maprule is not set the RULE_NAME name is assumed to be the name of the " "matching user" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3501 +#: sssd.conf.5.xml:3569 msgid "" "if a maprule is used both a single user name or a template like " "<quote>{subject_rfc822_name.short_name}</quote> must be in braces like e.g. " @@ -4648,17 +4692,140 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3510 +#: sssd.conf.5.xml:3578 msgid "the <quote>domains</quote> option is ignored" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3518 idmap_sss.8.xml:43 +#: sssd.conf.5.xml:3586 +#, fuzzy +#| msgid "CONFIGURATION OPTIONS" +msgid "PROMPTING CONFIGURATION SECTION" +msgstr "OPTIONS DE CONFIGURATION" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:3588 +msgid "" +"If a special file (<filename>/var/lib/sss/pubconf/pam_preauth_available</" +"filename>) exists SSSD's PAM module pam_sss will ask SSSD to figure out " +"which authentication methods are available for the user trying to log in. " +"Based on the results pam_sss will prompt the user for appropriate " +"credentials." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:3596 +msgid "" +"With the growing number of authentication methods and the possibility that " +"there are multiple ones for a single user the heuristic used by pam_sss to " +"select the prompting might not be suitable for all use cases. To following " +"options should provide a better flexibility here." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3608 +msgid "[prompting/password]" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3611 +#, fuzzy +#| msgid "password" +msgid "password_prompt" +msgstr "password" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3612 +msgid "to change the string of the password prompt" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3610 +#, fuzzy +#| msgid "" +#| "Options valid for proxy domains. <placeholder type=\"variablelist\" id=" +#| "\"0\"/>" +msgid "" +"to configure password prompting, allowed options are: <placeholder type=" +"\"variablelist\" id=\"0\"/>" +msgstr "" +"Options valides pour les domaines proxy. <placeholder type=\"variablelist\" " +"id=\"0\"/>" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3620 +msgid "[prompting/2fa]" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3624 +msgid "first_prompt" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3625 +msgid "to change the string of the prompt for the first factor" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3628 +msgid "second_prompt" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3629 +msgid "to change the string of the prompt for the second factor" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3632 +msgid "single_prompt" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3633 +msgid "" +"boolean value, if True there will be only a single prompt using the value of " +"first_prompt where it is expected that both factor are entered as a single " +"string" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3622 +#, fuzzy +#| msgid "" +#| "Options valid for proxy domains. <placeholder type=\"variablelist\" id=" +#| "\"0\"/>" +msgid "" +"to configure two-factor authentication prompting, allowed options are: " +"<placeholder type=\"variablelist\" id=\"0\"/>" +msgstr "" +"Options valides pour les domaines proxy. <placeholder type=\"variablelist\" " +"id=\"0\"/>" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:3603 +msgid "" +"Each supported authentication method has it's own configuration sub-section " +"under <quote>[prompting/...]</quote>. Currently there are: <placeholder type=" +"\"variablelist\" id=\"0\"/> <placeholder type=\"variablelist\" id=\"1\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:3645 +msgid "" +"It is possible to add a sub-section for specific PAM services like e.g. " +"<quote>[prompting/password/sshd]</quote> to individual change the prompting " +"for this service." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sssd.conf.5.xml:3652 idmap_sss.8.xml:43 msgid "EXAMPLES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3524 +#: sssd.conf.5.xml:3658 #, no-wrap msgid "" "[sssd]\n" @@ -4712,7 +4879,7 @@ msgstr "" "enumerate = False\n" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3520 +#: sssd.conf.5.xml:3654 msgid "" "1. The following example shows a typical SSSD config. It does not describe " "configuration of the domains themselves - refer to documentation on " @@ -4721,7 +4888,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3557 +#: sssd.conf.5.xml:3691 #, no-wrap msgid "" "[domain/ipa.com/child.ad.com]\n" @@ -4729,7 +4896,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3551 +#: sssd.conf.5.xml:3685 msgid "" "2. The following example shows configuration of IPA AD trust where the AD " "forest consists of two domains in a parent-child structure. Suppose IPA " @@ -4740,7 +4907,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3571 +#: sssd.conf.5.xml:3705 #, no-wrap msgid "" "[certmap/my.domain/rule_name]\n" @@ -4754,7 +4921,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3562 +#: sssd.conf.5.xml:3696 msgid "" "3. The following example shows the configuration for two certificate mapping " "rules. The first is valid for the configured domain <quote>my.domain</quote> " @@ -4939,7 +5106,7 @@ msgstr "" "http://www.ietf.org/rfc/rfc2254.txt" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:662 sssd-ad.5.xml:286 +#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:700 sssd-ad.5.xml:286 #: sss_override.8.xml:137 sss_override.8.xml:234 msgid "Examples:" msgstr "Exemples :" @@ -5059,53 +5226,98 @@ msgstr "Par défaut : rfc2307" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:209 +#, fuzzy +#| msgid "ldap_group_modify_timestamp (string)" +msgid "ldap_pwmodify_mode (string)" +msgstr "ldap_group_modify_timestamp (chaîne)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:212 +msgid "Specify the operation that is used to modify user password." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:216 +#, fuzzy +#| msgid "Four schema types are currently supported:" +msgid "Two modes are currently supported:" +msgstr "Quatre types de schéma sont actuellement pris en charge :" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ldap.5.xml:220 +msgid "exop - Password Modify Extended Operation (RFC 3062)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ldap.5.xml:226 +msgid "ldap_modify - Direct modification of userPassword (not recommended)." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:233 +msgid "" +"Note: First, a new connection is established to verify current password by " +"binding as the user that requested password change. If successful, this " +"connection is used to change the password therefore the user must have write " +"access to userPassword attribute." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:241 +#, fuzzy +#| msgid "Default: gecos" +msgid "Default: exop" +msgstr "Par défaut : gecos" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:247 msgid "ldap_default_bind_dn (string)" msgstr "ldap_default_bind_dn (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:212 +#: sssd-ldap.5.xml:250 msgid "The default bind DN to use for performing LDAP operations." msgstr "" "Le DN de connexion par défaut à utiliser pour effectuer les opérations LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:219 +#: sssd-ldap.5.xml:257 msgid "ldap_default_authtok_type (string)" msgstr "ldap_default_authtok_type (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:222 +#: sssd-ldap.5.xml:260 msgid "The type of the authentication token of the default bind DN." msgstr "" "Le type de jeton d'authentification pour le DN de connexion par défaut." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:226 +#: sssd-ldap.5.xml:264 msgid "The two mechanisms currently supported are:" msgstr "Les deux mécanismes actuellement pris en charge sont :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:229 +#: sssd-ldap.5.xml:267 msgid "password" msgstr "password" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:232 +#: sssd-ldap.5.xml:270 msgid "obfuscated_password" msgstr "obfuscated_password" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:235 +#: sssd-ldap.5.xml:273 msgid "Default: password" msgstr "Par défaut : password" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:241 +#: sssd-ldap.5.xml:279 msgid "ldap_default_authtok (string)" msgstr "ldap_default_authtok (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:244 +#: sssd-ldap.5.xml:282 msgid "" "The authentication token of the default bind DN. Only clear text passwords " "are currently supported." @@ -5114,74 +5326,74 @@ msgstr "" "mots de passe en clair sont actuellement pris en charge." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:251 +#: sssd-ldap.5.xml:289 msgid "ldap_user_object_class (string)" msgstr "ldap_user_object_class (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:254 +#: sssd-ldap.5.xml:292 msgid "The object class of a user entry in LDAP." msgstr "La classe d'objet d'une entrée utilisateur dans LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:257 +#: sssd-ldap.5.xml:295 msgid "Default: posixAccount" msgstr "Par défaut : posixAccount" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:263 +#: sssd-ldap.5.xml:301 msgid "ldap_user_name (string)" msgstr "ldap_user_name (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:266 +#: sssd-ldap.5.xml:304 msgid "The LDAP attribute that corresponds to the user's login name." msgstr "" "L'attribut LDAP correspondant à l'identifiant de connexion de l'utilisateur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:270 +#: sssd-ldap.5.xml:308 msgid "Default: uid (rfc2307, rfc2307bis and IPA), sAMAccountName (AD)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:277 +#: sssd-ldap.5.xml:315 msgid "ldap_user_uid_number (string)" msgstr "ldap_user_uid_number (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:280 +#: sssd-ldap.5.xml:318 msgid "The LDAP attribute that corresponds to the user's id." msgstr "L'attribut LDAP correspondant à l'id de l'utilisateur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:284 +#: sssd-ldap.5.xml:322 msgid "Default: uidNumber" msgstr "par défaut : uidNumber" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:290 +#: sssd-ldap.5.xml:328 msgid "ldap_user_gid_number (string)" msgstr "ldap_user_gid_number (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:293 +#: sssd-ldap.5.xml:331 msgid "The LDAP attribute that corresponds to the user's primary group id." msgstr "" "L'attribut LDAP correspondant à l'id du groupe primaire de l'utilisateur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:297 sssd-ldap.5.xml:929 +#: sssd-ldap.5.xml:335 sssd-ldap.5.xml:967 msgid "Default: gidNumber" msgstr "Par défaut : gidNumber" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:303 +#: sssd-ldap.5.xml:341 msgid "ldap_user_primary_group (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:306 +#: sssd-ldap.5.xml:344 msgid "" "Active Directory primary group attribute for ID-mapping. Note that this " "attribute should only be set manually if you are running the <quote>ldap</" @@ -5189,70 +5401,70 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:312 +#: sssd-ldap.5.xml:350 msgid "Default: unset (LDAP), primaryGroupID (AD)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:318 +#: sssd-ldap.5.xml:356 msgid "ldap_user_gecos (string)" msgstr "ldap_user_gecos (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:321 +#: sssd-ldap.5.xml:359 msgid "The LDAP attribute that corresponds to the user's gecos field." msgstr "L'attribut LDAP correspondant au champ gecos de l'utilisateur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:325 +#: sssd-ldap.5.xml:363 msgid "Default: gecos" msgstr "Par défaut : gecos" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:331 +#: sssd-ldap.5.xml:369 msgid "ldap_user_home_directory (string)" msgstr "ldap_user_home_directory (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:334 +#: sssd-ldap.5.xml:372 msgid "The LDAP attribute that contains the name of the user's home directory." msgstr "" "L'attribut LDAP qui contient le nom du répertoire personnel de l'utilisateur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:338 +#: sssd-ldap.5.xml:376 msgid "Default: homeDirectory" msgstr "Par défaut : homeDirectory" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:344 +#: sssd-ldap.5.xml:382 msgid "ldap_user_shell (string)" msgstr "ldap_user_shell (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:347 +#: sssd-ldap.5.xml:385 msgid "The LDAP attribute that contains the path to the user's default shell." msgstr "" "L'attribut LDAP qui contient le chemin vers l'interpréteur de commandes de " "l'utilisateur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:351 +#: sssd-ldap.5.xml:389 msgid "Default: loginShell" msgstr "Par défaut : loginShell" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:357 +#: sssd-ldap.5.xml:395 msgid "ldap_user_uuid (string)" msgstr "ldap_user_uuid (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:360 +#: sssd-ldap.5.xml:398 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:364 sssd-ldap.5.xml:955 +#: sssd-ldap.5.xml:402 sssd-ldap.5.xml:993 msgid "" "Default: not set in the general case, objectGUID for AD and ipaUniqueID for " "IPA" @@ -5261,12 +5473,12 @@ msgstr "" "ipaUniqueID pour IPA" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:371 +#: sssd-ldap.5.xml:409 msgid "ldap_user_objectsid (string)" msgstr "ldap_user_objectsid (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:374 +#: sssd-ldap.5.xml:412 msgid "" "The LDAP attribute that contains the objectSID of an LDAP user object. This " "is usually only necessary for ActiveDirectory servers." @@ -5275,17 +5487,17 @@ msgstr "" "n'est habituellement nécessaire que pour les serveurs Active Directory." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:379 sssd-ldap.5.xml:970 +#: sssd-ldap.5.xml:417 sssd-ldap.5.xml:1008 msgid "Default: objectSid for ActiveDirectory, not set for other servers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:386 +#: sssd-ldap.5.xml:424 msgid "ldap_user_modify_timestamp (string)" msgstr "ldap_user_modify_timestamp (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:389 sssd-ldap.5.xml:980 sssd-ldap.5.xml:1144 +#: sssd-ldap.5.xml:427 sssd-ldap.5.xml:1018 sssd-ldap.5.xml:1182 msgid "" "The LDAP attribute that contains timestamp of the last modification of the " "parent object." @@ -5294,17 +5506,17 @@ msgstr "" "l'objet parent." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:393 sssd-ldap.5.xml:984 sssd-ldap.5.xml:1151 +#: sssd-ldap.5.xml:431 sssd-ldap.5.xml:1022 sssd-ldap.5.xml:1189 msgid "Default: modifyTimestamp" msgstr "Par défaut : modifyTimestamp" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:399 +#: sssd-ldap.5.xml:437 msgid "ldap_user_shadow_last_change (string)" msgstr "ldap_user_shadow_last_change (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:402 +#: sssd-ldap.5.xml:440 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -5317,17 +5529,17 @@ msgstr "" "citerefentry> (date de changement du dernier mot de passe)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:412 +#: sssd-ldap.5.xml:450 msgid "Default: shadowLastChange" msgstr "Par défaut : shadowLastChange" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:418 +#: sssd-ldap.5.xml:456 msgid "ldap_user_shadow_min (string)" msgstr "ldap_user_shadow_min (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:421 +#: sssd-ldap.5.xml:459 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -5340,17 +5552,17 @@ msgstr "" "citerefentry> (durée de validité minimum du mot de passe)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:430 +#: sssd-ldap.5.xml:468 msgid "Default: shadowMin" msgstr "Par défaut : shadowMin" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:436 +#: sssd-ldap.5.xml:474 msgid "ldap_user_shadow_max (string)" msgstr "ldap_user_shadow_max (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:439 +#: sssd-ldap.5.xml:477 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -5363,17 +5575,17 @@ msgstr "" "citerefentry> (âge maximum du mot de passe)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:448 +#: sssd-ldap.5.xml:486 msgid "Default: shadowMax" msgstr "Par défaut : shadowMax" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:454 +#: sssd-ldap.5.xml:492 msgid "ldap_user_shadow_warning (string)" msgstr "ldap_user_shadow_warning (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:457 +#: sssd-ldap.5.xml:495 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -5386,17 +5598,17 @@ msgstr "" "citerefentry> (période d'avertissement du mot de passe)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:467 +#: sssd-ldap.5.xml:505 msgid "Default: shadowWarning" msgstr "Par défaut : shadowWarning" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:473 +#: sssd-ldap.5.xml:511 msgid "ldap_user_shadow_inactive (string)" msgstr "ldap_user_shadow_inactive (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:476 +#: sssd-ldap.5.xml:514 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -5409,17 +5621,17 @@ msgstr "" "citerefentry> (période d'inactivité du mot de passe)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:486 +#: sssd-ldap.5.xml:524 msgid "Default: shadowInactive" msgstr "Par défaut : shadowInactive" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:492 +#: sssd-ldap.5.xml:530 msgid "ldap_user_shadow_expire (string)" msgstr "ldap_user_shadow_expire (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:495 +#: sssd-ldap.5.xml:533 msgid "" "When using ldap_pwd_policy=shadow or ldap_account_expire_policy=shadow, this " "parameter contains the name of an LDAP attribute corresponding to its " @@ -5433,17 +5645,17 @@ msgstr "" "citerefentry> (date d'expiration du compte)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:505 +#: sssd-ldap.5.xml:543 msgid "Default: shadowExpire" msgstr "Par défaut : shadowExpire" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:511 +#: sssd-ldap.5.xml:549 msgid "ldap_user_krb_last_pwd_change (string)" msgstr "ldap_user_krb_last_pwd_change (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:514 +#: sssd-ldap.5.xml:552 msgid "" "When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " "an LDAP attribute storing the date and time of last password change in " @@ -5454,17 +5666,17 @@ msgstr "" "de mot de passe dans kerberos." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:520 +#: sssd-ldap.5.xml:558 msgid "Default: krbLastPwdChange" msgstr "Par défaut : krbLastPwdChange" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:526 +#: sssd-ldap.5.xml:564 msgid "ldap_user_krb_password_expiration (string)" msgstr "ldap_user_krb_password_expiration (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:529 +#: sssd-ldap.5.xml:567 msgid "" "When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " "an LDAP attribute storing the date and time when current password expires." @@ -5474,17 +5686,17 @@ msgstr "" "passe actuel." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:535 +#: sssd-ldap.5.xml:573 msgid "Default: krbPasswordExpiration" msgstr "Par défaut : krbPasswordExpiration" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:541 +#: sssd-ldap.5.xml:579 msgid "ldap_user_ad_account_expires (string)" msgstr "ldap_user_ad_account_expires (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:544 +#: sssd-ldap.5.xml:582 msgid "" "When using ldap_account_expire_policy=ad, this parameter contains the name " "of an LDAP attribute storing the expiration time of the account." @@ -5493,17 +5705,17 @@ msgstr "" "contient le nom d'un attribut LDAP stockant la date d'expiration du compte." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:549 +#: sssd-ldap.5.xml:587 msgid "Default: accountExpires" msgstr "Par défaut : accountExpires" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:555 +#: sssd-ldap.5.xml:593 msgid "ldap_user_ad_user_account_control (string)" msgstr "ldap_user_ad_user_account_control (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:558 +#: sssd-ldap.5.xml:596 msgid "" "When using ldap_account_expire_policy=ad, this parameter contains the name " "of an LDAP attribute storing the user account control bit field." @@ -5513,17 +5725,17 @@ msgstr "" "compte utilisateur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:563 +#: sssd-ldap.5.xml:601 msgid "Default: userAccountControl" msgstr "Par défaut : userAccountControl" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:569 +#: sssd-ldap.5.xml:607 msgid "ldap_ns_account_lock (string)" msgstr "ldap_ns_account_lock (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:572 +#: sssd-ldap.5.xml:610 msgid "" "When using ldap_account_expire_policy=rhds or equivalent, this parameter " "determines if access is allowed or not." @@ -5532,17 +5744,17 @@ msgstr "" "paramètre détermine si l'accès est autorisé ou non." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:577 +#: sssd-ldap.5.xml:615 msgid "Default: nsAccountLock" msgstr "Par défaut : nsAccountLock" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:583 +#: sssd-ldap.5.xml:621 msgid "ldap_user_nds_login_disabled (string)" msgstr "ldap_user_nds_login_disabled (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:586 +#: sssd-ldap.5.xml:624 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines if " "access is allowed or not." @@ -5551,17 +5763,17 @@ msgstr "" "détermine si l'accès est autorisé ou non." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:590 sssd-ldap.5.xml:604 +#: sssd-ldap.5.xml:628 sssd-ldap.5.xml:642 msgid "Default: loginDisabled" msgstr "Par défaut : loginDisabled" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:596 +#: sssd-ldap.5.xml:634 msgid "ldap_user_nds_login_expiration_time (string)" msgstr "ldap_user_nds_login_expiration_time (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:599 +#: sssd-ldap.5.xml:637 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines until " "which date access is granted." @@ -5570,12 +5782,12 @@ msgstr "" "détermine jusqu'à quand l'accès est autorisé." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:610 +#: sssd-ldap.5.xml:648 msgid "ldap_user_nds_login_allowed_time_map (string)" msgstr "ldap_user_nds_login_allowed_time_map (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:613 +#: sssd-ldap.5.xml:651 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines the " "hours of a day in a week when access is granted." @@ -5585,17 +5797,17 @@ msgstr "" "est autorisé." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:618 +#: sssd-ldap.5.xml:656 msgid "Default: loginAllowedTimeMap" msgstr "Par défaut : loginAllowedTimeMap" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:624 +#: sssd-ldap.5.xml:662 msgid "ldap_user_principal (string)" msgstr "ldap_user_principal (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:627 +#: sssd-ldap.5.xml:665 msgid "" "The LDAP attribute that contains the user's Kerberos User Principal Name " "(UPN)." @@ -5604,17 +5816,17 @@ msgstr "" "de l'utilisateur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:631 +#: sssd-ldap.5.xml:669 msgid "Default: krbPrincipalName" msgstr "Par défaut : krbPrincipalName" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:637 +#: sssd-ldap.5.xml:675 msgid "ldap_user_extra_attrs (string)" msgstr "ldap_user_extra_attrs (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:640 +#: sssd-ldap.5.xml:678 msgid "" "Comma-separated list of LDAP attributes that SSSD would fetch along with the " "usual set of user attributes." @@ -5623,7 +5835,7 @@ msgstr "" "plus des attributs utilisateur habituels." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:645 +#: sssd-ldap.5.xml:683 msgid "" "The list can either contain LDAP attribute names only, or colon-separated " "tuples of SSSD cache attribute name and LDAP attribute name. In case only " @@ -5639,7 +5851,7 @@ msgstr "" "SSSD utilisant des schémas LDAP différents." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:655 +#: sssd-ldap.5.xml:693 msgid "" "Please note that several attribute names are reserved by SSSD, notably the " "<quote>name</quote> attribute. SSSD would report an error if any of the " @@ -5650,12 +5862,12 @@ msgstr "" "d'attributs réservés est utilisé par un nom d'attribut supplémentaire." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:665 +#: sssd-ldap.5.xml:703 msgid "ldap_user_extra_attrs = telephoneNumber" msgstr "ldap_user_extra_attrs = telephoneNumber" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:668 +#: sssd-ldap.5.xml:706 msgid "" "Save the <quote>telephoneNumber</quote> attribute from LDAP as " "<quote>telephoneNumber</quote> to the cache." @@ -5664,12 +5876,12 @@ msgstr "" "<quote>telephoneNumber</quote> dans le cache." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:672 +#: sssd-ldap.5.xml:710 msgid "ldap_user_extra_attrs = phone:telephoneNumber" msgstr "ldap_user_extra_attrs = phone:telephoneNumber" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:675 +#: sssd-ldap.5.xml:713 msgid "" "Save the <quote>telephoneNumber</quote> attribute from LDAP as <quote>phone</" "quote> to the cache." @@ -5678,27 +5890,27 @@ msgstr "" "<quote>phone</quote> dans le cache." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:685 +#: sssd-ldap.5.xml:723 msgid "ldap_user_ssh_public_key (string)" msgstr "ldap_user_ssh_public_key (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:688 +#: sssd-ldap.5.xml:726 msgid "The LDAP attribute that contains the user's SSH public keys." msgstr "L'attribut LDAP qui contient les clés publiques SSH de l'utilisateur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:692 sssd-ldap.5.xml:1247 +#: sssd-ldap.5.xml:730 sssd-ldap.5.xml:1285 msgid "Default: sshPublicKey" msgstr "Par défaut : sshPublicKey" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:698 +#: sssd-ldap.5.xml:736 msgid "ldap_force_upper_case_realm (boolean)" msgstr "ldap_force_upper_case_realm (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:701 +#: sssd-ldap.5.xml:739 msgid "" "Some directory servers, for example Active Directory, might deliver the " "realm part of the UPN in lower case, which might cause the authentication to " @@ -5711,12 +5923,12 @@ msgstr "" "utiliser un nom de domaine en majuscules." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:714 +#: sssd-ldap.5.xml:752 msgid "ldap_enumeration_refresh_timeout (integer)" msgstr "ldap_enumeration_refresh_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:717 +#: sssd-ldap.5.xml:755 msgid "" "Specifies how many seconds SSSD has to wait before refreshing its cache of " "enumerated records." @@ -5725,12 +5937,12 @@ msgstr "" "d'actualiser son cache d\"énumération d'enregistrements." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:728 +#: sssd-ldap.5.xml:766 msgid "ldap_purge_cache_timeout (integer)" msgstr "ldap_purge_cache_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:731 +#: sssd-ldap.5.xml:769 msgid "" "Determine how often to check the cache for inactive entries (such as groups " "with no members and users who have never logged in) and remove them to save " @@ -5741,7 +5953,7 @@ msgstr "" "jamais connectés) et de suppression pour économiser de l'espace." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:737 +#: sssd-ldap.5.xml:775 msgid "" "Setting this option to zero will disable the cache cleanup operation. Please " "note that if enumeration is enabled, the cleanup task is required in order " @@ -5750,44 +5962,44 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:752 +#: sssd-ldap.5.xml:790 msgid "ldap_user_fullname (string)" msgstr "ldap_user_fullname (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:755 +#: sssd-ldap.5.xml:793 msgid "The LDAP attribute that corresponds to the user's full name." msgstr "L'attribut LDAP correspondant au nom complet de l'utilisateur." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:759 sssd-ldap.5.xml:1102 sssd-ldap.5.xml:1176 -#: sssd-ldap.5.xml:1285 sssd-ldap.5.xml:2346 sssd-ipa.5.xml:622 +#: sssd-ldap.5.xml:797 sssd-ldap.5.xml:1140 sssd-ldap.5.xml:1214 +#: sssd-ldap.5.xml:1323 sssd-ldap.5.xml:2404 sssd-ipa.5.xml:622 msgid "Default: cn" msgstr "Par défaut : cn" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:765 +#: sssd-ldap.5.xml:803 msgid "ldap_user_member_of (string)" msgstr "ldap_user_member_of (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:768 +#: sssd-ldap.5.xml:806 msgid "The LDAP attribute that lists the user's group memberships." msgstr "" "L'attribut LDAP énumérant les groupes auquel appartient un utilisateur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:772 sssd-ldap.5.xml:1215 +#: sssd-ldap.5.xml:810 sssd-ldap.5.xml:1253 msgid "Default: memberOf" msgstr "Par défaut : memberOf" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:778 +#: sssd-ldap.5.xml:816 msgid "ldap_user_authorized_service (string)" msgstr "ldap_user_authorized_service (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:781 +#: sssd-ldap.5.xml:819 msgid "" "If access_provider=ldap and ldap_access_order=authorized_service, SSSD will " "use the presence of the authorizedService attribute in the user's LDAP entry " @@ -5798,7 +6010,7 @@ msgstr "" "l'utilisateur pour déterminer les autorisations d'accès." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:788 +#: sssd-ldap.5.xml:826 msgid "" "An explicit deny (!svc) is resolved first. Second, SSSD searches for " "explicit allow (svc) and finally for allow_all (*)." @@ -5807,7 +6019,7 @@ msgstr "" "autorisation explicite (svc) et enfin allow_all (*)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:793 +#: sssd-ldap.5.xml:831 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>authorized_service</quote> in order for the " @@ -5818,17 +6030,17 @@ msgstr "" "l'option ldap_user_authorized_service de fonctionner." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:800 +#: sssd-ldap.5.xml:838 msgid "Default: authorizedService" msgstr "Par défaut : authorizedService" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:806 +#: sssd-ldap.5.xml:844 msgid "ldap_user_authorized_host (string)" msgstr "ldap_user_authorized_host (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:809 +#: sssd-ldap.5.xml:847 msgid "" "If access_provider=ldap and ldap_access_order=host, SSSD will use the " "presence of the host attribute in the user's LDAP entry to determine access " @@ -5839,7 +6051,7 @@ msgstr "" "déterminer les autorisations d'accès." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:815 +#: sssd-ldap.5.xml:853 msgid "" "An explicit deny (!host) is resolved first. Second, SSSD searches for " "explicit allow (host) and finally for allow_all (*)." @@ -5848,7 +6060,7 @@ msgstr "" "autorisations explicites (host) et enfin toutes les autorisations (*)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:820 +#: sssd-ldap.5.xml:858 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>host</quote> in order for the " @@ -5859,17 +6071,17 @@ msgstr "" "ldap_user_authorized_host de fonctionner." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:827 +#: sssd-ldap.5.xml:865 msgid "Default: host" msgstr "Par défaut : host" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:833 +#: sssd-ldap.5.xml:871 msgid "ldap_user_authorized_rhost (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:836 +#: sssd-ldap.5.xml:874 msgid "" "If access_provider=ldap and ldap_access_order=rhost, SSSD will use the " "presence of the rhost attribute in the user's LDAP entry to determine access " @@ -5877,14 +6089,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:843 +#: sssd-ldap.5.xml:881 msgid "" "An explicit deny (!rhost) is resolved first. Second, SSSD searches for " "explicit allow (rhost) and finally for allow_all (*)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:848 +#: sssd-ldap.5.xml:886 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>rhost</quote> in order for the " @@ -5892,37 +6104,37 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:855 +#: sssd-ldap.5.xml:893 msgid "Default: rhost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:861 +#: sssd-ldap.5.xml:899 msgid "ldap_user_certificate (string)" msgstr "ldap_user_certificate (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:864 +#: sssd-ldap.5.xml:902 msgid "Name of the LDAP attribute containing the X509 certificate of the user." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:868 +#: sssd-ldap.5.xml:906 msgid "Default: userCertificate;binary" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:874 +#: sssd-ldap.5.xml:912 msgid "ldap_user_email (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:877 +#: sssd-ldap.5.xml:915 msgid "Name of the LDAP attribute containing the email address of the user." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:881 +#: sssd-ldap.5.xml:919 msgid "" "Note: If an email address of a user conflicts with an email address or fully " "qualified name of another user, then SSSD will not be able to serve those " @@ -5932,82 +6144,82 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:890 +#: sssd-ldap.5.xml:928 msgid "Default: mail" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:896 +#: sssd-ldap.5.xml:934 msgid "ldap_group_object_class (string)" msgstr "ldap_group_object_class (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:899 +#: sssd-ldap.5.xml:937 msgid "The object class of a group entry in LDAP." msgstr "La classe d'objet d'une entrée de groupe dans LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:902 +#: sssd-ldap.5.xml:940 msgid "Default: posixGroup" msgstr "Par défaut : posixGroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:908 +#: sssd-ldap.5.xml:946 msgid "ldap_group_name (string)" msgstr "ldap_group_name (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:911 +#: sssd-ldap.5.xml:949 msgid "The LDAP attribute that corresponds to the group name." msgstr "L'attribut LDAP correspondant au nom du groupe." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:915 +#: sssd-ldap.5.xml:953 msgid "Default: cn (rfc2307, rfc2307bis and IPA), sAMAccountName (AD)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:922 +#: sssd-ldap.5.xml:960 msgid "ldap_group_gid_number (string)" msgstr "ldap_group_gid_number (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:925 +#: sssd-ldap.5.xml:963 msgid "The LDAP attribute that corresponds to the group's id." msgstr "L'attribut LDAP correspondant à l'identifiant de groupe." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:935 +#: sssd-ldap.5.xml:973 msgid "ldap_group_member (string)" msgstr "ldap_group_member (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:938 +#: sssd-ldap.5.xml:976 msgid "The LDAP attribute that contains the names of the group's members." msgstr "L'attribut LDAP contenant les noms des membres du groupe." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:942 +#: sssd-ldap.5.xml:980 msgid "Default: memberuid (rfc2307) / member (rfc2307bis)" msgstr "Par défaut : memberuid (rfc2307) / member (rfc2307bis)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:948 +#: sssd-ldap.5.xml:986 msgid "ldap_group_uuid (string)" msgstr "ldap_group_uuid (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:951 +#: sssd-ldap.5.xml:989 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:962 +#: sssd-ldap.5.xml:1000 msgid "ldap_group_objectsid (string)" msgstr "ldap_group_objectsid (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:965 +#: sssd-ldap.5.xml:1003 msgid "" "The LDAP attribute that contains the objectSID of an LDAP group object. This " "is usually only necessary for ActiveDirectory servers." @@ -6016,17 +6228,17 @@ msgstr "" "n'est habituellement nécessaire que pour les serveurs Active Directory." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:977 +#: sssd-ldap.5.xml:1015 msgid "ldap_group_modify_timestamp (string)" msgstr "ldap_group_modify_timestamp (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:990 +#: sssd-ldap.5.xml:1028 msgid "ldap_group_type (integer)" msgstr "ldap_group_type (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:993 +#: sssd-ldap.5.xml:1031 msgid "" "The LDAP attribute that contains an integer value indicating the type of the " "group and maybe other flags." @@ -6035,7 +6247,7 @@ msgstr "" "voire d'autres indicateurs." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:998 +#: sssd-ldap.5.xml:1036 msgid "" "This attribute is currently only used by the AD provider to determine if a " "group is a domain local groups and has to be filtered out for trusted " @@ -6046,34 +6258,34 @@ msgstr "" "hors des domaines approuvés." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1004 +#: sssd-ldap.5.xml:1042 msgid "Default: groupType in the AD provider, otherwise not set" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1011 +#: sssd-ldap.5.xml:1049 msgid "ldap_group_external_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1014 +#: sssd-ldap.5.xml:1052 msgid "" "The LDAP attribute that references group members that are defined in an " "external domain. At the moment, only IPA's external members are supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1020 +#: sssd-ldap.5.xml:1058 msgid "Default: ipaExternalMember in the IPA provider, otherwise unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1027 +#: sssd-ldap.5.xml:1065 msgid "ldap_group_nesting_level (integer)" msgstr "ldap_group_nesting_level (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1030 +#: sssd-ldap.5.xml:1068 msgid "" "If ldap_schema is set to a schema format that supports nested groups (e.g. " "RFC2307bis), then this option controls how many levels of nesting SSSD will " @@ -6085,7 +6297,7 @@ msgstr "" "schéma RFC2307." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1037 +#: sssd-ldap.5.xml:1075 msgid "" "Note: This option specifies the guaranteed level of nested groups to be " "processed for any lookup. However, nested groups beyond this limit " @@ -6095,7 +6307,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1046 +#: sssd-ldap.5.xml:1084 msgid "" "If ldap_group_nesting_level is set to 0 then no nested groups are processed " "at all. However, when connected to Active-Directory Server 2008 and later " @@ -6105,12 +6317,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1055 +#: sssd-ldap.5.xml:1093 msgid "Default: 2" msgstr "Par défaut : 2" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1064 +#: sssd-ldap.5.xml:1102 msgid "" "This options enables or disables use of Token-Groups attribute when " "performing initgroup for users from Active Directory Server 2008 and later." @@ -6120,76 +6332,76 @@ msgstr "" "2008 et versions ultérieures." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1069 +#: sssd-ldap.5.xml:1107 msgid "Default: True for AD and IPA otherwise False." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1075 +#: sssd-ldap.5.xml:1113 msgid "ldap_netgroup_object_class (string)" msgstr "ldap_netgroup_object_class (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1078 +#: sssd-ldap.5.xml:1116 msgid "The object class of a netgroup entry in LDAP." msgstr "La classe d'objet d'une entrée de netgroup dans LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1081 +#: sssd-ldap.5.xml:1119 msgid "In IPA provider, ipa_netgroup_object_class should be used instead." msgstr "" "Pour un fournisseur IPA, ipa_netgroup_object_class doit être utilisé à la " "place." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1085 +#: sssd-ldap.5.xml:1123 msgid "Default: nisNetgroup" msgstr "Par défaut : nisNetgroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1091 +#: sssd-ldap.5.xml:1129 msgid "ldap_netgroup_name (string)" msgstr "ldap_netgroup_name (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1094 +#: sssd-ldap.5.xml:1132 msgid "The LDAP attribute that corresponds to the netgroup name." msgstr "L'attribut LDAP correspondant au nom du netgroup." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1098 +#: sssd-ldap.5.xml:1136 msgid "In IPA provider, ipa_netgroup_name should be used instead." msgstr "" "Dans le fournisseur IPA, ipa_netgroup_name doit être utilisé à la place." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1108 +#: sssd-ldap.5.xml:1146 msgid "ldap_netgroup_member (string)" msgstr "ldap_netgroup_member (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1111 +#: sssd-ldap.5.xml:1149 msgid "The LDAP attribute that contains the names of the netgroup's members." msgstr "L'attribut LDAP contenant les noms des membres du netgroup." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1115 +#: sssd-ldap.5.xml:1153 msgid "In IPA provider, ipa_netgroup_member should be used instead." msgstr "" "Dans le fournisseur IPA, ipa_netgroup_member doit être utilisé à la place." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1119 +#: sssd-ldap.5.xml:1157 msgid "Default: memberNisNetgroup" msgstr "Par défaut : memberNisNetgroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1125 +#: sssd-ldap.5.xml:1163 msgid "ldap_netgroup_triple (string)" msgstr "ldap_netgroup_triple (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1128 +#: sssd-ldap.5.xml:1166 msgid "" "The LDAP attribute that contains the (host, user, domain) netgroup triples." msgstr "" @@ -6197,96 +6409,96 @@ msgstr "" "netgroup." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1132 sssd-ldap.5.xml:1148 +#: sssd-ldap.5.xml:1170 sssd-ldap.5.xml:1186 msgid "This option is not available in IPA provider." msgstr "Cette option n'est pas disponible dans le fournisseur IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1135 +#: sssd-ldap.5.xml:1173 msgid "Default: nisNetgroupTriple" msgstr "Par défaut : nisNetgroupTriple" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1141 +#: sssd-ldap.5.xml:1179 msgid "ldap_netgroup_modify_timestamp (string)" msgstr "ldap_netgroup_modify_timestamp (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1157 +#: sssd-ldap.5.xml:1195 msgid "ldap_host_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1160 +#: sssd-ldap.5.xml:1198 msgid "The object class of a host entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1163 sssd-ldap.5.xml:1272 +#: sssd-ldap.5.xml:1201 sssd-ldap.5.xml:1310 msgid "Default: ipService" msgstr "Par défaut : ipService" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1169 +#: sssd-ldap.5.xml:1207 msgid "ldap_host_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1172 sssd-ldap.5.xml:1198 +#: sssd-ldap.5.xml:1210 sssd-ldap.5.xml:1236 msgid "The LDAP attribute that corresponds to the host's name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1182 +#: sssd-ldap.5.xml:1220 msgid "ldap_host_fqdn (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1185 +#: sssd-ldap.5.xml:1223 msgid "" "The LDAP attribute that corresponds to the host's fully-qualified domain " "name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1189 +#: sssd-ldap.5.xml:1227 msgid "Default: fqdn" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1195 +#: sssd-ldap.5.xml:1233 msgid "ldap_host_serverhostname (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1202 +#: sssd-ldap.5.xml:1240 msgid "Default: serverHostname" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1208 +#: sssd-ldap.5.xml:1246 msgid "ldap_host_member_of (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1211 +#: sssd-ldap.5.xml:1249 msgid "The LDAP attribute that lists the host's group memberships." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1221 +#: sssd-ldap.5.xml:1259 msgid "ldap_host_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1224 +#: sssd-ldap.5.xml:1262 msgid "Optional. Use the given string as search base for host objects." msgstr "" "Facultatif. Utiliser la chaîne donnée comme base de recherche pour héberger " "des objets." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1228 sssd-ipa.5.xml:374 sssd-ipa.5.xml:393 +#: sssd-ldap.5.xml:1266 sssd-ipa.5.xml:374 sssd-ipa.5.xml:393 #: sssd-ipa.5.xml:412 sssd-ipa.5.xml:431 msgid "" "See <quote>ldap_search_base</quote> for information about configuring " @@ -6296,47 +6508,47 @@ msgstr "" "configuration des bases de recherche multiples." #. type: Content of: <listitem><para> -#: sssd-ldap.5.xml:1233 sssd-ipa.5.xml:379 include/ldap_search_bases.xml:27 +#: sssd-ldap.5.xml:1271 sssd-ipa.5.xml:379 include/ldap_search_bases.xml:27 msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" msgstr "Par défaut : la valeur de <emphasis>ldap_search_base</emphasis>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1240 +#: sssd-ldap.5.xml:1278 msgid "ldap_host_ssh_public_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1243 +#: sssd-ldap.5.xml:1281 msgid "The LDAP attribute that contains the host's SSH public keys." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1253 +#: sssd-ldap.5.xml:1291 msgid "ldap_host_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1256 +#: sssd-ldap.5.xml:1294 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP host object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1266 +#: sssd-ldap.5.xml:1304 msgid "ldap_service_object_class (string)" msgstr "ldap_service_object_class (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1269 +#: sssd-ldap.5.xml:1307 msgid "The object class of a service entry in LDAP." msgstr "La classe d'objet d'une entrée de service LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1278 +#: sssd-ldap.5.xml:1316 msgid "ldap_service_name (string)" msgstr "ldap_service_name (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1281 +#: sssd-ldap.5.xml:1319 msgid "" "The LDAP attribute that contains the name of service attributes and their " "aliases." @@ -6345,48 +6557,48 @@ msgstr "" "alias." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1291 +#: sssd-ldap.5.xml:1329 msgid "ldap_service_port (string)" msgstr "ldap_service_port (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1294 +#: sssd-ldap.5.xml:1332 msgid "The LDAP attribute that contains the port managed by this service." msgstr "L'attribut LDAP qui contient le port géré par ce service." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1298 +#: sssd-ldap.5.xml:1336 msgid "Default: ipServicePort" msgstr "Par défaut : ipServicePort" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1304 +#: sssd-ldap.5.xml:1342 msgid "ldap_service_proto (string)" msgstr "ldap_service_proto (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1307 +#: sssd-ldap.5.xml:1345 msgid "" "The LDAP attribute that contains the protocols understood by this service." msgstr "L'attribut LDAP qui contient les protocoles compris par ce service." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1311 +#: sssd-ldap.5.xml:1349 msgid "Default: ipServiceProtocol" msgstr "Par défaut : ipServiceProtocol" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1317 +#: sssd-ldap.5.xml:1355 msgid "ldap_service_search_base (string)" msgstr "ldap_service_search_base (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1322 +#: sssd-ldap.5.xml:1360 msgid "ldap_search_timeout (integer)" msgstr "ldap_search_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1325 +#: sssd-ldap.5.xml:1363 msgid "" "Specifies the timeout (in seconds) that ldap searches are allowed to run " "before they are cancelled and cached results are returned (and offline mode " @@ -6397,7 +6609,7 @@ msgstr "" "activation du mode hors ligne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1331 +#: sssd-ldap.5.xml:1369 msgid "" "Note: this option is subject to change in future versions of the SSSD. It " "will likely be replaced at some point by a series of timeouts for specific " @@ -6408,12 +6620,12 @@ msgstr "" "différents types de recherches." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1343 +#: sssd-ldap.5.xml:1381 msgid "ldap_enumeration_search_timeout (integer)" msgstr "ldap_enumeration_search_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1346 +#: sssd-ldap.5.xml:1384 msgid "" "Specifies the timeout (in seconds) that ldap searches for user and group " "enumerations are allowed to run before they are cancelled and cached results " @@ -6424,12 +6636,12 @@ msgstr "" "résultats mis en cache (et activation du mode hors ligne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1359 +#: sssd-ldap.5.xml:1397 msgid "ldap_network_timeout (integer)" msgstr "ldap_network_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1362 +#: sssd-ldap.5.xml:1400 msgid "" "Specifies the timeout (in seconds) after which the <citerefentry> " "<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" @@ -6446,12 +6658,12 @@ msgstr "" "citerefentry> rendent la main en cas d'inactivité." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1385 +#: sssd-ldap.5.xml:1423 msgid "ldap_opt_timeout (integer)" msgstr "ldap_opt_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1388 +#: sssd-ldap.5.xml:1426 msgid "" "Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " "will abort if no response is received. Also controls the timeout when " @@ -6460,12 +6672,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1403 +#: sssd-ldap.5.xml:1441 msgid "ldap_connection_expire_timeout (integer)" msgstr "ldap_connection_expire_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1406 +#: sssd-ldap.5.xml:1444 msgid "" "Specifies a timeout (in seconds) that a connection to an LDAP server will be " "maintained. After this time, the connection will be re-established. If used " @@ -6478,17 +6690,17 @@ msgstr "" "courte des deux valeurs entre celle-ci et la durée de vie TGT sera utilisée." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1414 sssd-ldap.5.xml:2503 +#: sssd-ldap.5.xml:1452 sssd-ldap.5.xml:2572 msgid "Default: 900 (15 minutes)" msgstr "Par défaut : 900 (15 minutes)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1420 +#: sssd-ldap.5.xml:1458 msgid "ldap_page_size (integer)" msgstr "ldap_page_size (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1423 +#: sssd-ldap.5.xml:1461 msgid "" "Specify the number of records to retrieve from LDAP in a single request. " "Some LDAP servers enforce a maximum limit per-request." @@ -6497,17 +6709,17 @@ msgstr "" "Certains serveurs LDAP imposent une limite maximale par requête." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1428 +#: sssd-ldap.5.xml:1466 msgid "Default: 1000" msgstr "Par défaut : 1000" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1434 +#: sssd-ldap.5.xml:1472 msgid "ldap_disable_paging (boolean)" msgstr "ldap_disable_paging (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1437 +#: sssd-ldap.5.xml:1475 msgid "" "Disable the LDAP paging control. This option should be used if the LDAP " "server reports that it supports the LDAP paging control in its RootDSE but " @@ -6519,7 +6731,7 @@ msgstr "" "correctement." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1443 +#: sssd-ldap.5.xml:1481 msgid "" "Example: OpenLDAP servers with the paging control module installed on the " "server but not enabled will report it in the RootDSE but be unable to use it." @@ -6529,7 +6741,7 @@ msgstr "" "sera impossible de l'utiliser." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1449 +#: sssd-ldap.5.xml:1487 msgid "" "Example: 389 DS has a bug where it can only support a one paging control at " "a time on a single connection. On busy clients, this can result in some " @@ -6540,17 +6752,17 @@ msgstr "" "cela peut entraîner l'échec de certaines demandes." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1461 +#: sssd-ldap.5.xml:1499 msgid "ldap_disable_range_retrieval (boolean)" msgstr "ldap_disable_range_retrieval (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1464 +#: sssd-ldap.5.xml:1502 msgid "Disable Active Directory range retrieval." msgstr "Désactiver la récupération de plage Active Directory." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1467 +#: sssd-ldap.5.xml:1505 msgid "" "Active Directory limits the number of members to be retrieved in a single " "lookup using the MaxValRange policy (which defaults to 1500 members). If a " @@ -6566,12 +6778,12 @@ msgstr "" "apparaissant ainsi sans aucun membre." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1482 +#: sssd-ldap.5.xml:1520 msgid "ldap_sasl_minssf (integer)" msgstr "ldap_sasl_minssf (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1485 +#: sssd-ldap.5.xml:1523 msgid "" "When communicating with an LDAP server using SASL, specify the minimum " "security level necessary to establish the connection. The values of this " @@ -6582,19 +6794,19 @@ msgstr "" "de cette option sont définies par OpenLDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1491 +#: sssd-ldap.5.xml:1529 msgid "Default: Use the system default (usually specified by ldap.conf)" msgstr "" "Par défaut : Utiliser la valeur par défaut du système (généralement spécifié " "par ldap.conf)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1498 +#: sssd-ldap.5.xml:1536 msgid "ldap_deref_threshold (integer)" msgstr "ldap_deref_threshold (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1501 +#: sssd-ldap.5.xml:1539 msgid "" "Specify the number of group members that must be missing from the internal " "cache in order to trigger a dereference lookup. If less members are missing, " @@ -6605,15 +6817,18 @@ msgstr "" "membres manquants est inférieur, ils sont recherchés individuellement." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1507 +#: sssd-ldap.5.xml:1545 msgid "" -"You can turn off dereference lookups completely by setting the value to 0." +"You can turn off dereference lookups completely by setting the value to 0. " +"Please note that there are some codepaths in SSSD, like the IPA HBAC " +"provider, that are only implemented using the dereference call, so even with " +"dereference explicitly disabled, those parts will still use dereference if " +"the server supports it and advertises the dereference control in the rootDSE " +"object." msgstr "" -"Vous pouvez désactiver complètement les recherches de déréférencement en " -"affectant la valeur 0." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1511 +#: sssd-ldap.5.xml:1556 msgid "" "A dereference lookup is a means of fetching all group members in a single " "LDAP call. Different LDAP servers may implement different dereference " @@ -6626,7 +6841,7 @@ msgstr "" "acceptés sont 389/RHDS, OpenLDAP et Active Directory." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1519 +#: sssd-ldap.5.xml:1564 msgid "" "<emphasis>Note:</emphasis> If any of the search bases specifies a search " "filter, then the dereference lookup performance enhancement will be disabled " @@ -6637,12 +6852,12 @@ msgstr "" "déréférencement est désactivée indépendamment de ce paramètre." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1532 +#: sssd-ldap.5.xml:1577 msgid "ldap_tls_reqcert (string)" msgstr "ldap_tls_reqcert (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1535 +#: sssd-ldap.5.xml:1580 msgid "" "Specifies what checks to perform on server certificates in a TLS session, if " "any. It can be specified as one of the following values:" @@ -6651,7 +6866,7 @@ msgstr "" "session TLS, si elle existe. Une des valeurs suivantes est utilisable :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1541 +#: sssd-ldap.5.xml:1586 msgid "" "<emphasis>never</emphasis> = The client will not request or check any server " "certificate." @@ -6660,7 +6875,7 @@ msgstr "" "quelconque certificat du serveur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1545 +#: sssd-ldap.5.xml:1590 msgid "" "<emphasis>allow</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -6671,7 +6886,7 @@ msgstr "" "certificat est fourni, il est ignoré et la session continue normalement." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1552 +#: sssd-ldap.5.xml:1597 msgid "" "<emphasis>try</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -6682,7 +6897,7 @@ msgstr "" "certificat est fourni, la session se termine immédiatement." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1558 +#: sssd-ldap.5.xml:1603 msgid "" "<emphasis>demand</emphasis> = The server certificate is requested. If no " "certificate is provided, or a bad certificate is provided, the session is " @@ -6693,22 +6908,22 @@ msgstr "" "immédiatement." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1564 +#: sssd-ldap.5.xml:1609 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" msgstr "<emphasis>hard</emphasis> : identique à <quote>demand</quote>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1568 +#: sssd-ldap.5.xml:1613 msgid "Default: hard" msgstr "Par défaut : hard" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1574 +#: sssd-ldap.5.xml:1619 msgid "ldap_tls_cacert (string)" msgstr "ldap_tls_cacert (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1577 +#: sssd-ldap.5.xml:1622 msgid "" "Specifies the file that contains certificates for all of the Certificate " "Authorities that <command>sssd</command> will recognize." @@ -6717,7 +6932,7 @@ msgstr "" "certification que <command>sssd</command> reconnaîtra." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1582 sssd-ldap.5.xml:1600 sssd-ldap.5.xml:1641 +#: sssd-ldap.5.xml:1627 sssd-ldap.5.xml:1645 sssd-ldap.5.xml:1686 msgid "" "Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." "conf</filename>" @@ -6726,12 +6941,12 @@ msgstr "" "<filename>/etc/openldap/ldap.conf</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1589 +#: sssd-ldap.5.xml:1634 msgid "ldap_tls_cacertdir (string)" msgstr "ldap_tls_cacertdir (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1592 +#: sssd-ldap.5.xml:1637 msgid "" "Specifies the path of a directory that contains Certificate Authority " "certificates in separate individual files. Typically the file names need to " @@ -6745,32 +6960,32 @@ msgstr "" "corrects." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1607 +#: sssd-ldap.5.xml:1652 msgid "ldap_tls_cert (string)" msgstr "ldap_tls_cert (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1610 +#: sssd-ldap.5.xml:1655 msgid "Specifies the file that contains the certificate for the client's key." msgstr "Définit le fichier qui contient le certificat pour la clef du client." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1620 +#: sssd-ldap.5.xml:1665 msgid "ldap_tls_key (string)" msgstr "ldap_tls_key (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1623 +#: sssd-ldap.5.xml:1668 msgid "Specifies the file that contains the client's key." msgstr "Définit le fichier qui contient la clef du client." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1632 +#: sssd-ldap.5.xml:1677 msgid "ldap_tls_cipher_suite (string)" msgstr "ldap_tls_cipher_suite (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1635 +#: sssd-ldap.5.xml:1680 msgid "" "Specifies acceptable cipher suites. Typically this is a colon separated " "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " @@ -6778,12 +6993,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1648 +#: sssd-ldap.5.xml:1693 msgid "ldap_id_use_start_tls (boolean)" msgstr "ldap_id_use_start_tls (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1651 +#: sssd-ldap.5.xml:1696 msgid "" "Specifies that the id_provider connection must also use <systemitem class=" "\"protocol\">tls</systemitem> to protect the channel." @@ -6793,12 +7008,12 @@ msgstr "" "canal." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1661 +#: sssd-ldap.5.xml:1706 msgid "ldap_id_mapping (boolean)" msgstr "ldap_id_mapping (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1664 +#: sssd-ldap.5.xml:1709 msgid "" "Specifies that SSSD should attempt to map user and group IDs from the " "ldap_user_objectsid and ldap_group_objectsid attributes instead of relying " @@ -6810,19 +7025,19 @@ msgstr "" "ldap_group_gid_number." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1670 +#: sssd-ldap.5.xml:1715 msgid "Currently this feature supports only ActiveDirectory objectSID mapping." msgstr "" "Cette fonctionnalité ne prend actuellement en charge que la correspondance " "par objectSID avec Active Directory." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1680 +#: sssd-ldap.5.xml:1725 msgid "ldap_min_id, ldap_max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1683 +#: sssd-ldap.5.xml:1728 msgid "" "In contrast to the SID based ID mapping which is used if ldap_id_mapping is " "set to true the allowed ID range for ldap_user_uid_number and " @@ -6842,31 +7057,46 @@ msgstr "" "identifiants." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1695 +#: sssd-ldap.5.xml:1740 msgid "Default: not set (both options are set to 0)" msgstr "Par défaut : non indiqué (les deux options sont à 0)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1701 +#: sssd-ldap.5.xml:1746 msgid "ldap_sasl_mech (string)" msgstr "ldap_sasl_mech (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1704 +#: sssd-ldap.5.xml:1749 +#, fuzzy +#| msgid "" +#| "Specify the SASL mechanism to use. Currently only GSSAPI is tested and " +#| "supported." msgid "" -"Specify the SASL mechanism to use. Currently only GSSAPI is tested and " -"supported." +"Specify the SASL mechanism to use. Currently only GSSAPI and GSS-SPNEGO are " +"tested and supported." msgstr "" "Définit le mécanisme SASL à utiliser. Actuellement, seul GSSAPI est testé et " "pris en charge." +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1753 +msgid "" +"If the backend supports sub-domains the value of ldap_sasl_mech is " +"automatically inherited to the sub-domains. If a different value is needed " +"for a sub-domain it can be overwritten by setting ldap_sasl_mech for this " +"sub-domain explicitly. Please see TRUSTED DOMAIN SECTION in " +"<citerefentry><refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" +"manvolnum></citerefentry> for details." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1714 +#: sssd-ldap.5.xml:1769 msgid "ldap_sasl_authid (string)" msgstr "ldap_sasl_authid (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ldap.5.xml:1725 +#: sssd-ldap.5.xml:1781 #, no-wrap msgid "" "hostname@REALM\n" @@ -6879,41 +7109,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1717 -#, fuzzy -#| msgid "" -#| "Specify the SASL authorization id to use. When GSSAPI is used, this " -#| "represents the Kerberos principal used for authentication to the " -#| "directory. This option can either contain the full principal (for " -#| "example host/myhost@EXAMPLE.COM) or just the principal name (for example " -#| "host/myhost)." -msgid "" -"Specify the SASL authorization id to use. When GSSAPI is used, this " -"represents the Kerberos principal used for authentication to the directory. " -"This option can either contain the full principal (for example host/" -"myhost@EXAMPLE.COM) or just the principal name (for example host/myhost). By " -"default, the value is not set and the following principals are used: " -"<placeholder type=\"programlisting\" id=\"0\"/> If none of them are found, " -"the first principal in keytab is returned." -msgstr "" -"Définit l'identité à utiliser pour l'autorisation SASL. Lorsque GSSAPI est " -"utilisé, c'est l'identifiant Kerberos principal utilisé pour s'authentifier " -"à l'annuaire. Cette option peut soit contenir le principal complet (par " -"exemple host/myhost@EXAMPLE.COM), soit juste le nom du principal (par " -"exemple host/myhost)." - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1736 +#: sssd-ldap.5.xml:1772 +msgid "" +"Specify the SASL authorization id to use. When GSSAPI/GSS-SPNEGO are used, " +"this represents the Kerberos principal used for authentication to the " +"directory. This option can either contain the full principal (for example " +"host/myhost@EXAMPLE.COM) or just the principal name (for example host/" +"myhost). By default, the value is not set and the following principals are " +"used: <placeholder type=\"programlisting\" id=\"0\"/> If none of them are " +"found, the first principal in keytab is returned." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1792 msgid "Default: host/hostname@REALM" msgstr "Par défaut : host/hostname@REALM" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1742 +#: sssd-ldap.5.xml:1798 msgid "ldap_sasl_realm (string)" msgstr "ldap_sasl_realm (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1745 +#: sssd-ldap.5.xml:1801 msgid "" "Specify the SASL realm to use. When not specified, this option defaults to " "the value of krb5_realm. If the ldap_sasl_authid contains the realm as " @@ -6924,17 +7142,17 @@ msgstr "" "domaine, cette option est ignorée." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1751 +#: sssd-ldap.5.xml:1807 msgid "Default: the value of krb5_realm." msgstr "Par défaut : la valeur de krb5_realm." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1757 +#: sssd-ldap.5.xml:1813 msgid "ldap_sasl_canonicalize (boolean)" msgstr "ldap_sasl_canonicalize (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1760 +#: sssd-ldap.5.xml:1816 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." @@ -6943,65 +7161,75 @@ msgstr "" "le nom de l'hôte au cours d'une liaison SASL." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1765 +#: sssd-ldap.5.xml:1821 msgid "Default: false;" msgstr "Défaut : false;" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1771 +#: sssd-ldap.5.xml:1827 msgid "ldap_krb5_keytab (string)" msgstr "ldap_krb5_keytab (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1774 -msgid "Specify the keytab to use when using SASL/GSSAPI." +#: sssd-ldap.5.xml:1830 +#, fuzzy +#| msgid "Specify the keytab to use when using SASL/GSSAPI." +msgid "Specify the keytab to use when using SASL/GSSAPI/GSS-SPNEGO." msgstr "Définit le fichier keytab à utiliser pour utiliser SASL/GSSAPI." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1777 +#: sssd-ldap.5.xml:1834 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" "Par défaut : le fichier keytab du système, normalement <filename>/etc/krb5." "keytab</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1783 +#: sssd-ldap.5.xml:1840 msgid "ldap_krb5_init_creds (boolean)" msgstr "ldap_krb5_init_creds (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1786 +#: sssd-ldap.5.xml:1843 +#, fuzzy +#| msgid "" +#| "Specifies that the id_provider should init Kerberos credentials (TGT). " +#| "This action is performed only if SASL is used and the mechanism selected " +#| "is GSSAPI." msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " -"GSSAPI." +"GSSAPI or GSS-SPNEGO." msgstr "" "Définit le fait que le fournisseur d'identité doit initialiser les données " "d'identification Kerberos (TGT). Cette action est effectuée seulement si " "SASL est utilisé et que le mécanisme choisi est GSSAPI." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1798 +#: sssd-ldap.5.xml:1855 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "ldap_krb5_ticket_lifetime (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1801 -msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." +#: sssd-ldap.5.xml:1858 +#, fuzzy +#| msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." +msgid "" +"Specifies the lifetime in seconds of the TGT if GSSAPI or GSS-SPNEGO is used." msgstr "Définit la durée de vie, en secondes, des TGT si GSSAPI est utilisé." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1805 sssd-ad.5.xml:959 +#: sssd-ldap.5.xml:1862 sssd-ad.5.xml:978 msgid "Default: 86400 (24 hours)" msgstr "Par défaut : 86400 (24 heures)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1811 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:1868 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "krb5_server, krb5_backup_server (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1814 +#: sssd-ldap.5.xml:1871 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of preference. " @@ -7021,7 +7249,7 @@ msgstr "" "<quote>DÉCOUVERTE DE SERVICES</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1826 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:1883 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -7032,7 +7260,7 @@ msgstr "" "comme protocole, et passe sur _tcp si aucune entrée n'est trouvée." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1831 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1888 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " @@ -7044,29 +7272,31 @@ msgstr "" "l'utilisation de <quote>krb5_server</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1840 sssd-ipa.5.xml:443 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1897 sssd-ipa.5.xml:443 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "krb5_realm (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1843 -msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." +#: sssd-ldap.5.xml:1900 +#, fuzzy +#| msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." +msgid "Specify the Kerberos REALM (for SASL/GSSAPI/GSS-SPNEGO auth)." msgstr "Définit le DOMAINE de Kerberos (pour l'authentification SASL/GSSAPI)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1846 +#: sssd-ldap.5.xml:1904 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" "Par défaut : valeur par défaut du système, voir <filename>/etc/krb5.conf</" "filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1852 sssd-krb5.5.xml:462 +#: sssd-ldap.5.xml:1910 sssd-krb5.5.xml:462 msgid "krb5_canonicalize (boolean)" msgstr "krb5_canonicalize (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1855 +#: sssd-ldap.5.xml:1913 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" @@ -7076,12 +7306,12 @@ msgstr "" "Kerberos > = 1.7" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1867 sssd-krb5.5.xml:477 +#: sssd-ldap.5.xml:1925 sssd-krb5.5.xml:477 msgid "krb5_use_kdcinfo (boolean)" msgstr "krb5_use_kdcinfo (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1870 sssd-krb5.5.xml:480 +#: sssd-ldap.5.xml:1928 sssd-krb5.5.xml:480 msgid "" "Specifies if the SSSD should instruct the Kerberos libraries what realm and " "which KDCs to use. This option is on by default, if you disable it, you need " @@ -7096,7 +7326,7 @@ msgstr "" "<manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1881 sssd-krb5.5.xml:491 +#: sssd-ldap.5.xml:1939 sssd-krb5.5.xml:491 msgid "" "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more " @@ -7108,12 +7338,12 @@ msgstr "" "localisation." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1895 +#: sssd-ldap.5.xml:1953 msgid "ldap_pwd_policy (string)" msgstr "ldap_pwd_policy (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1898 +#: sssd-ldap.5.xml:1956 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" @@ -7122,7 +7352,7 @@ msgstr "" "valeurs suivantes sont acceptées :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1903 +#: sssd-ldap.5.xml:1961 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." @@ -7131,7 +7361,7 @@ msgstr "" "peut pas désactiver la politique sur les mots de passe du côté serveur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1908 +#: sssd-ldap.5.xml:1966 msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " @@ -7142,7 +7372,7 @@ msgstr "" "manvolnum></citerefentry> pour évaluer si le mot de passe a expiré." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1914 +#: sssd-ldap.5.xml:1972 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " @@ -7154,7 +7384,7 @@ msgstr "" "est changé." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1923 +#: sssd-ldap.5.xml:1981 msgid "" "<emphasis>Note</emphasis>: if a password policy is configured on server " "side, it always takes precedence over policy set with this option." @@ -7163,17 +7393,17 @@ msgstr "" "côté serveur, elle prend le pas sur la politique indiquée avec cette option." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1931 +#: sssd-ldap.5.xml:1989 msgid "ldap_referrals (boolean)" msgstr "ldap_referrals (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1934 +#: sssd-ldap.5.xml:1992 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "Définit si le déréférencement automatique doit être activé." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1938 +#: sssd-ldap.5.xml:1996 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." @@ -7182,7 +7412,7 @@ msgstr "" "compilé avec OpenLDAP version 2.4.13 ou supérieur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1943 +#: sssd-ldap.5.xml:2001 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " @@ -7196,29 +7426,29 @@ msgstr "" "permettre d'améliorer de façon notable les performances." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1957 +#: sssd-ldap.5.xml:2015 msgid "ldap_dns_service_name (string)" msgstr "ldap_dns_service_name (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1960 +#: sssd-ldap.5.xml:2018 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" "Définit le nom de service à utiliser quand la découverte de services est " "activée." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1964 +#: sssd-ldap.5.xml:2022 msgid "Default: ldap" msgstr "Par défaut : ldap" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1970 +#: sssd-ldap.5.xml:2028 msgid "ldap_chpass_dns_service_name (string)" msgstr "ldap_chpass_dns_service_name (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1973 +#: sssd-ldap.5.xml:2031 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." @@ -7227,19 +7457,19 @@ msgstr "" "un changement de mot de passe quand la découverte de services est activée." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1978 +#: sssd-ldap.5.xml:2036 msgid "Default: not set, i.e. service discovery is disabled" msgstr "" "Par défaut : non défini, c'est-à-dire que le service de découverte est " "désactivé." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1984 +#: sssd-ldap.5.xml:2042 msgid "ldap_chpass_update_last_change (bool)" msgstr "ldap_chpass_update_last_change (bool)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1987 +#: sssd-ldap.5.xml:2045 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." @@ -7249,12 +7479,12 @@ msgstr "" "de passe." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1999 +#: sssd-ldap.5.xml:2057 msgid "ldap_access_filter (string)" msgstr "ldap_access_filter (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2002 +#: sssd-ldap.5.xml:2060 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -7270,12 +7500,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2022 +#: sssd-ldap.5.xml:2080 msgid "Example:" msgstr "Exemple :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:2025 +#: sssd-ldap.5.xml:2083 #, no-wrap msgid "" "access_provider = ldap\n" @@ -7287,7 +7517,7 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2029 +#: sssd-ldap.5.xml:2087 msgid "" "This example means that access to this host is restricted to users whose " "employeeType attribute is set to \"admin\"." @@ -7296,7 +7526,7 @@ msgstr "" "dont l'attribut employeeType est « admin »." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2034 +#: sssd-ldap.5.xml:2092 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -7305,17 +7535,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2042 sssd-ldap.5.xml:2099 +#: sssd-ldap.5.xml:2100 sssd-ldap.5.xml:2157 msgid "Default: Empty" msgstr "Par défaut : vide" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2048 +#: sssd-ldap.5.xml:2106 msgid "ldap_account_expire_policy (string)" msgstr "ldap_account_expire_policy (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2051 +#: sssd-ldap.5.xml:2109 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." @@ -7324,7 +7554,7 @@ msgstr "" "être activée." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2055 +#: sssd-ldap.5.xml:2113 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -7336,12 +7566,12 @@ msgstr "" "correct." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2062 +#: sssd-ldap.5.xml:2120 msgid "The following values are allowed:" msgstr "Les valeurs suivantes sont autorisées :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2065 +#: sssd-ldap.5.xml:2123 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." @@ -7350,7 +7580,7 @@ msgstr "" "pour déterminer si le compte a expiré." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2070 +#: sssd-ldap.5.xml:2128 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -7363,7 +7593,7 @@ msgstr "" "d'expiration du compte est aussi vérifiée." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2077 +#: sssd-ldap.5.xml:2135 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " @@ -7374,7 +7604,7 @@ msgstr "" "l'accès est autorisé ou non." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2083 +#: sssd-ldap.5.xml:2141 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -7387,7 +7617,7 @@ msgstr "" "est autorisé. Si les deux attributs sont manquants, l'accès est autorisé." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2092 +#: sssd-ldap.5.xml:2150 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>expire</quote> in order for the " @@ -7398,24 +7628,24 @@ msgstr "" "ldap_account_expire_policy de fonctionner." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2105 +#: sssd-ldap.5.xml:2163 msgid "ldap_access_order (string)" msgstr "ldap_access_order (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2108 +#: sssd-ldap.5.xml:2166 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" "Liste séparées par des virgules des options de contrôles d'accès. Les " "valeurs autorisées sont :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2112 +#: sssd-ldap.5.xml:2170 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "<emphasis>filter</emphasis> : utiliser ldap_access_filter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2115 +#: sssd-ldap.5.xml:2173 msgid "" "<emphasis>lockout</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -7425,14 +7655,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2125 +#: sssd-ldap.5.xml:2183 msgid "" "<emphasis> Please note that this option is superseded by the <quote>ppolicy</" "quote> option and might be removed in a future release. </emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2132 +#: sssd-ldap.5.xml:2190 msgid "" "<emphasis>ppolicy</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -7445,12 +7675,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2149 +#: sssd-ldap.5.xml:2207 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "<emphasis>expire</emphasis>: utiliser ldap_account_expire_policy" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2153 +#: sssd-ldap.5.xml:2211 msgid "" "<emphasis>pwd_expire_policy_reject, pwd_expire_policy_warn, " "pwd_expire_policy_renew: </emphasis> These options are useful if users are " @@ -7460,7 +7690,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2163 +#: sssd-ldap.5.xml:2221 msgid "" "The difference between these options is the action taken if user password is " "expired: pwd_expire_policy_reject - user is denied to log in, " @@ -7470,20 +7700,20 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2171 +#: sssd-ldap.5.xml:2229 msgid "" "Note If user password is expired no explicit message is prompted by SSSD." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2175 +#: sssd-ldap.5.xml:2233 msgid "" "Please note that 'access_provider = ldap' must be set for this feature to " "work. Also 'ldap_pwd_policy' must be set to an appropriate password policy." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2180 +#: sssd-ldap.5.xml:2238 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" @@ -7492,32 +7722,32 @@ msgstr "" "authorizedService pour déterminer l'accès" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2185 +#: sssd-ldap.5.xml:2243 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" "<emphasis>host</emphasis> : utilise l'attribut host pour déterminer l'accès" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2189 +#: sssd-ldap.5.xml:2247 msgid "" "<emphasis>rhost</emphasis>: use the rhost attribute to determine whether " "remote host can access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2193 +#: sssd-ldap.5.xml:2251 msgid "" "Please note, rhost field in pam is set by application, it is better to check " "what the application sends to pam, before enabling this access control option" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2198 +#: sssd-ldap.5.xml:2256 msgid "Default: filter" msgstr "Par défaut : filter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2201 +#: sssd-ldap.5.xml:2259 msgid "" "Please note that it is a configuration error if a value is used more than " "once." @@ -7526,12 +7756,12 @@ msgstr "" "de configuration." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2208 +#: sssd-ldap.5.xml:2266 msgid "ldap_pwdlockout_dn (string)" msgstr "ldap_pwdlockout_dn (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2211 +#: sssd-ldap.5.xml:2269 msgid "" "This option specifies the DN of password policy entry on LDAP server. Please " "note that absence of this option in sssd.conf in case of enabled account " @@ -7540,22 +7770,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2219 +#: sssd-ldap.5.xml:2277 msgid "Example: cn=ppolicy,ou=policies,dc=example,dc=com" msgstr "Exemple : cn=ppolicy,ou=policies,dc=example,dc=com" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2222 +#: sssd-ldap.5.xml:2280 msgid "Default: cn=ppolicy,ou=policies,$ldap_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2228 +#: sssd-ldap.5.xml:2286 msgid "ldap_deref (string)" msgstr "ldap_deref (chaînes)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2231 +#: sssd-ldap.5.xml:2289 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" @@ -7564,12 +7794,12 @@ msgstr "" "recherche. Les options suivantes sont autorisées :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2236 +#: sssd-ldap.5.xml:2294 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "<emphasis>never</emphasis> : les alias ne sont jamais déréférencés." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2240 +#: sssd-ldap.5.xml:2298 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." @@ -7579,7 +7809,7 @@ msgstr "" "recherche." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2245 +#: sssd-ldap.5.xml:2303 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." @@ -7588,7 +7818,7 @@ msgstr "" "la localisation de l'objet de base de la recherche." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2250 +#: sssd-ldap.5.xml:2308 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." @@ -7597,7 +7827,7 @@ msgstr "" "recherche et et la localisation de l'objet de base de la recherche." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2255 +#: sssd-ldap.5.xml:2313 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" @@ -7606,12 +7836,12 @@ msgstr "" "bibliothèques clientes LDAP)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2263 +#: sssd-ldap.5.xml:2321 msgid "ldap_rfc2307_fallback_to_local_users (boolean)" msgstr "ldap_rfc2307_fallback_to_local_users (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2266 +#: sssd-ldap.5.xml:2324 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." @@ -7620,7 +7850,7 @@ msgstr "" "LDAP pour les serveurs qui utilisent le schéma RFC2307." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2270 +#: sssd-ldap.5.xml:2328 msgid "" "In some environments where the RFC2307 schema is used, local users are made " "members of LDAP groups by adding their names to the memberUid attribute. " @@ -7638,7 +7868,7 @@ msgstr "" "initgoups()." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2281 +#: sssd-ldap.5.xml:2339 msgid "" "This option falls back to checking if local users are referenced, and caches " "them so that later initgroups() calls will augment the local users with the " @@ -7649,24 +7879,24 @@ msgstr "" "ajoutent les utilisateurs locaux aux groupes LDAP." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2293 sssd-ifp.5.xml:136 +#: sssd-ldap.5.xml:2351 sssd-ifp.5.xml:136 msgid "wildcard_limit (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2296 +#: sssd-ldap.5.xml:2354 msgid "" "Specifies an upper limit on the number of entries that are downloaded during " "a wildcard lookup." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2300 +#: sssd-ldap.5.xml:2358 msgid "At the moment, only the InfoPipe responder supports wildcard lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2304 +#: sssd-ldap.5.xml:2362 msgid "Default: 1000 (often the size of one page)" msgstr "" @@ -7686,12 +7916,12 @@ msgstr "" "détails. <placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2314 +#: sssd-ldap.5.xml:2372 msgid "SUDO OPTIONS" msgstr "OPTIONS DE SUDO" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2316 +#: sssd-ldap.5.xml:2374 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -7699,52 +7929,52 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2327 +#: sssd-ldap.5.xml:2385 msgid "ldap_sudorule_object_class (string)" msgstr "ldap_sudorule_object_class (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2330 +#: sssd-ldap.5.xml:2388 msgid "The object class of a sudo rule entry in LDAP." msgstr "La classe d'objet d'une entrée de règle de sudo dans LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2333 +#: sssd-ldap.5.xml:2391 msgid "Default: sudoRole" msgstr "Par défaut : sudoRole" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2339 +#: sssd-ldap.5.xml:2397 msgid "ldap_sudorule_name (string)" msgstr "ldap_sudorule_name (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2342 +#: sssd-ldap.5.xml:2400 msgid "The LDAP attribute that corresponds to the sudo rule name." msgstr "L'attribut LDAP qui correspond au nom de la règle de sudo." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2352 +#: sssd-ldap.5.xml:2410 msgid "ldap_sudorule_command (string)" msgstr "ldap_sudorule_command (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2355 +#: sssd-ldap.5.xml:2413 msgid "The LDAP attribute that corresponds to the command name." msgstr "L'attribut LDAP qui correspond au nom de la commande." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2359 +#: sssd-ldap.5.xml:2417 msgid "Default: sudoCommand" msgstr "Par défaut : sudoCommand" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2365 +#: sssd-ldap.5.xml:2423 msgid "ldap_sudorule_host (string)" msgstr "ldap_sudorule_host (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2368 +#: sssd-ldap.5.xml:2426 msgid "" "The LDAP attribute that corresponds to the host name (or host IP address, " "host IP network, or host netgroup)" @@ -7753,17 +7983,17 @@ msgstr "" "réseau IP de l'hôte ou netgroup de l'hôte)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2373 +#: sssd-ldap.5.xml:2431 msgid "Default: sudoHost" msgstr "Par défaut : sudoHost" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2379 +#: sssd-ldap.5.xml:2437 msgid "ldap_sudorule_user (string)" msgstr "ldap_sudorule_user (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2382 +#: sssd-ldap.5.xml:2440 msgid "" "The LDAP attribute that corresponds to the user name (or UID, group name or " "user's netgroup)" @@ -7772,32 +8002,32 @@ msgstr "" "groupe ou netgroup de l'utilisateur)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2386 +#: sssd-ldap.5.xml:2444 msgid "Default: sudoUser" msgstr "Par défaut : sudoUser" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2392 +#: sssd-ldap.5.xml:2450 msgid "ldap_sudorule_option (string)" msgstr "ldap_sudorule_option (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2395 +#: sssd-ldap.5.xml:2453 msgid "The LDAP attribute that corresponds to the sudo options." msgstr "L'attribut LDAP qui correspond aux options sudo." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2399 +#: sssd-ldap.5.xml:2457 msgid "Default: sudoOption" msgstr "Par défaut : sudoOption" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2405 +#: sssd-ldap.5.xml:2463 msgid "ldap_sudorule_runasuser (string)" msgstr "ldap_sudorule_runasuser (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2408 +#: sssd-ldap.5.xml:2466 msgid "" "The LDAP attribute that corresponds to the user name that commands may be " "run as." @@ -7806,17 +8036,17 @@ msgstr "" "nom d'utilisateur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2412 +#: sssd-ldap.5.xml:2470 msgid "Default: sudoRunAsUser" msgstr "Par défaut : sudoRunAsUser" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2418 +#: sssd-ldap.5.xml:2476 msgid "ldap_sudorule_runasgroup (string)" msgstr "ldap_sudorule_runasgroup (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2421 +#: sssd-ldap.5.xml:2479 msgid "" "The LDAP attribute that corresponds to the group name or group GID that " "commands may be run as." @@ -7825,17 +8055,17 @@ msgstr "" "les commandes seront être exécutées." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2425 +#: sssd-ldap.5.xml:2483 msgid "Default: sudoRunAsGroup" msgstr "Par défaut : sudoRunAsGroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2431 +#: sssd-ldap.5.xml:2489 msgid "ldap_sudorule_notbefore (string)" msgstr "ldap_sudorule_notbefore (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2434 +#: sssd-ldap.5.xml:2492 msgid "" "The LDAP attribute that corresponds to the start date/time for when the sudo " "rule is valid." @@ -7844,17 +8074,17 @@ msgstr "" "règle sudo est valide." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2438 +#: sssd-ldap.5.xml:2496 msgid "Default: sudoNotBefore" msgstr "Par défaut : sudoNotBefore" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2444 +#: sssd-ldap.5.xml:2502 msgid "ldap_sudorule_notafter (string)" msgstr "ldap_sudorule_notafter (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2447 +#: sssd-ldap.5.xml:2505 msgid "" "The LDAP attribute that corresponds to the expiration date/time, after which " "the sudo rule will no longer be valid." @@ -7863,32 +8093,32 @@ msgstr "" "règle sudo ne sera plus valide." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2452 +#: sssd-ldap.5.xml:2510 msgid "Default: sudoNotAfter" msgstr "Par défaut : sudoNotAfter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2458 +#: sssd-ldap.5.xml:2516 msgid "ldap_sudorule_order (string)" msgstr "ldap_sudorule_order (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2461 +#: sssd-ldap.5.xml:2519 msgid "The LDAP attribute that corresponds to the ordering index of the rule." msgstr "L'attribut LDAP qui correspond à l'index de tri de la règle." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2465 +#: sssd-ldap.5.xml:2523 msgid "Default: sudoOrder" msgstr "Par défaut : sudoOrder" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2471 +#: sssd-ldap.5.xml:2529 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "ldap_sudo_full_refresh_interval (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2474 +#: sssd-ldap.5.xml:2532 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." @@ -7898,7 +8128,7 @@ msgstr "" "règles qui sont stockées sur le serveur)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2479 +#: sssd-ldap.5.xml:2537 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </" "emphasis>" @@ -7907,21 +8137,26 @@ msgstr "" "emphasis>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2484 +#: sssd-ldap.5.xml:2542 msgid "Default: 21600 (6 hours)" msgstr "Par défaut : 21600 (6 heures)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2490 +#: sssd-ldap.5.xml:2548 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "ldap_sudo_smart_refresh_interval (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2493 +#: sssd-ldap.5.xml:2551 +#, fuzzy +#| msgid "" +#| "How many seconds SSSD has to wait before executing a smart refresh of " +#| "sudo rules (which downloads all rules that have USN higher than the " +#| "highest USN of cached rules)." msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " -"rules (which downloads all rules that have USN higher than the highest USN " -"of cached rules)." +"rules (which downloads all rules that have USN higher than the highest " +"server USN value that is currently known by SSSD)." msgstr "" "La durée en secondes pendant laquelle SSSD doit attendre avant d'exécuter " "une actualisation intelligente des règles sudo (qui télécharge toutes les " @@ -7929,7 +8164,7 @@ msgstr "" "cache)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2499 +#: sssd-ldap.5.xml:2557 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." @@ -7937,13 +8172,23 @@ msgstr "" "Si les attributs USN ne sont pas pris en charge par le serveur, l'attribut " "modifyTimestamp est utilisé à la place." +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:2561 +msgid "" +"<emphasis>Note:</emphasis> the highest USN value can be updated by three " +"tasks: 1) By sudo full and smart refresh (if updated rules are found), 2) by " +"enumeration of users and groups (if enabled and updated users or groups are " +"found) and 3) by reconnecting to the server (by default every 15 minutes, " +"see <emphasis>ldap_connection_expire_timeout</emphasis>)." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2509 +#: sssd-ldap.5.xml:2578 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "ldap_sudo_use_host_filter (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2512 +#: sssd-ldap.5.xml:2581 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." @@ -7953,12 +8198,12 @@ msgstr "" "noms de systèmes)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2523 +#: sssd-ldap.5.xml:2592 msgid "ldap_sudo_hostnames (string)" msgstr "ldap_sudo_hostnames (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2526 +#: sssd-ldap.5.xml:2595 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." @@ -7967,7 +8212,7 @@ msgstr "" "doivent être utilisés pour filtrer les règles." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2531 +#: sssd-ldap.5.xml:2600 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." @@ -7976,8 +8221,8 @@ msgstr "" "nom de système et le nom de domaine pleinement qualifié." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2536 sssd-ldap.5.xml:2559 sssd-ldap.5.xml:2577 -#: sssd-ldap.5.xml:2595 +#: sssd-ldap.5.xml:2605 sssd-ldap.5.xml:2628 sssd-ldap.5.xml:2646 +#: sssd-ldap.5.xml:2664 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</" "emphasis> then this option has no effect." @@ -7986,17 +8231,17 @@ msgstr "" "emphasis>, alors cette option n'a aucun effet." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2541 sssd-ldap.5.xml:2564 +#: sssd-ldap.5.xml:2610 sssd-ldap.5.xml:2633 msgid "Default: not specified" msgstr "Par défaut : non spécifié" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2547 +#: sssd-ldap.5.xml:2616 msgid "ldap_sudo_ip (string)" msgstr "ldap_sudo_ip (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2550 +#: sssd-ldap.5.xml:2619 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." @@ -8005,7 +8250,7 @@ msgstr "" "IPv6 qui doivent être utilisés pour filtrer les règles." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2555 +#: sssd-ldap.5.xml:2624 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." @@ -8014,12 +8259,12 @@ msgstr "" "automatiquement." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2570 +#: sssd-ldap.5.xml:2639 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "ldap_sudo_include_netgroups (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2573 +#: sssd-ldap.5.xml:2642 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." @@ -8028,12 +8273,12 @@ msgstr "" "netgroup dans l'attribut sudoHost." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2588 +#: sssd-ldap.5.xml:2657 msgid "ldap_sudo_include_regexp (boolean)" msgstr "ldap_sudo_include_regexp (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2591 +#: sssd-ldap.5.xml:2660 msgid "" "If true then SSSD will download every rule that contains a wildcard in " "sudoHost attribute." @@ -8042,14 +8287,14 @@ msgstr "" "un joker dans l'attribut sudoHost." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><note><para> -#: sssd-ldap.5.xml:2601 +#: sssd-ldap.5.xml:2670 msgid "" "Using wildcard is an operation that is very costly to evaluate on the LDAP " "server side!" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2613 +#: sssd-ldap.5.xml:2682 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -8062,88 +8307,88 @@ msgstr "" "manvolnum></citerefentry>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2623 +#: sssd-ldap.5.xml:2692 msgid "AUTOFS OPTIONS" msgstr "OPTIONS AUTOFS" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2625 +#: sssd-ldap.5.xml:2694 msgid "" "Some of the defaults for the parameters below are dependent on the LDAP " "schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2631 +#: sssd-ldap.5.xml:2700 msgid "ldap_autofs_map_master_name (string)" msgstr "ldap_autofs_map_master_name (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2634 +#: sssd-ldap.5.xml:2703 msgid "The name of the automount master map in LDAP." msgstr "Le nom de la table de montage automatique maîtresse dans LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2637 +#: sssd-ldap.5.xml:2706 msgid "Default: auto.master" msgstr "Par défaut : auto.master" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2644 +#: sssd-ldap.5.xml:2713 msgid "ldap_autofs_map_object_class (string)" msgstr "ldap_autofs_map_object_class (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2647 +#: sssd-ldap.5.xml:2716 msgid "The object class of an automount map entry in LDAP." msgstr "" "La classe d'objet d'une entrée de table de montage automatique dans LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2650 +#: sssd-ldap.5.xml:2719 msgid "Default: nisMap (rfc2307, autofs_provider=ad), otherwise automountMap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2658 +#: sssd-ldap.5.xml:2727 msgid "ldap_autofs_map_name (string)" msgstr "ldap_autofs_map_name (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2661 +#: sssd-ldap.5.xml:2730 msgid "The name of an automount map entry in LDAP." msgstr "Le nom d'une entrée de table de montage automatique dans LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2664 +#: sssd-ldap.5.xml:2733 msgid "" "Default: nisMapName (rfc2307, autofs_provider=ad), otherwise automountMapName" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2672 +#: sssd-ldap.5.xml:2741 msgid "ldap_autofs_entry_object_class (string)" msgstr "ldap_autofs_entry_object_class (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2675 +#: sssd-ldap.5.xml:2744 msgid "" "The object class of an automount entry in LDAP. The entry usually " "corresponds to a mount point." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2680 +#: sssd-ldap.5.xml:2749 msgid "Default: nisObject (rfc2307, autofs_provider=ad), otherwise automount" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2688 +#: sssd-ldap.5.xml:2757 msgid "ldap_autofs_entry_key (string)" msgstr "ldap_autofs_entry_key (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2691 sssd-ldap.5.xml:2706 +#: sssd-ldap.5.xml:2760 sssd-ldap.5.xml:2775 msgid "" "The key of an automount entry in LDAP. The entry usually corresponds to a " "mount point." @@ -8152,24 +8397,24 @@ msgstr "" "généralement à un point de montage." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2695 +#: sssd-ldap.5.xml:2764 msgid "Default: cn (rfc2307, autofs_provider=ad), otherwise automountKey" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2703 +#: sssd-ldap.5.xml:2772 msgid "ldap_autofs_entry_value (string)" msgstr "ldap_autofs_entry_value (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2710 +#: sssd-ldap.5.xml:2779 msgid "" "Default: nisMapEntry (rfc2307, autofs_provider=ad), otherwise " "automountInformation" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2629 +#: sssd-ldap.5.xml:2698 msgid "" "<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" "\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " @@ -8182,32 +8427,32 @@ msgstr "" "\"variablelist\" id=\"4\"/> <placeholder type=\"variablelist\" id=\"5\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2721 +#: sssd-ldap.5.xml:2790 msgid "ADVANCED OPTIONS" msgstr "OPTIONS AVANCÉES" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2728 +#: sssd-ldap.5.xml:2797 msgid "ldap_netgroup_search_base (string)" msgstr "ldap_netgroup_search_base (chaînes)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2733 +#: sssd-ldap.5.xml:2802 msgid "ldap_user_search_base (string)" msgstr "ldap_user_search_base (chaînes)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2738 +#: sssd-ldap.5.xml:2807 msgid "ldap_group_search_base (string)" msgstr "ldap_group_search_base (chaînes)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note> -#: sssd-ldap.5.xml:2743 +#: sssd-ldap.5.xml:2812 msgid "<note>" msgstr "<note>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note><para> -#: sssd-ldap.5.xml:2745 +#: sssd-ldap.5.xml:2814 msgid "" "If the option <quote>ldap_use_tokengroups</quote> is enabled, the searches " "against Active Directory will not be restricted and return all groups " @@ -8216,22 +8461,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist> -#: sssd-ldap.5.xml:2752 +#: sssd-ldap.5.xml:2821 msgid "</note>" msgstr "</note>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2754 +#: sssd-ldap.5.xml:2823 msgid "ldap_sudo_search_base (string)" msgstr "ldap_sudo_search_base (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2759 +#: sssd-ldap.5.xml:2828 msgid "ldap_autofs_search_base (string)" msgstr "ldap_autofs_search_base (string)" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2723 +#: sssd-ldap.5.xml:2792 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -8240,14 +8485,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2774 sssd-simple.5.xml:131 sssd-ipa.5.xml:843 -#: sssd-ad.5.xml:1078 sssd-krb5.5.xml:570 sss_rpcidmapd.5.xml:98 +#: sssd-ldap.5.xml:2843 sssd-simple.5.xml:131 sssd-ipa.5.xml:843 +#: sssd-ad.5.xml:1097 sssd-krb5.5.xml:604 sss_rpcidmapd.5.xml:98 #: sssd-files.5.xml:130 sssd-session-recording.5.xml:144 msgid "EXAMPLE" msgstr "EXEMPLE" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2776 +#: sssd-ldap.5.xml:2845 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -8258,7 +8503,7 @@ msgstr "" "replaceable>." #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2782 +#: sssd-ldap.5.xml:2851 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -8278,27 +8523,27 @@ msgstr "" "cache_credentials = true\n" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:2781 sssd-ldap.5.xml:2799 sssd-simple.5.xml:139 -#: sssd-ipa.5.xml:851 sssd-ad.5.xml:1086 sssd-sudo.5.xml:56 sssd-krb5.5.xml:579 +#: sssd-ldap.5.xml:2850 sssd-ldap.5.xml:2868 sssd-simple.5.xml:139 +#: sssd-ipa.5.xml:851 sssd-ad.5.xml:1105 sssd-sudo.5.xml:56 sssd-krb5.5.xml:613 #: sssd-files.5.xml:137 sssd-files.5.xml:148 sssd-session-recording.5.xml:150 #: include/ldap_id_mapping.xml:105 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "<placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2793 +#: sssd-ldap.5.xml:2862 msgid "LDAP ACCESS FILTER EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2795 +#: sssd-ldap.5.xml:2864 msgid "" "The following example assumes that SSSD is correctly configured and to use " "the ldap_access_order=lockout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2800 +#: sssd-ldap.5.xml:2869 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -8324,13 +8569,13 @@ msgstr "" "cache_credentials = true\n" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2815 sssd_krb5_locator_plugin.8.xml:81 sssd-simple.5.xml:148 -#: sssd-ad.5.xml:1101 sssd.8.xml:257 sss_seed.8.xml:163 +#: sssd-ldap.5.xml:2884 sssd_krb5_locator_plugin.8.xml:83 sssd-simple.5.xml:148 +#: sssd-ad.5.xml:1120 sssd.8.xml:257 sss_seed.8.xml:163 msgid "NOTES" msgstr "NOTES" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2817 +#: sssd-ldap.5.xml:2886 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -8556,17 +8801,15 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: pam_sss.8.xml:211 -#, fuzzy -#| msgid "<option>use_authtok</option>" msgid "<option>try_cert_auth</option>" -msgstr "<option>use_authtok</option>" +msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: pam_sss.8.xml:215 msgid "" "Try to use certificate based authentication, i.e. authentication with a " "Smartcard or similar devices. If a Smartcard is available and the service is " -"allowed for Smartcard authentication the use will be prompted for a PIN and " +"allowed for Smartcard authentication the user will be prompted for a PIN and " "the certificate based authentication will continue" msgstr "" @@ -8579,10 +8822,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: pam_sss.8.xml:231 -#, fuzzy -#| msgid "<option>quiet</option>" msgid "<option>require_cert_auth</option>" -msgstr "<option>quiet</option>" +msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: pam_sss.8.xml:235 @@ -8617,13 +8858,22 @@ msgstr "" "Tous les types de module (<option>account</option>, <option>auth</option>, " "<option>password</option> et <option>session</option>) sont fournis." +#. type: Content of: <reference><refentry><refsect1><para> +#: pam_sss.8.xml:259 +msgid "" +"If SSSD's PAM responder is not running, e.g. if the PAM responder socket is " +"not available, pam_sss will return PAM_USER_UNKNOWN when called as " +"<option>account</option> module to avoid issues with users from other " +"sources during access control." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><title> -#: pam_sss.8.xml:262 +#: pam_sss.8.xml:266 msgid "FILES" msgstr "FICHIERS" #. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:263 +#: pam_sss.8.xml:267 msgid "" "If a password reset by root fails, because the corresponding SSSD provider " "does not support password resets, an individual message can be displayed. " @@ -8635,7 +8885,7 @@ msgstr "" "exemple, contenir les instructions permettant la réinitialisation." #. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:268 +#: pam_sss.8.xml:272 msgid "" "The message is read from the file <filename>pam_sss_pw_reset_message.LOC</" "filename> where LOC stands for a locale string returned by <citerefentry> " @@ -8655,7 +8905,7 @@ msgstr "" "utilisateurs doivent avoir les autorisations en lecture seule." #. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:278 +#: pam_sss.8.xml:282 msgid "" "These files are searched in the directory <filename>/etc/sssd/customize/" "DOMAIN_NAME/</filename>. If no matching file is present a generic message is " @@ -8708,34 +8958,44 @@ msgstr "" msgid "" "The plugin reads the information about the KDCs of a given realm from a file " "called <filename>kdcinfo.REALM</filename>. The file should contain one or " -"more IP addresses either in dotted-decimal IPv4 notation or the hexadecimal " -"IPv6 notation. An optional port number can be added to the end separated " -"with a colon, the IPv6 address has to be enclosed in squared brackets in " -"this case as usual. Valid entries are:" +"more DNS names or IP addresses either in dotted-decimal IPv4 notation or the " +"hexadecimal IPv6 notation. An optional port number can be added to the end " +"separated with a colon, the IPv6 address has to be enclosed in squared " +"brackets in this case as usual. Valid entries are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> #: sssd_krb5_locator_plugin.8.xml:58 -msgid "1.2.3.4" +msgid "kdc.example.com" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> #: sssd_krb5_locator_plugin.8.xml:59 -msgid "5.6.7.8:99" +msgid "kdc.example.com:321" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> #: sssd_krb5_locator_plugin.8.xml:60 -msgid "2001:db8:85a3::8a2e:370:7334" +msgid "1.2.3.4" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> #: sssd_krb5_locator_plugin.8.xml:61 +msgid "5.6.7.8:99" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd_krb5_locator_plugin.8.xml:62 +msgid "2001:db8:85a3::8a2e:370:7334" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd_krb5_locator_plugin.8.xml:63 msgid "[2001:db8:85a3::8a2e:370:7334]:321" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:63 +#: sssd_krb5_locator_plugin.8.xml:65 msgid "" "SSSD's krb5 auth-provider which is used by the IPA and AD providers as well " "adds the address of the current KDC or domain controller SSSD is using to " @@ -8743,7 +9003,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:68 +#: sssd_krb5_locator_plugin.8.xml:70 msgid "" "In environments with read-only and read-write KDCs where clients are " "expected to use the read-only instances for the general operations and only " @@ -8756,7 +9016,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:83 +#: sssd_krb5_locator_plugin.8.xml:85 msgid "" "Not all Kerberos implementations support the use of plugins. If " "<command>sssd_krb5_locator_plugin</command> is not available on your system " @@ -8768,7 +9028,7 @@ msgstr "" "configuration de Kerberos." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:89 +#: sssd_krb5_locator_plugin.8.xml:91 msgid "" "If the environment variable SSSD_KRB5_LOCATOR_DEBUG is set to any value " "debug messages will be sent to stderr." @@ -8778,13 +9038,22 @@ msgstr "" "d'erreur." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:93 +#: sssd_krb5_locator_plugin.8.xml:95 msgid "" "If the environment variable SSSD_KRB5_LOCATOR_DISABLE is set to any value " "the plugin is disabled and will just return KRB5_PLUGIN_NO_HANDLE to the " "caller." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:100 +msgid "" +"If the environment variable SSSD_KRB5_LOCATOR_IGNORE_DNS_FAILURES is set to " +"any value plugin will try to resolve all DNS names in kdcinfo file. By " +"default plugin returns KRB5_PLUGIN_NO_HANDLE to the caller immediately on " +"first DNS resolving failure." +msgstr "" + #. type: Content of: <reference><refentry><refnamediv><refname> #: sssd-simple.5.xml:10 sssd-simple.5.xml:16 msgid "sssd-simple" @@ -9943,7 +10212,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:128 sssd-ad.5.xml:888 +#: sssd-ipa.5.xml:128 sssd-ad.5.xml:907 msgid "dyndns_update (boolean)" msgstr "dyndns_update (booléen)" @@ -9958,7 +10227,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:140 sssd-ad.5.xml:902 +#: sssd-ipa.5.xml:140 sssd-ad.5.xml:921 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" @@ -9980,12 +10249,12 @@ msgstr "" "configuration." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:157 sssd-ad.5.xml:913 +#: sssd-ipa.5.xml:157 sssd-ad.5.xml:932 msgid "dyndns_ttl (integer)" msgstr "dyndns_ttl (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:160 sssd-ad.5.xml:916 +#: sssd-ipa.5.xml:160 sssd-ad.5.xml:935 msgid "" "The TTL to apply to the client DNS record when updating it. If " "dyndns_update is false this has no effect. This will override the TTL " @@ -10012,12 +10281,12 @@ msgid "Default: 1200 (seconds)" msgstr "Par défaut : 1200 (secondes)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:177 sssd-ad.5.xml:927 +#: sssd-ipa.5.xml:177 sssd-ad.5.xml:946 msgid "dyndns_iface (string)" msgstr "dyndns_iface (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:180 sssd-ad.5.xml:930 +#: sssd-ipa.5.xml:180 sssd-ad.5.xml:949 msgid "" "Optional. Applicable only when dyndns_update is true. Choose the interface " "or a list of interfaces whose IP addresses should be used for dynamic DNS " @@ -10045,17 +10314,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:197 sssd-ad.5.xml:941 +#: sssd-ipa.5.xml:197 sssd-ad.5.xml:960 msgid "Example: dyndns_iface = em1, vnet1, vnet2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:203 sssd-ad.5.xml:992 +#: sssd-ipa.5.xml:203 sssd-ad.5.xml:1011 msgid "dyndns_auth (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:206 sssd-ad.5.xml:995 +#: sssd-ipa.5.xml:206 sssd-ad.5.xml:1014 msgid "" "Whether the nsupdate utility should use GSS-TSIG authentication for secure " "updates with the DNS server, insecure updates can be sent by setting this " @@ -10063,7 +10332,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:212 sssd-ad.5.xml:1001 +#: sssd-ipa.5.xml:212 sssd-ad.5.xml:1020 msgid "Default: GSS-TSIG" msgstr "" @@ -10098,7 +10367,7 @@ msgstr "" "seront utilisés comme serveurs de repli" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:244 sssd-ad.5.xml:947 +#: sssd-ipa.5.xml:244 sssd-ad.5.xml:966 msgid "dyndns_refresh_interval (integer)" msgstr "dyndns_refresh_interval (entier)" @@ -10115,12 +10384,12 @@ msgstr "" "configurée à true." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:260 sssd-ad.5.xml:965 +#: sssd-ipa.5.xml:260 sssd-ad.5.xml:984 msgid "dyndns_update_ptr (bool)" msgstr "dyndns_update_ptr (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:263 sssd-ad.5.xml:968 +#: sssd-ipa.5.xml:263 sssd-ad.5.xml:987 msgid "" "Whether the PTR record should also be explicitly updated when updating the " "client's DNS records. Applicable only when dyndns_update is true." @@ -10145,12 +10414,12 @@ msgid "Default: False (disabled)" msgstr "Par défaut : False (désactivé)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:280 sssd-ad.5.xml:979 +#: sssd-ipa.5.xml:280 sssd-ad.5.xml:998 msgid "dyndns_force_tcp (bool)" msgstr "dyndns_force_tcp (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:283 sssd-ad.5.xml:982 +#: sssd-ipa.5.xml:283 sssd-ad.5.xml:1001 msgid "" "Whether the nsupdate utility should default to using TCP for communicating " "with the DNS server." @@ -10159,50 +10428,48 @@ msgstr "" "communication avec le serveur DNS." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:287 sssd-ad.5.xml:986 +#: sssd-ipa.5.xml:287 sssd-ad.5.xml:1005 msgid "Default: False (let nsupdate choose the protocol)" msgstr "Par défaut : False (laisser nsupdate choisir le protocole)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:293 sssd-ad.5.xml:1007 +#: sssd-ipa.5.xml:293 sssd-ad.5.xml:1026 msgid "dyndns_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:296 sssd-ad.5.xml:1010 +#: sssd-ipa.5.xml:296 sssd-ad.5.xml:1029 msgid "" "The DNS server to use when performing a DNS update. In most setups, it's " "recommended to leave this option unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:301 sssd-ad.5.xml:1015 +#: sssd-ipa.5.xml:301 sssd-ad.5.xml:1034 msgid "" "Setting this option makes sense for environments where the DNS server is " "different from the identity server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:306 sssd-ad.5.xml:1020 +#: sssd-ipa.5.xml:306 sssd-ad.5.xml:1039 msgid "" "Please note that this option will be only used in fallback attempt when " "previous attempt using autodetected settings failed." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:311 sssd-ad.5.xml:1025 +#: sssd-ipa.5.xml:311 sssd-ad.5.xml:1044 msgid "Default: None (let nsupdate choose the server)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:317 sssd-ad.5.xml:1031 -#, fuzzy -#| msgid "dyndns_update (boolean)" +#: sssd-ipa.5.xml:317 sssd-ad.5.xml:1050 msgid "dyndns_update_per_family (boolean)" -msgstr "dyndns_update (booléen)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:320 sssd-ad.5.xml:1034 +#: sssd-ipa.5.xml:320 sssd-ad.5.xml:1053 msgid "" "DNS update is by default performed in two steps - IPv4 update and then IPv6 " "update. In some cases it might be desirable to perform IPv4 and IPv6 update " @@ -10328,26 +10595,26 @@ msgstr "" "convertit en DN de base pour effectuer les opérations LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:458 sssd-ad.5.xml:1049 +#: sssd-ipa.5.xml:458 sssd-ad.5.xml:1068 msgid "krb5_confd_path (string)" msgstr "krb5_confd_path (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:461 sssd-ad.5.xml:1052 +#: sssd-ipa.5.xml:461 sssd-ad.5.xml:1071 msgid "" "Absolute path of a directory where SSSD should place Kerberos configuration " "snippets." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:465 sssd-ad.5.xml:1056 +#: sssd-ipa.5.xml:465 sssd-ad.5.xml:1075 msgid "" "To disable the creation of the configuration snippets set the parameter to " "'none'." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:469 sssd-ad.5.xml:1060 +#: sssd-ipa.5.xml:469 sssd-ad.5.xml:1079 msgid "" "Default: not set (krb5.include.d subdirectory of SSSD's pubconf directory)" msgstr "" @@ -10366,7 +10633,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:486 sssd-ipa.5.xml:516 sssd-ipa.5.xml:532 sssd-ad.5.xml:452 +#: sssd-ipa.5.xml:486 sssd-ipa.5.xml:516 sssd-ipa.5.xml:532 sssd-ad.5.xml:471 msgid "Default: 5 (seconds)" msgstr "Par défaut : 5 (secondes)" @@ -10697,37 +10964,20 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ipa.5.xml:749 -#, fuzzy -#| msgid "" -#| "These configuration options can be present in a domain configuration " -#| "section, that is, in a section called <quote>[domain/<replaceable>NAME</" -#| "replaceable>]</quote> <placeholder type=\"variablelist\" id=\"0\"/>" msgid "" "Some configuration options can be also set for a trusted domain. A trusted " "domain configuration can either be done using a subsection, for example: " "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" -"Ces options de configuration peuvent être présentes dans la section de " -"configuration du domaine, c'est-à-dire dans la section nommée <quote>[domain/" -"<replaceable>NAME</replaceable>]</quote> <placeholder type=\"variablelist\" " -"id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ipa.5.xml:758 -#, fuzzy -#| msgid "" -#| "Please refer to the <quote>dns_discovery_domain</quote> parameter in the " -#| "<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -#| "manvolnum> </citerefentry> manual page for more details." msgid "" "In addition, some options can be set in the parent domain and inherited by " "the trusted domain using the <quote>subdomain_inherit</quote> option. For " "more details, see the <citerefentry> <refentrytitle>sssd.conf</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page." msgstr "" -"Se reporter au paramètre <quote>dns_discovery_domain</quote> dans la page de " -"manuel <citerefentry><refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum></citerefentry> pour plus de détails." #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ipa.5.xml:768 @@ -10754,38 +11004,28 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> #: sssd-ipa.5.xml:782 -#, fuzzy -#| msgid "ad_server, ad_backup_server (string)" msgid "ad_backup_server" -msgstr "ad_server, ad_backup_server (string)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> #: sssd-ipa.5.xml:785 sssd-ipa.5.xml:812 -#, fuzzy -#| msgid "ad_site (string)" msgid "ad_site" -msgstr "ad_site (chaîne)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> #: sssd-ipa.5.xml:788 -#, fuzzy -#| msgid "ldap_search_base (string)" msgid "ldap_search_base" -msgstr "ldap_search_base (chaîne)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> #: sssd-ipa.5.xml:791 -#, fuzzy -#| msgid "ldap_user_search_base (string)" msgid "ldap_user_search_base" -msgstr "ldap_user_search_base (chaînes)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> #: sssd-ipa.5.xml:794 -#, fuzzy -#| msgid "ldap_group_search_base (string)" msgid "ldap_group_search_base" -msgstr "ldap_group_search_base (chaînes)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> #: sssd-ipa.5.xml:803 @@ -11307,10 +11547,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ad.5.xml:421 -#, fuzzy -#| msgid "ad_gpo_map_deny (string)" msgid "ad_gpo_implicit_deny (boolean)" -msgstr "ad_gpo_map_deny (chaîne)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:424 @@ -11324,12 +11562,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:442 +#: sssd-ad.5.xml:441 +#, fuzzy +#| msgid "ad_enable_gc (boolean)" +msgid "ad_gpo_ignore_unreadable (boolean)" +msgstr "ad_enable_gc (booléen)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:444 +msgid "" +"Normally when some group policy containers (AD object) of applicable group " +"policy objects are not readable by SSSD then users are denied access. This " +"option allows to ignore group policy containers and with them associated " +"policies if their attributes in group policy containers are not readable for " +"SSSD." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:461 msgid "ad_gpo_cache_timeout (integer)" msgstr "ad_gpo_cache_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:445 +#: sssd-ad.5.xml:464 msgid "" "The amount of time between lookups of GPO policy files against the AD " "server. This will reduce the latency and load on the AD server if there are " @@ -11337,12 +11592,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:458 +#: sssd-ad.5.xml:477 msgid "ad_gpo_map_interactive (string)" msgstr "ad_gpo_map_interactive (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:461 +#: sssd-ad.5.xml:480 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the InteractiveLogonRight and " @@ -11350,14 +11605,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:467 +#: sssd-ad.5.xml:486 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on locally\" and \"Deny log on locally\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:481 +#: sssd-ad.5.xml:500 #, no-wrap msgid "" "ad_gpo_map_interactive = +my_pam_service, -login\n" @@ -11365,7 +11620,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:472 +#: sssd-ad.5.xml:491 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -11377,42 +11632,42 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:504 +#: sssd-ad.5.xml:523 msgid "gdm-fingerprint" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:524 +#: sssd-ad.5.xml:543 msgid "lightdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:529 +#: sssd-ad.5.xml:548 msgid "lxdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:534 +#: sssd-ad.5.xml:553 msgid "sddm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:539 +#: sssd-ad.5.xml:558 msgid "unity" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:544 +#: sssd-ad.5.xml:563 msgid "xdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:553 +#: sssd-ad.5.xml:572 msgid "ad_gpo_map_remote_interactive (string)" msgstr "ad_gpo_map_remote_interactive (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:556 +#: sssd-ad.5.xml:575 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the RemoteInteractiveLogonRight and " @@ -11420,7 +11675,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:562 +#: sssd-ad.5.xml:581 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on through Remote Desktop Services\" and \"Deny log on through Remote " @@ -11428,7 +11683,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:577 +#: sssd-ad.5.xml:596 #, no-wrap msgid "" "ad_gpo_map_remote_interactive = +my_pam_service, -sshd\n" @@ -11436,7 +11691,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:568 +#: sssd-ad.5.xml:587 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -11448,22 +11703,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:585 +#: sssd-ad.5.xml:604 msgid "sshd" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:590 +#: sssd-ad.5.xml:609 msgid "cockpit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:599 +#: sssd-ad.5.xml:618 msgid "ad_gpo_map_network (string)" msgstr "ad_gpo_map_network (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:602 +#: sssd-ad.5.xml:621 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the NetworkLogonRight and " @@ -11471,7 +11726,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:608 +#: sssd-ad.5.xml:627 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Access " "this computer from the network\" and \"Deny access to this computer from the " @@ -11479,7 +11734,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:623 +#: sssd-ad.5.xml:642 #, no-wrap msgid "" "ad_gpo_map_network = +my_pam_service, -ftp\n" @@ -11487,7 +11742,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:614 +#: sssd-ad.5.xml:633 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -11499,22 +11754,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:631 +#: sssd-ad.5.xml:650 msgid "ftp" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:636 +#: sssd-ad.5.xml:655 msgid "samba" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:645 +#: sssd-ad.5.xml:664 msgid "ad_gpo_map_batch (string)" msgstr "ad_gpo_map_batch (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:648 +#: sssd-ad.5.xml:667 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the BatchLogonRight and DenyBatchLogonRight " @@ -11522,14 +11777,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:654 +#: sssd-ad.5.xml:673 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a batch job\" and \"Deny log on as a batch job\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:668 +#: sssd-ad.5.xml:687 #, no-wrap msgid "" "ad_gpo_map_batch = +my_pam_service, -crond\n" @@ -11537,7 +11792,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:659 +#: sssd-ad.5.xml:678 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -11549,23 +11804,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:671 +#: sssd-ad.5.xml:690 msgid "" "Note: Cron service name may differ depending on Linux distribution used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:677 +#: sssd-ad.5.xml:696 msgid "crond" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:686 +#: sssd-ad.5.xml:705 msgid "ad_gpo_map_service (string)" msgstr "ad_gpo_map_service (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:689 +#: sssd-ad.5.xml:708 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the ServiceLogonRight and " @@ -11573,14 +11828,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:695 +#: sssd-ad.5.xml:714 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a service\" and \"Deny log on as a service\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:708 +#: sssd-ad.5.xml:727 #, no-wrap msgid "" "ad_gpo_map_service = +my_pam_service\n" @@ -11588,7 +11843,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:700 sssd-ad.5.xml:775 +#: sssd-ad.5.xml:719 sssd-ad.5.xml:794 msgid "" "It is possible to add a PAM service name to the default set by using <quote>" "+service_name</quote>. Since the default set is empty, it is not possible " @@ -11599,19 +11854,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:718 +#: sssd-ad.5.xml:737 msgid "ad_gpo_map_permit (string)" msgstr "ad_gpo_map_permit (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:721 +#: sssd-ad.5.xml:740 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always granted, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:735 +#: sssd-ad.5.xml:754 #, no-wrap msgid "" "ad_gpo_map_permit = +my_pam_service, -sudo\n" @@ -11619,7 +11874,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:726 +#: sssd-ad.5.xml:745 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -11631,29 +11886,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:743 +#: sssd-ad.5.xml:762 msgid "polkit-1" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:758 +#: sssd-ad.5.xml:777 msgid "systemd-user" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:767 +#: sssd-ad.5.xml:786 msgid "ad_gpo_map_deny (string)" msgstr "ad_gpo_map_deny (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:770 +#: sssd-ad.5.xml:789 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always denied, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:783 +#: sssd-ad.5.xml:802 #, no-wrap msgid "" "ad_gpo_map_deny = +my_pam_service\n" @@ -11661,12 +11916,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:793 +#: sssd-ad.5.xml:812 msgid "ad_gpo_default_right (string)" msgstr "ad_gpo_default_right (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:796 +#: sssd-ad.5.xml:815 msgid "" "This option defines how access control is evaluated for PAM service names " "that are not explicitly listed in one of the ad_gpo_map_* options. This " @@ -11679,57 +11934,57 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:809 +#: sssd-ad.5.xml:828 msgid "Supported values for this option include:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:813 +#: sssd-ad.5.xml:832 msgid "interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:818 +#: sssd-ad.5.xml:837 msgid "remote_interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:823 +#: sssd-ad.5.xml:842 msgid "network" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:828 +#: sssd-ad.5.xml:847 msgid "batch" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:833 +#: sssd-ad.5.xml:852 msgid "service" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:838 +#: sssd-ad.5.xml:857 msgid "permit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:843 +#: sssd-ad.5.xml:862 msgid "deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:849 +#: sssd-ad.5.xml:868 msgid "Default: deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:855 +#: sssd-ad.5.xml:874 msgid "ad_maximum_machine_account_password_age (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:858 +#: sssd-ad.5.xml:877 msgid "" "SSSD will check once a day if the machine account password is older than the " "given age in days and try to renew it. A value of 0 will disable the renewal " @@ -11737,17 +11992,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:864 +#: sssd-ad.5.xml:883 msgid "Default: 30 days" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:870 +#: sssd-ad.5.xml:889 msgid "ad_machine_account_password_renewal_opts (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:873 +#: sssd-ad.5.xml:892 msgid "" "This option should only be used to test the machine account renewal task. " "The option expects 2 integers separated by a colon (':'). The first integer " @@ -11757,12 +12012,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:882 +#: sssd-ad.5.xml:901 msgid "Default: 86400:750 (24h and 15m)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:891 +#: sssd-ad.5.xml:910 msgid "" "Optional. This option tells SSSD to automatically update the Active " "Directory DNS server with the IP address of this client. The update is " @@ -11780,19 +12035,19 @@ msgstr "" "<quote>dyndns_iface</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:921 +#: sssd-ad.5.xml:940 msgid "Default: 3600 (seconds)" msgstr "Par défaut : 3600 (secondes)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:937 +#: sssd-ad.5.xml:956 msgid "" "Default: Use the IP addresses of the interface which is used for AD LDAP " "connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:950 +#: sssd-ad.5.xml:969 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -11802,12 +12057,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:973 sss_rpcidmapd.5.xml:76 +#: sssd-ad.5.xml:992 sss_rpcidmapd.5.xml:76 msgid "Default: True" msgstr "Par défaut : True" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1080 +#: sssd-ad.5.xml:1099 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -11818,7 +12073,7 @@ msgstr "" "exemples montrent seulement les options spécifiques au fournisseur AD." #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1087 +#: sssd-ad.5.xml:1106 #, no-wrap msgid "" "[domain/EXAMPLE]\n" @@ -11842,7 +12097,7 @@ msgstr "" "ad_domain = example.com\n" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1107 +#: sssd-ad.5.xml:1126 #, no-wrap msgid "" "access_provider = ldap\n" @@ -11854,7 +12109,7 @@ msgstr "" "ldap_account_expire_policy = ad\n" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1103 +#: sssd-ad.5.xml:1122 msgid "" "The AD access control provider checks if the account is expired. It has the " "same effect as the following configuration of the LDAP provider: " @@ -11865,7 +12120,7 @@ msgstr "" "<placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1113 +#: sssd-ad.5.xml:1132 msgid "" "However, unless the <quote>ad</quote> access control provider is explicitly " "configured, the default access provider is <quote>permit</quote>. Please " @@ -11875,7 +12130,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1121 +#: sssd-ad.5.xml:1140 msgid "" "When the autofs provider is set to <quote>ad</quote>, the RFC2307 schema " "attribute mapping (nisMap, nisObject, ...) is used, because these attributes " @@ -12356,10 +12611,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd.8.xml:169 -#, fuzzy -#| msgid "<option>-c</option>,<option>--config</option>" msgid "<option>-g</option>,<option>--genconf</option>" -msgstr "<option>-c</option>,<option>--config</option>" +msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.8.xml:173 @@ -12370,10 +12623,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd.8.xml:181 -#, fuzzy -#| msgid "<option>-s</option>,<option>--stdin</option>" msgid "<option>-s</option>,<option>--genconf-section</option>" -msgstr "<option>-s</option>,<option>--stdin</option>" +msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.8.xml:185 @@ -13627,11 +13878,69 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-krb5.5.xml:505 +#, fuzzy +#| msgid "krb5_confd_path (string)" +msgid "krb5_kdcinfo_lookahead (string)" +msgstr "krb5_confd_path (chaîne)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:508 +#, fuzzy +#| msgid "" +#| "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" +#| "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for " +#| "more information on the locator plugin." +msgid "" +"When krb5_use_kdcinfo is set to true, you can limit the amount of servers " +"handed to <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" +"refentrytitle> <manvolnum>8</manvolnum> </citerefentry>. This might be " +"helpful when there are too many servers discovered using SRV record." +msgstr "" +"Consulter la page de manuel de <citerefentry> " +"<refentrytitle>sssd_krb5_locator_plugin</refentrytitle> <manvolnum>8</" +"manvolnum> </citerefentry> pour plus d'informations sur le greffon de " +"localisation." + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:518 +msgid "" +"The krb5_kdcinfo_lookahead option contains two numbers seperated by a colon. " +"The first number represents number of primary servers used and the second " +"number specifies the number of backup servers." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:524 +#, fuzzy +#| msgid "" +#| "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" +#| "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for " +#| "more information on the locator plugin." +msgid "" +"For example <emphasis>10:0</emphasis> means that up to 10 primary servers " +"will be handed to <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" +"refentrytitle> <manvolnum>8</manvolnum> </citerefentry>. but no backup " +"servers." +msgstr "" +"Consulter la page de manuel de <citerefentry> " +"<refentrytitle>sssd_krb5_locator_plugin</refentrytitle> <manvolnum>8</" +"manvolnum> </citerefentry> pour plus d'informations sur le greffon de " +"localisation." + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:533 +#, fuzzy +#| msgid "Default: 3" +msgid "Default: 3:1" +msgstr "Par défaut : 3" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-krb5.5.xml:539 msgid "krb5_use_enterprise_principal (boolean)" msgstr "krb5_use_enterprise_principal (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:508 +#: sssd-krb5.5.xml:542 msgid "" "Specifies if the user principal should be treated as enterprise principal. " "See section 5 of RFC 6806 for more details about enterprise principals." @@ -13641,12 +13950,12 @@ msgstr "" "principals d'entreprise." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:514 +#: sssd-krb5.5.xml:548 msgid "Default: false (AD provider: true)" msgstr "Par défaut : false (AD provider : true)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:517 +#: sssd-krb5.5.xml:551 msgid "" "The IPA provider will set to option to 'true' if it detects that the server " "is capable of handling enterprise principals and the option is not set " @@ -13654,12 +13963,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:526 +#: sssd-krb5.5.xml:560 msgid "krb5_map_user (string)" msgstr "krb5_map_user (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:529 +#: sssd-krb5.5.xml:563 msgid "" "The list of mappings is given as a comma-separated list of pairs " "<quote>username:primary</quote> where <quote>username</quote> is a UNIX user " @@ -13669,7 +13978,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-krb5.5.xml:541 +#: sssd-krb5.5.xml:575 #, no-wrap msgid "" "krb5_realm = REALM\n" @@ -13679,7 +13988,7 @@ msgstr "" "krb5_map_user = joe:juser,dick:richard\n" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:546 +#: sssd-krb5.5.xml:580 msgid "" "<quote>joe</quote> and <quote>dick</quote> are UNIX user names and " "<quote>juser</quote> and <quote>richard</quote> are primaries of kerberos " @@ -13705,7 +14014,7 @@ msgstr "" "\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:572 +#: sssd-krb5.5.xml:606 msgid "" "The following example assumes that SSSD is correctly configured and FOO is " "one of the domains in the <replaceable>[sssd]</replaceable> section. This " @@ -13718,7 +14027,7 @@ msgstr "" "et n'inclut aucun fournisseur d'identité." #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-krb5.5.xml:580 +#: sssd-krb5.5.xml:614 #, no-wrap msgid "" "[domain/FOO]\n" @@ -15060,22 +15369,14 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_ssh_knownhostsproxy.1.xml:89 -#, fuzzy -#| msgid "<option>-k</option>,<option>--kick</option>" msgid "<option>-k</option>,<option>--pubkey</option>" -msgstr "<option>-k</option>,<option>--kick</option>" +msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_ssh_knownhostsproxy.1.xml:93 -#, fuzzy -#| msgid "" -#| "Search for host public keys in SSSD domain <replaceable>DOMAIN</" -#| "replaceable>." msgid "" "Print the host ssh public keys for host <replaceable>HOST</replaceable>." msgstr "" -"Rechercher les clés publiques dans le domaine SSSD <replaceable>DOMAINE</" -"replaceable> hôte." #. type: Content of: <reference><refentry><refnamediv><refname> #: idmap_sss.8.xml:10 idmap_sss.8.xml:15 @@ -15226,22 +15527,12 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-files.5.xml:58 -#, fuzzy -#| msgid "" -#| "The skeleton directory, which contains files and directories to be copied " -#| "in the user's home directory, when the home directory is created by " -#| "<citerefentry> <refentrytitle>sss_useradd</refentrytitle> <manvolnum>8</" -#| "manvolnum> </citerefentry>" msgid "" "Please note that some distributions enable the files domain automatically, " "prepending the domain before any explicitly configured domains. See " "enable_files_domain in <citerefentry> <refentrytitle>sssd.conf</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry>." msgstr "" -"Le répertoire squelette contenant les fichiers et répertoires à copier dans " -"le répertoire personnel de l'utilisateur une fois ce répertoire créé par " -"<citerefentry> <refentrytitle>sss_useradd</refentrytitle> <manvolnum>8</" -"manvolnum> </citerefentry>" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-files.5.xml:67 @@ -18028,21 +18319,13 @@ msgstr "" #. type: Content of: <refsect1><refsect2><title> #: include/ad_modified_defaults.xml:80 -#, fuzzy -#| msgid "NSS configuration options" msgid "NSS configuration" -msgstr "Options de configuration NSS" +msgstr "" #. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> #: include/ad_modified_defaults.xml:84 -#, fuzzy -#| msgid "" -#| "fallback_homedir = /home/%u\n" -#| " " msgid "fallback_homedir = /home/%d/%u" msgstr "" -"fallback_homedir = /home/%u\n" -" " #. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> #: include/ad_modified_defaults.xml:87 @@ -18158,113 +18441,7 @@ msgid "ldap_group_external_member = ipaExternalMember" msgstr "" #~ msgid "" -#~ "PLEASE NOTE: the support for non-unique named subpatterns is not " -#~ "available on all platforms (e.g. RHEL5 and SLES10). Only platforms with " -#~ "libpcre version 7 or higher can support non-unique named subpatterns." -#~ msgstr "" -#~ "REMARQUE : la prise en charge de sous-motifs nommés multiples n'est pas " -#~ "disponible sur certaines plates-formes (par exemple, RHEL5 et SLES10). " -#~ "Seules les plates-formes avec libpcre version 7 ou supérieure peuvent " -#~ "prendre en charge les sous-motifs nommés multiples." - -#~ msgid "" -#~ "PLEASE NOTE ALSO: older version of libpcre only support the Python syntax " -#~ "(?P<name>) to label subpatterns." -#~ msgstr "" -#~ "REMARQUE ADDITIONNELLE : les anciennes versions de libpcre ne supportent " -#~ "que la syntaxe Python (?P<name>) pour nommer les sous-motifs." - -#~ msgid "ldap_groups_use_matching_rule_in_chain" -#~ msgstr "ldap_groups_use_matching_rule_in_chain" - -#~ msgid "" -#~ "This option tells SSSD to take advantage of an Active Directory-specific " -#~ "feature which may speed up group lookup operations on deployments with " -#~ "complex or deep nested groups." -#~ msgstr "" -#~ "Cette option indique à SSSD de tirer parti d'une fonctionnalité Active " -#~ "Directory spécifique qui peut accélérer les opérations de recherche de " -#~ "groupe sur les déploiements utilisant des groupes profondément imbriqués " -#~ "et complexes." - -#~ msgid "" -#~ "In most common cases, it is best to leave this option disabled. It " -#~ "generally only provides a performance increase on very complex nestings." -#~ msgstr "" -#~ "Dans la plupart des cas, il est préférable de laisser cette option " -#~ "désactivée. Elle ne fournit une augmentation des performances que sur les " -#~ "imbrications très complexes." - -#~ msgid "" -#~ "If this option is enabled, SSSD will use it if it detects that the server " -#~ "supports it during initial connection. So \"True\" here essentially means " -#~ "\"auto-detect\"." -#~ msgstr "" -#~ "Si cette option est activée, SSSD l'utilisera s'il détecte que le serveur " -#~ "la prend en charge au cours de la connexion initiale. Ainsi, « true » " -#~ "signifie essentiellement « auto-detect »." - -#~ msgid "" -#~ "Note: This feature is currently known to work only with Active Directory " -#~ "2008 R1 and later. See <ulink url=\"http://msdn.microsoft.com/en-us/" -#~ "library/windows/desktop/aa746475%28v=vs.85%29.aspx\"> MSDN(TM) " -#~ "documentation</ulink> for more details." -#~ msgstr "" -#~ "Remarque : Cette fonctionnalité fonctionne uniquement avec Active " -#~ "Directory 2008 R1 et versions suivantes. Consulter <ulink url=\"http://" -#~ "msdn.microsoft.com/en-us/library/windows/desktop/aa746475%28v=vs.85%29." -#~ "aspx\">la documentation de MSDN(TM)</ulink> pour plus de détails." - -#~ msgid "ldap_initgroups_use_matching_rule_in_chain" -#~ msgstr "ldap_initgroups_use_matching_rule_in_chain" - -#~ msgid "" -#~ "This option tells SSSD to take advantage of an Active Directory-specific " -#~ "feature which might speed up initgroups operations (most notably when " -#~ "dealing with complex or deep nested groups)." -#~ msgstr "" -#~ "Cette option indique à SSSD de tirer parti d'une fonctionnalité Active " -#~ "Directory spécifique qui peut accélérer les opérations initgroups (le " -#~ "plus souvent lors de l'utilisation de groupes profondément imbriqués ou " -#~ "complexes)." - -#~ msgid "" -#~ "The Kerberos locator plugin <command>sssd_krb5_locator_plugin</command> " -#~ "is used by the Kerberos provider of <citerefentry> <refentrytitle>sssd</" -#~ "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> to tell the " -#~ "Kerberos libraries what Realm and which KDC to use. Typically this is " -#~ "done in <citerefentry> <refentrytitle>krb5.conf</refentrytitle> " -#~ "<manvolnum>5</manvolnum> </citerefentry> which is always read by the " -#~ "Kerberos libraries. To simplify the configuration the Realm and the KDC " -#~ "can be defined in <citerefentry> <refentrytitle>sssd.conf</refentrytitle> " -#~ "<manvolnum>5</manvolnum> </citerefentry> as described in <citerefentry> " -#~ "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" -#~ "citerefentry>" -#~ msgstr "" -#~ "Le greffon de localisation Kerberos <command>sssd_krb5_locator_plugin</" -#~ "command> est utilisé par le fournisseur Kerberos de " -#~ "<citerefentry><refentrytitle>sssd</refentrytitle> <manvolnum>8</" -#~ "manvolnum></citerefentry> pour indiquer aux bibliothèques Kerberos quel " -#~ "domaine et quel KDC à utiliser. En général, cela se fait en " -#~ "<citerefentry><refentrytitle>krb5.conf</refentrytitle> <manvolnum>5</" -#~ "manvolnum></citerefentry> qui est toujours lu par les bibliothèques de " -#~ "Kerberos. Pour simplifier la configuration, le Domaine et le KDC peuvent " -#~ "être définis dans <citerefentry><refentrytitle>sssd.conf</refentrytitle> " -#~ "<manvolnum>5</manvolnum></citerefentry> comme indiqué dans " -#~ "<citerefentry><refentrytitle>sssd-krb5.conf</refentrytitle> <manvolnum>5</" -#~ "manvolnum></citerefentry>" - -#~ msgid "" -#~ "<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</" -#~ "manvolnum> </citerefentry> puts the Realm and the name or IP address of " -#~ "the KDC into the environment variables SSSD_KRB5_REALM and SSSD_KRB5_KDC " -#~ "respectively. When <command>sssd_krb5_locator_plugin</command> is called " -#~ "by the kerberos libraries it reads and evaluates these variables and " -#~ "returns them to the libraries." +#~ "You can turn off dereference lookups completely by setting the value to 0." #~ msgstr "" -#~ "<citerefentry><refentrytitle>SSSD</refentrytitle> <manvolnum>8</" -#~ "manvolnum></citerefentry> met le nom de domaine et le nom ou adresse IP " -#~ "du KDC dans les variables d'environnement SSSD_KRB5_REALM et " -#~ "SSSD_KRB5_KDC respectivement. Lorsque <command>sssd_krb5_locator_plugin</" -#~ "command> est appelé par les bibliothèques de kerberos, il lit et évalue " -#~ "ces variables et les transmet aux bibliothèques." +#~ "Vous pouvez désactiver complètement les recherches de déréférencement en " +#~ "affectant la valeur 0." diff --git a/src/man/po/ja.po b/src/man/po/ja.po index 1b6e0873278..79827a44b39 100644 --- a/src/man/po/ja.po +++ b/src/man/po/ja.po @@ -6,13 +6,14 @@ # Tadashi Jokagi <elf@poyo.jp>, 2012 # Tomoyuki KATO <tomo@dream.daynight.jp>, 2012-2013 # carrotsoft <www.carrotsoft@gmail.com>, 2012 +# Keiko Moriguchi <kemorigu@redhat.com>, 2019. #zanata msgid "" msgstr "" -"Project-Id-Version: sssd-docs 1.16.2\n" +"Project-Id-Version: sssd-docs 2.0.99\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2019-02-27 19:54+0100\n" -"PO-Revision-Date: 2014-12-14 11:59+0000\n" -"Last-Translator: Copied by Zanata <copied-by-zanata@zanata.org>\n" +"POT-Creation-Date: 2019-06-13 20:34+0200\n" +"PO-Revision-Date: 2019-05-28 11:45+0000\n" +"Last-Translator: Keiko Moriguchi <kemorigu@redhat.com>\n" "Language-Team: Japanese (http://www.transifex.com/projects/p/sssd/language/" "ja/)\n" "Language: ja\n" @@ -319,11 +320,11 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:133 sssd.conf.5.xml:579 sssd.conf.5.xml:875 -#: sssd.conf.5.xml:1648 sssd.conf.5.xml:1678 sssd-ldap.5.xml:1792 -#: sssd-ldap.5.xml:1889 sssd-ldap.5.xml:1951 sssd-ldap.5.xml:2517 -#: sssd-ldap.5.xml:2582 sssd-ipa.5.xml:326 sssd-ad.5.xml:227 sssd-ad.5.xml:341 -#: sssd-ad.5.xml:907 sssd-ad.5.xml:1040 sssd-krb5.5.xml:499 +#: sssd.conf.5.xml:133 sssd.conf.5.xml:579 sssd.conf.5.xml:876 +#: sssd.conf.5.xml:1649 sssd.conf.5.xml:1679 sssd-ldap.5.xml:1849 +#: sssd-ldap.5.xml:1947 sssd-ldap.5.xml:2009 sssd-ldap.5.xml:2586 +#: sssd-ldap.5.xml:2651 sssd-ipa.5.xml:326 sssd-ad.5.xml:227 sssd-ad.5.xml:341 +#: sssd-ad.5.xml:926 sssd-ad.5.xml:1059 sssd-krb5.5.xml:499 #: sssd-secrets.5.xml:351 sssd-secrets.5.xml:364 msgid "Default: true" msgstr "初期値: true" @@ -342,16 +343,16 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:146 sssd.conf.5.xml:576 sssd.conf.5.xml:758 -#: sssd.conf.5.xml:1581 sssd.conf.5.xml:3140 sssd-ldap.5.xml:708 -#: sssd-ldap.5.xml:1655 sssd-ldap.5.xml:1674 sssd-ldap.5.xml:1861 -#: sssd-ldap.5.xml:2287 sssd-ldap.5.xml:2606 sssd-ipa.5.xml:151 +#: sssd.conf.5.xml:1582 sssd.conf.5.xml:3207 sssd-ldap.5.xml:746 +#: sssd-ldap.5.xml:1700 sssd-ldap.5.xml:1719 sssd-ldap.5.xml:1919 +#: sssd-ldap.5.xml:2345 sssd-ldap.5.xml:2675 sssd-ipa.5.xml:151 #: sssd-ipa.5.xml:238 sssd-ipa.5.xml:574 sssd-krb5.5.xml:266 #: sssd-krb5.5.xml:300 sssd-krb5.5.xml:471 msgid "Default: false" msgstr "初期値: false" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:2325 +#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:2383 #: sssd-systemtap.5.xml:82 sssd-systemtap.5.xml:143 sssd-systemtap.5.xml:210 #: sssd-systemtap.5.xml:248 sssd-systemtap.5.xml:304 msgid "<placeholder type=\"variablelist\" id=\"0\"/>" @@ -376,8 +377,8 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:169 sssd.conf.5.xml:1412 sssd.conf.5.xml:3156 -#: sssd-ldap.5.xml:1526 include/ldap_id_mapping.xml:264 +#: sssd.conf.5.xml:169 sssd.conf.5.xml:1413 sssd.conf.5.xml:3223 +#: sssd-ldap.5.xml:1571 include/ldap_id_mapping.xml:264 msgid "Default: 10" msgstr "初期値: 10" @@ -392,7 +393,7 @@ msgid "The [sssd] section" msgstr "[sssd] セクション" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:191 sssd.conf.5.xml:3245 +#: sssd.conf.5.xml:191 sssd.conf.5.xml:3312 msgid "Section parameters" msgstr "セクションのパラメーター" @@ -476,7 +477,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:259 sssd.conf.5.xml:2754 +#: sssd.conf.5.xml:259 sssd.conf.5.xml:2755 msgid "re_expression (string)" msgstr "re_expression (文字列)" @@ -496,12 +497,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:276 sssd.conf.5.xml:2802 +#: sssd.conf.5.xml:276 sssd.conf.5.xml:2803 msgid "full_name_format (string)" msgstr "full_name_format (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:279 sssd.conf.5.xml:2805 +#: sssd.conf.5.xml:279 sssd.conf.5.xml:2806 msgid "" "A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" "manvolnum> </citerefentry>-compatible format that describes how to compose a " @@ -512,39 +513,39 @@ msgstr "" "manvolnum> </citerefentry> 互換形式。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:290 sssd.conf.5.xml:2816 +#: sssd.conf.5.xml:290 sssd.conf.5.xml:2817 msgid "%1$s" msgstr "%1$s" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:291 sssd.conf.5.xml:2817 +#: sssd.conf.5.xml:291 sssd.conf.5.xml:2818 msgid "user name" msgstr "ユーザー名" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:294 sssd.conf.5.xml:2820 +#: sssd.conf.5.xml:294 sssd.conf.5.xml:2821 msgid "%2$s" msgstr "%2$s" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:297 sssd.conf.5.xml:2823 +#: sssd.conf.5.xml:297 sssd.conf.5.xml:2824 msgid "domain name as specified in the SSSD config file." msgstr "SSSD 設定ファイルにおいて指定されるドメイン名。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:303 sssd.conf.5.xml:2829 +#: sssd.conf.5.xml:303 sssd.conf.5.xml:2830 msgid "%3$s" msgstr "%3$s" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:306 sssd.conf.5.xml:2832 +#: sssd.conf.5.xml:306 sssd.conf.5.xml:2833 msgid "" "domain flat name. Mostly usable for Active Directory domains, both directly " "configured or discovered via IPA trusts." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:287 sssd.conf.5.xml:2813 +#: sssd.conf.5.xml:287 sssd.conf.5.xml:2814 msgid "" "The following expansions are supported: <placeholder type=\"variablelist\" " "id=\"0\"/>" @@ -687,10 +688,10 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:418 sssd.conf.5.xml:1201 sssd-ldap.5.xml:679 -#: sssd-ldap.5.xml:1260 sssd-ldap.5.xml:1614 sssd-ldap.5.xml:1626 -#: sssd-ldap.5.xml:1708 sssd-ad.5.xml:712 sssd-ad.5.xml:787 sssd.8.xml:126 -#: sssd-krb5.5.xml:410 sssd-krb5.5.xml:556 sssd-secrets.5.xml:339 +#: sssd.conf.5.xml:418 sssd.conf.5.xml:1202 sssd-ldap.5.xml:717 +#: sssd-ldap.5.xml:1298 sssd-ldap.5.xml:1659 sssd-ldap.5.xml:1671 +#: sssd-ldap.5.xml:1763 sssd-ad.5.xml:731 sssd-ad.5.xml:806 sssd.8.xml:126 +#: sssd-krb5.5.xml:410 sssd-krb5.5.xml:590 sssd-secrets.5.xml:339 #: sssd-secrets.5.xml:377 sssd-secrets.5.xml:390 sssd-secrets.5.xml:404 #: sssd-secrets.5.xml:415 include/ldap_id_mapping.xml:205 #: include/ldap_id_mapping.xml:216 @@ -808,37 +809,21 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:509 -#, fuzzy -#| msgid "" -#| "<quote>ipa</quote> to load maps stored in an IPA server. See " -#| "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" -#| "manvolnum> </citerefentry> for more information on configuring IPA." msgid "" "(NSS Version) This option is ignored, please see <citerefentry> " "<refentrytitle>crlutil</refentrytitle> <manvolnum>1</manvolnum> </" "citerefentry> how to import a Certificate Revocation List (CRL) into a NSS " "database." msgstr "" -"<quote>ipa</quote> は IPA サーバーに保存されているマップを読み込みます。IPA " -"の設定に関する詳細は <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " -"<manvolnum>5</manvolnum> </citerefentry> を参照してください。" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:518 -#, fuzzy -#| msgid "" -#| "Please refer to the <quote>dns_discovery_domain</quote> parameter in the " -#| "<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -#| "manvolnum> </citerefentry> manual page for more details." msgid "" "(OpenSSL Version) Use the Certificate Revocation List (CRL) from the given " "file during the verification of the certificate. The CRL must be given in " "PEM format, see <citerefentry> <refentrytitle>crl</refentrytitle> " "<manvolnum>1ssl</manvolnum> </citerefentry> for details." msgstr "" -"詳細は <citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> マニュアルページにある " -"<quote>dns_discovery_domain</quote> パラメーターを参照してください。" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:451 @@ -849,12 +834,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:533 sssd.conf.5.xml:1397 sssd.conf.5.xml:1703 +#: sssd.conf.5.xml:533 sssd.conf.5.xml:1398 sssd.conf.5.xml:1704 msgid "This man page was generated for the NSS version." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:536 sssd.conf.5.xml:1400 sssd.conf.5.xml:1706 +#: sssd.conf.5.xml:536 sssd.conf.5.xml:1401 sssd.conf.5.xml:1707 msgid "This man page was generated for the OpenSSL version." msgstr "" @@ -938,7 +923,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:624 sssd.conf.5.xml:1424 sssd.conf.5.xml:3206 +#: sssd.conf.5.xml:624 sssd.conf.5.xml:1425 sssd.conf.5.xml:3273 #: sssd-ad.5.xml:164 sssd-ad.5.xml:302 sssd-ad.5.xml:316 msgid "Default: Not set" msgstr "" @@ -1022,8 +1007,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:692 sssd.conf.5.xml:724 sssd.conf.5.xml:1006 -#: sssd.conf.5.xml:1267 sssd.conf.5.xml:1513 sssd-ldap.5.xml:1353 +#: sssd.conf.5.xml:692 sssd.conf.5.xml:724 sssd.conf.5.xml:1007 +#: sssd.conf.5.xml:1268 sssd.conf.5.xml:1514 sssd-ldap.5.xml:1391 msgid "Default: 60" msgstr "初期値: 60" @@ -1083,8 +1068,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:746 sssd.conf.5.xml:1019 sssd.conf.5.xml:1773 -#: sssd-ldap.5.xml:722 +#: sssd.conf.5.xml:746 sssd.conf.5.xml:1020 sssd.conf.5.xml:1774 +#: sssd-ldap.5.xml:760 msgid "Default: 300" msgstr "初期値: 300" @@ -1177,7 +1162,7 @@ msgstr "" "(0 はこの機能を無効にします)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:812 sssd.conf.5.xml:1602 +#: sssd.conf.5.xml:812 sssd.conf.5.xml:1603 msgid "Default: 50" msgstr "初期値: 50" @@ -1198,7 +1183,7 @@ msgstr "" "せ)をキャッシュする秒数を指定します。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:826 sssd.conf.5.xml:1626 +#: sssd.conf.5.xml:826 sssd.conf.5.xml:1627 msgid "Default: 15" msgstr "初期値: 15" @@ -1231,11 +1216,11 @@ msgid "" "Exclude certain users or groups from being fetched from the sss NSS " "database. This is particularly useful for system accounts. This option can " "also be set per-domain or include fully-qualified names to filter only users " -"from the particular domain." +"from the particular domain or by a user principal name (UPN)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:855 +#: sssd.conf.5.xml:856 msgid "" "NOTE: The filter_groups option doesn't affect inheritance of nested group " "members, since filtering happens after they are propagated for returning via " @@ -1244,17 +1229,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:863 +#: sssd.conf.5.xml:864 msgid "Default: root" msgstr "初期値: root" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:868 +#: sssd.conf.5.xml:869 msgid "filter_users_in_groups (bool)" msgstr "filter_users_in_groups (論理値)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:871 +#: sssd.conf.5.xml:872 msgid "" "If you want filtered user still be group members set this option to false." msgstr "" @@ -1262,12 +1247,12 @@ msgstr "" "ションを偽に設定します。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:882 +#: sssd.conf.5.xml:883 msgid "fallback_homedir (string)" msgstr "fallback_homedir (文字列)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:885 +#: sssd.conf.5.xml:886 msgid "" "Set a default template for a user's home directory if one is not specified " "explicitly by the domain's data provider." @@ -1276,7 +1261,7 @@ msgstr "" "ホームディレクトリーの標準テンプレートを設定します。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:890 +#: sssd.conf.5.xml:891 msgid "" "The available values for this option are the same as for override_homedir." msgstr "" @@ -1284,7 +1269,7 @@ msgstr "" "同じです。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:896 +#: sssd.conf.5.xml:897 #, no-wrap msgid "" "fallback_homedir = /home/%u\n" @@ -1294,23 +1279,23 @@ msgstr "" " " #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:894 sssd.conf.5.xml:1334 sssd.conf.5.xml:1353 -#: sssd-krb5.5.xml:539 include/override_homedir.xml:59 +#: sssd.conf.5.xml:895 sssd.conf.5.xml:1335 sssd.conf.5.xml:1354 +#: sssd-krb5.5.xml:573 include/override_homedir.xml:59 msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "例: <placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:900 +#: sssd.conf.5.xml:901 msgid "Default: not set (no substitution for unset home directories)" msgstr "初期値: 設定なし (ホームディレクトリーの設定がない場合は代替なし)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:906 +#: sssd.conf.5.xml:907 msgid "override_shell (string)" msgstr "override_shell (文字列)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:909 +#: sssd.conf.5.xml:910 msgid "" "Override the login shell for all users. This option supersedes any other " "shell options if it takes effect and can be set either in the [nss] section " @@ -1318,17 +1303,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:915 +#: sssd.conf.5.xml:916 msgid "Default: not set (SSSD will use the value retrieved from LDAP)" msgstr "初期値: 設定なし (SSSD は LDAP から取得された値を使用します)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:921 +#: sssd.conf.5.xml:922 msgid "allowed_shells (string)" msgstr "allowed_shells (文字列)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:924 +#: sssd.conf.5.xml:925 msgid "" "Restrict user shell to one of the listed values. The order of evaluation is:" msgstr "" @@ -1336,13 +1321,13 @@ msgstr "" "す:" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:927 +#: sssd.conf.5.xml:928 msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used." msgstr "" "1. シェルが <quote>/etc/shells</quote> に存在すると、それが使用されます。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:931 +#: sssd.conf.5.xml:932 msgid "" "2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</" "quote>, use the value of the shell_fallback parameter." @@ -1351,7 +1336,7 @@ msgstr "" "ば、shell_fallback パラメーターの値を使用します。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:936 +#: sssd.conf.5.xml:937 msgid "" "3. If the shell is not in the allowed_shells list and not in <quote>/etc/" "shells</quote>, a nologin shell is used." @@ -1360,12 +1345,12 @@ msgstr "" "ば、nologin シェルが使用されます。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:941 +#: sssd.conf.5.xml:942 msgid "The wildcard (*) can be used to allow any shell." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:944 +#: sssd.conf.5.xml:945 msgid "" "The (*) is useful if you want to use shell_fallback in case that user's " "shell is not in <quote>/etc/shells</quote> and maintaining list of all " @@ -1373,12 +1358,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:951 +#: sssd.conf.5.xml:952 msgid "An empty string for shell is passed as-is to libc." msgstr "シェルの空文字列は libc にそのまま渡されます。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:954 +#: sssd.conf.5.xml:955 msgid "" "The <quote>/etc/shells</quote> is only read on SSSD start up, which means " "that a restart of the SSSD is required in case a new shell is installed." @@ -1388,27 +1373,27 @@ msgstr "" "ます。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:958 +#: sssd.conf.5.xml:959 msgid "Default: Not set. The user shell is automatically used." msgstr "初期値: 設定されません。ユーザーシェルが自動的に使用されます。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:963 +#: sssd.conf.5.xml:964 msgid "vetoed_shells (string)" msgstr "vetoed_shells (文字列)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:966 +#: sssd.conf.5.xml:967 msgid "Replace any instance of these shells with the shell_fallback" msgstr "これらのシェルのインスタンスをすべて shell_fallback に置き換えます" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:971 +#: sssd.conf.5.xml:972 msgid "shell_fallback (string)" msgstr "shell_fallback (文字列)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:974 +#: sssd.conf.5.xml:975 msgid "" "The default shell to use if an allowed shell is not installed on the machine." msgstr "" @@ -1416,74 +1401,74 @@ msgstr "" "す。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:978 +#: sssd.conf.5.xml:979 msgid "Default: /bin/sh" msgstr "初期値: /bin/sh" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:983 +#: sssd.conf.5.xml:984 msgid "default_shell" msgstr "default_shell" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:986 +#: sssd.conf.5.xml:987 msgid "" "The default shell to use if the provider does not return one during lookup. " "This option can be specified globally in the [nss] section or per-domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:992 +#: sssd.conf.5.xml:993 msgid "" "Default: not set (Return NULL if no shell is specified and rely on libc to " "substitute something sensible when necessary, usually /bin/sh)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:999 sssd.conf.5.xml:1260 +#: sssd.conf.5.xml:1000 sssd.conf.5.xml:1261 msgid "get_domains_timeout (int)" msgstr "get_domains_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1002 sssd.conf.5.xml:1263 +#: sssd.conf.5.xml:1003 sssd.conf.5.xml:1264 msgid "" "Specifies time in seconds for which the list of subdomains will be " "considered valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1011 +#: sssd.conf.5.xml:1012 msgid "memcache_timeout (int)" msgstr "memcache_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1014 +#: sssd.conf.5.xml:1015 msgid "" "Specifies time in seconds for which records in the in-memory cache will be " "valid. Setting this option to zero will disable the in-memory cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1022 +#: sssd.conf.5.xml:1023 msgid "" "WARNING: Disabling the in-memory cache will have significant negative impact " "on SSSD's performance and should only be used for testing." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1028 +#: sssd.conf.5.xml:1029 msgid "" "NOTE: If the environment variable SSS_NSS_USE_MEMCACHE is set to \"NO\", " "client applications will not use the fast in-memory cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1036 sssd-ifp.5.xml:74 +#: sssd.conf.5.xml:1037 sssd-ifp.5.xml:74 msgid "user_attributes (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1039 +#: sssd.conf.5.xml:1040 msgid "" "Some of the additional NSS responder requests can return more attributes " "than just the POSIX ones defined by the NSS interface. The list of " @@ -1494,48 +1479,48 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1052 +#: sssd.conf.5.xml:1053 msgid "" "To make configuration more easy the NSS responder will check the InfoPipe " "option if it is not set for the NSS responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1057 +#: sssd.conf.5.xml:1058 msgid "Default: not set, fallback to InfoPipe option" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1062 +#: sssd.conf.5.xml:1063 msgid "pwfield (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1065 +#: sssd.conf.5.xml:1066 msgid "" "The value that NSS operations that return users or groups will return for " "the <quote>password</quote> field." msgstr "" #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:1070 include/override_homedir.xml:56 +#: sssd.conf.5.xml:1071 include/override_homedir.xml:56 msgid "This option can also be set per-domain." msgstr "このオプションはドメインごとに設定できます。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1073 +#: sssd.conf.5.xml:1074 msgid "" "Default: <quote>*</quote> (remote domains) or <quote>x</quote> (the files " "domain)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1081 +#: sssd.conf.5.xml:1082 msgid "PAM configuration options" msgstr "PAM 設定オプション" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1083 +#: sssd.conf.5.xml:1084 msgid "" "These options can be used to configure the Pluggable Authentication Module " "(PAM) service." @@ -1544,12 +1529,12 @@ msgstr "" "ために使用できます。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1088 +#: sssd.conf.5.xml:1089 msgid "offline_credentials_expiration (integer)" msgstr "offline_credentials_expiration (整数)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1091 +#: sssd.conf.5.xml:1092 msgid "" "If the authentication provider is offline, how long should we allow cached " "logins (in days since the last successful online login)." @@ -1558,17 +1543,17 @@ msgstr "" "ラインログインの最終成功からの日数)です。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1096 sssd.conf.5.xml:1109 +#: sssd.conf.5.xml:1097 sssd.conf.5.xml:1110 msgid "Default: 0 (No limit)" msgstr "初期値: 0 (無制限)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1102 +#: sssd.conf.5.xml:1103 msgid "offline_failed_login_attempts (integer)" msgstr "offline_failed_login_attempts (整数)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1105 +#: sssd.conf.5.xml:1106 msgid "" "If the authentication provider is offline, how many failed login attempts " "are allowed." @@ -1576,12 +1561,12 @@ msgstr "" "認証プロバイダーがオフラインの場合、ログイン試行の失敗が許容される回数です。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1115 +#: sssd.conf.5.xml:1116 msgid "offline_failed_login_delay (integer)" msgstr "offline_failed_login_delay (整数)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1118 +#: sssd.conf.5.xml:1119 msgid "" "The time in minutes which has to pass after offline_failed_login_attempts " "has been reached before a new login attempt is possible." @@ -1590,7 +1575,7 @@ msgstr "" "渡される分単位の時間です。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1123 +#: sssd.conf.5.xml:1124 msgid "" "If set to 0 the user cannot authenticate offline if " "offline_failed_login_attempts has been reached. Only a successful online " @@ -1601,17 +1586,17 @@ msgstr "" "効にできます。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1129 sssd.conf.5.xml:1227 +#: sssd.conf.5.xml:1130 sssd.conf.5.xml:1228 msgid "Default: 5" msgstr "初期値: 5" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1135 +#: sssd.conf.5.xml:1136 msgid "pam_verbosity (integer)" msgstr "pam_verbosity (整数)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1138 +#: sssd.conf.5.xml:1139 msgid "" "Controls what kind of messages are shown to the user during authentication. " "The higher the number to more messages are displayed." @@ -1620,42 +1605,42 @@ msgstr "" "きいほどメッセージが表示されます。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1143 +#: sssd.conf.5.xml:1144 msgid "Currently sssd supports the following values:" msgstr "現在 sssd は以下の値をサポートします:" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1146 +#: sssd.conf.5.xml:1147 msgid "<emphasis>0</emphasis>: do not show any message" msgstr "<emphasis>0</emphasis>: 何もメッセージを表示しない" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1149 +#: sssd.conf.5.xml:1150 msgid "<emphasis>1</emphasis>: show only important messages" msgstr "<emphasis>1</emphasis>: 重要なメッセージのみを表示する" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1153 +#: sssd.conf.5.xml:1154 msgid "<emphasis>2</emphasis>: show informational messages" msgstr "<emphasis>2</emphasis>: 情報レベルのメッセージを表示する" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1156 +#: sssd.conf.5.xml:1157 msgid "<emphasis>3</emphasis>: show all messages and debug information" msgstr "<emphasis>3</emphasis>: すべてのメッセージとデバッグ情報を表示する" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1160 sssd.8.xml:63 +#: sssd.conf.5.xml:1161 sssd.8.xml:63 msgid "Default: 1" msgstr "初期値: 1" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1166 +#: sssd.conf.5.xml:1167 msgid "pam_response_filter (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1169 +#: sssd.conf.5.xml:1170 msgid "" "A comma separated list of strings which allows to remove (filter) data sent " "by the PAM responder to pam_sss PAM module. There are different kind of " @@ -1664,61 +1649,61 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1177 +#: sssd.conf.5.xml:1178 msgid "" "While messages already can be controlled with the help of the pam_verbosity " "option this option allows to filter out other kind of responses as well." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1184 +#: sssd.conf.5.xml:1185 msgid "ENV" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1185 +#: sssd.conf.5.xml:1186 msgid "Do not send any environment variables to any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1188 +#: sssd.conf.5.xml:1189 msgid "ENV:var_name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1189 +#: sssd.conf.5.xml:1190 msgid "Do not send environment variable var_name to any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1193 +#: sssd.conf.5.xml:1194 msgid "ENV:var_name:service" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1194 +#: sssd.conf.5.xml:1195 msgid "Do not send environment variable var_name to service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1182 +#: sssd.conf.5.xml:1183 msgid "" "Currently the following filters are supported: <placeholder type=" "\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1204 +#: sssd.conf.5.xml:1205 msgid "Example: ENV:KRB5CCNAME:sudo-i" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1210 +#: sssd.conf.5.xml:1211 msgid "pam_id_timeout (integer)" msgstr "pam_id_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1213 +#: sssd.conf.5.xml:1214 msgid "" "For any PAM request while SSSD is online, the SSSD will attempt to " "immediately update the cached identity information for the user in order to " @@ -1728,7 +1713,7 @@ msgstr "" "されるよう、SSSD は直ちにキャッシュされた識別情報を更新しようとします。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1219 +#: sssd.conf.5.xml:1220 msgid "" "A complete PAM conversation may perform multiple PAM requests, such as " "account management and session opening. This option controls (on a per-" @@ -1741,17 +1726,17 @@ msgstr "" "アプリケーションごとに)制御します。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1233 +#: sssd.conf.5.xml:1234 msgid "pam_pwd_expiration_warning (integer)" msgstr "pam_pwd_expiration_warning (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1236 sssd.conf.5.xml:2235 +#: sssd.conf.5.xml:1237 sssd.conf.5.xml:2236 msgid "Display a warning N days before the password expires." msgstr "パスワードの期限が切れる前に N 日間警告を表示します。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1239 +#: sssd.conf.5.xml:1240 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -1761,31 +1746,31 @@ msgstr "" "ことに注意してください。この情報がなければ、sssd は警告を表示します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1245 sssd.conf.5.xml:2238 +#: sssd.conf.5.xml:1246 sssd.conf.5.xml:2239 msgid "" "If zero is set, then this filter is not applied, i.e. if the expiration " "warning was received from backend server, it will automatically be displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1250 +#: sssd.conf.5.xml:1251 msgid "" "This setting can be overridden by setting <emphasis>pwd_expiration_warning</" "emphasis> for a particular domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1255 sssd.conf.5.xml:3061 sssd.8.xml:79 +#: sssd.conf.5.xml:1256 sssd.conf.5.xml:3069 sssd.8.xml:79 msgid "Default: 0" msgstr "初期値: 0" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1272 +#: sssd.conf.5.xml:1273 msgid "pam_trusted_users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1275 +#: sssd.conf.5.xml:1276 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to run PAM conversations against trusted domains. Users not " @@ -1795,75 +1780,75 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1285 +#: sssd.conf.5.xml:1286 msgid "Default: All users are considered trusted by default" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1289 +#: sssd.conf.5.xml:1290 msgid "" "Please note that UID 0 is always allowed to access the PAM responder even in " "case it is not in the pam_trusted_users list." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1296 +#: sssd.conf.5.xml:1297 msgid "pam_public_domains (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1299 +#: sssd.conf.5.xml:1300 msgid "" "Specifies the comma-separated list of domain names that are accessible even " "to untrusted users." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1303 +#: sssd.conf.5.xml:1304 msgid "Two special values for pam_public_domains option are defined:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1307 +#: sssd.conf.5.xml:1308 msgid "" "all (Untrusted users are allowed to access all domains in PAM responder.)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1311 +#: sssd.conf.5.xml:1312 msgid "" "none (Untrusted users are not allowed to access any domains PAM in " "responder.)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1315 sssd.conf.5.xml:1340 sssd.conf.5.xml:1359 -#: sssd.conf.5.xml:1546 sssd.conf.5.xml:2032 sssd.conf.5.xml:2997 -#: sssd-ldap.5.xml:1920 +#: sssd.conf.5.xml:1316 sssd.conf.5.xml:1341 sssd.conf.5.xml:1360 +#: sssd.conf.5.xml:1547 sssd.conf.5.xml:2033 sssd.conf.5.xml:2998 +#: sssd-ldap.5.xml:1978 msgid "Default: none" msgstr "初期値: none" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1320 +#: sssd.conf.5.xml:1321 msgid "pam_account_expired_message (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1323 +#: sssd.conf.5.xml:1324 msgid "" "Allows a custom expiration message to be set, replacing the default " "'Permission denied' message." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1328 +#: sssd.conf.5.xml:1329 msgid "" "Note: Please be aware that message is only printed for the SSH service " "unless pam_verbosity is set to 3 (show all messages and debug information)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1336 +#: sssd.conf.5.xml:1337 #, no-wrap msgid "" "pam_account_expired_message = Account expired, please contact help desk.\n" @@ -1871,19 +1856,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1345 +#: sssd.conf.5.xml:1346 msgid "pam_account_locked_message (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1348 +#: sssd.conf.5.xml:1349 msgid "" "Allows a custom lockout message to be set, replacing the default 'Permission " "denied' message." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1355 +#: sssd.conf.5.xml:1356 #, no-wrap msgid "" "pam_account_locked_message = Account locked, please contact help desk.\n" @@ -1891,12 +1876,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1364 +#: sssd.conf.5.xml:1365 msgid "pam_cert_auth (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1367 +#: sssd.conf.5.xml:1368 msgid "" "Enable certificate based Smartcard authentication. Since this requires " "additional communication with the Smartcard which will delay the " @@ -1904,94 +1889,85 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1373 sssd.conf.5.xml:3090 sssd-ldap.5.xml:1455 -#: sssd-ldap.5.xml:1476 sssd-ldap.5.xml:1993 sssd-ad.5.xml:435 +#: sssd.conf.5.xml:1374 sssd-ldap.5.xml:1493 sssd-ldap.5.xml:1514 +#: sssd-ldap.5.xml:2051 sssd-ad.5.xml:435 sssd-ad.5.xml:453 #: include/ldap_id_mapping.xml:244 msgid "Default: False" msgstr "初期値: 偽" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1378 +#: sssd.conf.5.xml:1379 msgid "pam_cert_db_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1381 +#: sssd.conf.5.xml:1382 msgid "" "The path to the certificate database which contain the PKCS#11 modules to " "access the Smartcard." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1385 sssd.conf.5.xml:1691 sssd.conf.5.xml:3441 +#: sssd.conf.5.xml:1386 sssd.conf.5.xml:1692 sssd.conf.5.xml:3509 msgid "Default:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1387 sssd.conf.5.xml:1693 +#: sssd.conf.5.xml:1388 sssd.conf.5.xml:1694 msgid "/etc/pki/nssdb (NSS version, path to a NSS database)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1390 sssd.conf.5.xml:1696 +#: sssd.conf.5.xml:1391 sssd.conf.5.xml:1697 msgid "" "/etc/sssd/pki/sssd_auth_ca_db.pem (OpenSSL version, path to a file with " "trusted CA certificates in PEM format)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1405 +#: sssd.conf.5.xml:1406 msgid "p11_child_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1408 +#: sssd.conf.5.xml:1409 msgid "How many seconds will pam_sss wait for p11_child to finish." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1417 +#: sssd.conf.5.xml:1418 msgid "pam_app_services (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1420 +#: sssd.conf.5.xml:1421 msgid "" "Which PAM services are permitted to contact domains of type " "<quote>application</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1429 -#, fuzzy -#| msgid "ldap_page_size (integer)" +#: sssd.conf.5.xml:1430 msgid "pam_p11_allowed_services (integer)" -msgstr "ldap_page_size (整数)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1432 -#, fuzzy -#| msgid "Comma separated list of users who are allowed to log in." +#: sssd.conf.5.xml:1433 msgid "" "A comma-separated list of PAM service names for which it will be allowed to " "use Smartcards." -msgstr "ログインが許可されたユーザーのカンマ区切り一覧です。" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1447 -#, fuzzy, no-wrap -#| msgid "" -#| "fallback_homedir = /home/%u\n" -#| " " +#: sssd.conf.5.xml:1448 +#, no-wrap msgid "" "pam_p11_allowed_services = +my_pam_service, -login\n" " " msgstr "" -"fallback_homedir = /home/%u\n" -" " #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1436 +#: sssd.conf.5.xml:1437 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -2003,65 +1979,63 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1451 sssd-ad.5.xml:485 sssd-ad.5.xml:581 sssd-ad.5.xml:627 -#: sssd-ad.5.xml:673 sssd-ad.5.xml:739 +#: sssd.conf.5.xml:1452 sssd-ad.5.xml:504 sssd-ad.5.xml:600 sssd-ad.5.xml:646 +#: sssd-ad.5.xml:692 sssd-ad.5.xml:758 msgid "Default: the default set of PAM service names includes:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1456 sssd-ad.5.xml:489 +#: sssd.conf.5.xml:1457 sssd-ad.5.xml:508 msgid "login" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1461 sssd-ad.5.xml:494 +#: sssd.conf.5.xml:1462 sssd-ad.5.xml:513 msgid "su" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1466 sssd-ad.5.xml:499 +#: sssd.conf.5.xml:1467 sssd-ad.5.xml:518 msgid "su-l" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1471 sssd-ad.5.xml:514 +#: sssd.conf.5.xml:1472 sssd-ad.5.xml:533 msgid "gdm-smartcard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1476 sssd-ad.5.xml:509 +#: sssd.conf.5.xml:1477 sssd-ad.5.xml:528 msgid "gdm-password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1481 sssd-ad.5.xml:519 +#: sssd.conf.5.xml:1482 sssd-ad.5.xml:538 msgid "kdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1486 sssd-ad.5.xml:748 +#: sssd.conf.5.xml:1487 sssd-ad.5.xml:767 msgid "sudo" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1491 sssd-ad.5.xml:753 +#: sssd.conf.5.xml:1492 sssd-ad.5.xml:772 msgid "sudo-i" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1496 +#: sssd.conf.5.xml:1497 msgid "gnome-screensaver" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1504 -#, fuzzy -#| msgid "pam_id_timeout (integer)" +#: sssd.conf.5.xml:1505 msgid "p11_wait_for_card_timeout (integer)" -msgstr "pam_id_timeout (整数)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1507 +#: sssd.conf.5.xml:1508 msgid "" "If Smartcard authentication is required how many extra seconds in addition " "to p11_child_timeout should the PAM responder wait until a Smartcard is " @@ -2069,25 +2043,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1518 -#, fuzzy -#| msgid "ldap_sudo_ip (string)" +#: sssd.conf.5.xml:1519 msgid "p11_uri (string)" -msgstr "ldap_sudo_ip (文字列)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1521 +#: sssd.conf.5.xml:1522 msgid "" "PKCS#11 URI (see RFC-7512 for details) which can be used to restrict the " "selection of devices used for Smartcard authentication. By default SSSD's " "p11_child will search for a PKCS#11 slot (reader) where the 'removable' " "flags is set and read the certificates from the inserted token from the " -"first slot found. If multiple readers are connected p11_uri can be use to " +"first slot found. If multiple readers are connected p11_uri can be used to " "tell p11_child to use a specific reader." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1534 +#: sssd.conf.5.xml:1535 #, no-wrap msgid "" "p11_uri = slot-description=My%20Smartcar%20Reader\n" @@ -2095,7 +2067,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1538 +#: sssd.conf.5.xml:1539 #, no-wrap msgid "" "p11_uri = library-description=OpenSC%20smartcard%20framework;slot-id=2\n" @@ -2103,7 +2075,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1532 +#: sssd.conf.5.xml:1533 msgid "" "Example: <placeholder type=\"programlisting\" id=\"0\"/> or <placeholder " "type=\"programlisting\" id=\"1\"/> To find suitable URI please check the " @@ -2112,12 +2084,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1554 +#: sssd.conf.5.xml:1555 msgid "SUDO configuration options" msgstr "SUDO 設定オプション" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1556 +#: sssd.conf.5.xml:1557 msgid "" "These options can be used to configure the sudo service. The detailed " "instructions for configuration of <citerefentry> <refentrytitle>sudo</" @@ -2128,12 +2100,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1573 +#: sssd.conf.5.xml:1574 msgid "sudo_timed (bool)" msgstr "sudo_timed (論理値)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1576 +#: sssd.conf.5.xml:1577 msgid "" "Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " "that implement time-dependent sudoers entries." @@ -2142,12 +2114,12 @@ msgstr "" "を評価するかしないかです。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1588 +#: sssd.conf.5.xml:1589 msgid "sudo_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1591 +#: sssd.conf.5.xml:1592 msgid "" "Maximum number of expired rules that can be refreshed at once. If number of " "expired rules is below threshold, those rules are refreshed with " @@ -2157,22 +2129,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1610 +#: sssd.conf.5.xml:1611 msgid "AUTOFS configuration options" msgstr "Autofs 設定オプション" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1612 +#: sssd.conf.5.xml:1613 msgid "These options can be used to configure the autofs service." msgstr "これらのオプションが autofs サービスを設定するために使用されます。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1616 +#: sssd.conf.5.xml:1617 msgid "autofs_negative_timeout (integer)" msgstr "autofs_negative_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1619 +#: sssd.conf.5.xml:1620 msgid "" "Specifies for how many seconds should the autofs responder negative cache " "hits (that is, queries for invalid map entries, like nonexistent ones) " @@ -2183,51 +2155,51 @@ msgstr "" "ヒットする秒数を指定します。" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1635 +#: sssd.conf.5.xml:1636 msgid "SSH configuration options" msgstr "SSH 設定オプション" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1637 +#: sssd.conf.5.xml:1638 msgid "These options can be used to configure the SSH service." msgstr "これらのオプションは SSH サービスを設定するために使用されます。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1641 +#: sssd.conf.5.xml:1642 msgid "ssh_hash_known_hosts (bool)" msgstr "ssh_hash_known_hosts (論理値)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1644 +#: sssd.conf.5.xml:1645 msgid "" "Whether or not to hash host names and addresses in the managed known_hosts " "file." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1653 +#: sssd.conf.5.xml:1654 msgid "ssh_known_hosts_timeout (integer)" msgstr "ssh_known_hosts_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1656 +#: sssd.conf.5.xml:1657 msgid "" "How many seconds to keep a host in the managed known_hosts file after its " "host keys were requested." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1660 +#: sssd.conf.5.xml:1661 msgid "Default: 180" msgstr "初期値: 180" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1665 +#: sssd.conf.5.xml:1666 msgid "ssh_use_certificate_keys (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1668 +#: sssd.conf.5.xml:1669 msgid "" "If set to true the <command>sss_ssh_authorizedkeys</command> will return ssh " "keys derived from the public key of X.509 certificates stored in the user " @@ -2236,24 +2208,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1683 +#: sssd.conf.5.xml:1684 msgid "ca_db (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1686 +#: sssd.conf.5.xml:1687 msgid "" "Path to a storage of trusted CA certificates. The option is used to validate " "user certificates before deriving public ssh keys from them." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1714 +#: sssd.conf.5.xml:1715 msgid "PAC responder configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1716 +#: sssd.conf.5.xml:1717 msgid "" "The PAC responder works together with the authorization data plugin for MIT " "Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the " @@ -2264,7 +2236,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1725 +#: sssd.conf.5.xml:1726 msgid "" "If the remote user does not exist in the cache, it is created. The UID is " "determined with the help of the SID, trusted domains will have UPGs and the " @@ -2275,24 +2247,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1733 +#: sssd.conf.5.xml:1734 msgid "" "If there are SIDs of groups from domains sssd knows about, the user will be " "added to those groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1739 +#: sssd.conf.5.xml:1740 msgid "These options can be used to configure the PAC responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1743 sssd-ifp.5.xml:50 +#: sssd.conf.5.xml:1744 sssd-ifp.5.xml:50 msgid "allowed_uids (string)" msgstr "allowed_uids (文字列)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1746 +#: sssd.conf.5.xml:1747 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to access the PAC responder. User names are resolved to UIDs at " @@ -2300,12 +2272,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1752 +#: sssd.conf.5.xml:1753 msgid "Default: 0 (only the root user is allowed to access the PAC responder)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1756 +#: sssd.conf.5.xml:1757 msgid "" "Please note that although the UID 0 is used as the default it will be " "overwritten with this option. If you still want to allow the root user to " @@ -2314,24 +2286,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1765 +#: sssd.conf.5.xml:1766 msgid "pac_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1768 +#: sssd.conf.5.xml:1769 msgid "" "Lifetime of the PAC entry in seconds. As long as the PAC is valid the PAC " "data can be used to determine the group memberships of a user." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1781 +#: sssd.conf.5.xml:1782 msgid "Session recording configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1783 +#: sssd.conf.5.xml:1784 msgid "" "Session recording works in conjunction with <citerefentry> " "<refentrytitle>tlog-rec-session</refentrytitle> <manvolnum>8</manvolnum> </" @@ -2341,66 +2313,66 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1796 +#: sssd.conf.5.xml:1797 msgid "These options can be used to configure session recording." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1800 sssd-session-recording.5.xml:64 +#: sssd.conf.5.xml:1801 sssd-session-recording.5.xml:64 msgid "scope (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1807 sssd-session-recording.5.xml:71 +#: sssd.conf.5.xml:1808 sssd-session-recording.5.xml:71 msgid "\"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1810 sssd-session-recording.5.xml:74 +#: sssd.conf.5.xml:1811 sssd-session-recording.5.xml:74 msgid "No users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1815 sssd-session-recording.5.xml:79 +#: sssd.conf.5.xml:1816 sssd-session-recording.5.xml:79 msgid "\"some\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1818 sssd-session-recording.5.xml:82 +#: sssd.conf.5.xml:1819 sssd-session-recording.5.xml:82 msgid "" "Users/groups specified by <replaceable>users</replaceable> and " "<replaceable>groups</replaceable> options are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1827 sssd-session-recording.5.xml:91 +#: sssd.conf.5.xml:1828 sssd-session-recording.5.xml:91 msgid "\"all\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1830 sssd-session-recording.5.xml:94 +#: sssd.conf.5.xml:1831 sssd-session-recording.5.xml:94 msgid "All users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1803 sssd-session-recording.5.xml:67 +#: sssd.conf.5.xml:1804 sssd-session-recording.5.xml:67 msgid "" "One of the following strings specifying the scope of session recording: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1837 sssd-session-recording.5.xml:101 +#: sssd.conf.5.xml:1838 sssd-session-recording.5.xml:101 msgid "Default: \"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1842 sssd-session-recording.5.xml:106 +#: sssd.conf.5.xml:1843 sssd-session-recording.5.xml:106 msgid "users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1845 sssd-session-recording.5.xml:109 +#: sssd.conf.5.xml:1846 sssd-session-recording.5.xml:109 msgid "" "A comma-separated list of users which should have session recording enabled. " "Matches user names as returned by NSS. I.e. after the possible space " @@ -2408,17 +2380,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1851 sssd-session-recording.5.xml:115 +#: sssd.conf.5.xml:1852 sssd-session-recording.5.xml:115 msgid "Default: Empty. Matches no users." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1856 sssd-session-recording.5.xml:120 +#: sssd.conf.5.xml:1857 sssd-session-recording.5.xml:120 msgid "groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1859 sssd-session-recording.5.xml:123 +#: sssd.conf.5.xml:1860 sssd-session-recording.5.xml:123 msgid "" "A comma-separated list of groups, members of which should have session " "recording enabled. Matches group names as returned by NSS. I.e. after the " @@ -2426,7 +2398,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1865 sssd-session-recording.5.xml:129 +#: sssd.conf.5.xml:1866 sssd-session-recording.5.xml:129 msgid "" "NOTE: using this option (having it set to anything) has a considerable " "performance cost, because each uncached request for a user requires " @@ -2434,22 +2406,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1872 sssd-session-recording.5.xml:136 +#: sssd.conf.5.xml:1873 sssd-session-recording.5.xml:136 msgid "Default: Empty. Matches no groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1882 +#: sssd.conf.5.xml:1883 msgid "DOMAIN SECTIONS" msgstr "ドメインセクション" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1889 +#: sssd.conf.5.xml:1890 msgid "domain_type (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1892 +#: sssd.conf.5.xml:1893 msgid "" "Specifies whether the domain is meant to be used by POSIX-aware clients such " "as the Name Service Switch or by applications that do not need POSIX data to " @@ -2458,14 +2430,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1900 +#: sssd.conf.5.xml:1901 msgid "" "Allowed values for this option are <quote>posix</quote> and " "<quote>application</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1904 +#: sssd.conf.5.xml:1905 msgid "" "POSIX domains are reachable by all services. Application domains are only " "reachable from the InfoPipe responder (see <citerefentry> " @@ -2474,31 +2446,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1912 +#: sssd.conf.5.xml:1913 msgid "" "NOTE: The application domains are currently well tested with " "<quote>id_provider=ldap</quote> only." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1916 +#: sssd.conf.5.xml:1917 msgid "" "For an easy way to configure a non-POSIX domains, please see the " "<quote>Application domains</quote> section." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1920 +#: sssd.conf.5.xml:1921 msgid "Default: posix" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1926 +#: sssd.conf.5.xml:1927 msgid "min_id,max_id (integer)" msgstr "min_id,max_id (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1929 +#: sssd.conf.5.xml:1930 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." @@ -2507,7 +2479,7 @@ msgstr "" "トリーを含む場合、それは無視されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1934 +#: sssd.conf.5.xml:1935 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For non-" @@ -2519,24 +2491,24 @@ msgstr "" "バーに対して、範囲内にあるものは予期されたものとして報告されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1941 +#: sssd.conf.5.xml:1942 msgid "" "These ID limits affect even saving entries to cache, not only returning them " "by name or ID." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1945 +#: sssd.conf.5.xml:1946 msgid "Default: 1 for min_id, 0 (no limit) for max_id" msgstr "初期値: min_id は 1, max_id は 0 (無制限)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1951 +#: sssd.conf.5.xml:1952 msgid "enumerate (bool)" msgstr "enumerate (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1954 +#: sssd.conf.5.xml:1955 msgid "" "Determines if a domain can be enumerated, that is, whether the domain can " "list all the users and group it contains. Note that it is not required to " @@ -2545,29 +2517,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1962 +#: sssd.conf.5.xml:1963 msgid "TRUE = Users and groups are enumerated" msgstr "TRUE = ユーザーとグループが列挙されます" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1965 +#: sssd.conf.5.xml:1966 msgid "FALSE = No enumerations for this domain" msgstr "FALSE = このドメインに対して列挙しません" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1968 sssd.conf.5.xml:2190 sssd.conf.5.xml:2365 +#: sssd.conf.5.xml:1969 sssd.conf.5.xml:2191 sssd.conf.5.xml:2366 msgid "Default: FALSE" msgstr "初期値: FALSE" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1971 +#: sssd.conf.5.xml:1972 msgid "" "Enumerating a domain requires SSSD to download and store ALL user and group " "entries from the remote server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1976 +#: sssd.conf.5.xml:1977 msgid "" "Note: Enabling enumeration has a moderate performance impact on SSSD while " "enumeration is running. It may take up to several minutes after SSSD startup " @@ -2581,7 +2553,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1991 +#: sssd.conf.5.xml:1992 msgid "" "While the first enumeration is running, requests for the complete user or " "group lists may return no results until it completes." @@ -2590,7 +2562,7 @@ msgstr "" "れが完了するまで結果を返しません。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1996 +#: sssd.conf.5.xml:1997 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " @@ -2603,39 +2575,39 @@ msgstr "" "てください。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2004 +#: sssd.conf.5.xml:2005 msgid "" "For the reasons cited above, enabling enumeration is not recommended, " "especially in large environments." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2012 +#: sssd.conf.5.xml:2013 msgid "subdomain_enumerate (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2019 +#: sssd.conf.5.xml:2020 msgid "all" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2020 +#: sssd.conf.5.xml:2021 msgid "All discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2023 +#: sssd.conf.5.xml:2024 msgid "none" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2024 +#: sssd.conf.5.xml:2025 msgid "No discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2015 +#: sssd.conf.5.xml:2016 msgid "" "Whether any of autodetected trusted domains should be enumerated. The " "supported values are: <placeholder type=\"variablelist\" id=\"0\"/> " @@ -2644,12 +2616,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2038 +#: sssd.conf.5.xml:2039 msgid "entry_cache_timeout (integer)" msgstr "entry_cache_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2041 +#: sssd.conf.5.xml:2042 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" @@ -2658,7 +2630,7 @@ msgstr "" "数です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2045 +#: sssd.conf.5.xml:2046 msgid "" "The cache expiration timestamps are stored as attributes of individual " "objects in the cache. Therefore, changing the cache timeout only has effect " @@ -2669,17 +2641,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2058 +#: sssd.conf.5.xml:2059 msgid "Default: 5400" msgstr "初期値: 5400" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2064 +#: sssd.conf.5.xml:2065 msgid "entry_cache_user_timeout (integer)" msgstr "entry_cache_user_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2067 +#: sssd.conf.5.xml:2068 msgid "" "How many seconds should nss_sss consider user entries valid before asking " "the backend again" @@ -2688,19 +2660,19 @@ msgstr "" "考える秒数です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2071 sssd.conf.5.xml:2084 sssd.conf.5.xml:2097 -#: sssd.conf.5.xml:2110 sssd.conf.5.xml:2123 sssd.conf.5.xml:2137 -#: sssd.conf.5.xml:2151 +#: sssd.conf.5.xml:2072 sssd.conf.5.xml:2085 sssd.conf.5.xml:2098 +#: sssd.conf.5.xml:2111 sssd.conf.5.xml:2124 sssd.conf.5.xml:2138 +#: sssd.conf.5.xml:2152 msgid "Default: entry_cache_timeout" msgstr "初期値: entry_cache_timeout" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2077 +#: sssd.conf.5.xml:2078 msgid "entry_cache_group_timeout (integer)" msgstr "entry_cache_group_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2080 +#: sssd.conf.5.xml:2081 msgid "" "How many seconds should nss_sss consider group entries valid before asking " "the backend again" @@ -2709,12 +2681,12 @@ msgstr "" "考える秒数です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2090 +#: sssd.conf.5.xml:2091 msgid "entry_cache_netgroup_timeout (integer)" msgstr "entry_cache_netgroup_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2093 +#: sssd.conf.5.xml:2094 msgid "" "How many seconds should nss_sss consider netgroup entries valid before " "asking the backend again" @@ -2723,12 +2695,12 @@ msgstr "" "有効であると考える秒数です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2103 +#: sssd.conf.5.xml:2104 msgid "entry_cache_service_timeout (integer)" msgstr "entry_cache_service_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2106 +#: sssd.conf.5.xml:2107 msgid "" "How many seconds should nss_sss consider service entries valid before asking " "the backend again" @@ -2737,94 +2709,94 @@ msgstr "" "考える秒数です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2116 +#: sssd.conf.5.xml:2117 msgid "entry_cache_sudo_timeout (integer)" msgstr "entry_cache_sudo_timeout (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2119 +#: sssd.conf.5.xml:2120 msgid "" "How many seconds should sudo consider rules valid before asking the backend " "again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2129 +#: sssd.conf.5.xml:2130 msgid "entry_cache_autofs_timeout (integer)" msgstr "entry_cache_autofs_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2132 +#: sssd.conf.5.xml:2133 msgid "" "How many seconds should the autofs service consider automounter maps valid " "before asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2143 +#: sssd.conf.5.xml:2144 msgid "entry_cache_ssh_host_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2146 +#: sssd.conf.5.xml:2147 msgid "" "How many seconds to keep a host ssh key after refresh. IE how long to cache " "the host key for." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2157 +#: sssd.conf.5.xml:2158 msgid "refresh_expired_interval (integer)" msgstr "refresh_expired_interval (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2160 +#: sssd.conf.5.xml:2161 msgid "" "Specifies how many seconds SSSD has to wait before triggering a background " "refresh task which will refresh all expired or nearly expired records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2165 +#: sssd.conf.5.xml:2166 msgid "" "The background refresh will process users, groups and netgroups in the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2169 +#: sssd.conf.5.xml:2170 msgid "You can consider setting this value to 3/4 * entry_cache_timeout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2173 sssd-ldap.5.xml:746 sssd-ipa.5.xml:254 +#: sssd.conf.5.xml:2174 sssd-ldap.5.xml:784 sssd-ipa.5.xml:254 msgid "Default: 0 (disabled)" msgstr "初期値: 0 (無効)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2179 +#: sssd.conf.5.xml:2180 msgid "cache_credentials (bool)" msgstr "cache_credentials (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2182 +#: sssd.conf.5.xml:2183 msgid "Determines if user credentials are also cached in the local LDB cache" msgstr "" "ユーザーのクレディンシャルがローカル LDB キャッシュにキャッシュされるかどうか" "を決めます" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2186 +#: sssd.conf.5.xml:2187 msgid "User credentials are stored in a SHA512 hash, not in plaintext" msgstr "" "ユーザーのクレディンシャルが、平文ではなく SHA512 ハッシュで保存されます" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2196 +#: sssd.conf.5.xml:2197 msgid "cache_credentials_minimal_first_factor_length (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2199 +#: sssd.conf.5.xml:2200 msgid "" "If 2-Factor-Authentication (2FA) is used and credentials should be saved " "this value determines the minimal length the first authentication factor " @@ -2832,24 +2804,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2206 +#: sssd.conf.5.xml:2207 msgid "" "This should avoid that the short PINs of a PIN based 2FA scheme are saved in " "the cache which would make them easy targets for brute-force attacks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2211 +#: sssd.conf.5.xml:2212 msgid "Default: 8" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2217 +#: sssd.conf.5.xml:2218 msgid "account_cache_expiration (integer)" msgstr "account_cache_expiration (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2220 +#: sssd.conf.5.xml:2221 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " @@ -2861,17 +2833,17 @@ msgstr "" "offline_credentials_expiration と同等以上でなければいけません。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2227 +#: sssd.conf.5.xml:2228 msgid "Default: 0 (unlimited)" msgstr "初期値: 0 (無制限)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2232 +#: sssd.conf.5.xml:2233 msgid "pwd_expiration_warning (integer)" msgstr "pwd_expiration_warning (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2243 +#: sssd.conf.5.xml:2244 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -2880,17 +2852,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2250 +#: sssd.conf.5.xml:2251 msgid "Default: 7 (Kerberos), 0 (LDAP)" msgstr "初期値: 7 (Kerberos), 0 (LDAP)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2256 +#: sssd.conf.5.xml:2257 msgid "id_provider (string)" msgstr "id_provider (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2259 +#: sssd.conf.5.xml:2260 msgid "" "The identification provider used for the domain. Supported ID providers are:" msgstr "" @@ -2898,18 +2870,18 @@ msgstr "" "ダーは次のとおりです:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2263 +#: sssd.conf.5.xml:2264 msgid "<quote>proxy</quote>: Support a legacy NSS provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2266 +#: sssd.conf.5.xml:2267 msgid "" "<quote>local</quote>: SSSD internal provider for local users (DEPRECATED)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2270 +#: sssd.conf.5.xml:2271 msgid "" "<quote>files</quote>: FILES provider. See <citerefentry> <refentrytitle>sssd-" "files</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -2917,7 +2889,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2278 +#: sssd.conf.5.xml:2279 msgid "" "<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -2928,8 +2900,8 @@ msgstr "" "manvolnum> </citerefentry> を参照してください。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2286 sssd.conf.5.xml:2391 sssd.conf.5.xml:2446 -#: sssd.conf.5.xml:2509 +#: sssd.conf.5.xml:2287 sssd.conf.5.xml:2392 sssd.conf.5.xml:2447 +#: sssd.conf.5.xml:2510 msgid "" "<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management " "provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " @@ -2942,8 +2914,8 @@ msgstr "" "い。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2295 sssd.conf.5.xml:2400 sssd.conf.5.xml:2455 -#: sssd.conf.5.xml:2518 +#: sssd.conf.5.xml:2296 sssd.conf.5.xml:2401 sssd.conf.5.xml:2456 +#: sssd.conf.5.xml:2519 msgid "" "<quote>ad</quote>: Active Directory provider. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2954,12 +2926,12 @@ msgstr "" "<manvolnum>5</manvolnum> </citerefentry> を参照してください。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2306 +#: sssd.conf.5.xml:2307 msgid "use_fully_qualified_names (bool)" msgstr "use_fully_qualified_names (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2309 +#: sssd.conf.5.xml:2310 msgid "" "Use the full name and domain (as formatted by the domain's full_name_format) " "as the user's login name reported to NSS." @@ -2968,7 +2940,7 @@ msgstr "" "名形式により整形されたように) を使用します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2314 +#: sssd.conf.5.xml:2315 msgid "" "If set to TRUE, all requests to this domain must use fully qualified names. " "For example, if used in LOCAL domain that contains a \"test\" user, " @@ -2981,7 +2953,7 @@ msgstr "" "んが、<command>getent passwd test@LOCAL</command> は見つけられます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2322 +#: sssd.conf.5.xml:2323 msgid "" "NOTE: This option has no effect on netgroup lookups due to their tendency to " "include nested netgroups without qualified names. For netgroups, all domains " @@ -2989,22 +2961,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2329 +#: sssd.conf.5.xml:2330 msgid "Default: FALSE (TRUE if default_domain_suffix is used)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2335 +#: sssd.conf.5.xml:2336 msgid "ignore_group_members (bool)" msgstr "ignore_group_members (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2338 +#: sssd.conf.5.xml:2339 msgid "Do not return group members for group lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2341 +#: sssd.conf.5.xml:2342 msgid "" "If set to TRUE, the group membership attribute is not requested from the " "ldap server, and group members are not returned when processing group lookup " @@ -3016,7 +2988,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2359 +#: sssd.conf.5.xml:2360 msgid "" "Enabling this option can also make access provider checks for group " "membership significantly faster, especially for groups containing many " @@ -3024,12 +2996,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2370 +#: sssd.conf.5.xml:2371 msgid "auth_provider (string)" msgstr "auth_provider (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2373 +#: sssd.conf.5.xml:2374 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" @@ -3038,7 +3010,7 @@ msgstr "" "ダーは次のとおりです:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2377 sssd.conf.5.xml:2439 +#: sssd.conf.5.xml:2378 sssd.conf.5.xml:2440 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3049,7 +3021,7 @@ msgstr "" "manvolnum> </citerefentry> を参照してください。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2384 +#: sssd.conf.5.xml:2385 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3060,24 +3032,24 @@ msgstr "" "manvolnum> </citerefentry> を参照してください。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2408 +#: sssd.conf.5.xml:2409 msgid "" "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "" "<quote>proxy</quote> はいくつかの他の PAM ターゲットに認証を中継します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2411 +#: sssd.conf.5.xml:2412 msgid "<quote>local</quote>: SSSD internal provider for local users" msgstr "<quote>local</quote>: ローカルユーザー向け SSSD 内部プロバイダー" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2415 +#: sssd.conf.5.xml:2416 msgid "<quote>none</quote> disables authentication explicitly." msgstr "<quote>none</quote> は明示的に認証を無効化します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2418 +#: sssd.conf.5.xml:2419 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." @@ -3086,12 +3058,12 @@ msgstr "" "ならば、それが使用されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2424 +#: sssd.conf.5.xml:2425 msgid "access_provider (string)" msgstr "access_provider (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2427 +#: sssd.conf.5.xml:2428 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " @@ -3102,7 +3074,7 @@ msgstr "" "えます)。内部の特別プロバイダーは次のとおりです:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2433 +#: sssd.conf.5.xml:2434 msgid "" "<quote>permit</quote> always allow access. It's the only permitted access " "provider for a local domain." @@ -3111,12 +3083,12 @@ msgstr "" "ロバイダーのみアクセスが許可されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2436 +#: sssd.conf.5.xml:2437 msgid "<quote>deny</quote> always deny access." msgstr "<quote>deny</quote> は常にアクセスを拒否します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2463 +#: sssd.conf.5.xml:2464 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" @@ -3129,7 +3101,7 @@ msgstr "" "citerefentry> を参照してください。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2470 +#: sssd.conf.5.xml:2471 msgid "" "<quote>krb5</quote>: .k5login based access control. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum></" @@ -3137,22 +3109,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2477 +#: sssd.conf.5.xml:2478 msgid "<quote>proxy</quote> for relaying access control to another PAM module." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2480 +#: sssd.conf.5.xml:2481 msgid "Default: <quote>permit</quote>" msgstr "初期値: <quote>permit</quote>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2485 +#: sssd.conf.5.xml:2486 msgid "chpass_provider (string)" msgstr "chpass_provider (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2488 +#: sssd.conf.5.xml:2489 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" @@ -3161,7 +3133,7 @@ msgstr "" "パスワード変更プロバイダーは次のとおりです:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2493 +#: sssd.conf.5.xml:2494 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -3169,7 +3141,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2501 +#: sssd.conf.5.xml:2502 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3180,7 +3152,7 @@ msgstr "" "<manvolnum>5</manvolnum> </citerefentry> を参照してください。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2526 +#: sssd.conf.5.xml:2527 msgid "" "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "" @@ -3188,12 +3160,12 @@ msgstr "" "します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2530 +#: sssd.conf.5.xml:2531 msgid "<quote>none</quote> disallows password changes explicitly." msgstr "<quote>none</quote> は明示的にパスワードの変更を無効化します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2533 +#: sssd.conf.5.xml:2534 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." @@ -3202,19 +3174,19 @@ msgstr "" "うことができるならば、それが使用されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2540 +#: sssd.conf.5.xml:2541 msgid "sudo_provider (string)" msgstr "sudo_provider (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2543 +#: sssd.conf.5.xml:2544 msgid "The SUDO provider used for the domain. Supported SUDO providers are:" msgstr "" "ドメインに使用される SUDO プロバイダーです。サポートされる SUDO プロバイダー" "は次のとおりです:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2547 +#: sssd.conf.5.xml:2548 msgid "" "<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3225,33 +3197,33 @@ msgstr "" "<manvolnum>5</manvolnum> </citerefentry> を参照します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2555 +#: sssd.conf.5.xml:2556 msgid "" "<quote>ipa</quote> the same as <quote>ldap</quote> but with IPA default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2559 +#: sssd.conf.5.xml:2560 msgid "" "<quote>ad</quote> the same as <quote>ldap</quote> but with AD default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2563 +#: sssd.conf.5.xml:2564 msgid "<quote>none</quote> disables SUDO explicitly." msgstr "<quote>none</quote> は SUDO を明示的に無効化します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2566 sssd.conf.5.xml:2652 sssd.conf.5.xml:2722 -#: sssd.conf.5.xml:2747 +#: sssd.conf.5.xml:2567 sssd.conf.5.xml:2653 sssd.conf.5.xml:2723 +#: sssd.conf.5.xml:2748 msgid "Default: The value of <quote>id_provider</quote> is used if it is set." msgstr "" "初期値: <quote>id_provider</quote> の値が設定されていると使用されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2570 +#: sssd.conf.5.xml:2571 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -3262,7 +3234,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2585 +#: sssd.conf.5.xml:2586 msgid "" "<emphasis>NOTE:</emphasis> Sudo rules are periodically downloaded in the " "background unless the sudo provider is explicitly disabled. Set " @@ -3271,12 +3243,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2595 +#: sssd.conf.5.xml:2596 msgid "selinux_provider (string)" msgstr "selinux_provider (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2598 +#: sssd.conf.5.xml:2599 msgid "" "The provider which should handle loading of selinux settings. Note that this " "provider will be called right after access provider ends. Supported selinux " @@ -3284,7 +3256,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2604 +#: sssd.conf.5.xml:2605 msgid "" "<quote>ipa</quote> to load selinux settings from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3292,31 +3264,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2612 +#: sssd.conf.5.xml:2613 msgid "<quote>none</quote> disallows fetching selinux settings explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2615 +#: sssd.conf.5.xml:2616 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "selinux loading requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2621 +#: sssd.conf.5.xml:2622 msgid "subdomains_provider (string)" msgstr "subdomains_provider (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2624 +#: sssd.conf.5.xml:2625 msgid "" "The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider. Supported subdomain providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2630 +#: sssd.conf.5.xml:2631 msgid "" "<quote>ipa</quote> to load a list of subdomains from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3324,7 +3296,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2639 +#: sssd.conf.5.xml:2640 msgid "" "<quote>ad</quote> to load a list of subdomains from an Active Directory " "server. See <citerefentry> <refentrytitle>sssd-ad</refentrytitle> " @@ -3333,17 +3305,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2648 +#: sssd.conf.5.xml:2649 msgid "<quote>none</quote> disallows fetching subdomains explicitly." msgstr "<quote>none</quote> はサブドメインの取り出しを明示的に無効化します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2658 +#: sssd.conf.5.xml:2659 msgid "session_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2661 +#: sssd.conf.5.xml:2662 msgid "" "The provider which configures and manages user session related tasks. The " "only user session task currently provided is the integration with Fleet " @@ -3351,37 +3323,37 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2668 +#: sssd.conf.5.xml:2669 msgid "<quote>ipa</quote> to allow performing user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2672 +#: sssd.conf.5.xml:2673 msgid "" "<quote>none</quote> does not perform any kind of user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2676 +#: sssd.conf.5.xml:2677 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can perform " "session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2680 +#: sssd.conf.5.xml:2681 msgid "" "<emphasis>NOTE:</emphasis> In order to have this feature working as expected " "SSSD must be running as \"root\" and not as the unprivileged user." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2688 +#: sssd.conf.5.xml:2689 msgid "autofs_provider (string)" msgstr "autofs_provider (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2691 +#: sssd.conf.5.xml:2692 msgid "" "The autofs provider used for the domain. Supported autofs providers are:" msgstr "" @@ -3389,7 +3361,7 @@ msgstr "" "プロバイダーは次のとおりです:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2695 +#: sssd.conf.5.xml:2696 msgid "" "<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3400,7 +3372,7 @@ msgstr "" "<manvolnum>5</manvolnum> </citerefentry> を参照してください。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2702 +#: sssd.conf.5.xml:2703 msgid "" "<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> " "<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3411,7 +3383,7 @@ msgstr "" "<manvolnum>5</manvolnum> </citerefentry> を参照してください。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2710 +#: sssd.conf.5.xml:2711 msgid "" "<quote>ad</quote> to load maps stored in an AD server. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3419,17 +3391,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2719 +#: sssd.conf.5.xml:2720 msgid "<quote>none</quote> disables autofs explicitly." msgstr "<quote>none</quote> は明示的に autofs を無効にします。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2729 +#: sssd.conf.5.xml:2730 msgid "hostid_provider (string)" msgstr "hostid_provider (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2732 +#: sssd.conf.5.xml:2733 msgid "" "The provider used for retrieving host identity information. Supported " "hostid providers are:" @@ -3438,7 +3410,7 @@ msgstr "" "hostid プロバイダーは次のとおりです:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2736 +#: sssd.conf.5.xml:2737 msgid "" "<quote>ipa</quote> to load host identity stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3449,12 +3421,12 @@ msgstr "" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry> を参照してください。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2744 +#: sssd.conf.5.xml:2745 msgid "<quote>none</quote> disables hostid explicitly." msgstr "<quote>none</quote> は明示的に hostid を無効にします。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2757 +#: sssd.conf.5.xml:2758 msgid "" "Regular expression for this domain that describes how to parse the string " "containing user name and domain into these components. The \"domain\" can " @@ -3464,7 +3436,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2766 +#: sssd.conf.5.xml:2767 msgid "" "Default for the AD and IPA provider: <quote>(((?P<domain>[^\\\\]+)\\" "\\(?P<name>.+$))|((?P<name>[^@]+)@(?P<domain>.+$))|(^(?" @@ -3473,29 +3445,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2771 +#: sssd.conf.5.xml:2772 msgid "username" msgstr "username" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2774 +#: sssd.conf.5.xml:2775 msgid "username@domain.name" msgstr "username@domain.name" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2777 +#: sssd.conf.5.xml:2778 msgid "domain\\username" msgstr "domain\\username" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2780 +#: sssd.conf.5.xml:2781 msgid "" "While the first two correspond to the general default the third one is " "introduced to allow easy integration of users from Windows domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2785 +#: sssd.conf.5.xml:2786 msgid "" "Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " "which translates to \"the name is everything up to the <quote>@</quote> " @@ -3506,7 +3478,7 @@ msgstr "" "everything after that\" に解釈されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2791 +#: sssd.conf.5.xml:2792 msgid "" "NOTE: Some Active Directory groups, typically those used for MS Exchange " "contain an <quote>@</quote> sign in the name, which clashes with the default " @@ -3516,17 +3488,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2842 +#: sssd.conf.5.xml:2843 msgid "Default: <quote>%1$s@%2$s</quote>." msgstr "初期値: <quote>%1$s@%2$s</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2848 +#: sssd.conf.5.xml:2849 msgid "lookup_family_order (string)" msgstr "lookup_family_order (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2851 +#: sssd.conf.5.xml:2852 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." @@ -3535,46 +3507,46 @@ msgstr "" "します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2855 +#: sssd.conf.5.xml:2856 msgid "Supported values:" msgstr "サポートする値:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2858 +#: sssd.conf.5.xml:2859 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" msgstr "" "ipv4_first: IPv4 アドレスの検索を試行します。失敗すると IPv6 を試行します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2861 +#: sssd.conf.5.xml:2862 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." msgstr "" "ipv4_only: ホスト名を IPv4 アドレスに名前解決することのみを試行します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2864 +#: sssd.conf.5.xml:2865 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" msgstr "" "ipv6_first: IPv6 アドレスの検索を試行します。失敗すると IPv4 を試行します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2867 +#: sssd.conf.5.xml:2868 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." msgstr "" "ipv6_only: ホスト名を IPv6 アドレスに名前解決することのみを試行します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2870 +#: sssd.conf.5.xml:2871 msgid "Default: ipv4_first" msgstr "初期値: ipv4_first" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2876 +#: sssd.conf.5.xml:2877 msgid "dns_resolver_timeout (integer)" msgstr "dns_resolver_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2879 +#: sssd.conf.5.xml:2880 msgid "" "Defines the amount of time (in seconds) to wait for a reply from the " "internal fail over service before assuming that the service is unreachable. " @@ -3583,25 +3555,25 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2886 +#: sssd.conf.5.xml:2887 msgid "" "Please see the section <quote>FAILOVER</quote> for more information about " "the service resolution." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2891 sssd-ldap.5.xml:1337 sssd-ldap.5.xml:1379 -#: sssd-ldap.5.xml:1397 sssd-krb5.5.xml:248 +#: sssd.conf.5.xml:2892 sssd-ldap.5.xml:1375 sssd-ldap.5.xml:1417 +#: sssd-ldap.5.xml:1435 sssd-krb5.5.xml:248 msgid "Default: 6" msgstr "初期値: 6" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2897 +#: sssd.conf.5.xml:2898 msgid "dns_discovery_domain (string)" msgstr "dns_discovery_domain (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2900 +#: sssd.conf.5.xml:2901 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." @@ -3610,52 +3582,52 @@ msgstr "" "イン部分を指定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2904 +#: sssd.conf.5.xml:2905 msgid "Default: Use the domain part of machine's hostname" msgstr "初期値: マシンのホスト名のドメイン部分を使用します" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2910 +#: sssd.conf.5.xml:2911 msgid "override_gid (integer)" msgstr "override_gid (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2913 +#: sssd.conf.5.xml:2914 msgid "Override the primary GID value with the one specified." msgstr "プライマリー GID の値を指定されたもので上書きします。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2919 +#: sssd.conf.5.xml:2920 msgid "case_sensitive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2930 +#: sssd.conf.5.xml:2931 msgid "True" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2933 +#: sssd.conf.5.xml:2934 msgid "Case sensitive. This value is invalid for AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2939 +#: sssd.conf.5.xml:2940 msgid "False" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2941 +#: sssd.conf.5.xml:2942 msgid "Case insensitive." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2945 +#: sssd.conf.5.xml:2946 msgid "Preserving" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2948 +#: sssd.conf.5.xml:2949 msgid "" "Same as False (case insensitive), but does not lowercase names in the result " "of NSS operations. Note that name aliases (and in case of services also " @@ -3663,7 +3635,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2922 +#: sssd.conf.5.xml:2923 msgid "" "Treat user and group names as case sensitive. <phrase condition=" "\"enable_local_provider\"> At the moment, this option is not supported in " @@ -3672,17 +3644,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2960 +#: sssd.conf.5.xml:2961 msgid "Default: True (False for AD provider)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2966 +#: sssd.conf.5.xml:2967 msgid "subdomain_inherit (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2969 +#: sssd.conf.5.xml:2970 msgid "" "Specifies a list of configuration parameters that should be inherited by a " "subdomain. Please note that only selected parameters can be inherited. " @@ -3690,34 +3662,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2975 +#: sssd.conf.5.xml:2976 msgid "ignore_group_members" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2978 +#: sssd.conf.5.xml:2979 msgid "ldap_purge_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2981 sssd-ldap.5.xml:1061 +#: sssd.conf.5.xml:2982 sssd-ldap.5.xml:1099 msgid "ldap_use_tokengroups" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2984 +#: sssd.conf.5.xml:2985 msgid "ldap_user_principal" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2987 +#: sssd.conf.5.xml:2988 msgid "" "ldap_krb5_keytab (the value of krb5_keytab will be used if ldap_krb5_keytab " "is not set explicitly)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:2993 +#: sssd.conf.5.xml:2994 #, no-wrap msgid "" "subdomain_inherit = ldap_purge_cache_timeout\n" @@ -3725,32 +3697,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2991 sssd-secrets.5.xml:448 +#: sssd.conf.5.xml:2992 sssd-secrets.5.xml:448 msgid "Example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3000 +#: sssd.conf.5.xml:3001 msgid "Note: This option only works with the IPA and AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3007 +#: sssd.conf.5.xml:3008 msgid "subdomain_homedir (string)" msgstr "subdomain_homedir (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3018 +#: sssd.conf.5.xml:3019 msgid "%F" msgstr "%F" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3019 +#: sssd.conf.5.xml:3020 msgid "flat (NetBIOS) name of a subdomain." msgstr "サブドメインのフラット (NetBIOS) 名。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3010 +#: sssd.conf.5.xml:3011 msgid "" "Use this homedir as default value for all subdomains within this domain in " "IPA AD trust. See <emphasis>override_homedir</emphasis> for info about " @@ -3760,48 +3732,56 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3024 +#: sssd.conf.5.xml:3025 msgid "" "The value can be overridden by <emphasis>override_homedir</emphasis> option." msgstr "" "値は <emphasis>override_homedir</emphasis> オプションにより上書きできます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3028 +#: sssd.conf.5.xml:3029 msgid "Default: <filename>/home/%d/%u</filename>" msgstr "初期値: <filename>/home/%d/%u</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3033 +#: sssd.conf.5.xml:3034 msgid "realmd_tags (string)" msgstr "realmd_tags (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3036 +#: sssd.conf.5.xml:3037 msgid "" "Various tags stored by the realmd configuration service for this domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3042 +#: sssd.conf.5.xml:3043 msgid "cached_auth_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3045 +#: sssd.conf.5.xml:3046 msgid "" "Specifies time in seconds since last successful online authentication for " "which user will be authenticated using cached credentials while SSSD is in " -"the online mode." +"the online mode. If the credentials are incorrect, SSSD falls back to online " +"authentication." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3051 +#: sssd.conf.5.xml:3054 +msgid "" +"This option's value is inherited by all trusted domains. At the moment it is " +"not possible to set a different value per trusted domain." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3059 msgid "Special value 0 implies that this feature is disabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3055 +#: sssd.conf.5.xml:3063 msgid "" "Please note that if <quote>cached_auth_timeout</quote> is longer than " "<quote>pam_id_timeout</quote> then the back end could be called to handle " @@ -3809,43 +3789,121 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3066 +#: sssd.conf.5.xml:3074 msgid "auto_private_groups (string)" msgstr "" -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3069 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3080 +msgid "true" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3083 +msgid "" +"Create user's private group unconditionally from user's UID number. The GID " +"number is ignored in this case." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3087 +msgid "" +"NOTE: Because the GID number and the user private group are inferred from " +"the UID number, it is not supported to have multiple entries with the same " +"UID or GID number with this option. In other words, enabling this option " +"enforces uniqueness across the ID space." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3096 +msgid "false" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3099 msgid "" -"If this option is enabled, SSSD will automatically create user private " -"groups based on user's UID number. The GID number is ignored in this case." +"Always use the user's primary GID number. The GID number must refer to a " +"group object in the LDAP database." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3105 +msgid "hybrid" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3108 +msgid "" +"A primary group is autogenerated for user entries whose UID and GID numbers " +"have the same value and at the same time the GID number does not correspond " +"to a real group object in LDAP If the values are the same, but the primary " +"GID in the user entry is also used by a group object, the primary GID of the " +"user resolves to that group object." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3121 +msgid "" +"If the UID and GID of a user are different, then the GID must correspond to " +"a group entry, otherwise the GID is simply not resolvable." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3128 +msgid "" +"This feature is useful for environments that wish to stop maintaining a " +"separate group objects for the user private groups, but also wish to retain " +"the existing user private groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3074 +#: sssd.conf.5.xml:3077 +#, fuzzy +#| msgid "" +#| "Options valid for proxy domains. <placeholder type=\"variablelist\" id=" +#| "\"0\"/>" msgid "" -"For POSIX subdomains, setting the option in the main domain is inherited in " -"the subdomain." +"This option takes any of three available values: <placeholder type=" +"\"variablelist\" id=\"0\"/>" msgstr "" +"プロキシドメインに対して有効なオプションです。 <placeholder type=" +"\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3078 +#: sssd.conf.5.xml:3140 +msgid "" +"For subdomains, the default value is False for subdomains that use assigned " +"POSIX IDs and True for subdomains that use automatic ID-mapping." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd.conf.5.xml:3148 +#, no-wrap msgid "" -"For ID-mapping subdomains, auto_private_groups is already enabled for the " -"subdomains and setting it to false will not have any effect for the " -"subdomain." +"[domain/forest.domain/sub.domain]\n" +"auto_private_groups = false\n" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd.conf.5.xml:3154 +#, no-wrap +msgid "" +"[domain/forest.domain]\n" +"subdomain_inherit = auto_private_groups\n" +"auto_private_groups = false\n" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3083 +#: sssd.conf.5.xml:3145 msgid "" -"NOTE: Because the GID number and the user private group are inferred from " -"the UID number, it is not supported to have multiple entries with the same " -"UID or GID number with this option. In other words, enabling this option " -"enforces uniqueness across the ID space." +"The value of auto_private_groups can either be set per subdomains in a " +"subsection, for example: <placeholder type=\"programlisting\" id=\"0\"/> or " +"globally for all subdomains in the main domain section using the " +"subdomain_inherit option: <placeholder type=\"programlisting\" id=\"1\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1884 +#: sssd.conf.5.xml:1885 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called <quote>[domain/<replaceable>NAME</" @@ -3856,17 +3914,17 @@ msgstr "" "\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3102 +#: sssd.conf.5.xml:3169 msgid "proxy_pam_target (string)" msgstr "proxy_pam_target (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3105 +#: sssd.conf.5.xml:3172 msgid "The proxy target PAM proxies to." msgstr "中継するプロキシターゲット PAM です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3108 +#: sssd.conf.5.xml:3175 msgid "" "Default: not set by default, you have to take an existing pam configuration " "or create a new one and add the service name here." @@ -3875,28 +3933,28 @@ msgstr "" "をここに追加する必要があります。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3116 +#: sssd.conf.5.xml:3183 msgid "proxy_lib_name (string)" msgstr "proxy_lib_name (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3119 +#: sssd.conf.5.xml:3186 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " "for example _nss_files_getpwent." msgstr "" -"プロキシードメインにおいて使用する NSS ライブラリーの名前です。ライブラリーに" -"おいて検索する NSS 関数は _nss_$(libName)_$(function) の形式です。たとえば " +"プロキシドメインにおいて使用する NSS ライブラリーの名前です。ライブラリーにお" +"いて検索する NSS 関数は _nss_$(libName)_$(function) の形式です。たとえば " "_nss_files_getpwent です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3129 +#: sssd.conf.5.xml:3196 msgid "proxy_fast_alias (boolean)" msgstr "proxy_fast_alias (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3132 +#: sssd.conf.5.xml:3199 msgid "" "When a user or group is looked up by name in the proxy provider, a second " "lookup by ID is performed to \"canonicalize\" the name in case the requested " @@ -3905,12 +3963,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3146 +#: sssd.conf.5.xml:3213 msgid "proxy_max_children (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3149 +#: sssd.conf.5.xml:3216 msgid "" "This option specifies the number of pre-forked proxy children. It is useful " "for high-load SSSD environments where sssd may run out of available child " @@ -3918,7 +3976,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3098 +#: sssd.conf.5.xml:3165 msgid "" "Options valid for proxy domains. <placeholder type=\"variablelist\" id=" "\"0\"/>" @@ -3927,12 +3985,12 @@ msgstr "" "\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:3165 +#: sssd.conf.5.xml:3232 msgid "Application domains" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3167 +#: sssd.conf.5.xml:3234 msgid "" "SSSD, with its D-Bus interface (see <citerefentry> <refentrytitle>sssd-ifp</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry>) is appealing to " @@ -3949,7 +4007,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3187 +#: sssd.conf.5.xml:3254 msgid "" "Please note that the application domain must still be explicitly enabled in " "the <quote>domains</quote> parameter so that the lookup order between the " @@ -3957,17 +4015,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:3193 +#: sssd.conf.5.xml:3260 msgid "Application domain parameters" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3195 +#: sssd.conf.5.xml:3262 msgid "inherit_from (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3198 +#: sssd.conf.5.xml:3265 msgid "" "The SSSD POSIX-type domain the application domain inherits all settings " "from. The application domain can moreover add its own settings to the " @@ -3976,7 +4034,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3212 +#: sssd.conf.5.xml:3279 msgid "" "The following example illustrates the use of an application domain. In this " "setup, the POSIX domain is connected to an LDAP server and is used by the OS " @@ -3986,7 +4044,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><programlisting> -#: sssd.conf.5.xml:3220 +#: sssd.conf.5.xml:3287 #, no-wrap msgid "" "[sssd]\n" @@ -4006,12 +4064,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:3238 +#: sssd.conf.5.xml:3305 msgid "The local domain section" msgstr "ローカルドメインのセクション" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3240 +#: sssd.conf.5.xml:3307 msgid "" "This section contains settings for domain that stores users and groups in " "SSSD native database, that is, a domain that uses " @@ -4022,27 +4080,27 @@ msgstr "" "メインに対する設定を含みます。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3247 +#: sssd.conf.5.xml:3314 msgid "default_shell (string)" msgstr "default_shell (文字列)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3250 +#: sssd.conf.5.xml:3317 msgid "The default shell for users created with SSSD userspace tools." msgstr "SSSD ユーザー空間ツールを用いて作成されたユーザーの初期シェルです。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3254 +#: sssd.conf.5.xml:3321 msgid "Default: <filename>/bin/bash</filename>" msgstr "初期値: <filename>/bin/bash</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3259 +#: sssd.conf.5.xml:3326 msgid "base_directory (string)" msgstr "base_directory (文字列)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3262 +#: sssd.conf.5.xml:3329 msgid "" "The tools append the login name to <replaceable>base_directory</replaceable> " "and use that as the home directory." @@ -4051,17 +4109,17 @@ msgstr "" "ホームディレクトリーとして使用します。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3267 +#: sssd.conf.5.xml:3334 msgid "Default: <filename>/home</filename>" msgstr "初期値: <filename>/home</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3272 +#: sssd.conf.5.xml:3339 msgid "create_homedir (bool)" msgstr "create_homedir (論理値)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3275 +#: sssd.conf.5.xml:3342 msgid "" "Indicate if a home directory should be created by default for new users. " "Can be overridden on command line." @@ -4070,17 +4128,17 @@ msgstr "" "す。コマンドラインにおいて上書きできます。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3279 sssd.conf.5.xml:3291 +#: sssd.conf.5.xml:3346 sssd.conf.5.xml:3358 msgid "Default: TRUE" msgstr "初期値: TRUE" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3284 +#: sssd.conf.5.xml:3351 msgid "remove_homedir (bool)" msgstr "remove_homedir (論理値)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3287 +#: sssd.conf.5.xml:3354 msgid "" "Indicate if a home directory should be removed by default for deleted " "users. Can be overridden on command line." @@ -4089,12 +4147,12 @@ msgstr "" "す。コマンドラインにおいて上書きできます。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3296 +#: sssd.conf.5.xml:3363 msgid "homedir_umask (integer)" msgstr "homedir_umask (整数)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3299 +#: sssd.conf.5.xml:3366 msgid "" "Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " @@ -4105,17 +4163,17 @@ msgstr "" "manvolnum> </citerefentry> により使用されます。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3307 +#: sssd.conf.5.xml:3374 msgid "Default: 077" msgstr "初期値: 077" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3312 +#: sssd.conf.5.xml:3379 msgid "skel_dir (string)" msgstr "skel_dir (文字列)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3315 +#: sssd.conf.5.xml:3382 msgid "" "The skeleton directory, which contains files and directories to be copied in " "the user's home directory, when the home directory is created by " @@ -4128,17 +4186,17 @@ msgstr "" "を含む、スケルトンディレクトリーです。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3325 +#: sssd.conf.5.xml:3392 msgid "Default: <filename>/etc/skel</filename>" msgstr "初期値: <filename>/etc/skel</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3330 +#: sssd.conf.5.xml:3397 msgid "mail_dir (string)" msgstr "mail_dir (文字列)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3333 +#: sssd.conf.5.xml:3400 msgid "" "The mail spool directory. This is needed to manipulate the mailbox when its " "corresponding user account is modified or deleted. If not specified, a " @@ -4149,17 +4207,17 @@ msgstr "" "が使用されます。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3340 +#: sssd.conf.5.xml:3407 msgid "Default: <filename>/var/mail</filename>" msgstr "初期値: <filename>/var/mail</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3345 +#: sssd.conf.5.xml:3412 msgid "userdel_cmd (string)" msgstr "userdel_cmd (文字列)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3348 +#: sssd.conf.5.xml:3415 msgid "" "The command that is run after a user is removed. The command us passed the " "username of the user being removed as the first and only parameter. The " @@ -4170,17 +4228,17 @@ msgstr "" "せん。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3354 +#: sssd.conf.5.xml:3421 msgid "Default: None, no command is run" msgstr "初期値: なし、コマンドを実行しません" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3364 +#: sssd.conf.5.xml:3431 msgid "TRUSTED DOMAIN SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3366 +#: sssd.conf.5.xml:3433 msgid "" "Some options used in the domain section can also be used in the trusted " "domain section, that is, in a section called <quote>[domain/" @@ -4191,64 +4249,71 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3373 +#: sssd.conf.5.xml:3440 msgid "ldap_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3374 +#: sssd.conf.5.xml:3441 msgid "ldap_user_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3375 +#: sssd.conf.5.xml:3442 msgid "ldap_group_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3376 +#: sssd.conf.5.xml:3443 msgid "ldap_netgroup_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3377 +#: sssd.conf.5.xml:3444 msgid "ldap_service_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3378 +#: sssd.conf.5.xml:3445 +#, fuzzy +#| msgid "ldap_sasl_mech (string)" +msgid "ldap_sasl_mech," +msgstr "ldap_sasl_mech (文字列)" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:3446 msgid "ad_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3379 +#: sssd.conf.5.xml:3447 msgid "ad_backup_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3380 +#: sssd.conf.5.xml:3448 msgid "ad_site," msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3381 sssd-ipa.5.xml:797 +#: sssd.conf.5.xml:3449 sssd-ipa.5.xml:797 msgid "use_fully_qualified_names" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3383 +#: sssd.conf.5.xml:3451 msgid "" "For more details about these options see their individual description in the " "manual page." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3389 +#: sssd.conf.5.xml:3457 msgid "CERTIFICATE MAPPING SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3391 +#: sssd.conf.5.xml:3459 msgid "" "To allow authentication with Smartcards and certificates SSSD must be able " "to map certificates to users. This can be done by adding the full " @@ -4261,24 +4326,15 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3405 -#, fuzzy -#| msgid "" -#| "This manual page only describes attribute name mapping. For detailed " -#| "explanation of sudo related attribute semantics, see <citerefentry> " -#| "<refentrytitle>sudoers.ldap</refentrytitle><manvolnum>5</manvolnum> </" -#| "citerefentry>" +#: sssd.conf.5.xml:3473 msgid "" "To make the mapping more flexible mapping and matching rules were added to " "SSSD (see <citerefentry> <refentrytitle>sss-certmap</refentrytitle> " "<manvolnum>5</manvolnum> </citerefentry> for details)." msgstr "" -"このマニュアルページは属性名マッピングのみを説明します。 sudo に関連する属性" -"セマンティックの詳細な説明は <citerefentry> <refentrytitle>sudoers.ldap</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry> を参照してください" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3414 +#: sssd.conf.5.xml:3482 msgid "" "A mapping and matching rule can be added to the SSSD configuration in a " "section on its own with a name like <quote>[certmap/" @@ -4287,61 +4343,55 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3421 -#, fuzzy -#| msgid "auth_provider (string)" +#: sssd.conf.5.xml:3489 msgid "matchrule (string)" -msgstr "auth_provider (文字列)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3424 +#: sssd.conf.5.xml:3492 msgid "" "Only certificates from the Smartcard which matches this rule will be " "processed, all others are ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3428 +#: sssd.conf.5.xml:3496 msgid "" "Default: KRB5:<EKU>clientAuth, i.e. only certificates which have the " "Extended Key Usage <quote>clientAuth</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3435 -#, fuzzy -#| msgid "ldap_deref (string)" +#: sssd.conf.5.xml:3503 msgid "maprule (string)" -msgstr "ldap_deref (文字列)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3438 +#: sssd.conf.5.xml:3506 msgid "Defines how the user is found for a given certificate." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3444 +#: sssd.conf.5.xml:3512 msgid "" "LDAP:(userCertificate;binary={cert!bin}) for LDAP based providers like " "<quote>ldap</quote>, <quote>AD</quote> or <quote>ipa</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3450 +#: sssd.conf.5.xml:3518 msgid "" "The RULE_NAME for the <quote>files</quote> provider which tries to find a " "user with the same name." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3459 -#, fuzzy -#| msgid "ad_domain (string)" +#: sssd.conf.5.xml:3527 msgid "domains (string)" -msgstr "ad_domain (文字列)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3462 +#: sssd.conf.5.xml:3530 msgid "" "Comma separated list of domain names the rule should be applied. By default " "a rule is only valid in the domain configured in sssd.conf. If the provider " @@ -4350,19 +4400,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3469 +#: sssd.conf.5.xml:3537 msgid "Default: the configured domain in sssd.conf" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3474 -#, fuzzy -#| msgid "pam_verbosity (integer)" +#: sssd.conf.5.xml:3542 msgid "priority (integer)" -msgstr "pam_verbosity (整数)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3477 +#: sssd.conf.5.xml:3545 msgid "" "Unsigned integer value defining the priority of the rule. The higher the " "number the lower the priority. <quote>0</quote> stands for the highest " @@ -4370,28 +4418,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3483 -#, fuzzy -#| msgid "Default: homeDirectory" +#: sssd.conf.5.xml:3551 msgid "Default: the lowest priority" -msgstr "初期値: homeDirectory" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3489 +#: sssd.conf.5.xml:3557 msgid "" "To make the configuration simple and reduce the amount of configuration " "options the <quote>files</quote> provider has some special properties:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3495 +#: sssd.conf.5.xml:3563 msgid "" "if maprule is not set the RULE_NAME name is assumed to be the name of the " "matching user" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3501 +#: sssd.conf.5.xml:3569 msgid "" "if a maprule is used both a single user name or a template like " "<quote>{subject_rfc822_name.short_name}</quote> must be in braces like e.g. " @@ -4400,17 +4446,140 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3510 +#: sssd.conf.5.xml:3578 msgid "the <quote>domains</quote> option is ignored" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3518 idmap_sss.8.xml:43 +#: sssd.conf.5.xml:3586 +#, fuzzy +#| msgid "CONFIGURATION OPTIONS" +msgid "PROMPTING CONFIGURATION SECTION" +msgstr "設定オプション" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:3588 +msgid "" +"If a special file (<filename>/var/lib/sss/pubconf/pam_preauth_available</" +"filename>) exists SSSD's PAM module pam_sss will ask SSSD to figure out " +"which authentication methods are available for the user trying to log in. " +"Based on the results pam_sss will prompt the user for appropriate " +"credentials." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:3596 +msgid "" +"With the growing number of authentication methods and the possibility that " +"there are multiple ones for a single user the heuristic used by pam_sss to " +"select the prompting might not be suitable for all use cases. To following " +"options should provide a better flexibility here." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3608 +msgid "[prompting/password]" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3611 +#, fuzzy +#| msgid "password" +msgid "password_prompt" +msgstr "password" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3612 +msgid "to change the string of the password prompt" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3610 +#, fuzzy +#| msgid "" +#| "Options valid for proxy domains. <placeholder type=\"variablelist\" id=" +#| "\"0\"/>" +msgid "" +"to configure password prompting, allowed options are: <placeholder type=" +"\"variablelist\" id=\"0\"/>" +msgstr "" +"プロキシドメインに対して有効なオプションです。 <placeholder type=" +"\"variablelist\" id=\"0\"/>" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3620 +msgid "[prompting/2fa]" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3624 +msgid "first_prompt" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3625 +msgid "to change the string of the prompt for the first factor" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3628 +msgid "second_prompt" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3629 +msgid "to change the string of the prompt for the second factor" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3632 +msgid "single_prompt" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3633 +msgid "" +"boolean value, if True there will be only a single prompt using the value of " +"first_prompt where it is expected that both factor are entered as a single " +"string" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3622 +#, fuzzy +#| msgid "" +#| "Options valid for proxy domains. <placeholder type=\"variablelist\" id=" +#| "\"0\"/>" +msgid "" +"to configure two-factor authentication prompting, allowed options are: " +"<placeholder type=\"variablelist\" id=\"0\"/>" +msgstr "" +"プロキシドメインに対して有効なオプションです。 <placeholder type=" +"\"variablelist\" id=\"0\"/>" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:3603 +msgid "" +"Each supported authentication method has it's own configuration sub-section " +"under <quote>[prompting/...]</quote>. Currently there are: <placeholder type=" +"\"variablelist\" id=\"0\"/> <placeholder type=\"variablelist\" id=\"1\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:3645 +msgid "" +"It is possible to add a sub-section for specific PAM services like e.g. " +"<quote>[prompting/password/sshd]</quote> to individual change the prompting " +"for this service." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sssd.conf.5.xml:3652 idmap_sss.8.xml:43 msgid "EXAMPLES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3524 +#: sssd.conf.5.xml:3658 #, no-wrap msgid "" "[sssd]\n" @@ -4464,7 +4633,7 @@ msgstr "" "enumerate = False\n" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3520 +#: sssd.conf.5.xml:3654 msgid "" "1. The following example shows a typical SSSD config. It does not describe " "configuration of the domains themselves - refer to documentation on " @@ -4473,7 +4642,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3557 +#: sssd.conf.5.xml:3691 #, no-wrap msgid "" "[domain/ipa.com/child.ad.com]\n" @@ -4481,7 +4650,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3551 +#: sssd.conf.5.xml:3685 msgid "" "2. The following example shows configuration of IPA AD trust where the AD " "forest consists of two domains in a parent-child structure. Suppose IPA " @@ -4492,7 +4661,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3571 +#: sssd.conf.5.xml:3705 #, no-wrap msgid "" "[certmap/my.domain/rule_name]\n" @@ -4506,7 +4675,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3562 +#: sssd.conf.5.xml:3696 msgid "" "3. The following example shows the configuration for two certificate mapping " "rules. The first is valid for the configured domain <quote>my.domain</quote> " @@ -4675,7 +4844,7 @@ msgstr "" "な LDAP 検索フィルターである必要があります。" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:662 sssd-ad.5.xml:286 +#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:700 sssd-ad.5.xml:286 #: sss_override.8.xml:137 sss_override.8.xml:234 msgid "Examples:" msgstr "例:" @@ -4774,51 +4943,96 @@ msgstr "初期値: rfc2307" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:209 +#, fuzzy +#| msgid "ldap_group_modify_timestamp (string)" +msgid "ldap_pwmodify_mode (string)" +msgstr "ldap_group_modify_timestamp (文字列)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:212 +msgid "Specify the operation that is used to modify user password." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:216 +#, fuzzy +#| msgid "The two mechanisms currently supported are:" +msgid "Two modes are currently supported:" +msgstr "現在 2 つのメカニズムがサポートされます:" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ldap.5.xml:220 +msgid "exop - Password Modify Extended Operation (RFC 3062)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ldap.5.xml:226 +msgid "ldap_modify - Direct modification of userPassword (not recommended)." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:233 +msgid "" +"Note: First, a new connection is established to verify current password by " +"binding as the user that requested password change. If successful, this " +"connection is used to change the password therefore the user must have write " +"access to userPassword attribute." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:241 +#, fuzzy +#| msgid "Default: gecos" +msgid "Default: exop" +msgstr "初期値: gecos" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:247 msgid "ldap_default_bind_dn (string)" msgstr "ldap_default_bind_dn (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:212 +#: sssd-ldap.5.xml:250 msgid "The default bind DN to use for performing LDAP operations." msgstr "LDAP ユーザー操作を実行するために使用される初期バインド DN です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:219 +#: sssd-ldap.5.xml:257 msgid "ldap_default_authtok_type (string)" msgstr "ldap_default_authtok_type (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:222 +#: sssd-ldap.5.xml:260 msgid "The type of the authentication token of the default bind DN." msgstr "初期バインド DN の認証トークンの形式です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:226 +#: sssd-ldap.5.xml:264 msgid "The two mechanisms currently supported are:" msgstr "現在 2 つのメカニズムがサポートされます:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:229 +#: sssd-ldap.5.xml:267 msgid "password" msgstr "password" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:232 +#: sssd-ldap.5.xml:270 msgid "obfuscated_password" msgstr "obfuscated_password" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:235 +#: sssd-ldap.5.xml:273 msgid "Default: password" msgstr "初期値: password" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:241 +#: sssd-ldap.5.xml:279 msgid "ldap_default_authtok (string)" msgstr "ldap_default_authtok (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:244 +#: sssd-ldap.5.xml:282 msgid "" "The authentication token of the default bind DN. Only clear text passwords " "are currently supported." @@ -4827,72 +5041,72 @@ msgstr "" "在サポートされます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:251 +#: sssd-ldap.5.xml:289 msgid "ldap_user_object_class (string)" msgstr "ldap_user_object_class (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:254 +#: sssd-ldap.5.xml:292 msgid "The object class of a user entry in LDAP." msgstr "LDAP にあるユーザーエントリーのオブジェクトクラスです。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:257 +#: sssd-ldap.5.xml:295 msgid "Default: posixAccount" msgstr "初期値: posixAccount" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:263 +#: sssd-ldap.5.xml:301 msgid "ldap_user_name (string)" msgstr "ldap_user_name (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:266 +#: sssd-ldap.5.xml:304 msgid "The LDAP attribute that corresponds to the user's login name." msgstr "ユーザーのログイン名に対応する LDAP の属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:270 +#: sssd-ldap.5.xml:308 msgid "Default: uid (rfc2307, rfc2307bis and IPA), sAMAccountName (AD)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:277 +#: sssd-ldap.5.xml:315 msgid "ldap_user_uid_number (string)" msgstr "ldap_user_uid_number (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:280 +#: sssd-ldap.5.xml:318 msgid "The LDAP attribute that corresponds to the user's id." msgstr "ユーザーの ID に対応する LDAP の属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:284 +#: sssd-ldap.5.xml:322 msgid "Default: uidNumber" msgstr "初期値: uidNumber" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:290 +#: sssd-ldap.5.xml:328 msgid "ldap_user_gid_number (string)" msgstr "ldap_user_gid_number (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:293 +#: sssd-ldap.5.xml:331 msgid "The LDAP attribute that corresponds to the user's primary group id." msgstr "ユーザーのプライマリーグループ ID に対応する LDAP の属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:297 sssd-ldap.5.xml:929 +#: sssd-ldap.5.xml:335 sssd-ldap.5.xml:967 msgid "Default: gidNumber" msgstr "初期値: gidNumber" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:303 +#: sssd-ldap.5.xml:341 msgid "ldap_user_primary_group (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:306 +#: sssd-ldap.5.xml:344 msgid "" "Active Directory primary group attribute for ID-mapping. Note that this " "attribute should only be set manually if you are running the <quote>ldap</" @@ -4900,79 +5114,79 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:312 +#: sssd-ldap.5.xml:350 msgid "Default: unset (LDAP), primaryGroupID (AD)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:318 +#: sssd-ldap.5.xml:356 msgid "ldap_user_gecos (string)" msgstr "ldap_user_gecos (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:321 +#: sssd-ldap.5.xml:359 msgid "The LDAP attribute that corresponds to the user's gecos field." msgstr "ユーザーの gecos 項目に対応する LDAP の属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:325 +#: sssd-ldap.5.xml:363 msgid "Default: gecos" msgstr "初期値: gecos" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:331 +#: sssd-ldap.5.xml:369 msgid "ldap_user_home_directory (string)" msgstr "ldap_user_home_directory (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:334 +#: sssd-ldap.5.xml:372 msgid "The LDAP attribute that contains the name of the user's home directory." msgstr "ユーザーのホームディレクトリーの名前を含む LDAP の属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:338 +#: sssd-ldap.5.xml:376 msgid "Default: homeDirectory" msgstr "初期値: homeDirectory" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:344 +#: sssd-ldap.5.xml:382 msgid "ldap_user_shell (string)" msgstr "ldap_user_shell (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:347 +#: sssd-ldap.5.xml:385 msgid "The LDAP attribute that contains the path to the user's default shell." msgstr "ユーザーの初期シェルのパスを含む LDAP の属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:351 +#: sssd-ldap.5.xml:389 msgid "Default: loginShell" msgstr "初期値: loginShell" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:357 +#: sssd-ldap.5.xml:395 msgid "ldap_user_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:360 +#: sssd-ldap.5.xml:398 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:364 sssd-ldap.5.xml:955 +#: sssd-ldap.5.xml:402 sssd-ldap.5.xml:993 msgid "" "Default: not set in the general case, objectGUID for AD and ipaUniqueID for " "IPA" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:371 +#: sssd-ldap.5.xml:409 msgid "ldap_user_objectsid (string)" msgstr "ldap_user_objectsid (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:374 +#: sssd-ldap.5.xml:412 msgid "" "The LDAP attribute that contains the objectSID of an LDAP user object. This " "is usually only necessary for ActiveDirectory servers." @@ -4981,34 +5195,34 @@ msgstr "" "ActiveDirectory サーバーに対してのみ必要です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:379 sssd-ldap.5.xml:970 +#: sssd-ldap.5.xml:417 sssd-ldap.5.xml:1008 msgid "Default: objectSid for ActiveDirectory, not set for other servers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:386 +#: sssd-ldap.5.xml:424 msgid "ldap_user_modify_timestamp (string)" msgstr "ldap_user_modify_timestamp (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:389 sssd-ldap.5.xml:980 sssd-ldap.5.xml:1144 +#: sssd-ldap.5.xml:427 sssd-ldap.5.xml:1018 sssd-ldap.5.xml:1182 msgid "" "The LDAP attribute that contains timestamp of the last modification of the " "parent object." msgstr "親オブジェクトの最終変更のタイムスタンプを含む LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:393 sssd-ldap.5.xml:984 sssd-ldap.5.xml:1151 +#: sssd-ldap.5.xml:431 sssd-ldap.5.xml:1022 sssd-ldap.5.xml:1189 msgid "Default: modifyTimestamp" msgstr "初期値: modifyTimestamp" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:399 +#: sssd-ldap.5.xml:437 msgid "ldap_user_shadow_last_change (string)" msgstr "ldap_user_shadow_last_change (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:402 +#: sssd-ldap.5.xml:440 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -5021,17 +5235,17 @@ msgstr "" "含みます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:412 +#: sssd-ldap.5.xml:450 msgid "Default: shadowLastChange" msgstr "初期値: shadowLastChange" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:418 +#: sssd-ldap.5.xml:456 msgid "ldap_user_shadow_min (string)" msgstr "ldap_user_shadow_min (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:421 +#: sssd-ldap.5.xml:459 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -5044,17 +5258,17 @@ msgstr "" "みます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:430 +#: sssd-ldap.5.xml:468 msgid "Default: shadowMin" msgstr "初期値: shadowMin" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:436 +#: sssd-ldap.5.xml:474 msgid "ldap_user_shadow_max (string)" msgstr "ldap_user_shadow_max (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:439 +#: sssd-ldap.5.xml:477 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -5067,17 +5281,17 @@ msgstr "" "みます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:448 +#: sssd-ldap.5.xml:486 msgid "Default: shadowMax" msgstr "初期値: shadowMax" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:454 +#: sssd-ldap.5.xml:492 msgid "ldap_user_shadow_warning (string)" msgstr "ldap_user_shadow_warning (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:457 +#: sssd-ldap.5.xml:495 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -5090,17 +5304,17 @@ msgstr "" "みます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:467 +#: sssd-ldap.5.xml:505 msgid "Default: shadowWarning" msgstr "初期値: shadowWarning" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:473 +#: sssd-ldap.5.xml:511 msgid "ldap_user_shadow_inactive (string)" msgstr "ldap_user_shadow_inactive (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:476 +#: sssd-ldap.5.xml:514 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -5113,17 +5327,17 @@ msgstr "" "みます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:486 +#: sssd-ldap.5.xml:524 msgid "Default: shadowInactive" msgstr "初期値: shadowInactive" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:492 +#: sssd-ldap.5.xml:530 msgid "ldap_user_shadow_expire (string)" msgstr "ldap_user_shadow_expire (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:495 +#: sssd-ldap.5.xml:533 msgid "" "When using ldap_pwd_policy=shadow or ldap_account_expire_policy=shadow, this " "parameter contains the name of an LDAP attribute corresponding to its " @@ -5136,17 +5350,17 @@ msgstr "" "ます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:505 +#: sssd-ldap.5.xml:543 msgid "Default: shadowExpire" msgstr "初期値: shadowExpire" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:511 +#: sssd-ldap.5.xml:549 msgid "ldap_user_krb_last_pwd_change (string)" msgstr "ldap_user_krb_last_pwd_change (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:514 +#: sssd-ldap.5.xml:552 msgid "" "When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " "an LDAP attribute storing the date and time of last password change in " @@ -5156,17 +5370,17 @@ msgstr "" "の最終パスワード変更日時を保存する LDAP 属性の名前を含みます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:520 +#: sssd-ldap.5.xml:558 msgid "Default: krbLastPwdChange" msgstr "初期値: krbLastPwdChange" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:526 +#: sssd-ldap.5.xml:564 msgid "ldap_user_krb_password_expiration (string)" msgstr "ldap_user_krb_password_expiration (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:529 +#: sssd-ldap.5.xml:567 msgid "" "When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " "an LDAP attribute storing the date and time when current password expires." @@ -5175,17 +5389,17 @@ msgstr "" "ワード失効日時を保存する LDAP 属性の名前を含みます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:535 +#: sssd-ldap.5.xml:573 msgid "Default: krbPasswordExpiration" msgstr "初期値: krbPasswordExpiration" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:541 +#: sssd-ldap.5.xml:579 msgid "ldap_user_ad_account_expires (string)" msgstr "ldap_user_ad_account_expires (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:544 +#: sssd-ldap.5.xml:582 msgid "" "When using ldap_account_expire_policy=ad, this parameter contains the name " "of an LDAP attribute storing the expiration time of the account." @@ -5194,17 +5408,17 @@ msgstr "" "失効日時を保存する LDAP 属性の名前を含みます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:549 +#: sssd-ldap.5.xml:587 msgid "Default: accountExpires" msgstr "初期値: accountExpires" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:555 +#: sssd-ldap.5.xml:593 msgid "ldap_user_ad_user_account_control (string)" msgstr "ldap_user_ad_user_account_control (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:558 +#: sssd-ldap.5.xml:596 msgid "" "When using ldap_account_expire_policy=ad, this parameter contains the name " "of an LDAP attribute storing the user account control bit field." @@ -5213,17 +5427,17 @@ msgstr "" "ウントの制御ビット項目を保存する LDAP 属性の名前を含みます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:563 +#: sssd-ldap.5.xml:601 msgid "Default: userAccountControl" msgstr "初期値: userAccountControl" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:569 +#: sssd-ldap.5.xml:607 msgid "ldap_ns_account_lock (string)" msgstr "ldap_ns_account_lock (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:572 +#: sssd-ldap.5.xml:610 msgid "" "When using ldap_account_expire_policy=rhds or equivalent, this parameter " "determines if access is allowed or not." @@ -5232,17 +5446,17 @@ msgstr "" "ターがアクセスが許可されるかされないかを決定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:577 +#: sssd-ldap.5.xml:615 msgid "Default: nsAccountLock" msgstr "初期値: nsAccountLock" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:583 +#: sssd-ldap.5.xml:621 msgid "ldap_user_nds_login_disabled (string)" msgstr "ldap_user_nds_login_disabled (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:586 +#: sssd-ldap.5.xml:624 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines if " "access is allowed or not." @@ -5251,17 +5465,17 @@ msgstr "" "かをこの属性が決定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:590 sssd-ldap.5.xml:604 +#: sssd-ldap.5.xml:628 sssd-ldap.5.xml:642 msgid "Default: loginDisabled" msgstr "初期値: loginDisabled" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:596 +#: sssd-ldap.5.xml:634 msgid "ldap_user_nds_login_expiration_time (string)" msgstr "ldap_user_nds_login_expiration_time (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:599 +#: sssd-ldap.5.xml:637 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines until " "which date access is granted." @@ -5270,12 +5484,12 @@ msgstr "" "いつまで許可されるのかを決定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:610 +#: sssd-ldap.5.xml:648 msgid "ldap_user_nds_login_allowed_time_map (string)" msgstr "ldap_user_nds_login_allowed_time_map (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:613 +#: sssd-ldap.5.xml:651 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines the " "hours of a day in a week when access is granted." @@ -5284,41 +5498,41 @@ msgstr "" "れるときの一週間の日の時間を決定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:618 +#: sssd-ldap.5.xml:656 msgid "Default: loginAllowedTimeMap" msgstr "初期値: loginAllowedTimeMap" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:624 +#: sssd-ldap.5.xml:662 msgid "ldap_user_principal (string)" msgstr "ldap_user_principal (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:627 +#: sssd-ldap.5.xml:665 msgid "" "The LDAP attribute that contains the user's Kerberos User Principal Name " "(UPN)." msgstr "ユーザーの Kerberos User Principal Name (UPN) を含む LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:631 +#: sssd-ldap.5.xml:669 msgid "Default: krbPrincipalName" msgstr "初期値: krbPrincipalName" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:637 +#: sssd-ldap.5.xml:675 msgid "ldap_user_extra_attrs (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:640 +#: sssd-ldap.5.xml:678 msgid "" "Comma-separated list of LDAP attributes that SSSD would fetch along with the " "usual set of user attributes." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:645 +#: sssd-ldap.5.xml:683 msgid "" "The list can either contain LDAP attribute names only, or colon-separated " "tuples of SSSD cache attribute name and LDAP attribute name. In case only " @@ -5328,7 +5542,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:655 +#: sssd-ldap.5.xml:693 msgid "" "Please note that several attribute names are reserved by SSSD, notably the " "<quote>name</quote> attribute. SSSD would report an error if any of the " @@ -5336,51 +5550,51 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:665 +#: sssd-ldap.5.xml:703 msgid "ldap_user_extra_attrs = telephoneNumber" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:668 +#: sssd-ldap.5.xml:706 msgid "" "Save the <quote>telephoneNumber</quote> attribute from LDAP as " "<quote>telephoneNumber</quote> to the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:672 +#: sssd-ldap.5.xml:710 msgid "ldap_user_extra_attrs = phone:telephoneNumber" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:675 +#: sssd-ldap.5.xml:713 msgid "" "Save the <quote>telephoneNumber</quote> attribute from LDAP as <quote>phone</" "quote> to the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:685 +#: sssd-ldap.5.xml:723 msgid "ldap_user_ssh_public_key (string)" msgstr "ldap_user_ssh_public_key (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:688 +#: sssd-ldap.5.xml:726 msgid "The LDAP attribute that contains the user's SSH public keys." msgstr "ユーザーの SSH 公開鍵を含む LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:692 sssd-ldap.5.xml:1247 +#: sssd-ldap.5.xml:730 sssd-ldap.5.xml:1285 msgid "Default: sshPublicKey" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:698 +#: sssd-ldap.5.xml:736 msgid "ldap_force_upper_case_realm (boolean)" msgstr "ldap_force_upper_case_realm (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:701 +#: sssd-ldap.5.xml:739 msgid "" "Some directory servers, for example Active Directory, might deliver the " "realm part of the UPN in lower case, which might cause the authentication to " @@ -5392,12 +5606,12 @@ msgstr "" "場合、このオプションを 0 以外に設定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:714 +#: sssd-ldap.5.xml:752 msgid "ldap_enumeration_refresh_timeout (integer)" msgstr "ldap_enumeration_refresh_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:717 +#: sssd-ldap.5.xml:755 msgid "" "Specifies how many seconds SSSD has to wait before refreshing its cache of " "enumerated records." @@ -5405,12 +5619,12 @@ msgstr "" "SSSD が列挙レコードのキャッシュを更新する前に待つ必要がある秒数を指定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:728 +#: sssd-ldap.5.xml:766 msgid "ldap_purge_cache_timeout (integer)" msgstr "ldap_purge_cache_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:731 +#: sssd-ldap.5.xml:769 msgid "" "Determine how often to check the cache for inactive entries (such as groups " "with no members and users who have never logged in) and remove them to save " @@ -5421,7 +5635,7 @@ msgstr "" "削除する間隔を決めます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:737 +#: sssd-ldap.5.xml:775 msgid "" "Setting this option to zero will disable the cache cleanup operation. Please " "note that if enumeration is enabled, the cleanup task is required in order " @@ -5430,43 +5644,43 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:752 +#: sssd-ldap.5.xml:790 msgid "ldap_user_fullname (string)" msgstr "ldap_user_fullname (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:755 +#: sssd-ldap.5.xml:793 msgid "The LDAP attribute that corresponds to the user's full name." msgstr "ユーザーの完全名に対応する LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:759 sssd-ldap.5.xml:1102 sssd-ldap.5.xml:1176 -#: sssd-ldap.5.xml:1285 sssd-ldap.5.xml:2346 sssd-ipa.5.xml:622 +#: sssd-ldap.5.xml:797 sssd-ldap.5.xml:1140 sssd-ldap.5.xml:1214 +#: sssd-ldap.5.xml:1323 sssd-ldap.5.xml:2404 sssd-ipa.5.xml:622 msgid "Default: cn" msgstr "初期値: cn" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:765 +#: sssd-ldap.5.xml:803 msgid "ldap_user_member_of (string)" msgstr "ldap_user_member_of (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:768 +#: sssd-ldap.5.xml:806 msgid "The LDAP attribute that lists the user's group memberships." msgstr "ユーザーのグループメンバーを一覧にする LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:772 sssd-ldap.5.xml:1215 +#: sssd-ldap.5.xml:810 sssd-ldap.5.xml:1253 msgid "Default: memberOf" msgstr "初期値: memberOf" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:778 +#: sssd-ldap.5.xml:816 msgid "ldap_user_authorized_service (string)" msgstr "ldap_user_authorized_service (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:781 +#: sssd-ldap.5.xml:819 msgid "" "If access_provider=ldap and ldap_access_order=authorized_service, SSSD will " "use the presence of the authorizedService attribute in the user's LDAP entry " @@ -5477,7 +5691,7 @@ msgstr "" "authorizedService 属性を使用します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:788 +#: sssd-ldap.5.xml:826 msgid "" "An explicit deny (!svc) is resolved first. Second, SSSD searches for " "explicit allow (svc) and finally for allow_all (*)." @@ -5486,7 +5700,7 @@ msgstr "" "索します。最後にすべて許可 (*) を検索します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:793 +#: sssd-ldap.5.xml:831 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>authorized_service</quote> in order for the " @@ -5494,17 +5708,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:800 +#: sssd-ldap.5.xml:838 msgid "Default: authorizedService" msgstr "初期値: authorizedService" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:806 +#: sssd-ldap.5.xml:844 msgid "ldap_user_authorized_host (string)" msgstr "ldap_user_authorized_host (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:809 +#: sssd-ldap.5.xml:847 msgid "" "If access_provider=ldap and ldap_access_order=host, SSSD will use the " "presence of the host attribute in the user's LDAP entry to determine access " @@ -5515,7 +5729,7 @@ msgstr "" "す。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:815 +#: sssd-ldap.5.xml:853 msgid "" "An explicit deny (!host) is resolved first. Second, SSSD searches for " "explicit allow (host) and finally for allow_all (*)." @@ -5524,7 +5738,7 @@ msgstr "" "索します。最後にすべて許可 (*) が検索されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:820 +#: sssd-ldap.5.xml:858 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>host</quote> in order for the " @@ -5532,17 +5746,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:827 +#: sssd-ldap.5.xml:865 msgid "Default: host" msgstr "初期値: host" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:833 +#: sssd-ldap.5.xml:871 msgid "ldap_user_authorized_rhost (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:836 +#: sssd-ldap.5.xml:874 msgid "" "If access_provider=ldap and ldap_access_order=rhost, SSSD will use the " "presence of the rhost attribute in the user's LDAP entry to determine access " @@ -5550,14 +5764,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:843 +#: sssd-ldap.5.xml:881 msgid "" "An explicit deny (!rhost) is resolved first. Second, SSSD searches for " "explicit allow (rhost) and finally for allow_all (*)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:848 +#: sssd-ldap.5.xml:886 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>rhost</quote> in order for the " @@ -5565,37 +5779,37 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:855 +#: sssd-ldap.5.xml:893 msgid "Default: rhost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:861 +#: sssd-ldap.5.xml:899 msgid "ldap_user_certificate (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:864 +#: sssd-ldap.5.xml:902 msgid "Name of the LDAP attribute containing the X509 certificate of the user." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:868 +#: sssd-ldap.5.xml:906 msgid "Default: userCertificate;binary" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:874 +#: sssd-ldap.5.xml:912 msgid "ldap_user_email (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:877 +#: sssd-ldap.5.xml:915 msgid "Name of the LDAP attribute containing the email address of the user." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:881 +#: sssd-ldap.5.xml:919 msgid "" "Note: If an email address of a user conflicts with an email address or fully " "qualified name of another user, then SSSD will not be able to serve those " @@ -5605,82 +5819,82 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:890 +#: sssd-ldap.5.xml:928 msgid "Default: mail" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:896 +#: sssd-ldap.5.xml:934 msgid "ldap_group_object_class (string)" msgstr "ldap_group_object_class (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:899 +#: sssd-ldap.5.xml:937 msgid "The object class of a group entry in LDAP." msgstr "LDAP にあるグループエントリーのオブジェクトクラスです。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:902 +#: sssd-ldap.5.xml:940 msgid "Default: posixGroup" msgstr "初期値: posixGroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:908 +#: sssd-ldap.5.xml:946 msgid "ldap_group_name (string)" msgstr "ldap_group_name (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:911 +#: sssd-ldap.5.xml:949 msgid "The LDAP attribute that corresponds to the group name." msgstr "グループ名に対応する LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:915 +#: sssd-ldap.5.xml:953 msgid "Default: cn (rfc2307, rfc2307bis and IPA), sAMAccountName (AD)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:922 +#: sssd-ldap.5.xml:960 msgid "ldap_group_gid_number (string)" msgstr "ldap_group_gid_number (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:925 +#: sssd-ldap.5.xml:963 msgid "The LDAP attribute that corresponds to the group's id." msgstr "グループの ID に対応する LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:935 +#: sssd-ldap.5.xml:973 msgid "ldap_group_member (string)" msgstr "ldap_group_member (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:938 +#: sssd-ldap.5.xml:976 msgid "The LDAP attribute that contains the names of the group's members." msgstr "グループのメンバーの名前を含む LDAP の属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:942 +#: sssd-ldap.5.xml:980 msgid "Default: memberuid (rfc2307) / member (rfc2307bis)" msgstr "初期値: memberuid (rfc2307) / member (rfc2307bis)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:948 +#: sssd-ldap.5.xml:986 msgid "ldap_group_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:951 +#: sssd-ldap.5.xml:989 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:962 +#: sssd-ldap.5.xml:1000 msgid "ldap_group_objectsid (string)" msgstr "ldap_group_objectsid (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:965 +#: sssd-ldap.5.xml:1003 msgid "" "The LDAP attribute that contains the objectSID of an LDAP group object. This " "is usually only necessary for ActiveDirectory servers." @@ -5689,24 +5903,24 @@ msgstr "" "ActiveDirectory サーバーに対してのみ必要です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:977 +#: sssd-ldap.5.xml:1015 msgid "ldap_group_modify_timestamp (string)" msgstr "ldap_group_modify_timestamp (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:990 +#: sssd-ldap.5.xml:1028 msgid "ldap_group_type (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:993 +#: sssd-ldap.5.xml:1031 msgid "" "The LDAP attribute that contains an integer value indicating the type of the " "group and maybe other flags." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:998 +#: sssd-ldap.5.xml:1036 msgid "" "This attribute is currently only used by the AD provider to determine if a " "group is a domain local groups and has to be filtered out for trusted " @@ -5714,34 +5928,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1004 +#: sssd-ldap.5.xml:1042 msgid "Default: groupType in the AD provider, otherwise not set" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1011 +#: sssd-ldap.5.xml:1049 msgid "ldap_group_external_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1014 +#: sssd-ldap.5.xml:1052 msgid "" "The LDAP attribute that references group members that are defined in an " "external domain. At the moment, only IPA's external members are supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1020 +#: sssd-ldap.5.xml:1058 msgid "Default: ipaExternalMember in the IPA provider, otherwise unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1027 +#: sssd-ldap.5.xml:1065 msgid "ldap_group_nesting_level (integer)" msgstr "ldap_group_nesting_level (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1030 +#: sssd-ldap.5.xml:1068 msgid "" "If ldap_schema is set to a schema format that supports nested groups (e.g. " "RFC2307bis), then this option controls how many levels of nesting SSSD will " @@ -5752,7 +5966,7 @@ msgstr "" "のオプションは RFC2307 スキーマにおいて効果がありません。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1037 +#: sssd-ldap.5.xml:1075 msgid "" "Note: This option specifies the guaranteed level of nested groups to be " "processed for any lookup. However, nested groups beyond this limit " @@ -5762,7 +5976,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1046 +#: sssd-ldap.5.xml:1084 msgid "" "If ldap_group_nesting_level is set to 0 then no nested groups are processed " "at all. However, when connected to Active-Directory Server 2008 and later " @@ -5772,86 +5986,86 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1055 +#: sssd-ldap.5.xml:1093 msgid "Default: 2" msgstr "初期値: 2" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1064 +#: sssd-ldap.5.xml:1102 msgid "" "This options enables or disables use of Token-Groups attribute when " "performing initgroup for users from Active Directory Server 2008 and later." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1069 +#: sssd-ldap.5.xml:1107 msgid "Default: True for AD and IPA otherwise False." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1075 +#: sssd-ldap.5.xml:1113 msgid "ldap_netgroup_object_class (string)" msgstr "ldap_netgroup_object_class (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1078 +#: sssd-ldap.5.xml:1116 msgid "The object class of a netgroup entry in LDAP." msgstr "LDAP にあるネットワークグループエントリーのオブジェクトクラスです。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1081 +#: sssd-ldap.5.xml:1119 msgid "In IPA provider, ipa_netgroup_object_class should be used instead." msgstr "" "IPA プロバイダーにおいては ipa_netgroup_object_class が代わりに使用されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1085 +#: sssd-ldap.5.xml:1123 msgid "Default: nisNetgroup" msgstr "初期値: nisNetgroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1091 +#: sssd-ldap.5.xml:1129 msgid "ldap_netgroup_name (string)" msgstr "ldap_netgroup_name (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1094 +#: sssd-ldap.5.xml:1132 msgid "The LDAP attribute that corresponds to the netgroup name." msgstr "ネットワークグループ名に対応する LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1098 +#: sssd-ldap.5.xml:1136 msgid "In IPA provider, ipa_netgroup_name should be used instead." msgstr "IPA プロバイダーにおいては ipa_netgroup_name が代わりに使用されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1108 +#: sssd-ldap.5.xml:1146 msgid "ldap_netgroup_member (string)" msgstr "ldap_netgroup_member (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1111 +#: sssd-ldap.5.xml:1149 msgid "The LDAP attribute that contains the names of the netgroup's members." msgstr "ネットワークグループのメンバーの名前を含む LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1115 +#: sssd-ldap.5.xml:1153 msgid "In IPA provider, ipa_netgroup_member should be used instead." msgstr "" "IPA プロバイダーにおいては ipa_netgroup_member が代わりに使用されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1119 +#: sssd-ldap.5.xml:1157 msgid "Default: memberNisNetgroup" msgstr "初期値: memberNisNetgroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1125 +#: sssd-ldap.5.xml:1163 msgid "ldap_netgroup_triple (string)" msgstr "ldap_netgroup_triple (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1128 +#: sssd-ldap.5.xml:1166 msgid "" "The LDAP attribute that contains the (host, user, domain) netgroup triples." msgstr "" @@ -5859,96 +6073,96 @@ msgstr "" "す。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1132 sssd-ldap.5.xml:1148 +#: sssd-ldap.5.xml:1170 sssd-ldap.5.xml:1186 msgid "This option is not available in IPA provider." msgstr "このオプションは IPA プロバイダーにおいて利用可能ではありません。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1135 +#: sssd-ldap.5.xml:1173 msgid "Default: nisNetgroupTriple" msgstr "初期値: nisNetgroupTriple" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1141 +#: sssd-ldap.5.xml:1179 msgid "ldap_netgroup_modify_timestamp (string)" msgstr "ldap_netgroup_modify_timestamp (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1157 +#: sssd-ldap.5.xml:1195 msgid "ldap_host_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1160 +#: sssd-ldap.5.xml:1198 msgid "The object class of a host entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1163 sssd-ldap.5.xml:1272 +#: sssd-ldap.5.xml:1201 sssd-ldap.5.xml:1310 msgid "Default: ipService" msgstr "初期値: ipService" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1169 +#: sssd-ldap.5.xml:1207 msgid "ldap_host_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1172 sssd-ldap.5.xml:1198 +#: sssd-ldap.5.xml:1210 sssd-ldap.5.xml:1236 msgid "The LDAP attribute that corresponds to the host's name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1182 +#: sssd-ldap.5.xml:1220 msgid "ldap_host_fqdn (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1185 +#: sssd-ldap.5.xml:1223 msgid "" "The LDAP attribute that corresponds to the host's fully-qualified domain " "name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1189 +#: sssd-ldap.5.xml:1227 msgid "Default: fqdn" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1195 +#: sssd-ldap.5.xml:1233 msgid "ldap_host_serverhostname (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1202 +#: sssd-ldap.5.xml:1240 msgid "Default: serverHostname" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1208 +#: sssd-ldap.5.xml:1246 msgid "ldap_host_member_of (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1211 +#: sssd-ldap.5.xml:1249 msgid "The LDAP attribute that lists the host's group memberships." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1221 +#: sssd-ldap.5.xml:1259 msgid "ldap_host_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1224 +#: sssd-ldap.5.xml:1262 msgid "Optional. Use the given string as search base for host objects." msgstr "" "オプションです。ホストオブジェクトの検索ベースとして与えられた文字列を使用し" "ます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1228 sssd-ipa.5.xml:374 sssd-ipa.5.xml:393 +#: sssd-ldap.5.xml:1266 sssd-ipa.5.xml:374 sssd-ipa.5.xml:393 #: sssd-ipa.5.xml:412 sssd-ipa.5.xml:431 msgid "" "See <quote>ldap_search_base</quote> for information about configuring " @@ -5958,95 +6172,95 @@ msgstr "" "してください。" #. type: Content of: <listitem><para> -#: sssd-ldap.5.xml:1233 sssd-ipa.5.xml:379 include/ldap_search_bases.xml:27 +#: sssd-ldap.5.xml:1271 sssd-ipa.5.xml:379 include/ldap_search_bases.xml:27 msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" msgstr "初期値: <emphasis>ldap_search_base</emphasis> の値" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1240 +#: sssd-ldap.5.xml:1278 msgid "ldap_host_ssh_public_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1243 +#: sssd-ldap.5.xml:1281 msgid "The LDAP attribute that contains the host's SSH public keys." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1253 +#: sssd-ldap.5.xml:1291 msgid "ldap_host_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1256 +#: sssd-ldap.5.xml:1294 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP host object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1266 +#: sssd-ldap.5.xml:1304 msgid "ldap_service_object_class (string)" msgstr "ldap_service_object_class (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1269 +#: sssd-ldap.5.xml:1307 msgid "The object class of a service entry in LDAP." msgstr "LDAP にあるサービスエントリーのオブジェクトクラスです。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1278 +#: sssd-ldap.5.xml:1316 msgid "ldap_service_name (string)" msgstr "ldap_service_name (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1281 +#: sssd-ldap.5.xml:1319 msgid "" "The LDAP attribute that contains the name of service attributes and their " "aliases." msgstr "サービス属性の名前とそのエイリアスを含む LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1291 +#: sssd-ldap.5.xml:1329 msgid "ldap_service_port (string)" msgstr "ldap_service_port (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1294 +#: sssd-ldap.5.xml:1332 msgid "The LDAP attribute that contains the port managed by this service." msgstr "このサービスにより管理されるポートを含む LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1298 +#: sssd-ldap.5.xml:1336 msgid "Default: ipServicePort" msgstr "初期値: ipServicePort" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1304 +#: sssd-ldap.5.xml:1342 msgid "ldap_service_proto (string)" msgstr "ldap_service_proto (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1307 +#: sssd-ldap.5.xml:1345 msgid "" "The LDAP attribute that contains the protocols understood by this service." msgstr "このサービスにより認識されるプロトコルを含む LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1311 +#: sssd-ldap.5.xml:1349 msgid "Default: ipServiceProtocol" msgstr "初期値: ipServiceProtocol" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1317 +#: sssd-ldap.5.xml:1355 msgid "ldap_service_search_base (string)" msgstr "ldap_service_search_base (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1322 +#: sssd-ldap.5.xml:1360 msgid "ldap_search_timeout (integer)" msgstr "ldap_search_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1325 +#: sssd-ldap.5.xml:1363 msgid "" "Specifies the timeout (in seconds) that ldap searches are allowed to run " "before they are cancelled and cached results are returned (and offline mode " @@ -6054,7 +6268,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1331 +#: sssd-ldap.5.xml:1369 msgid "" "Note: this option is subject to change in future versions of the SSSD. It " "will likely be replaced at some point by a series of timeouts for specific " @@ -6065,12 +6279,12 @@ msgstr "" "かもしれません。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1343 +#: sssd-ldap.5.xml:1381 msgid "ldap_enumeration_search_timeout (integer)" msgstr "ldap_enumeration_search_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1346 +#: sssd-ldap.5.xml:1384 msgid "" "Specifies the timeout (in seconds) that ldap searches for user and group " "enumerations are allowed to run before they are cancelled and cached results " @@ -6078,12 +6292,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1359 +#: sssd-ldap.5.xml:1397 msgid "ldap_network_timeout (integer)" msgstr "ldap_network_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1362 +#: sssd-ldap.5.xml:1400 msgid "" "Specifies the timeout (in seconds) after which the <citerefentry> " "<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" @@ -6099,12 +6313,12 @@ msgstr "" "citerefentry> が未使用を返した後のタイムアウト(秒単位)を指定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1385 +#: sssd-ldap.5.xml:1423 msgid "ldap_opt_timeout (integer)" msgstr "ldap_opt_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1388 +#: sssd-ldap.5.xml:1426 msgid "" "Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " "will abort if no response is received. Also controls the timeout when " @@ -6113,12 +6327,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1403 +#: sssd-ldap.5.xml:1441 msgid "ldap_connection_expire_timeout (integer)" msgstr "ldap_connection_expire_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1406 +#: sssd-ldap.5.xml:1444 msgid "" "Specifies a timeout (in seconds) that a connection to an LDAP server will be " "maintained. After this time, the connection will be re-established. If used " @@ -6127,17 +6341,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1414 sssd-ldap.5.xml:2503 +#: sssd-ldap.5.xml:1452 sssd-ldap.5.xml:2572 msgid "Default: 900 (15 minutes)" msgstr "初期値: 900 (15 分)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1420 +#: sssd-ldap.5.xml:1458 msgid "ldap_page_size (integer)" msgstr "ldap_page_size (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1423 +#: sssd-ldap.5.xml:1461 msgid "" "Specify the number of records to retrieve from LDAP in a single request. " "Some LDAP servers enforce a maximum limit per-request." @@ -6146,17 +6360,17 @@ msgstr "" "バーは 1 要求あたりの最大数の制限を強制します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1428 +#: sssd-ldap.5.xml:1466 msgid "Default: 1000" msgstr "初期値: 1000" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1434 +#: sssd-ldap.5.xml:1472 msgid "ldap_disable_paging (boolean)" msgstr "ldap_disable_paging (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1437 +#: sssd-ldap.5.xml:1475 msgid "" "Disable the LDAP paging control. This option should be used if the LDAP " "server reports that it supports the LDAP paging control in its RootDSE but " @@ -6167,7 +6381,7 @@ msgstr "" "ことを報告する場合に、このオプションが使用されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1443 +#: sssd-ldap.5.xml:1481 msgid "" "Example: OpenLDAP servers with the paging control module installed on the " "server but not enabled will report it in the RootDSE but be unable to use it." @@ -6177,7 +6391,7 @@ msgstr "" "す。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1449 +#: sssd-ldap.5.xml:1487 msgid "" "Example: 389 DS has a bug where it can only support a one paging control at " "a time on a single connection. On busy clients, this can result in some " @@ -6188,17 +6402,17 @@ msgstr "" "があります。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1461 +#: sssd-ldap.5.xml:1499 msgid "ldap_disable_range_retrieval (boolean)" msgstr "ldap_disable_range_retrieval (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1464 +#: sssd-ldap.5.xml:1502 msgid "Disable Active Directory range retrieval." msgstr "Active Directory の範囲の取得を無効化します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1467 +#: sssd-ldap.5.xml:1505 msgid "" "Active Directory limits the number of members to be retrieved in a single " "lookup using the MaxValRange policy (which defaults to 1500 members). If a " @@ -6208,12 +6422,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1482 +#: sssd-ldap.5.xml:1520 msgid "ldap_sasl_minssf (integer)" msgstr "ldap_sasl_minssf (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1485 +#: sssd-ldap.5.xml:1523 msgid "" "When communicating with an LDAP server using SASL, specify the minimum " "security level necessary to establish the connection. The values of this " @@ -6221,17 +6435,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1491 +#: sssd-ldap.5.xml:1529 msgid "Default: Use the system default (usually specified by ldap.conf)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1498 +#: sssd-ldap.5.xml:1536 msgid "ldap_deref_threshold (integer)" msgstr "ldap_deref_threshold (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1501 +#: sssd-ldap.5.xml:1539 msgid "" "Specify the number of group members that must be missing from the internal " "cache in order to trigger a dereference lookup. If less members are missing, " @@ -6239,13 +6453,18 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1507 +#: sssd-ldap.5.xml:1545 msgid "" -"You can turn off dereference lookups completely by setting the value to 0." +"You can turn off dereference lookups completely by setting the value to 0. " +"Please note that there are some codepaths in SSSD, like the IPA HBAC " +"provider, that are only implemented using the dereference call, so even with " +"dereference explicitly disabled, those parts will still use dereference if " +"the server supports it and advertises the dereference control in the rootDSE " +"object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1511 +#: sssd-ldap.5.xml:1556 msgid "" "A dereference lookup is a means of fetching all group members in a single " "LDAP call. Different LDAP servers may implement different dereference " @@ -6254,7 +6473,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1519 +#: sssd-ldap.5.xml:1564 msgid "" "<emphasis>Note:</emphasis> If any of the search bases specifies a search " "filter, then the dereference lookup performance enhancement will be disabled " @@ -6262,12 +6481,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1532 +#: sssd-ldap.5.xml:1577 msgid "ldap_tls_reqcert (string)" msgstr "ldap_tls_reqcert (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1535 +#: sssd-ldap.5.xml:1580 msgid "" "Specifies what checks to perform on server certificates in a TLS session, if " "any. It can be specified as one of the following values:" @@ -6276,7 +6495,7 @@ msgstr "" "クするものを指定します。以下の値のうち 1 つを指定できます:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1541 +#: sssd-ldap.5.xml:1586 msgid "" "<emphasis>never</emphasis> = The client will not request or check any server " "certificate." @@ -6285,7 +6504,7 @@ msgstr "" "確認しません。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1545 +#: sssd-ldap.5.xml:1590 msgid "" "<emphasis>allow</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -6296,7 +6515,7 @@ msgstr "" "無視され、セッションが通常通り進められます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1552 +#: sssd-ldap.5.xml:1597 msgid "" "<emphasis>try</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -6307,7 +6526,7 @@ msgstr "" "ンが直ちに終了します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1558 +#: sssd-ldap.5.xml:1603 msgid "" "<emphasis>demand</emphasis> = The server certificate is requested. If no " "certificate is provided, or a bad certificate is provided, the session is " @@ -6317,22 +6536,22 @@ msgstr "" "なければ、もしくは不正な証明書が提供されれば、セッションが直ちに終了します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1564 +#: sssd-ldap.5.xml:1609 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" msgstr "<emphasis>hard</emphasis> = <quote>demand</quote> と同じです" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1568 +#: sssd-ldap.5.xml:1613 msgid "Default: hard" msgstr "初期値: hard" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1574 +#: sssd-ldap.5.xml:1619 msgid "ldap_tls_cacert (string)" msgstr "ldap_tls_cacert (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1577 +#: sssd-ldap.5.xml:1622 msgid "" "Specifies the file that contains certificates for all of the Certificate " "Authorities that <command>sssd</command> will recognize." @@ -6342,7 +6561,7 @@ msgstr "" "書を含むファイルを指定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1582 sssd-ldap.5.xml:1600 sssd-ldap.5.xml:1641 +#: sssd-ldap.5.xml:1627 sssd-ldap.5.xml:1645 sssd-ldap.5.xml:1686 msgid "" "Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." "conf</filename>" @@ -6351,12 +6570,12 @@ msgstr "" "filename> にあります" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1589 +#: sssd-ldap.5.xml:1634 msgid "ldap_tls_cacertdir (string)" msgstr "ldap_tls_cacertdir (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1592 +#: sssd-ldap.5.xml:1637 msgid "" "Specifies the path of a directory that contains Certificate Authority " "certificates in separate individual files. Typically the file names need to " @@ -6369,32 +6588,32 @@ msgstr "" "ます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1607 +#: sssd-ldap.5.xml:1652 msgid "ldap_tls_cert (string)" msgstr "ldap_tls_cert (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1610 +#: sssd-ldap.5.xml:1655 msgid "Specifies the file that contains the certificate for the client's key." msgstr "クライアントのキーに対する証明書を含むファイルを指定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1620 +#: sssd-ldap.5.xml:1665 msgid "ldap_tls_key (string)" msgstr "ldap_tls_key (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1623 +#: sssd-ldap.5.xml:1668 msgid "Specifies the file that contains the client's key." msgstr "クライアントのキーを含むファイルを指定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1632 +#: sssd-ldap.5.xml:1677 msgid "ldap_tls_cipher_suite (string)" msgstr "ldap_tls_cipher_suite (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1635 +#: sssd-ldap.5.xml:1680 msgid "" "Specifies acceptable cipher suites. Typically this is a colon separated " "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " @@ -6402,12 +6621,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1648 +#: sssd-ldap.5.xml:1693 msgid "ldap_id_use_start_tls (boolean)" msgstr "ldap_id_use_start_tls (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1651 +#: sssd-ldap.5.xml:1696 msgid "" "Specifies that the id_provider connection must also use <systemitem class=" "\"protocol\">tls</systemitem> to protect the channel." @@ -6416,12 +6635,12 @@ msgstr "" "用する必要がある id_provider 接続を指定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1661 +#: sssd-ldap.5.xml:1706 msgid "ldap_id_mapping (boolean)" msgstr "ldap_id_mapping (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1664 +#: sssd-ldap.5.xml:1709 msgid "" "Specifies that SSSD should attempt to map user and group IDs from the " "ldap_user_objectsid and ldap_group_objectsid attributes instead of relying " @@ -6429,18 +6648,18 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1670 +#: sssd-ldap.5.xml:1715 msgid "Currently this feature supports only ActiveDirectory objectSID mapping." msgstr "" "この機能は現在 ActiveDirectory objectSID マッピングのみサポートします。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1680 +#: sssd-ldap.5.xml:1725 msgid "ldap_min_id, ldap_max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1683 +#: sssd-ldap.5.xml:1728 msgid "" "In contrast to the SID based ID mapping which is used if ldap_id_mapping is " "set to true the allowed ID range for ldap_user_uid_number and " @@ -6451,31 +6670,46 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1695 +#: sssd-ldap.5.xml:1740 msgid "Default: not set (both options are set to 0)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1701 +#: sssd-ldap.5.xml:1746 msgid "ldap_sasl_mech (string)" msgstr "ldap_sasl_mech (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1704 +#: sssd-ldap.5.xml:1749 +#, fuzzy +#| msgid "" +#| "Specify the SASL mechanism to use. Currently only GSSAPI is tested and " +#| "supported." msgid "" -"Specify the SASL mechanism to use. Currently only GSSAPI is tested and " -"supported." +"Specify the SASL mechanism to use. Currently only GSSAPI and GSS-SPNEGO are " +"tested and supported." msgstr "" "使用する SASL メカニズムを指定します。現在 GSSAPI のみがテストされサポートさ" "れます。" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1753 +msgid "" +"If the backend supports sub-domains the value of ldap_sasl_mech is " +"automatically inherited to the sub-domains. If a different value is needed " +"for a sub-domain it can be overwritten by setting ldap_sasl_mech for this " +"sub-domain explicitly. Please see TRUSTED DOMAIN SECTION in " +"<citerefentry><refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" +"manvolnum></citerefentry> for details." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1714 +#: sssd-ldap.5.xml:1769 msgid "ldap_sasl_authid (string)" msgstr "ldap_sasl_authid (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ldap.5.xml:1725 +#: sssd-ldap.5.xml:1781 #, no-wrap msgid "" "hostname@REALM\n" @@ -6488,29 +6722,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1717 +#: sssd-ldap.5.xml:1772 msgid "" -"Specify the SASL authorization id to use. When GSSAPI is used, this " -"represents the Kerberos principal used for authentication to the directory. " -"This option can either contain the full principal (for example host/" -"myhost@EXAMPLE.COM) or just the principal name (for example host/myhost). By " -"default, the value is not set and the following principals are used: " -"<placeholder type=\"programlisting\" id=\"0\"/> If none of them are found, " -"the first principal in keytab is returned." +"Specify the SASL authorization id to use. When GSSAPI/GSS-SPNEGO are used, " +"this represents the Kerberos principal used for authentication to the " +"directory. This option can either contain the full principal (for example " +"host/myhost@EXAMPLE.COM) or just the principal name (for example host/" +"myhost). By default, the value is not set and the following principals are " +"used: <placeholder type=\"programlisting\" id=\"0\"/> If none of them are " +"found, the first principal in keytab is returned." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1736 +#: sssd-ldap.5.xml:1792 msgid "Default: host/hostname@REALM" msgstr "初期値: host/hostname@REALM" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1742 +#: sssd-ldap.5.xml:1798 msgid "ldap_sasl_realm (string)" msgstr "ldap_sasl_realm (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1745 +#: sssd-ldap.5.xml:1801 msgid "" "Specify the SASL realm to use. When not specified, this option defaults to " "the value of krb5_realm. If the ldap_sasl_authid contains the realm as " @@ -6518,17 +6752,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1751 +#: sssd-ldap.5.xml:1807 msgid "Default: the value of krb5_realm." msgstr "初期値: krb5_realm の値" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1757 +#: sssd-ldap.5.xml:1813 msgid "ldap_sasl_canonicalize (boolean)" msgstr "ldap_sasl_canonicalize (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1760 +#: sssd-ldap.5.xml:1816 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." @@ -6537,64 +6771,74 @@ msgstr "" "するために逆引きを実行します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1765 +#: sssd-ldap.5.xml:1821 msgid "Default: false;" msgstr "初期値: false;" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1771 +#: sssd-ldap.5.xml:1827 msgid "ldap_krb5_keytab (string)" msgstr "ldap_krb5_keytab (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1774 -msgid "Specify the keytab to use when using SASL/GSSAPI." +#: sssd-ldap.5.xml:1830 +#, fuzzy +#| msgid "Specify the keytab to use when using SASL/GSSAPI." +msgid "Specify the keytab to use when using SASL/GSSAPI/GSS-SPNEGO." msgstr "SASL/GSSAPI を使用するときに使用するキーテーブルを指定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1777 +#: sssd-ldap.5.xml:1834 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" "初期値: システムのキーテーブル、通常 <filename>/etc/krb5.keytab</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1783 +#: sssd-ldap.5.xml:1840 msgid "ldap_krb5_init_creds (boolean)" msgstr "ldap_krb5_init_creds (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1786 +#: sssd-ldap.5.xml:1843 +#, fuzzy +#| msgid "" +#| "Specifies that the id_provider should init Kerberos credentials (TGT). " +#| "This action is performed only if SASL is used and the mechanism selected " +#| "is GSSAPI." msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " -"GSSAPI." +"GSSAPI or GSS-SPNEGO." msgstr "" "Kerberos クレディンシャル (TGT) を初期化する id_provider を指定します。この操" "作は、 SASL が使用され、選択されたメカニズムが GSSAPI である場合のみ実行され" "ます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1798 +#: sssd-ldap.5.xml:1855 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "ldap_krb5_ticket_lifetime (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1801 -msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." +#: sssd-ldap.5.xml:1858 +#, fuzzy +#| msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." +msgid "" +"Specifies the lifetime in seconds of the TGT if GSSAPI or GSS-SPNEGO is used." msgstr "GSSAPI が使用されている場合、TGT の有効期間を秒単位で指定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1805 sssd-ad.5.xml:959 +#: sssd-ldap.5.xml:1862 sssd-ad.5.xml:978 msgid "Default: 86400 (24 hours)" msgstr "初期値: 86400 (24 時間)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1811 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:1868 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "krb5_server, krb5_backup_server (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1814 +#: sssd-ldap.5.xml:1871 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of preference. " @@ -6606,7 +6850,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1826 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:1883 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -6617,7 +6861,7 @@ msgstr "" "ば _tcp にフォールバックします。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1831 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1888 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " @@ -6628,27 +6872,29 @@ msgstr "" "quote> を使用するよう設定ファイルを移行することが推奨されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1840 sssd-ipa.5.xml:443 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1897 sssd-ipa.5.xml:443 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "krb5_realm (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1843 -msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." +#: sssd-ldap.5.xml:1900 +#, fuzzy +#| msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." +msgid "Specify the Kerberos REALM (for SASL/GSSAPI/GSS-SPNEGO auth)." msgstr "(SASL/GSSAPI 認証向け) Kerberos レルムを指定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1846 +#: sssd-ldap.5.xml:1904 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "初期値: システムの初期値、<filename>/etc/krb5.conf</filename> 参照。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1852 sssd-krb5.5.xml:462 +#: sssd-ldap.5.xml:1910 sssd-krb5.5.xml:462 msgid "krb5_canonicalize (boolean)" msgstr "krb5_canonicalize (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1855 +#: sssd-ldap.5.xml:1913 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" @@ -6657,12 +6903,12 @@ msgstr "" "します。この機能は MIT Kerberos >= 1.7 で利用可能です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1867 sssd-krb5.5.xml:477 +#: sssd-ldap.5.xml:1925 sssd-krb5.5.xml:477 msgid "krb5_use_kdcinfo (boolean)" msgstr "krb5_use_kdcinfo (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1870 sssd-krb5.5.xml:480 +#: sssd-ldap.5.xml:1928 sssd-krb5.5.xml:480 msgid "" "Specifies if the SSSD should instruct the Kerberos libraries what realm and " "which KDCs to use. This option is on by default, if you disable it, you need " @@ -6672,7 +6918,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1881 sssd-krb5.5.xml:491 +#: sssd-ldap.5.xml:1939 sssd-krb5.5.xml:491 msgid "" "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more " @@ -6683,12 +6929,12 @@ msgstr "" "manvolnum> </citerefentry> マニュアルページを参照ください。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1895 +#: sssd-ldap.5.xml:1953 msgid "ldap_pwd_policy (string)" msgstr "ldap_pwd_policy (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1898 +#: sssd-ldap.5.xml:1956 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" @@ -6697,7 +6943,7 @@ msgstr "" "す。以下の値が許容されます:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1903 +#: sssd-ldap.5.xml:1961 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." @@ -6706,7 +6952,7 @@ msgstr "" "ンはサーバー側のパスワードポリシーを無効にできません。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1908 +#: sssd-ldap.5.xml:1966 msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " @@ -6717,7 +6963,7 @@ msgstr "" "manvolnum></citerefentry> 形式の属性を使用します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1914 +#: sssd-ldap.5.xml:1972 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " @@ -6728,24 +6974,24 @@ msgstr "" "とき、これらの属性を更新するために chpass_provider=krb5 を使用します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1923 +#: sssd-ldap.5.xml:1981 msgid "" "<emphasis>Note</emphasis>: if a password policy is configured on server " "side, it always takes precedence over policy set with this option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1931 +#: sssd-ldap.5.xml:1989 msgid "ldap_referrals (boolean)" msgstr "ldap_referrals (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1934 +#: sssd-ldap.5.xml:1992 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "自動参照追跡が有効化されるかを指定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1938 +#: sssd-ldap.5.xml:1996 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." @@ -6754,7 +7000,7 @@ msgstr "" "sssd のみが参照追跡をサポートすることに注意してください。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1943 +#: sssd-ldap.5.xml:2001 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " @@ -6763,28 +7009,28 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1957 +#: sssd-ldap.5.xml:2015 msgid "ldap_dns_service_name (string)" msgstr "ldap_dns_service_name (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1960 +#: sssd-ldap.5.xml:2018 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" "サービス検索が有効にされているときに使用するサービスの名前を指定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1964 +#: sssd-ldap.5.xml:2022 msgid "Default: ldap" msgstr "初期値: ldap" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1970 +#: sssd-ldap.5.xml:2028 msgid "ldap_chpass_dns_service_name (string)" msgstr "ldap_chpass_dns_service_name (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1973 +#: sssd-ldap.5.xml:2031 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." @@ -6793,29 +7039,29 @@ msgstr "" "を検索するために使用するサービスの名前を指定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1978 +#: sssd-ldap.5.xml:2036 msgid "Default: not set, i.e. service discovery is disabled" msgstr "初期値: 設定されていません、つまりサービス検索が無効にされています" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1984 +#: sssd-ldap.5.xml:2042 msgid "ldap_chpass_update_last_change (bool)" msgstr "ldap_chpass_update_last_change (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1987 +#: sssd-ldap.5.xml:2045 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1999 +#: sssd-ldap.5.xml:2057 msgid "ldap_access_filter (string)" msgstr "ldap_access_filter (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2002 +#: sssd-ldap.5.xml:2060 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -6831,12 +7077,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2022 +#: sssd-ldap.5.xml:2080 msgid "Example:" msgstr "例:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:2025 +#: sssd-ldap.5.xml:2083 #, no-wrap msgid "" "access_provider = ldap\n" @@ -6845,14 +7091,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2029 +#: sssd-ldap.5.xml:2087 msgid "" "This example means that access to this host is restricted to users whose " "employeeType attribute is set to \"admin\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2034 +#: sssd-ldap.5.xml:2092 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -6861,17 +7107,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2042 sssd-ldap.5.xml:2099 +#: sssd-ldap.5.xml:2100 sssd-ldap.5.xml:2157 msgid "Default: Empty" msgstr "初期値: 空白" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2048 +#: sssd-ldap.5.xml:2106 msgid "ldap_account_expire_policy (string)" msgstr "ldap_account_expire_policy (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2051 +#: sssd-ldap.5.xml:2109 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." @@ -6880,7 +7126,7 @@ msgstr "" "ます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2055 +#: sssd-ldap.5.xml:2113 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -6891,12 +7137,12 @@ msgstr "" "否します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2062 +#: sssd-ldap.5.xml:2120 msgid "The following values are allowed:" msgstr "以下の値が許可されます:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2065 +#: sssd-ldap.5.xml:2123 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." @@ -6905,7 +7151,7 @@ msgstr "" "ldap_user_shadow_expire の値を使用します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2070 +#: sssd-ldap.5.xml:2128 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -6914,7 +7160,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2077 +#: sssd-ldap.5.xml:2135 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " @@ -6925,7 +7171,7 @@ msgstr "" "ldap_ns_account_lock の値を使用します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2083 +#: sssd-ldap.5.xml:2141 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -6938,7 +7184,7 @@ msgstr "" "クセスが許可されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2092 +#: sssd-ldap.5.xml:2150 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>expire</quote> in order for the " @@ -6946,23 +7192,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2105 +#: sssd-ldap.5.xml:2163 msgid "ldap_access_order (string)" msgstr "ldap_access_order (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2108 +#: sssd-ldap.5.xml:2166 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" "アクセス制御オプションのカンマ区切り一覧です。許可される値は次のとおりです:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2112 +#: sssd-ldap.5.xml:2170 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "<emphasis>filter</emphasis>: ldap_access_filter を使用します" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2115 +#: sssd-ldap.5.xml:2173 msgid "" "<emphasis>lockout</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -6972,14 +7218,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2125 +#: sssd-ldap.5.xml:2183 msgid "" "<emphasis> Please note that this option is superseded by the <quote>ppolicy</" "quote> option and might be removed in a future release. </emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2132 +#: sssd-ldap.5.xml:2190 msgid "" "<emphasis>ppolicy</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -6992,12 +7238,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2149 +#: sssd-ldap.5.xml:2207 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "<emphasis>expire</emphasis>: ldap_account_expire_policy を使用します" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2153 +#: sssd-ldap.5.xml:2211 msgid "" "<emphasis>pwd_expire_policy_reject, pwd_expire_policy_warn, " "pwd_expire_policy_renew: </emphasis> These options are useful if users are " @@ -7007,7 +7253,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2163 +#: sssd-ldap.5.xml:2221 msgid "" "The difference between these options is the action taken if user password is " "expired: pwd_expire_policy_reject - user is denied to log in, " @@ -7017,20 +7263,20 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2171 +#: sssd-ldap.5.xml:2229 msgid "" "Note If user password is expired no explicit message is prompted by SSSD." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2175 +#: sssd-ldap.5.xml:2233 msgid "" "Please note that 'access_provider = ldap' must be set for this feature to " "work. Also 'ldap_pwd_policy' must be set to an appropriate password policy." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2180 +#: sssd-ldap.5.xml:2238 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" @@ -7039,44 +7285,44 @@ msgstr "" "authorizedService 属性を使用します" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2185 +#: sssd-ldap.5.xml:2243 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" "<emphasis>host</emphasis>: アクセス権を決めるために host 属性を使用します" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2189 +#: sssd-ldap.5.xml:2247 msgid "" "<emphasis>rhost</emphasis>: use the rhost attribute to determine whether " "remote host can access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2193 +#: sssd-ldap.5.xml:2251 msgid "" "Please note, rhost field in pam is set by application, it is better to check " "what the application sends to pam, before enabling this access control option" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2198 +#: sssd-ldap.5.xml:2256 msgid "Default: filter" msgstr "初期値: filter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2201 +#: sssd-ldap.5.xml:2259 msgid "" "Please note that it is a configuration error if a value is used more than " "once." msgstr "値が複数使用されていると設定エラーになることに注意してください。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2208 +#: sssd-ldap.5.xml:2266 msgid "ldap_pwdlockout_dn (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2211 +#: sssd-ldap.5.xml:2269 msgid "" "This option specifies the DN of password policy entry on LDAP server. Please " "note that absence of this option in sssd.conf in case of enabled account " @@ -7085,22 +7331,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2219 +#: sssd-ldap.5.xml:2277 msgid "Example: cn=ppolicy,ou=policies,dc=example,dc=com" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2222 +#: sssd-ldap.5.xml:2280 msgid "Default: cn=ppolicy,ou=policies,$ldap_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2228 +#: sssd-ldap.5.xml:2286 msgid "ldap_deref (string)" msgstr "ldap_deref (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2231 +#: sssd-ldap.5.xml:2289 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" @@ -7109,12 +7355,12 @@ msgstr "" "ションが許容されます:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2236 +#: sssd-ldap.5.xml:2294 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "<emphasis>never</emphasis>: エイリアスが参照解決されません。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2240 +#: sssd-ldap.5.xml:2298 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." @@ -7123,7 +7369,7 @@ msgstr "" "決されますが、検索のベースオブジェクトの位置を探すときはされません。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2245 +#: sssd-ldap.5.xml:2303 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." @@ -7132,7 +7378,7 @@ msgstr "" "すときのみ参照解決されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2250 +#: sssd-ldap.5.xml:2308 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." @@ -7141,7 +7387,7 @@ msgstr "" "きも位置を検索するときも参照解決されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2255 +#: sssd-ldap.5.xml:2313 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" @@ -7150,19 +7396,19 @@ msgstr "" "して取り扱われます)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2263 +#: sssd-ldap.5.xml:2321 msgid "ldap_rfc2307_fallback_to_local_users (boolean)" msgstr "ldap_rfc2307_fallback_to_local_users (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2266 +#: sssd-ldap.5.xml:2324 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2270 +#: sssd-ldap.5.xml:2328 msgid "" "In some environments where the RFC2307 schema is used, local users are made " "members of LDAP groups by adding their names to the memberUid attribute. " @@ -7173,7 +7419,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2281 +#: sssd-ldap.5.xml:2339 msgid "" "This option falls back to checking if local users are referenced, and caches " "them so that later initgroups() calls will augment the local users with the " @@ -7181,24 +7427,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2293 sssd-ifp.5.xml:136 +#: sssd-ldap.5.xml:2351 sssd-ifp.5.xml:136 msgid "wildcard_limit (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2296 +#: sssd-ldap.5.xml:2354 msgid "" "Specifies an upper limit on the number of entries that are downloaded during " "a wildcard lookup." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2300 +#: sssd-ldap.5.xml:2358 msgid "At the moment, only the InfoPipe responder supports wildcard lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2304 +#: sssd-ldap.5.xml:2362 msgid "Default: 1000 (often the size of one page)" msgstr "" @@ -7218,12 +7464,12 @@ msgstr "" "\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2314 +#: sssd-ldap.5.xml:2372 msgid "SUDO OPTIONS" msgstr "SUDO オプション" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2316 +#: sssd-ldap.5.xml:2374 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -7231,52 +7477,52 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2327 +#: sssd-ldap.5.xml:2385 msgid "ldap_sudorule_object_class (string)" msgstr "ldap_sudorule_object_class (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2330 +#: sssd-ldap.5.xml:2388 msgid "The object class of a sudo rule entry in LDAP." msgstr "LDAP にある sudo ルールエントリーのオブジェクトクラスです。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2333 +#: sssd-ldap.5.xml:2391 msgid "Default: sudoRole" msgstr "初期値: sudoRole" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2339 +#: sssd-ldap.5.xml:2397 msgid "ldap_sudorule_name (string)" msgstr "ldap_sudorule_name (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2342 +#: sssd-ldap.5.xml:2400 msgid "The LDAP attribute that corresponds to the sudo rule name." msgstr "sudo ルール名に対応する LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2352 +#: sssd-ldap.5.xml:2410 msgid "ldap_sudorule_command (string)" msgstr "ldap_sudorule_command (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2355 +#: sssd-ldap.5.xml:2413 msgid "The LDAP attribute that corresponds to the command name." msgstr "コマンド名に対応する LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2359 +#: sssd-ldap.5.xml:2417 msgid "Default: sudoCommand" msgstr "初期値: sudoCommand" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2365 +#: sssd-ldap.5.xml:2423 msgid "ldap_sudorule_host (string)" msgstr "ldap_sudorule_host (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2368 +#: sssd-ldap.5.xml:2426 msgid "" "The LDAP attribute that corresponds to the host name (or host IP address, " "host IP network, or host netgroup)" @@ -7285,17 +7531,17 @@ msgstr "" "クグループ)に対応する LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2373 +#: sssd-ldap.5.xml:2431 msgid "Default: sudoHost" msgstr "初期値: sudoHost" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2379 +#: sssd-ldap.5.xml:2437 msgid "ldap_sudorule_user (string)" msgstr "ldap_sudorule_user (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2382 +#: sssd-ldap.5.xml:2440 msgid "" "The LDAP attribute that corresponds to the user name (or UID, group name or " "user's netgroup)" @@ -7304,49 +7550,49 @@ msgstr "" "る LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2386 +#: sssd-ldap.5.xml:2444 msgid "Default: sudoUser" msgstr "初期値: sudoUser" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2392 +#: sssd-ldap.5.xml:2450 msgid "ldap_sudorule_option (string)" msgstr "ldap_sudorule_option (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2395 +#: sssd-ldap.5.xml:2453 msgid "The LDAP attribute that corresponds to the sudo options." msgstr "sudo オプションに対応する LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2399 +#: sssd-ldap.5.xml:2457 msgid "Default: sudoOption" msgstr "初期値: sudoOption" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2405 +#: sssd-ldap.5.xml:2463 msgid "ldap_sudorule_runasuser (string)" msgstr "ldap_sudorule_runasuser (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2408 +#: sssd-ldap.5.xml:2466 msgid "" "The LDAP attribute that corresponds to the user name that commands may be " "run as." msgstr "コマンドを実行するユーザー名に対応する LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2412 +#: sssd-ldap.5.xml:2470 msgid "Default: sudoRunAsUser" msgstr "初期値: sudoRunAsUser" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2418 +#: sssd-ldap.5.xml:2476 msgid "ldap_sudorule_runasgroup (string)" msgstr "ldap_sudorule_runasgroup (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2421 +#: sssd-ldap.5.xml:2479 msgid "" "The LDAP attribute that corresponds to the group name or group GID that " "commands may be run as." @@ -7354,34 +7600,34 @@ msgstr "" "コマンドを実行するグループ名またはグループの GID に対応する LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2425 +#: sssd-ldap.5.xml:2483 msgid "Default: sudoRunAsGroup" msgstr "初期値: sudoRunAsGroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2431 +#: sssd-ldap.5.xml:2489 msgid "ldap_sudorule_notbefore (string)" msgstr "ldap_sudorule_notbefore (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2434 +#: sssd-ldap.5.xml:2492 msgid "" "The LDAP attribute that corresponds to the start date/time for when the sudo " "rule is valid." msgstr "sudo ルールが有効になる開始日時に対応する LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2438 +#: sssd-ldap.5.xml:2496 msgid "Default: sudoNotBefore" msgstr "初期値: sudoNotBefore" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2444 +#: sssd-ldap.5.xml:2502 msgid "ldap_sudorule_notafter (string)" msgstr "ldap_sudorule_notafter (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2447 +#: sssd-ldap.5.xml:2505 msgid "" "The LDAP attribute that corresponds to the expiration date/time, after which " "the sudo rule will no longer be valid." @@ -7390,39 +7636,39 @@ msgstr "" "す。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2452 +#: sssd-ldap.5.xml:2510 msgid "Default: sudoNotAfter" msgstr "初期値: sudoNotAfter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2458 +#: sssd-ldap.5.xml:2516 msgid "ldap_sudorule_order (string)" msgstr "ldap_sudorule_order (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2461 +#: sssd-ldap.5.xml:2519 msgid "The LDAP attribute that corresponds to the ordering index of the rule." msgstr "ルールの並び替えインデックスに対応する LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2465 +#: sssd-ldap.5.xml:2523 msgid "Default: sudoOrder" msgstr "初期値: sudoOrder" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2471 +#: sssd-ldap.5.xml:2529 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "ldap_sudo_full_refresh_interval (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2474 +#: sssd-ldap.5.xml:2532 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2479 +#: sssd-ldap.5.xml:2537 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </" "emphasis>" @@ -7431,49 +7677,59 @@ msgstr "" "ります" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2484 +#: sssd-ldap.5.xml:2542 msgid "Default: 21600 (6 hours)" msgstr "初期値: 21600 (6 時間)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2490 +#: sssd-ldap.5.xml:2548 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "ldap_sudo_smart_refresh_interval (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2493 +#: sssd-ldap.5.xml:2551 msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " -"rules (which downloads all rules that have USN higher than the highest USN " -"of cached rules)." +"rules (which downloads all rules that have USN higher than the highest " +"server USN value that is currently known by SSSD)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2499 +#: sssd-ldap.5.xml:2557 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:2561 +msgid "" +"<emphasis>Note:</emphasis> the highest USN value can be updated by three " +"tasks: 1) By sudo full and smart refresh (if updated rules are found), 2) by " +"enumeration of users and groups (if enabled and updated users or groups are " +"found) and 3) by reconnecting to the server (by default every 15 minutes, " +"see <emphasis>ldap_connection_expire_timeout</emphasis>)." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2509 +#: sssd-ldap.5.xml:2578 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "ldap_sudo_use_host_filter (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2512 +#: sssd-ldap.5.xml:2581 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2523 +#: sssd-ldap.5.xml:2592 msgid "ldap_sudo_hostnames (string)" msgstr "ldap_sudo_hostnames (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2526 +#: sssd-ldap.5.xml:2595 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." @@ -7482,15 +7738,15 @@ msgstr "" "区切り一覧です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2531 +#: sssd-ldap.5.xml:2600 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2536 sssd-ldap.5.xml:2559 sssd-ldap.5.xml:2577 -#: sssd-ldap.5.xml:2595 +#: sssd-ldap.5.xml:2605 sssd-ldap.5.xml:2628 sssd-ldap.5.xml:2646 +#: sssd-ldap.5.xml:2664 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</" "emphasis> then this option has no effect." @@ -7499,17 +7755,17 @@ msgstr "" "ならば、このオプションは効果を持ちません。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2541 sssd-ldap.5.xml:2564 +#: sssd-ldap.5.xml:2610 sssd-ldap.5.xml:2633 msgid "Default: not specified" msgstr "初期値: 指定なし" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2547 +#: sssd-ldap.5.xml:2616 msgid "ldap_sudo_ip (string)" msgstr "ldap_sudo_ip (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2550 +#: sssd-ldap.5.xml:2619 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." @@ -7518,7 +7774,7 @@ msgstr "" "アドレスの空白区切り一覧です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2555 +#: sssd-ldap.5.xml:2624 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." @@ -7526,38 +7782,38 @@ msgstr "" "このオプションが空白ならば、SSSD は自動的にアドレスを検索しようとします。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2570 +#: sssd-ldap.5.xml:2639 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "ldap_sudo_include_netgroups (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2573 +#: sssd-ldap.5.xml:2642 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2588 +#: sssd-ldap.5.xml:2657 msgid "ldap_sudo_include_regexp (boolean)" msgstr "ldap_sudo_include_regexp (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2591 +#: sssd-ldap.5.xml:2660 msgid "" "If true then SSSD will download every rule that contains a wildcard in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><note><para> -#: sssd-ldap.5.xml:2601 +#: sssd-ldap.5.xml:2670 msgid "" "Using wildcard is an operation that is very costly to evaluate on the LDAP " "server side!" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2613 +#: sssd-ldap.5.xml:2682 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -7569,87 +7825,87 @@ msgstr "" "refentrytitle><manvolnum>5</manvolnum> </citerefentry> を参照してください" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2623 +#: sssd-ldap.5.xml:2692 msgid "AUTOFS OPTIONS" msgstr "AUTOFS オプション" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2625 +#: sssd-ldap.5.xml:2694 msgid "" "Some of the defaults for the parameters below are dependent on the LDAP " "schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2631 +#: sssd-ldap.5.xml:2700 msgid "ldap_autofs_map_master_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2634 +#: sssd-ldap.5.xml:2703 msgid "The name of the automount master map in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2637 +#: sssd-ldap.5.xml:2706 msgid "Default: auto.master" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2644 +#: sssd-ldap.5.xml:2713 msgid "ldap_autofs_map_object_class (string)" msgstr "ldap_autofs_map_object_class (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2647 +#: sssd-ldap.5.xml:2716 msgid "The object class of an automount map entry in LDAP." msgstr "LDAP にある automount マップエントリーのオブジェクトクラスです。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2650 +#: sssd-ldap.5.xml:2719 msgid "Default: nisMap (rfc2307, autofs_provider=ad), otherwise automountMap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2658 +#: sssd-ldap.5.xml:2727 msgid "ldap_autofs_map_name (string)" msgstr "ldap_autofs_map_name (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2661 +#: sssd-ldap.5.xml:2730 msgid "The name of an automount map entry in LDAP." msgstr "LDAP における automount のマップエントリーの名前です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2664 +#: sssd-ldap.5.xml:2733 msgid "" "Default: nisMapName (rfc2307, autofs_provider=ad), otherwise automountMapName" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2672 +#: sssd-ldap.5.xml:2741 msgid "ldap_autofs_entry_object_class (string)" msgstr "ldap_autofs_entry_object_class (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2675 +#: sssd-ldap.5.xml:2744 msgid "" "The object class of an automount entry in LDAP. The entry usually " "corresponds to a mount point." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2680 +#: sssd-ldap.5.xml:2749 msgid "Default: nisObject (rfc2307, autofs_provider=ad), otherwise automount" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2688 +#: sssd-ldap.5.xml:2757 msgid "ldap_autofs_entry_key (string)" msgstr "ldap_autofs_entry_key (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2691 sssd-ldap.5.xml:2706 +#: sssd-ldap.5.xml:2760 sssd-ldap.5.xml:2775 msgid "" "The key of an automount entry in LDAP. The entry usually corresponds to a " "mount point." @@ -7658,24 +7914,24 @@ msgstr "" "ントと対応します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2695 +#: sssd-ldap.5.xml:2764 msgid "Default: cn (rfc2307, autofs_provider=ad), otherwise automountKey" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2703 +#: sssd-ldap.5.xml:2772 msgid "ldap_autofs_entry_value (string)" msgstr "ldap_autofs_entry_value (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2710 +#: sssd-ldap.5.xml:2779 msgid "" "Default: nisMapEntry (rfc2307, autofs_provider=ad), otherwise " "automountInformation" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2629 +#: sssd-ldap.5.xml:2698 msgid "" "<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" "\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " @@ -7684,32 +7940,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2721 +#: sssd-ldap.5.xml:2790 msgid "ADVANCED OPTIONS" msgstr "高度なオプション" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2728 +#: sssd-ldap.5.xml:2797 msgid "ldap_netgroup_search_base (string)" msgstr "ldap_netgroup_search_base (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2733 +#: sssd-ldap.5.xml:2802 msgid "ldap_user_search_base (string)" msgstr "ldap_user_search_base (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2738 +#: sssd-ldap.5.xml:2807 msgid "ldap_group_search_base (string)" msgstr "ldap_group_search_base (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note> -#: sssd-ldap.5.xml:2743 +#: sssd-ldap.5.xml:2812 msgid "<note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note><para> -#: sssd-ldap.5.xml:2745 +#: sssd-ldap.5.xml:2814 msgid "" "If the option <quote>ldap_use_tokengroups</quote> is enabled, the searches " "against Active Directory will not be restricted and return all groups " @@ -7718,22 +7974,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist> -#: sssd-ldap.5.xml:2752 +#: sssd-ldap.5.xml:2821 msgid "</note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2754 +#: sssd-ldap.5.xml:2823 msgid "ldap_sudo_search_base (string)" msgstr "ldap_sudo_search_base (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2759 +#: sssd-ldap.5.xml:2828 msgid "ldap_autofs_search_base (string)" msgstr "ldap_autofs_search_base (文字列)" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2723 +#: sssd-ldap.5.xml:2792 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -7742,14 +7998,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2774 sssd-simple.5.xml:131 sssd-ipa.5.xml:843 -#: sssd-ad.5.xml:1078 sssd-krb5.5.xml:570 sss_rpcidmapd.5.xml:98 +#: sssd-ldap.5.xml:2843 sssd-simple.5.xml:131 sssd-ipa.5.xml:843 +#: sssd-ad.5.xml:1097 sssd-krb5.5.xml:604 sss_rpcidmapd.5.xml:98 #: sssd-files.5.xml:130 sssd-session-recording.5.xml:144 msgid "EXAMPLE" msgstr "例" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2776 +#: sssd-ldap.5.xml:2845 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -7760,7 +8016,7 @@ msgstr "" "す。" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2782 +#: sssd-ldap.5.xml:2851 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -7773,27 +8029,27 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:2781 sssd-ldap.5.xml:2799 sssd-simple.5.xml:139 -#: sssd-ipa.5.xml:851 sssd-ad.5.xml:1086 sssd-sudo.5.xml:56 sssd-krb5.5.xml:579 +#: sssd-ldap.5.xml:2850 sssd-ldap.5.xml:2868 sssd-simple.5.xml:139 +#: sssd-ipa.5.xml:851 sssd-ad.5.xml:1105 sssd-sudo.5.xml:56 sssd-krb5.5.xml:613 #: sssd-files.5.xml:137 sssd-files.5.xml:148 sssd-session-recording.5.xml:150 #: include/ldap_id_mapping.xml:105 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "<placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2793 +#: sssd-ldap.5.xml:2862 msgid "LDAP ACCESS FILTER EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2795 +#: sssd-ldap.5.xml:2864 msgid "" "The following example assumes that SSSD is correctly configured and to use " "the ldap_access_order=lockout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2800 +#: sssd-ldap.5.xml:2869 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -7809,13 +8065,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2815 sssd_krb5_locator_plugin.8.xml:81 sssd-simple.5.xml:148 -#: sssd-ad.5.xml:1101 sssd.8.xml:257 sss_seed.8.xml:163 +#: sssd-ldap.5.xml:2884 sssd_krb5_locator_plugin.8.xml:83 sssd-simple.5.xml:148 +#: sssd-ad.5.xml:1120 sssd.8.xml:257 sss_seed.8.xml:163 msgid "NOTES" msgstr "注記" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2817 +#: sssd-ldap.5.xml:2886 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -8040,17 +8296,15 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: pam_sss.8.xml:211 -#, fuzzy -#| msgid "<option>use_authtok</option>" msgid "<option>try_cert_auth</option>" -msgstr "<option>use_authtok</option>" +msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: pam_sss.8.xml:215 msgid "" "Try to use certificate based authentication, i.e. authentication with a " "Smartcard or similar devices. If a Smartcard is available and the service is " -"allowed for Smartcard authentication the use will be prompted for a PIN and " +"allowed for Smartcard authentication the user will be prompted for a PIN and " "the certificate based authentication will continue" msgstr "" @@ -8063,10 +8317,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: pam_sss.8.xml:231 -#, fuzzy -#| msgid "<option>quiet</option>" msgid "<option>require_cert_auth</option>" -msgstr "<option>quiet</option>" +msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: pam_sss.8.xml:235 @@ -8101,13 +8353,22 @@ msgstr "" "すべてのモジュール形式 (<option>account</option>, <option>auth</option>, " "<option>password</option> および <option>session</option>) が提供されます。" +#. type: Content of: <reference><refentry><refsect1><para> +#: pam_sss.8.xml:259 +msgid "" +"If SSSD's PAM responder is not running, e.g. if the PAM responder socket is " +"not available, pam_sss will return PAM_USER_UNKNOWN when called as " +"<option>account</option> module to avoid issues with users from other " +"sources during access control." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><title> -#: pam_sss.8.xml:262 +#: pam_sss.8.xml:266 msgid "FILES" msgstr "ファイル" #. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:263 +#: pam_sss.8.xml:267 msgid "" "If a password reset by root fails, because the corresponding SSSD provider " "does not support password resets, an individual message can be displayed. " @@ -8118,7 +8379,7 @@ msgstr "" "ば、このメッセージはパスワードをリセットする方法に関する説明があります。" #. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:268 +#: pam_sss.8.xml:272 msgid "" "The message is read from the file <filename>pam_sss_pw_reset_message.LOC</" "filename> where LOC stands for a locale string returned by <citerefentry> " @@ -8130,7 +8391,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:278 +#: pam_sss.8.xml:282 msgid "" "These files are searched in the directory <filename>/etc/sssd/customize/" "DOMAIN_NAME/</filename>. If no matching file is present a generic message is " @@ -8183,34 +8444,44 @@ msgstr "" msgid "" "The plugin reads the information about the KDCs of a given realm from a file " "called <filename>kdcinfo.REALM</filename>. The file should contain one or " -"more IP addresses either in dotted-decimal IPv4 notation or the hexadecimal " -"IPv6 notation. An optional port number can be added to the end separated " -"with a colon, the IPv6 address has to be enclosed in squared brackets in " -"this case as usual. Valid entries are:" +"more DNS names or IP addresses either in dotted-decimal IPv4 notation or the " +"hexadecimal IPv6 notation. An optional port number can be added to the end " +"separated with a colon, the IPv6 address has to be enclosed in squared " +"brackets in this case as usual. Valid entries are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> #: sssd_krb5_locator_plugin.8.xml:58 -msgid "1.2.3.4" +msgid "kdc.example.com" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> #: sssd_krb5_locator_plugin.8.xml:59 -msgid "5.6.7.8:99" +msgid "kdc.example.com:321" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> #: sssd_krb5_locator_plugin.8.xml:60 -msgid "2001:db8:85a3::8a2e:370:7334" +msgid "1.2.3.4" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> #: sssd_krb5_locator_plugin.8.xml:61 +msgid "5.6.7.8:99" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd_krb5_locator_plugin.8.xml:62 +msgid "2001:db8:85a3::8a2e:370:7334" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd_krb5_locator_plugin.8.xml:63 msgid "[2001:db8:85a3::8a2e:370:7334]:321" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:63 +#: sssd_krb5_locator_plugin.8.xml:65 msgid "" "SSSD's krb5 auth-provider which is used by the IPA and AD providers as well " "adds the address of the current KDC or domain controller SSSD is using to " @@ -8218,7 +8489,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:68 +#: sssd_krb5_locator_plugin.8.xml:70 msgid "" "In environments with read-only and read-write KDCs where clients are " "expected to use the read-only instances for the general operations and only " @@ -8231,7 +8502,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:83 +#: sssd_krb5_locator_plugin.8.xml:85 msgid "" "Not all Kerberos implementations support the use of plugins. If " "<command>sssd_krb5_locator_plugin</command> is not available on your system " @@ -8243,7 +8514,7 @@ msgstr "" "す。" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:89 +#: sssd_krb5_locator_plugin.8.xml:91 msgid "" "If the environment variable SSSD_KRB5_LOCATOR_DEBUG is set to any value " "debug messages will be sent to stderr." @@ -8252,13 +8523,22 @@ msgstr "" "セージが標準エラーに送られます。" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:93 +#: sssd_krb5_locator_plugin.8.xml:95 msgid "" "If the environment variable SSSD_KRB5_LOCATOR_DISABLE is set to any value " "the plugin is disabled and will just return KRB5_PLUGIN_NO_HANDLE to the " "caller." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:100 +msgid "" +"If the environment variable SSSD_KRB5_LOCATOR_IGNORE_DNS_FAILURES is set to " +"any value plugin will try to resolve all DNS names in kdcinfo file. By " +"default plugin returns KRB5_PLUGIN_NO_HANDLE to the caller immediately on " +"first DNS resolving failure." +msgstr "" + #. type: Content of: <reference><refentry><refnamediv><refname> #: sssd-simple.5.xml:10 sssd-simple.5.xml:16 msgid "sssd-simple" @@ -9393,7 +9673,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:128 sssd-ad.5.xml:888 +#: sssd-ipa.5.xml:128 sssd-ad.5.xml:907 msgid "dyndns_update (boolean)" msgstr "dyndns_update (論理値)" @@ -9408,7 +9688,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:140 sssd-ad.5.xml:902 +#: sssd-ipa.5.xml:140 sssd-ad.5.xml:921 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" @@ -9426,12 +9706,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:157 sssd-ad.5.xml:913 +#: sssd-ipa.5.xml:157 sssd-ad.5.xml:932 msgid "dyndns_ttl (integer)" msgstr "dyndns_ttl (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:160 sssd-ad.5.xml:916 +#: sssd-ipa.5.xml:160 sssd-ad.5.xml:935 msgid "" "The TTL to apply to the client DNS record when updating it. If " "dyndns_update is false this has no effect. This will override the TTL " @@ -9452,12 +9732,12 @@ msgid "Default: 1200 (seconds)" msgstr "初期値: 1200 (秒)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:177 sssd-ad.5.xml:927 +#: sssd-ipa.5.xml:177 sssd-ad.5.xml:946 msgid "dyndns_iface (string)" msgstr "dyndns_iface (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:180 sssd-ad.5.xml:930 +#: sssd-ipa.5.xml:180 sssd-ad.5.xml:949 msgid "" "Optional. Applicable only when dyndns_update is true. Choose the interface " "or a list of interfaces whose IP addresses should be used for dynamic DNS " @@ -9481,17 +9761,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:197 sssd-ad.5.xml:941 +#: sssd-ipa.5.xml:197 sssd-ad.5.xml:960 msgid "Example: dyndns_iface = em1, vnet1, vnet2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:203 sssd-ad.5.xml:992 +#: sssd-ipa.5.xml:203 sssd-ad.5.xml:1011 msgid "dyndns_auth (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:206 sssd-ad.5.xml:995 +#: sssd-ipa.5.xml:206 sssd-ad.5.xml:1014 msgid "" "Whether the nsupdate utility should use GSS-TSIG authentication for secure " "updates with the DNS server, insecure updates can be sent by setting this " @@ -9499,7 +9779,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:212 sssd-ad.5.xml:1001 +#: sssd-ipa.5.xml:212 sssd-ad.5.xml:1020 msgid "Default: GSS-TSIG" msgstr "" @@ -9526,7 +9806,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:244 sssd-ad.5.xml:947 +#: sssd-ipa.5.xml:244 sssd-ad.5.xml:966 msgid "dyndns_refresh_interval (integer)" msgstr "dyndns_refresh_interval (整数)" @@ -9539,12 +9819,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:260 sssd-ad.5.xml:965 +#: sssd-ipa.5.xml:260 sssd-ad.5.xml:984 msgid "dyndns_update_ptr (bool)" msgstr "dyndns_update_ptr (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:263 sssd-ad.5.xml:968 +#: sssd-ipa.5.xml:263 sssd-ad.5.xml:987 msgid "" "Whether the PTR record should also be explicitly updated when updating the " "client's DNS records. Applicable only when dyndns_update is true." @@ -9563,12 +9843,12 @@ msgid "Default: False (disabled)" msgstr "初期値: False (無効)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:280 sssd-ad.5.xml:979 +#: sssd-ipa.5.xml:280 sssd-ad.5.xml:998 msgid "dyndns_force_tcp (bool)" msgstr "dyndns_force_tcp (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:283 sssd-ad.5.xml:982 +#: sssd-ipa.5.xml:283 sssd-ad.5.xml:1001 msgid "" "Whether the nsupdate utility should default to using TCP for communicating " "with the DNS server." @@ -9577,50 +9857,48 @@ msgstr "" "どうか。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:287 sssd-ad.5.xml:986 +#: sssd-ipa.5.xml:287 sssd-ad.5.xml:1005 msgid "Default: False (let nsupdate choose the protocol)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:293 sssd-ad.5.xml:1007 +#: sssd-ipa.5.xml:293 sssd-ad.5.xml:1026 msgid "dyndns_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:296 sssd-ad.5.xml:1010 +#: sssd-ipa.5.xml:296 sssd-ad.5.xml:1029 msgid "" "The DNS server to use when performing a DNS update. In most setups, it's " "recommended to leave this option unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:301 sssd-ad.5.xml:1015 +#: sssd-ipa.5.xml:301 sssd-ad.5.xml:1034 msgid "" "Setting this option makes sense for environments where the DNS server is " "different from the identity server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:306 sssd-ad.5.xml:1020 +#: sssd-ipa.5.xml:306 sssd-ad.5.xml:1039 msgid "" "Please note that this option will be only used in fallback attempt when " "previous attempt using autodetected settings failed." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:311 sssd-ad.5.xml:1025 +#: sssd-ipa.5.xml:311 sssd-ad.5.xml:1044 msgid "Default: None (let nsupdate choose the server)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:317 sssd-ad.5.xml:1031 -#, fuzzy -#| msgid "dyndns_update (boolean)" +#: sssd-ipa.5.xml:317 sssd-ad.5.xml:1050 msgid "dyndns_update_per_family (boolean)" -msgstr "dyndns_update (論理値)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:320 sssd-ad.5.xml:1034 +#: sssd-ipa.5.xml:320 sssd-ad.5.xml:1053 msgid "" "DNS update is by default performed in two steps - IPv4 update and then IPv6 " "update. In some cases it might be desirable to perform IPv4 and IPv6 update " @@ -9744,26 +10022,26 @@ msgstr "" "めに使用するベース DN に変換されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:458 sssd-ad.5.xml:1049 +#: sssd-ipa.5.xml:458 sssd-ad.5.xml:1068 msgid "krb5_confd_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:461 sssd-ad.5.xml:1052 +#: sssd-ipa.5.xml:461 sssd-ad.5.xml:1071 msgid "" "Absolute path of a directory where SSSD should place Kerberos configuration " "snippets." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:465 sssd-ad.5.xml:1056 +#: sssd-ipa.5.xml:465 sssd-ad.5.xml:1075 msgid "" "To disable the creation of the configuration snippets set the parameter to " "'none'." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:469 sssd-ad.5.xml:1060 +#: sssd-ipa.5.xml:469 sssd-ad.5.xml:1079 msgid "" "Default: not set (krb5.include.d subdirectory of SSSD's pubconf directory)" msgstr "" @@ -9782,7 +10060,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:486 sssd-ipa.5.xml:516 sssd-ipa.5.xml:532 sssd-ad.5.xml:452 +#: sssd-ipa.5.xml:486 sssd-ipa.5.xml:516 sssd-ipa.5.xml:532 sssd-ad.5.xml:471 msgid "Default: 5 (seconds)" msgstr "初期値: 5 (秒)" @@ -10096,36 +10374,20 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ipa.5.xml:749 -#, fuzzy -#| msgid "" -#| "These configuration options can be present in a domain configuration " -#| "section, that is, in a section called <quote>[domain/<replaceable>NAME</" -#| "replaceable>]</quote> <placeholder type=\"variablelist\" id=\"0\"/>" msgid "" "Some configuration options can be also set for a trusted domain. A trusted " "domain configuration can either be done using a subsection, for example: " "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" -"これらの設定オプションはドメイン設定のセクション、つまり <quote>[domain/" -"<replaceable>NAME</replaceable>]</quote> に存在します <placeholder type=" -"\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ipa.5.xml:758 -#, fuzzy -#| msgid "" -#| "Please refer to the <quote>dns_discovery_domain</quote> parameter in the " -#| "<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -#| "manvolnum> </citerefentry> manual page for more details." msgid "" "In addition, some options can be set in the parent domain and inherited by " "the trusted domain using the <quote>subdomain_inherit</quote> option. For " "more details, see the <citerefentry> <refentrytitle>sssd.conf</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page." msgstr "" -"詳細は <citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> マニュアルページにある " -"<quote>dns_discovery_domain</quote> パラメーターを参照してください。" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ipa.5.xml:768 @@ -10152,10 +10414,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> #: sssd-ipa.5.xml:782 -#, fuzzy -#| msgid "ad_server, ad_backup_server (string)" msgid "ad_backup_server" -msgstr "ad_server, ad_backup_server (文字列)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> #: sssd-ipa.5.xml:785 sssd-ipa.5.xml:812 @@ -10164,24 +10424,18 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> #: sssd-ipa.5.xml:788 -#, fuzzy -#| msgid "ldap_search_base (string)" msgid "ldap_search_base" -msgstr "ldap_search_base (文字列)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> #: sssd-ipa.5.xml:791 -#, fuzzy -#| msgid "ldap_user_search_base (string)" msgid "ldap_user_search_base" -msgstr "ldap_user_search_base (文字列)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> #: sssd-ipa.5.xml:794 -#, fuzzy -#| msgid "ldap_group_search_base (string)" msgid "ldap_group_search_base" -msgstr "ldap_group_search_base (文字列)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> #: sssd-ipa.5.xml:803 @@ -10683,10 +10937,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ad.5.xml:421 -#, fuzzy -#| msgid "ldap_id_mapping (boolean)" msgid "ad_gpo_implicit_deny (boolean)" -msgstr "ldap_id_mapping (論理値)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:424 @@ -10700,12 +10952,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:442 +#: sssd-ad.5.xml:441 +#, fuzzy +#| msgid "ldap_referrals (boolean)" +msgid "ad_gpo_ignore_unreadable (boolean)" +msgstr "ldap_referrals (論理値)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:444 +msgid "" +"Normally when some group policy containers (AD object) of applicable group " +"policy objects are not readable by SSSD then users are denied access. This " +"option allows to ignore group policy containers and with them associated " +"policies if their attributes in group policy containers are not readable for " +"SSSD." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:461 msgid "ad_gpo_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:445 +#: sssd-ad.5.xml:464 msgid "" "The amount of time between lookups of GPO policy files against the AD " "server. This will reduce the latency and load on the AD server if there are " @@ -10713,12 +10982,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:458 +#: sssd-ad.5.xml:477 msgid "ad_gpo_map_interactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:461 +#: sssd-ad.5.xml:480 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the InteractiveLogonRight and " @@ -10726,14 +10995,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:467 +#: sssd-ad.5.xml:486 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on locally\" and \"Deny log on locally\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:481 +#: sssd-ad.5.xml:500 #, no-wrap msgid "" "ad_gpo_map_interactive = +my_pam_service, -login\n" @@ -10741,7 +11010,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:472 +#: sssd-ad.5.xml:491 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -10753,42 +11022,42 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:504 +#: sssd-ad.5.xml:523 msgid "gdm-fingerprint" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:524 +#: sssd-ad.5.xml:543 msgid "lightdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:529 +#: sssd-ad.5.xml:548 msgid "lxdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:534 +#: sssd-ad.5.xml:553 msgid "sddm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:539 +#: sssd-ad.5.xml:558 msgid "unity" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:544 +#: sssd-ad.5.xml:563 msgid "xdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:553 +#: sssd-ad.5.xml:572 msgid "ad_gpo_map_remote_interactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:556 +#: sssd-ad.5.xml:575 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the RemoteInteractiveLogonRight and " @@ -10796,7 +11065,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:562 +#: sssd-ad.5.xml:581 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on through Remote Desktop Services\" and \"Deny log on through Remote " @@ -10804,7 +11073,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:577 +#: sssd-ad.5.xml:596 #, no-wrap msgid "" "ad_gpo_map_remote_interactive = +my_pam_service, -sshd\n" @@ -10812,7 +11081,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:568 +#: sssd-ad.5.xml:587 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -10824,22 +11093,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:585 +#: sssd-ad.5.xml:604 msgid "sshd" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:590 +#: sssd-ad.5.xml:609 msgid "cockpit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:599 +#: sssd-ad.5.xml:618 msgid "ad_gpo_map_network (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:602 +#: sssd-ad.5.xml:621 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the NetworkLogonRight and " @@ -10847,7 +11116,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:608 +#: sssd-ad.5.xml:627 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Access " "this computer from the network\" and \"Deny access to this computer from the " @@ -10855,7 +11124,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:623 +#: sssd-ad.5.xml:642 #, no-wrap msgid "" "ad_gpo_map_network = +my_pam_service, -ftp\n" @@ -10863,7 +11132,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:614 +#: sssd-ad.5.xml:633 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -10875,22 +11144,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:631 +#: sssd-ad.5.xml:650 msgid "ftp" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:636 +#: sssd-ad.5.xml:655 msgid "samba" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:645 +#: sssd-ad.5.xml:664 msgid "ad_gpo_map_batch (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:648 +#: sssd-ad.5.xml:667 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the BatchLogonRight and DenyBatchLogonRight " @@ -10898,14 +11167,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:654 +#: sssd-ad.5.xml:673 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a batch job\" and \"Deny log on as a batch job\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:668 +#: sssd-ad.5.xml:687 #, no-wrap msgid "" "ad_gpo_map_batch = +my_pam_service, -crond\n" @@ -10913,7 +11182,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:659 +#: sssd-ad.5.xml:678 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -10925,23 +11194,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:671 +#: sssd-ad.5.xml:690 msgid "" "Note: Cron service name may differ depending on Linux distribution used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:677 +#: sssd-ad.5.xml:696 msgid "crond" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:686 +#: sssd-ad.5.xml:705 msgid "ad_gpo_map_service (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:689 +#: sssd-ad.5.xml:708 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the ServiceLogonRight and " @@ -10949,14 +11218,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:695 +#: sssd-ad.5.xml:714 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a service\" and \"Deny log on as a service\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:708 +#: sssd-ad.5.xml:727 #, no-wrap msgid "" "ad_gpo_map_service = +my_pam_service\n" @@ -10964,7 +11233,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:700 sssd-ad.5.xml:775 +#: sssd-ad.5.xml:719 sssd-ad.5.xml:794 msgid "" "It is possible to add a PAM service name to the default set by using <quote>" "+service_name</quote>. Since the default set is empty, it is not possible " @@ -10975,19 +11244,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:718 +#: sssd-ad.5.xml:737 msgid "ad_gpo_map_permit (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:721 +#: sssd-ad.5.xml:740 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always granted, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:735 +#: sssd-ad.5.xml:754 #, no-wrap msgid "" "ad_gpo_map_permit = +my_pam_service, -sudo\n" @@ -10995,7 +11264,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:726 +#: sssd-ad.5.xml:745 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -11007,29 +11276,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:743 +#: sssd-ad.5.xml:762 msgid "polkit-1" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:758 +#: sssd-ad.5.xml:777 msgid "systemd-user" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:767 +#: sssd-ad.5.xml:786 msgid "ad_gpo_map_deny (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:770 +#: sssd-ad.5.xml:789 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always denied, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:783 +#: sssd-ad.5.xml:802 #, no-wrap msgid "" "ad_gpo_map_deny = +my_pam_service\n" @@ -11037,12 +11306,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:793 +#: sssd-ad.5.xml:812 msgid "ad_gpo_default_right (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:796 +#: sssd-ad.5.xml:815 msgid "" "This option defines how access control is evaluated for PAM service names " "that are not explicitly listed in one of the ad_gpo_map_* options. This " @@ -11055,57 +11324,57 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:809 +#: sssd-ad.5.xml:828 msgid "Supported values for this option include:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:813 +#: sssd-ad.5.xml:832 msgid "interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:818 +#: sssd-ad.5.xml:837 msgid "remote_interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:823 +#: sssd-ad.5.xml:842 msgid "network" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:828 +#: sssd-ad.5.xml:847 msgid "batch" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:833 +#: sssd-ad.5.xml:852 msgid "service" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:838 +#: sssd-ad.5.xml:857 msgid "permit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:843 +#: sssd-ad.5.xml:862 msgid "deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:849 +#: sssd-ad.5.xml:868 msgid "Default: deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:855 +#: sssd-ad.5.xml:874 msgid "ad_maximum_machine_account_password_age (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:858 +#: sssd-ad.5.xml:877 msgid "" "SSSD will check once a day if the machine account password is older than the " "given age in days and try to renew it. A value of 0 will disable the renewal " @@ -11113,17 +11382,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:864 +#: sssd-ad.5.xml:883 msgid "Default: 30 days" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:870 +#: sssd-ad.5.xml:889 msgid "ad_machine_account_password_renewal_opts (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:873 +#: sssd-ad.5.xml:892 msgid "" "This option should only be used to test the machine account renewal task. " "The option expects 2 integers separated by a colon (':'). The first integer " @@ -11133,12 +11402,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:882 +#: sssd-ad.5.xml:901 msgid "Default: 86400:750 (24h and 15m)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:891 +#: sssd-ad.5.xml:910 msgid "" "Optional. This option tells SSSD to automatically update the Active " "Directory DNS server with the IP address of this client. The update is " @@ -11149,19 +11418,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:921 +#: sssd-ad.5.xml:940 msgid "Default: 3600 (seconds)" msgstr "初期値: 3600 (秒)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:937 +#: sssd-ad.5.xml:956 msgid "" "Default: Use the IP addresses of the interface which is used for AD LDAP " "connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:950 +#: sssd-ad.5.xml:969 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -11171,12 +11440,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:973 sss_rpcidmapd.5.xml:76 +#: sssd-ad.5.xml:992 sss_rpcidmapd.5.xml:76 msgid "Default: True" msgstr "初期値: True" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1080 +#: sssd-ad.5.xml:1099 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -11187,7 +11456,7 @@ msgstr "" "AD プロバイダー固有のオプションのみ示してします。" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1087 +#: sssd-ad.5.xml:1106 #, no-wrap msgid "" "[domain/EXAMPLE]\n" @@ -11211,7 +11480,7 @@ msgstr "" "ad_domain = example.com\n" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1107 +#: sssd-ad.5.xml:1126 #, no-wrap msgid "" "access_provider = ldap\n" @@ -11223,7 +11492,7 @@ msgstr "" "ldap_account_expire_policy = ad\n" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1103 +#: sssd-ad.5.xml:1122 msgid "" "The AD access control provider checks if the account is expired. It has the " "same effect as the following configuration of the LDAP provider: " @@ -11231,7 +11500,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1113 +#: sssd-ad.5.xml:1132 msgid "" "However, unless the <quote>ad</quote> access control provider is explicitly " "configured, the default access provider is <quote>permit</quote>. Please " @@ -11241,7 +11510,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1121 +#: sssd-ad.5.xml:1140 msgid "" "When the autofs provider is set to <quote>ad</quote>, the RFC2307 schema " "attribute mapping (nisMap, nisObject, ...) is used, because these attributes " @@ -11657,10 +11926,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd.8.xml:169 -#, fuzzy -#| msgid "<option>-c</option>,<option>--config</option>" msgid "<option>-g</option>,<option>--genconf</option>" -msgstr "<option>-c</option>,<option>--config</option>" +msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.8.xml:173 @@ -11671,10 +11938,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd.8.xml:181 -#, fuzzy -#| msgid "<option>-s</option>,<option>--stdin</option>" msgid "<option>-s</option>,<option>--genconf-section</option>" -msgstr "<option>-s</option>,<option>--stdin</option>" +msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.8.xml:185 @@ -12887,11 +13152,67 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-krb5.5.xml:505 +#, fuzzy +#| msgid "krb5_ccachedir (string)" +msgid "krb5_kdcinfo_lookahead (string)" +msgstr "krb5_ccachedir (文字列)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:508 +#, fuzzy +#| msgid "" +#| "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" +#| "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for " +#| "more information on the locator plugin." +msgid "" +"When krb5_use_kdcinfo is set to true, you can limit the amount of servers " +"handed to <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" +"refentrytitle> <manvolnum>8</manvolnum> </citerefentry>. This might be " +"helpful when there are too many servers discovered using SRV record." +msgstr "" +"位置情報プラグインの詳細は <citerefentry> " +"<refentrytitle>sssd_krb5_locator_plugin</refentrytitle> <manvolnum>8</" +"manvolnum> </citerefentry> マニュアルページを参照ください。" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:518 +msgid "" +"The krb5_kdcinfo_lookahead option contains two numbers seperated by a colon. " +"The first number represents number of primary servers used and the second " +"number specifies the number of backup servers." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:524 +#, fuzzy +#| msgid "" +#| "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" +#| "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for " +#| "more information on the locator plugin." +msgid "" +"For example <emphasis>10:0</emphasis> means that up to 10 primary servers " +"will be handed to <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" +"refentrytitle> <manvolnum>8</manvolnum> </citerefentry>. but no backup " +"servers." +msgstr "" +"位置情報プラグインの詳細は <citerefentry> " +"<refentrytitle>sssd_krb5_locator_plugin</refentrytitle> <manvolnum>8</" +"manvolnum> </citerefentry> マニュアルページを参照ください。" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:533 +#, fuzzy +#| msgid "Default: 3" +msgid "Default: 3:1" +msgstr "初期値: 3" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-krb5.5.xml:539 msgid "krb5_use_enterprise_principal (boolean)" msgstr "krb5_use_enterprise_principal (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:508 +#: sssd-krb5.5.xml:542 msgid "" "Specifies if the user principal should be treated as enterprise principal. " "See section 5 of RFC 6806 for more details about enterprise principals." @@ -12901,12 +13222,12 @@ msgstr "" "してください。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:514 +#: sssd-krb5.5.xml:548 msgid "Default: false (AD provider: true)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:517 +#: sssd-krb5.5.xml:551 msgid "" "The IPA provider will set to option to 'true' if it detects that the server " "is capable of handling enterprise principals and the option is not set " @@ -12914,12 +13235,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:526 +#: sssd-krb5.5.xml:560 msgid "krb5_map_user (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:529 +#: sssd-krb5.5.xml:563 msgid "" "The list of mappings is given as a comma-separated list of pairs " "<quote>username:primary</quote> where <quote>username</quote> is a UNIX user " @@ -12929,7 +13250,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-krb5.5.xml:541 +#: sssd-krb5.5.xml:575 #, no-wrap msgid "" "krb5_realm = REALM\n" @@ -12937,7 +13258,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:546 +#: sssd-krb5.5.xml:580 msgid "" "<quote>joe</quote> and <quote>dick</quote> are UNIX user names and " "<quote>juser</quote> and <quote>richard</quote> are primaries of kerberos " @@ -12962,7 +13283,7 @@ msgstr "" "quote> を参照してください。 <placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:572 +#: sssd-krb5.5.xml:606 msgid "" "The following example assumes that SSSD is correctly configured and FOO is " "one of the domains in the <replaceable>[sssd]</replaceable> section. This " @@ -12974,7 +13295,7 @@ msgstr "" "の設定のみを示し、識別プロバイダーを何も含みません。" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-krb5.5.xml:580 +#: sssd-krb5.5.xml:614 #, no-wrap msgid "" "[domain/FOO]\n" @@ -14257,22 +14578,14 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_ssh_knownhostsproxy.1.xml:89 -#, fuzzy -#| msgid "<option>-k</option>,<option>--kick</option>" msgid "<option>-k</option>,<option>--pubkey</option>" -msgstr "<option>-k</option>,<option>--kick</option>" +msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_ssh_knownhostsproxy.1.xml:93 -#, fuzzy -#| msgid "" -#| "Search for host public keys in SSSD domain <replaceable>DOMAIN</" -#| "replaceable>." msgid "" "Print the host ssh public keys for host <replaceable>HOST</replaceable>." msgstr "" -"SSSD ドメイン <replaceable>DOMAIN</replaceable> においてホスト公開鍵を検索し" -"ます。" #. type: Content of: <reference><refentry><refnamediv><refname> #: idmap_sss.8.xml:10 idmap_sss.8.xml:15 @@ -14423,22 +14736,12 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-files.5.xml:58 -#, fuzzy -#| msgid "" -#| "The skeleton directory, which contains files and directories to be copied " -#| "in the user's home directory, when the home directory is created by " -#| "<citerefentry> <refentrytitle>sss_useradd</refentrytitle> <manvolnum>8</" -#| "manvolnum> </citerefentry>" msgid "" "Please note that some distributions enable the files domain automatically, " "prepending the domain before any explicitly configured domains. See " "enable_files_domain in <citerefentry> <refentrytitle>sssd.conf</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry>." msgstr "" -"ホームディレクトリーが <citerefentry> <refentrytitle>sss_useradd</" -"refentrytitle> <manvolnum>8</manvolnum> </citerefentry> により作成されると" -"き、ユーザーのホームディレクトリーにコピーされるファイルおよびディレクトリー" -"を含む、スケルトンディレクトリーです。" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-files.5.xml:67 @@ -17085,21 +17388,13 @@ msgstr "" #. type: Content of: <refsect1><refsect2><title> #: include/ad_modified_defaults.xml:80 -#, fuzzy -#| msgid "NSS configuration options" msgid "NSS configuration" -msgstr "NSS 設定オプション" +msgstr "" #. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> #: include/ad_modified_defaults.xml:84 -#, fuzzy -#| msgid "" -#| "fallback_homedir = /home/%u\n" -#| " " msgid "fallback_homedir = /home/%d/%u" msgstr "" -"fallback_homedir = /home/%u\n" -" " #. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> #: include/ad_modified_defaults.xml:87 @@ -17213,31 +17508,3 @@ msgstr "" #: include/ipa_modified_defaults.xml:118 msgid "ldap_group_external_member = ipaExternalMember" msgstr "" - -#~ msgid "" -#~ "PLEASE NOTE ALSO: older version of libpcre only support the Python syntax " -#~ "(?P<name>) to label subpatterns." -#~ msgstr "" -#~ "関連注記: 古いバージョンの libpcre はサブパターンをラベル付けするために " -#~ "Python 構文 (?P<name>) のみをサポートします。" - -#~ msgid "ldap_groups_use_matching_rule_in_chain" -#~ msgstr "ldap_groups_use_matching_rule_in_chain" - -#~ msgid "ldap_initgroups_use_matching_rule_in_chain" -#~ msgstr "ldap_initgroups_use_matching_rule_in_chain" - -#~ msgid "" -#~ "<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</" -#~ "manvolnum> </citerefentry> puts the Realm and the name or IP address of " -#~ "the KDC into the environment variables SSSD_KRB5_REALM and SSSD_KRB5_KDC " -#~ "respectively. When <command>sssd_krb5_locator_plugin</command> is called " -#~ "by the kerberos libraries it reads and evaluates these variables and " -#~ "returns them to the libraries." -#~ msgstr "" -#~ "<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</" -#~ "manvolnum> </citerefentry> は、レルム、および KDC の名前または IP アドレス" -#~ "を、それぞれ SSSD_KRB5_REALM および SSSD_KRB5_KDC の中に置きます。" -#~ "<command>sssd_krb5_locator_plugin</command> が Kerberos ライブラリーにより" -#~ "呼び出されるとき、それがこれらの変数を読み込み、評価し、ライブラリーに返し" -#~ "ます。" diff --git a/src/man/po/lv.po b/src/man/po/lv.po index ed4246bd34d..da8d728a183 100644 --- a/src/man/po/lv.po +++ b/src/man/po/lv.po @@ -7,9 +7,9 @@ # Kristaps, 2012 msgid "" msgstr "" -"Project-Id-Version: sssd-docs 1.16.2\n" +"Project-Id-Version: sssd-docs 2.0.99\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2019-02-27 19:54+0100\n" +"POT-Creation-Date: 2019-06-13 20:34+0200\n" "PO-Revision-Date: 2014-12-15 12:00+0000\n" "Last-Translator: Copied by Zanata <copied-by-zanata@zanata.org>\n" "Language-Team: Latvian (http://www.transifex.com/projects/p/sssd/language/" @@ -295,11 +295,11 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:133 sssd.conf.5.xml:579 sssd.conf.5.xml:875 -#: sssd.conf.5.xml:1648 sssd.conf.5.xml:1678 sssd-ldap.5.xml:1792 -#: sssd-ldap.5.xml:1889 sssd-ldap.5.xml:1951 sssd-ldap.5.xml:2517 -#: sssd-ldap.5.xml:2582 sssd-ipa.5.xml:326 sssd-ad.5.xml:227 sssd-ad.5.xml:341 -#: sssd-ad.5.xml:907 sssd-ad.5.xml:1040 sssd-krb5.5.xml:499 +#: sssd.conf.5.xml:133 sssd.conf.5.xml:579 sssd.conf.5.xml:876 +#: sssd.conf.5.xml:1649 sssd.conf.5.xml:1679 sssd-ldap.5.xml:1849 +#: sssd-ldap.5.xml:1947 sssd-ldap.5.xml:2009 sssd-ldap.5.xml:2586 +#: sssd-ldap.5.xml:2651 sssd-ipa.5.xml:326 sssd-ad.5.xml:227 sssd-ad.5.xml:341 +#: sssd-ad.5.xml:926 sssd-ad.5.xml:1059 sssd-krb5.5.xml:499 #: sssd-secrets.5.xml:351 sssd-secrets.5.xml:364 msgid "Default: true" msgstr "" @@ -318,16 +318,16 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:146 sssd.conf.5.xml:576 sssd.conf.5.xml:758 -#: sssd.conf.5.xml:1581 sssd.conf.5.xml:3140 sssd-ldap.5.xml:708 -#: sssd-ldap.5.xml:1655 sssd-ldap.5.xml:1674 sssd-ldap.5.xml:1861 -#: sssd-ldap.5.xml:2287 sssd-ldap.5.xml:2606 sssd-ipa.5.xml:151 +#: sssd.conf.5.xml:1582 sssd.conf.5.xml:3207 sssd-ldap.5.xml:746 +#: sssd-ldap.5.xml:1700 sssd-ldap.5.xml:1719 sssd-ldap.5.xml:1919 +#: sssd-ldap.5.xml:2345 sssd-ldap.5.xml:2675 sssd-ipa.5.xml:151 #: sssd-ipa.5.xml:238 sssd-ipa.5.xml:574 sssd-krb5.5.xml:266 #: sssd-krb5.5.xml:300 sssd-krb5.5.xml:471 msgid "Default: false" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:2325 +#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:2383 #: sssd-systemtap.5.xml:82 sssd-systemtap.5.xml:143 sssd-systemtap.5.xml:210 #: sssd-systemtap.5.xml:248 sssd-systemtap.5.xml:304 msgid "<placeholder type=\"variablelist\" id=\"0\"/>" @@ -352,8 +352,8 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:169 sssd.conf.5.xml:1412 sssd.conf.5.xml:3156 -#: sssd-ldap.5.xml:1526 include/ldap_id_mapping.xml:264 +#: sssd.conf.5.xml:169 sssd.conf.5.xml:1413 sssd.conf.5.xml:3223 +#: sssd-ldap.5.xml:1571 include/ldap_id_mapping.xml:264 msgid "Default: 10" msgstr "Noklusējuma: 10" @@ -368,7 +368,7 @@ msgid "The [sssd] section" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:191 sssd.conf.5.xml:3245 +#: sssd.conf.5.xml:191 sssd.conf.5.xml:3312 msgid "Section parameters" msgstr "" @@ -448,7 +448,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:259 sssd.conf.5.xml:2754 +#: sssd.conf.5.xml:259 sssd.conf.5.xml:2755 msgid "re_expression (string)" msgstr "" @@ -468,12 +468,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:276 sssd.conf.5.xml:2802 +#: sssd.conf.5.xml:276 sssd.conf.5.xml:2803 msgid "full_name_format (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:279 sssd.conf.5.xml:2805 +#: sssd.conf.5.xml:279 sssd.conf.5.xml:2806 msgid "" "A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" "manvolnum> </citerefentry>-compatible format that describes how to compose a " @@ -481,39 +481,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:290 sssd.conf.5.xml:2816 +#: sssd.conf.5.xml:290 sssd.conf.5.xml:2817 msgid "%1$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:291 sssd.conf.5.xml:2817 +#: sssd.conf.5.xml:291 sssd.conf.5.xml:2818 msgid "user name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:294 sssd.conf.5.xml:2820 +#: sssd.conf.5.xml:294 sssd.conf.5.xml:2821 msgid "%2$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:297 sssd.conf.5.xml:2823 +#: sssd.conf.5.xml:297 sssd.conf.5.xml:2824 msgid "domain name as specified in the SSSD config file." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:303 sssd.conf.5.xml:2829 +#: sssd.conf.5.xml:303 sssd.conf.5.xml:2830 msgid "%3$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:306 sssd.conf.5.xml:2832 +#: sssd.conf.5.xml:306 sssd.conf.5.xml:2833 msgid "" "domain flat name. Mostly usable for Active Directory domains, both directly " "configured or discovered via IPA trusts." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:287 sssd.conf.5.xml:2813 +#: sssd.conf.5.xml:287 sssd.conf.5.xml:2814 msgid "" "The following expansions are supported: <placeholder type=\"variablelist\" " "id=\"0\"/>" @@ -637,10 +637,10 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:418 sssd.conf.5.xml:1201 sssd-ldap.5.xml:679 -#: sssd-ldap.5.xml:1260 sssd-ldap.5.xml:1614 sssd-ldap.5.xml:1626 -#: sssd-ldap.5.xml:1708 sssd-ad.5.xml:712 sssd-ad.5.xml:787 sssd.8.xml:126 -#: sssd-krb5.5.xml:410 sssd-krb5.5.xml:556 sssd-secrets.5.xml:339 +#: sssd.conf.5.xml:418 sssd.conf.5.xml:1202 sssd-ldap.5.xml:717 +#: sssd-ldap.5.xml:1298 sssd-ldap.5.xml:1659 sssd-ldap.5.xml:1671 +#: sssd-ldap.5.xml:1763 sssd-ad.5.xml:731 sssd-ad.5.xml:806 sssd.8.xml:126 +#: sssd-krb5.5.xml:410 sssd-krb5.5.xml:590 sssd-secrets.5.xml:339 #: sssd-secrets.5.xml:377 sssd-secrets.5.xml:390 sssd-secrets.5.xml:404 #: sssd-secrets.5.xml:415 include/ldap_id_mapping.xml:205 #: include/ldap_id_mapping.xml:216 @@ -783,12 +783,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:533 sssd.conf.5.xml:1397 sssd.conf.5.xml:1703 +#: sssd.conf.5.xml:533 sssd.conf.5.xml:1398 sssd.conf.5.xml:1704 msgid "This man page was generated for the NSS version." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:536 sssd.conf.5.xml:1400 sssd.conf.5.xml:1706 +#: sssd.conf.5.xml:536 sssd.conf.5.xml:1401 sssd.conf.5.xml:1707 msgid "This man page was generated for the OpenSSL version." msgstr "" @@ -872,7 +872,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:624 sssd.conf.5.xml:1424 sssd.conf.5.xml:3206 +#: sssd.conf.5.xml:624 sssd.conf.5.xml:1425 sssd.conf.5.xml:3273 #: sssd-ad.5.xml:164 sssd-ad.5.xml:302 sssd-ad.5.xml:316 msgid "Default: Not set" msgstr "" @@ -948,8 +948,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:692 sssd.conf.5.xml:724 sssd.conf.5.xml:1006 -#: sssd.conf.5.xml:1267 sssd.conf.5.xml:1513 sssd-ldap.5.xml:1353 +#: sssd.conf.5.xml:692 sssd.conf.5.xml:724 sssd.conf.5.xml:1007 +#: sssd.conf.5.xml:1268 sssd.conf.5.xml:1514 sssd-ldap.5.xml:1391 msgid "Default: 60" msgstr "Noklusējuma: 60" @@ -1009,8 +1009,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:746 sssd.conf.5.xml:1019 sssd.conf.5.xml:1773 -#: sssd-ldap.5.xml:722 +#: sssd.conf.5.xml:746 sssd.conf.5.xml:1020 sssd.conf.5.xml:1774 +#: sssd-ldap.5.xml:760 msgid "Default: 300" msgstr "Noklusējuma: 300" @@ -1087,7 +1087,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:812 sssd.conf.5.xml:1602 +#: sssd.conf.5.xml:812 sssd.conf.5.xml:1603 msgid "Default: 50" msgstr "" @@ -1105,7 +1105,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:826 sssd.conf.5.xml:1626 +#: sssd.conf.5.xml:826 sssd.conf.5.xml:1627 msgid "Default: 15" msgstr "Noklusējuma: 15" @@ -1138,11 +1138,11 @@ msgid "" "Exclude certain users or groups from being fetched from the sss NSS " "database. This is particularly useful for system accounts. This option can " "also be set per-domain or include fully-qualified names to filter only users " -"from the particular domain." +"from the particular domain or by a user principal name (UPN)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:855 +#: sssd.conf.5.xml:856 msgid "" "NOTE: The filter_groups option doesn't affect inheritance of nested group " "members, since filtering happens after they are propagated for returning via " @@ -1151,41 +1151,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:863 +#: sssd.conf.5.xml:864 msgid "Default: root" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:868 +#: sssd.conf.5.xml:869 msgid "filter_users_in_groups (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:871 +#: sssd.conf.5.xml:872 msgid "" "If you want filtered user still be group members set this option to false." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:882 +#: sssd.conf.5.xml:883 msgid "fallback_homedir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:885 +#: sssd.conf.5.xml:886 msgid "" "Set a default template for a user's home directory if one is not specified " "explicitly by the domain's data provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:890 +#: sssd.conf.5.xml:891 msgid "" "The available values for this option are the same as for override_homedir." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:896 +#: sssd.conf.5.xml:897 #, no-wrap msgid "" "fallback_homedir = /home/%u\n" @@ -1193,23 +1193,23 @@ msgid "" msgstr "" #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:894 sssd.conf.5.xml:1334 sssd.conf.5.xml:1353 -#: sssd-krb5.5.xml:539 include/override_homedir.xml:59 +#: sssd.conf.5.xml:895 sssd.conf.5.xml:1335 sssd.conf.5.xml:1354 +#: sssd-krb5.5.xml:573 include/override_homedir.xml:59 msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:900 +#: sssd.conf.5.xml:901 msgid "Default: not set (no substitution for unset home directories)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:906 +#: sssd.conf.5.xml:907 msgid "override_shell (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:909 +#: sssd.conf.5.xml:910 msgid "" "Override the login shell for all users. This option supersedes any other " "shell options if it takes effect and can be set either in the [nss] section " @@ -1217,47 +1217,47 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:915 +#: sssd.conf.5.xml:916 msgid "Default: not set (SSSD will use the value retrieved from LDAP)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:921 +#: sssd.conf.5.xml:922 msgid "allowed_shells (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:924 +#: sssd.conf.5.xml:925 msgid "" "Restrict user shell to one of the listed values. The order of evaluation is:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:927 +#: sssd.conf.5.xml:928 msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:931 +#: sssd.conf.5.xml:932 msgid "" "2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</" "quote>, use the value of the shell_fallback parameter." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:936 +#: sssd.conf.5.xml:937 msgid "" "3. If the shell is not in the allowed_shells list and not in <quote>/etc/" "shells</quote>, a nologin shell is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:941 +#: sssd.conf.5.xml:942 msgid "The wildcard (*) can be used to allow any shell." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:944 +#: sssd.conf.5.xml:945 msgid "" "The (*) is useful if you want to use shell_fallback in case that user's " "shell is not in <quote>/etc/shells</quote> and maintaining list of all " @@ -1265,112 +1265,112 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:951 +#: sssd.conf.5.xml:952 msgid "An empty string for shell is passed as-is to libc." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:954 +#: sssd.conf.5.xml:955 msgid "" "The <quote>/etc/shells</quote> is only read on SSSD start up, which means " "that a restart of the SSSD is required in case a new shell is installed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:958 +#: sssd.conf.5.xml:959 msgid "Default: Not set. The user shell is automatically used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:963 +#: sssd.conf.5.xml:964 msgid "vetoed_shells (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:966 +#: sssd.conf.5.xml:967 msgid "Replace any instance of these shells with the shell_fallback" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:971 +#: sssd.conf.5.xml:972 msgid "shell_fallback (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:974 +#: sssd.conf.5.xml:975 msgid "" "The default shell to use if an allowed shell is not installed on the machine." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:978 +#: sssd.conf.5.xml:979 msgid "Default: /bin/sh" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:983 +#: sssd.conf.5.xml:984 msgid "default_shell" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:986 +#: sssd.conf.5.xml:987 msgid "" "The default shell to use if the provider does not return one during lookup. " "This option can be specified globally in the [nss] section or per-domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:992 +#: sssd.conf.5.xml:993 msgid "" "Default: not set (Return NULL if no shell is specified and rely on libc to " "substitute something sensible when necessary, usually /bin/sh)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:999 sssd.conf.5.xml:1260 +#: sssd.conf.5.xml:1000 sssd.conf.5.xml:1261 msgid "get_domains_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1002 sssd.conf.5.xml:1263 +#: sssd.conf.5.xml:1003 sssd.conf.5.xml:1264 msgid "" "Specifies time in seconds for which the list of subdomains will be " "considered valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1011 +#: sssd.conf.5.xml:1012 msgid "memcache_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1014 +#: sssd.conf.5.xml:1015 msgid "" "Specifies time in seconds for which records in the in-memory cache will be " "valid. Setting this option to zero will disable the in-memory cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1022 +#: sssd.conf.5.xml:1023 msgid "" "WARNING: Disabling the in-memory cache will have significant negative impact " "on SSSD's performance and should only be used for testing." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1028 +#: sssd.conf.5.xml:1029 msgid "" "NOTE: If the environment variable SSS_NSS_USE_MEMCACHE is set to \"NO\", " "client applications will not use the fast in-memory cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1036 sssd-ifp.5.xml:74 +#: sssd.conf.5.xml:1037 sssd-ifp.5.xml:74 msgid "user_attributes (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1039 +#: sssd.conf.5.xml:1040 msgid "" "Some of the additional NSS responder requests can return more attributes " "than just the POSIX ones defined by the NSS interface. The list of " @@ -1381,96 +1381,96 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1052 +#: sssd.conf.5.xml:1053 msgid "" "To make configuration more easy the NSS responder will check the InfoPipe " "option if it is not set for the NSS responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1057 +#: sssd.conf.5.xml:1058 msgid "Default: not set, fallback to InfoPipe option" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1062 +#: sssd.conf.5.xml:1063 msgid "pwfield (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1065 +#: sssd.conf.5.xml:1066 msgid "" "The value that NSS operations that return users or groups will return for " "the <quote>password</quote> field." msgstr "" #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:1070 include/override_homedir.xml:56 +#: sssd.conf.5.xml:1071 include/override_homedir.xml:56 msgid "This option can also be set per-domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1073 +#: sssd.conf.5.xml:1074 msgid "" "Default: <quote>*</quote> (remote domains) or <quote>x</quote> (the files " "domain)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1081 +#: sssd.conf.5.xml:1082 msgid "PAM configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1083 +#: sssd.conf.5.xml:1084 msgid "" "These options can be used to configure the Pluggable Authentication Module " "(PAM) service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1088 +#: sssd.conf.5.xml:1089 msgid "offline_credentials_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1091 +#: sssd.conf.5.xml:1092 msgid "" "If the authentication provider is offline, how long should we allow cached " "logins (in days since the last successful online login)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1096 sssd.conf.5.xml:1109 +#: sssd.conf.5.xml:1097 sssd.conf.5.xml:1110 msgid "Default: 0 (No limit)" msgstr "Noklusējuma: 0 (bez ierobežojuma)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1102 +#: sssd.conf.5.xml:1103 msgid "offline_failed_login_attempts (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1105 +#: sssd.conf.5.xml:1106 msgid "" "If the authentication provider is offline, how many failed login attempts " "are allowed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1115 +#: sssd.conf.5.xml:1116 msgid "offline_failed_login_delay (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1118 +#: sssd.conf.5.xml:1119 msgid "" "The time in minutes which has to pass after offline_failed_login_attempts " "has been reached before a new login attempt is possible." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1123 +#: sssd.conf.5.xml:1124 msgid "" "If set to 0 the user cannot authenticate offline if " "offline_failed_login_attempts has been reached. Only a successful online " @@ -1478,59 +1478,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1129 sssd.conf.5.xml:1227 +#: sssd.conf.5.xml:1130 sssd.conf.5.xml:1228 msgid "Default: 5" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1135 +#: sssd.conf.5.xml:1136 msgid "pam_verbosity (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1138 +#: sssd.conf.5.xml:1139 msgid "" "Controls what kind of messages are shown to the user during authentication. " "The higher the number to more messages are displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1143 +#: sssd.conf.5.xml:1144 msgid "Currently sssd supports the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1146 +#: sssd.conf.5.xml:1147 msgid "<emphasis>0</emphasis>: do not show any message" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1149 +#: sssd.conf.5.xml:1150 msgid "<emphasis>1</emphasis>: show only important messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1153 +#: sssd.conf.5.xml:1154 msgid "<emphasis>2</emphasis>: show informational messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1156 +#: sssd.conf.5.xml:1157 msgid "<emphasis>3</emphasis>: show all messages and debug information" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1160 sssd.8.xml:63 +#: sssd.conf.5.xml:1161 sssd.8.xml:63 msgid "Default: 1" msgstr "Noklusējuma: 1" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1166 +#: sssd.conf.5.xml:1167 msgid "pam_response_filter (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1169 +#: sssd.conf.5.xml:1170 msgid "" "A comma separated list of strings which allows to remove (filter) data sent " "by the PAM responder to pam_sss PAM module. There are different kind of " @@ -1539,61 +1539,61 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1177 +#: sssd.conf.5.xml:1178 msgid "" "While messages already can be controlled with the help of the pam_verbosity " "option this option allows to filter out other kind of responses as well." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1184 +#: sssd.conf.5.xml:1185 msgid "ENV" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1185 +#: sssd.conf.5.xml:1186 msgid "Do not send any environment variables to any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1188 +#: sssd.conf.5.xml:1189 msgid "ENV:var_name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1189 +#: sssd.conf.5.xml:1190 msgid "Do not send environment variable var_name to any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1193 +#: sssd.conf.5.xml:1194 msgid "ENV:var_name:service" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1194 +#: sssd.conf.5.xml:1195 msgid "Do not send environment variable var_name to service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1182 +#: sssd.conf.5.xml:1183 msgid "" "Currently the following filters are supported: <placeholder type=" "\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1204 +#: sssd.conf.5.xml:1205 msgid "Example: ENV:KRB5CCNAME:sudo-i" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1210 +#: sssd.conf.5.xml:1211 msgid "pam_id_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1213 +#: sssd.conf.5.xml:1214 msgid "" "For any PAM request while SSSD is online, the SSSD will attempt to " "immediately update the cached identity information for the user in order to " @@ -1601,7 +1601,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1219 +#: sssd.conf.5.xml:1220 msgid "" "A complete PAM conversation may perform multiple PAM requests, such as " "account management and session opening. This option controls (on a per-" @@ -1610,17 +1610,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1233 +#: sssd.conf.5.xml:1234 msgid "pam_pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1236 sssd.conf.5.xml:2235 +#: sssd.conf.5.xml:1237 sssd.conf.5.xml:2236 msgid "Display a warning N days before the password expires." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1239 +#: sssd.conf.5.xml:1240 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -1628,31 +1628,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1245 sssd.conf.5.xml:2238 +#: sssd.conf.5.xml:1246 sssd.conf.5.xml:2239 msgid "" "If zero is set, then this filter is not applied, i.e. if the expiration " "warning was received from backend server, it will automatically be displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1250 +#: sssd.conf.5.xml:1251 msgid "" "This setting can be overridden by setting <emphasis>pwd_expiration_warning</" "emphasis> for a particular domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1255 sssd.conf.5.xml:3061 sssd.8.xml:79 +#: sssd.conf.5.xml:1256 sssd.conf.5.xml:3069 sssd.8.xml:79 msgid "Default: 0" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1272 +#: sssd.conf.5.xml:1273 msgid "pam_trusted_users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1275 +#: sssd.conf.5.xml:1276 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to run PAM conversations against trusted domains. Users not " @@ -1662,75 +1662,75 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1285 +#: sssd.conf.5.xml:1286 msgid "Default: All users are considered trusted by default" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1289 +#: sssd.conf.5.xml:1290 msgid "" "Please note that UID 0 is always allowed to access the PAM responder even in " "case it is not in the pam_trusted_users list." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1296 +#: sssd.conf.5.xml:1297 msgid "pam_public_domains (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1299 +#: sssd.conf.5.xml:1300 msgid "" "Specifies the comma-separated list of domain names that are accessible even " "to untrusted users." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1303 +#: sssd.conf.5.xml:1304 msgid "Two special values for pam_public_domains option are defined:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1307 +#: sssd.conf.5.xml:1308 msgid "" "all (Untrusted users are allowed to access all domains in PAM responder.)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1311 +#: sssd.conf.5.xml:1312 msgid "" "none (Untrusted users are not allowed to access any domains PAM in " "responder.)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1315 sssd.conf.5.xml:1340 sssd.conf.5.xml:1359 -#: sssd.conf.5.xml:1546 sssd.conf.5.xml:2032 sssd.conf.5.xml:2997 -#: sssd-ldap.5.xml:1920 +#: sssd.conf.5.xml:1316 sssd.conf.5.xml:1341 sssd.conf.5.xml:1360 +#: sssd.conf.5.xml:1547 sssd.conf.5.xml:2033 sssd.conf.5.xml:2998 +#: sssd-ldap.5.xml:1978 msgid "Default: none" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1320 +#: sssd.conf.5.xml:1321 msgid "pam_account_expired_message (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1323 +#: sssd.conf.5.xml:1324 msgid "" "Allows a custom expiration message to be set, replacing the default " "'Permission denied' message." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1328 +#: sssd.conf.5.xml:1329 msgid "" "Note: Please be aware that message is only printed for the SSH service " "unless pam_verbosity is set to 3 (show all messages and debug information)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1336 +#: sssd.conf.5.xml:1337 #, no-wrap msgid "" "pam_account_expired_message = Account expired, please contact help desk.\n" @@ -1738,19 +1738,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1345 +#: sssd.conf.5.xml:1346 msgid "pam_account_locked_message (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1348 +#: sssd.conf.5.xml:1349 msgid "" "Allows a custom lockout message to be set, replacing the default 'Permission " "denied' message." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1355 +#: sssd.conf.5.xml:1356 #, no-wrap msgid "" "pam_account_locked_message = Account locked, please contact help desk.\n" @@ -1758,12 +1758,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1364 +#: sssd.conf.5.xml:1365 msgid "pam_cert_auth (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1367 +#: sssd.conf.5.xml:1368 msgid "" "Enable certificate based Smartcard authentication. Since this requires " "additional communication with the Smartcard which will delay the " @@ -1771,77 +1771,77 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1373 sssd.conf.5.xml:3090 sssd-ldap.5.xml:1455 -#: sssd-ldap.5.xml:1476 sssd-ldap.5.xml:1993 sssd-ad.5.xml:435 +#: sssd.conf.5.xml:1374 sssd-ldap.5.xml:1493 sssd-ldap.5.xml:1514 +#: sssd-ldap.5.xml:2051 sssd-ad.5.xml:435 sssd-ad.5.xml:453 #: include/ldap_id_mapping.xml:244 msgid "Default: False" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1378 +#: sssd.conf.5.xml:1379 msgid "pam_cert_db_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1381 +#: sssd.conf.5.xml:1382 msgid "" "The path to the certificate database which contain the PKCS#11 modules to " "access the Smartcard." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1385 sssd.conf.5.xml:1691 sssd.conf.5.xml:3441 +#: sssd.conf.5.xml:1386 sssd.conf.5.xml:1692 sssd.conf.5.xml:3509 msgid "Default:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1387 sssd.conf.5.xml:1693 +#: sssd.conf.5.xml:1388 sssd.conf.5.xml:1694 msgid "/etc/pki/nssdb (NSS version, path to a NSS database)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1390 sssd.conf.5.xml:1696 +#: sssd.conf.5.xml:1391 sssd.conf.5.xml:1697 msgid "" "/etc/sssd/pki/sssd_auth_ca_db.pem (OpenSSL version, path to a file with " "trusted CA certificates in PEM format)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1405 +#: sssd.conf.5.xml:1406 msgid "p11_child_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1408 +#: sssd.conf.5.xml:1409 msgid "How many seconds will pam_sss wait for p11_child to finish." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1417 +#: sssd.conf.5.xml:1418 msgid "pam_app_services (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1420 +#: sssd.conf.5.xml:1421 msgid "" "Which PAM services are permitted to contact domains of type " "<quote>application</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1429 +#: sssd.conf.5.xml:1430 msgid "pam_p11_allowed_services (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1432 +#: sssd.conf.5.xml:1433 msgid "" "A comma-separated list of PAM service names for which it will be allowed to " "use Smartcards." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1447 +#: sssd.conf.5.xml:1448 #, no-wrap msgid "" "pam_p11_allowed_services = +my_pam_service, -login\n" @@ -1849,7 +1849,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1436 +#: sssd.conf.5.xml:1437 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -1861,65 +1861,63 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1451 sssd-ad.5.xml:485 sssd-ad.5.xml:581 sssd-ad.5.xml:627 -#: sssd-ad.5.xml:673 sssd-ad.5.xml:739 +#: sssd.conf.5.xml:1452 sssd-ad.5.xml:504 sssd-ad.5.xml:600 sssd-ad.5.xml:646 +#: sssd-ad.5.xml:692 sssd-ad.5.xml:758 msgid "Default: the default set of PAM service names includes:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1456 sssd-ad.5.xml:489 +#: sssd.conf.5.xml:1457 sssd-ad.5.xml:508 msgid "login" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1461 sssd-ad.5.xml:494 +#: sssd.conf.5.xml:1462 sssd-ad.5.xml:513 msgid "su" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1466 sssd-ad.5.xml:499 +#: sssd.conf.5.xml:1467 sssd-ad.5.xml:518 msgid "su-l" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1471 sssd-ad.5.xml:514 +#: sssd.conf.5.xml:1472 sssd-ad.5.xml:533 msgid "gdm-smartcard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1476 sssd-ad.5.xml:509 +#: sssd.conf.5.xml:1477 sssd-ad.5.xml:528 msgid "gdm-password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1481 sssd-ad.5.xml:519 +#: sssd.conf.5.xml:1482 sssd-ad.5.xml:538 msgid "kdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1486 sssd-ad.5.xml:748 +#: sssd.conf.5.xml:1487 sssd-ad.5.xml:767 msgid "sudo" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1491 sssd-ad.5.xml:753 +#: sssd.conf.5.xml:1492 sssd-ad.5.xml:772 msgid "sudo-i" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1496 +#: sssd.conf.5.xml:1497 msgid "gnome-screensaver" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1504 -#, fuzzy -#| msgid "timeout (integer)" +#: sssd.conf.5.xml:1505 msgid "p11_wait_for_card_timeout (integer)" -msgstr "noildze (vesels skaitlis)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1507 +#: sssd.conf.5.xml:1508 msgid "" "If Smartcard authentication is required how many extra seconds in addition " "to p11_child_timeout should the PAM responder wait until a Smartcard is " @@ -1927,23 +1925,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1518 +#: sssd.conf.5.xml:1519 msgid "p11_uri (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1521 +#: sssd.conf.5.xml:1522 msgid "" "PKCS#11 URI (see RFC-7512 for details) which can be used to restrict the " "selection of devices used for Smartcard authentication. By default SSSD's " "p11_child will search for a PKCS#11 slot (reader) where the 'removable' " "flags is set and read the certificates from the inserted token from the " -"first slot found. If multiple readers are connected p11_uri can be use to " +"first slot found. If multiple readers are connected p11_uri can be used to " "tell p11_child to use a specific reader." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1534 +#: sssd.conf.5.xml:1535 #, no-wrap msgid "" "p11_uri = slot-description=My%20Smartcar%20Reader\n" @@ -1951,7 +1949,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1538 +#: sssd.conf.5.xml:1539 #, no-wrap msgid "" "p11_uri = library-description=OpenSC%20smartcard%20framework;slot-id=2\n" @@ -1959,7 +1957,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1532 +#: sssd.conf.5.xml:1533 msgid "" "Example: <placeholder type=\"programlisting\" id=\"0\"/> or <placeholder " "type=\"programlisting\" id=\"1\"/> To find suitable URI please check the " @@ -1968,12 +1966,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1554 +#: sssd.conf.5.xml:1555 msgid "SUDO configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1556 +#: sssd.conf.5.xml:1557 msgid "" "These options can be used to configure the sudo service. The detailed " "instructions for configuration of <citerefentry> <refentrytitle>sudo</" @@ -1984,24 +1982,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1573 +#: sssd.conf.5.xml:1574 msgid "sudo_timed (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1576 +#: sssd.conf.5.xml:1577 msgid "" "Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " "that implement time-dependent sudoers entries." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1588 +#: sssd.conf.5.xml:1589 msgid "sudo_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1591 +#: sssd.conf.5.xml:1592 msgid "" "Maximum number of expired rules that can be refreshed at once. If number of " "expired rules is below threshold, those rules are refreshed with " @@ -2011,22 +2009,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1610 +#: sssd.conf.5.xml:1611 msgid "AUTOFS configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1612 +#: sssd.conf.5.xml:1613 msgid "These options can be used to configure the autofs service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1616 +#: sssd.conf.5.xml:1617 msgid "autofs_negative_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1619 +#: sssd.conf.5.xml:1620 msgid "" "Specifies for how many seconds should the autofs responder negative cache " "hits (that is, queries for invalid map entries, like nonexistent ones) " @@ -2034,51 +2032,51 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1635 +#: sssd.conf.5.xml:1636 msgid "SSH configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1637 +#: sssd.conf.5.xml:1638 msgid "These options can be used to configure the SSH service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1641 +#: sssd.conf.5.xml:1642 msgid "ssh_hash_known_hosts (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1644 +#: sssd.conf.5.xml:1645 msgid "" "Whether or not to hash host names and addresses in the managed known_hosts " "file." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1653 +#: sssd.conf.5.xml:1654 msgid "ssh_known_hosts_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1656 +#: sssd.conf.5.xml:1657 msgid "" "How many seconds to keep a host in the managed known_hosts file after its " "host keys were requested." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1660 +#: sssd.conf.5.xml:1661 msgid "Default: 180" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1665 +#: sssd.conf.5.xml:1666 msgid "ssh_use_certificate_keys (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1668 +#: sssd.conf.5.xml:1669 msgid "" "If set to true the <command>sss_ssh_authorizedkeys</command> will return ssh " "keys derived from the public key of X.509 certificates stored in the user " @@ -2087,24 +2085,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1683 +#: sssd.conf.5.xml:1684 msgid "ca_db (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1686 +#: sssd.conf.5.xml:1687 msgid "" "Path to a storage of trusted CA certificates. The option is used to validate " "user certificates before deriving public ssh keys from them." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1714 +#: sssd.conf.5.xml:1715 msgid "PAC responder configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1716 +#: sssd.conf.5.xml:1717 msgid "" "The PAC responder works together with the authorization data plugin for MIT " "Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the " @@ -2115,7 +2113,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1725 +#: sssd.conf.5.xml:1726 msgid "" "If the remote user does not exist in the cache, it is created. The UID is " "determined with the help of the SID, trusted domains will have UPGs and the " @@ -2126,24 +2124,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1733 +#: sssd.conf.5.xml:1734 msgid "" "If there are SIDs of groups from domains sssd knows about, the user will be " "added to those groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1739 +#: sssd.conf.5.xml:1740 msgid "These options can be used to configure the PAC responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1743 sssd-ifp.5.xml:50 +#: sssd.conf.5.xml:1744 sssd-ifp.5.xml:50 msgid "allowed_uids (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1746 +#: sssd.conf.5.xml:1747 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to access the PAC responder. User names are resolved to UIDs at " @@ -2151,12 +2149,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1752 +#: sssd.conf.5.xml:1753 msgid "Default: 0 (only the root user is allowed to access the PAC responder)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1756 +#: sssd.conf.5.xml:1757 msgid "" "Please note that although the UID 0 is used as the default it will be " "overwritten with this option. If you still want to allow the root user to " @@ -2165,24 +2163,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1765 +#: sssd.conf.5.xml:1766 msgid "pac_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1768 +#: sssd.conf.5.xml:1769 msgid "" "Lifetime of the PAC entry in seconds. As long as the PAC is valid the PAC " "data can be used to determine the group memberships of a user." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1781 +#: sssd.conf.5.xml:1782 msgid "Session recording configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1783 +#: sssd.conf.5.xml:1784 msgid "" "Session recording works in conjunction with <citerefentry> " "<refentrytitle>tlog-rec-session</refentrytitle> <manvolnum>8</manvolnum> </" @@ -2192,66 +2190,66 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1796 +#: sssd.conf.5.xml:1797 msgid "These options can be used to configure session recording." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1800 sssd-session-recording.5.xml:64 +#: sssd.conf.5.xml:1801 sssd-session-recording.5.xml:64 msgid "scope (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1807 sssd-session-recording.5.xml:71 +#: sssd.conf.5.xml:1808 sssd-session-recording.5.xml:71 msgid "\"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1810 sssd-session-recording.5.xml:74 +#: sssd.conf.5.xml:1811 sssd-session-recording.5.xml:74 msgid "No users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1815 sssd-session-recording.5.xml:79 +#: sssd.conf.5.xml:1816 sssd-session-recording.5.xml:79 msgid "\"some\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1818 sssd-session-recording.5.xml:82 +#: sssd.conf.5.xml:1819 sssd-session-recording.5.xml:82 msgid "" "Users/groups specified by <replaceable>users</replaceable> and " "<replaceable>groups</replaceable> options are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1827 sssd-session-recording.5.xml:91 +#: sssd.conf.5.xml:1828 sssd-session-recording.5.xml:91 msgid "\"all\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1830 sssd-session-recording.5.xml:94 +#: sssd.conf.5.xml:1831 sssd-session-recording.5.xml:94 msgid "All users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1803 sssd-session-recording.5.xml:67 +#: sssd.conf.5.xml:1804 sssd-session-recording.5.xml:67 msgid "" "One of the following strings specifying the scope of session recording: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1837 sssd-session-recording.5.xml:101 +#: sssd.conf.5.xml:1838 sssd-session-recording.5.xml:101 msgid "Default: \"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1842 sssd-session-recording.5.xml:106 +#: sssd.conf.5.xml:1843 sssd-session-recording.5.xml:106 msgid "users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1845 sssd-session-recording.5.xml:109 +#: sssd.conf.5.xml:1846 sssd-session-recording.5.xml:109 msgid "" "A comma-separated list of users which should have session recording enabled. " "Matches user names as returned by NSS. I.e. after the possible space " @@ -2259,17 +2257,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1851 sssd-session-recording.5.xml:115 +#: sssd.conf.5.xml:1852 sssd-session-recording.5.xml:115 msgid "Default: Empty. Matches no users." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1856 sssd-session-recording.5.xml:120 +#: sssd.conf.5.xml:1857 sssd-session-recording.5.xml:120 msgid "groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1859 sssd-session-recording.5.xml:123 +#: sssd.conf.5.xml:1860 sssd-session-recording.5.xml:123 msgid "" "A comma-separated list of groups, members of which should have session " "recording enabled. Matches group names as returned by NSS. I.e. after the " @@ -2277,7 +2275,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1865 sssd-session-recording.5.xml:129 +#: sssd.conf.5.xml:1866 sssd-session-recording.5.xml:129 msgid "" "NOTE: using this option (having it set to anything) has a considerable " "performance cost, because each uncached request for a user requires " @@ -2285,22 +2283,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1872 sssd-session-recording.5.xml:136 +#: sssd.conf.5.xml:1873 sssd-session-recording.5.xml:136 msgid "Default: Empty. Matches no groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1882 +#: sssd.conf.5.xml:1883 msgid "DOMAIN SECTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1889 +#: sssd.conf.5.xml:1890 msgid "domain_type (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1892 +#: sssd.conf.5.xml:1893 msgid "" "Specifies whether the domain is meant to be used by POSIX-aware clients such " "as the Name Service Switch or by applications that do not need POSIX data to " @@ -2309,14 +2307,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1900 +#: sssd.conf.5.xml:1901 msgid "" "Allowed values for this option are <quote>posix</quote> and " "<quote>application</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1904 +#: sssd.conf.5.xml:1905 msgid "" "POSIX domains are reachable by all services. Application domains are only " "reachable from the InfoPipe responder (see <citerefentry> " @@ -2325,38 +2323,38 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1912 +#: sssd.conf.5.xml:1913 msgid "" "NOTE: The application domains are currently well tested with " "<quote>id_provider=ldap</quote> only." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1916 +#: sssd.conf.5.xml:1917 msgid "" "For an easy way to configure a non-POSIX domains, please see the " "<quote>Application domains</quote> section." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1920 +#: sssd.conf.5.xml:1921 msgid "Default: posix" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1926 +#: sssd.conf.5.xml:1927 msgid "min_id,max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1929 +#: sssd.conf.5.xml:1930 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1934 +#: sssd.conf.5.xml:1935 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For non-" @@ -2365,24 +2363,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1941 +#: sssd.conf.5.xml:1942 msgid "" "These ID limits affect even saving entries to cache, not only returning them " "by name or ID." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1945 +#: sssd.conf.5.xml:1946 msgid "Default: 1 for min_id, 0 (no limit) for max_id" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1951 +#: sssd.conf.5.xml:1952 msgid "enumerate (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1954 +#: sssd.conf.5.xml:1955 msgid "" "Determines if a domain can be enumerated, that is, whether the domain can " "list all the users and group it contains. Note that it is not required to " @@ -2391,29 +2389,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1962 +#: sssd.conf.5.xml:1963 msgid "TRUE = Users and groups are enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1965 +#: sssd.conf.5.xml:1966 msgid "FALSE = No enumerations for this domain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1968 sssd.conf.5.xml:2190 sssd.conf.5.xml:2365 +#: sssd.conf.5.xml:1969 sssd.conf.5.xml:2191 sssd.conf.5.xml:2366 msgid "Default: FALSE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1971 +#: sssd.conf.5.xml:1972 msgid "" "Enumerating a domain requires SSSD to download and store ALL user and group " "entries from the remote server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1976 +#: sssd.conf.5.xml:1977 msgid "" "Note: Enabling enumeration has a moderate performance impact on SSSD while " "enumeration is running. It may take up to several minutes after SSSD startup " @@ -2427,14 +2425,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1991 +#: sssd.conf.5.xml:1992 msgid "" "While the first enumeration is running, requests for the complete user or " "group lists may return no results until it completes." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1996 +#: sssd.conf.5.xml:1997 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " @@ -2443,39 +2441,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2004 +#: sssd.conf.5.xml:2005 msgid "" "For the reasons cited above, enabling enumeration is not recommended, " "especially in large environments." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2012 +#: sssd.conf.5.xml:2013 msgid "subdomain_enumerate (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2019 +#: sssd.conf.5.xml:2020 msgid "all" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2020 +#: sssd.conf.5.xml:2021 msgid "All discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2023 +#: sssd.conf.5.xml:2024 msgid "none" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2024 +#: sssd.conf.5.xml:2025 msgid "No discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2015 +#: sssd.conf.5.xml:2016 msgid "" "Whether any of autodetected trusted domains should be enumerated. The " "supported values are: <placeholder type=\"variablelist\" id=\"0\"/> " @@ -2484,19 +2482,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2038 +#: sssd.conf.5.xml:2039 msgid "entry_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2041 +#: sssd.conf.5.xml:2042 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2045 +#: sssd.conf.5.xml:2046 msgid "" "The cache expiration timestamps are stored as attributes of individual " "objects in the cache. Therefore, changing the cache timeout only has effect " @@ -2507,151 +2505,151 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2058 +#: sssd.conf.5.xml:2059 msgid "Default: 5400" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2064 +#: sssd.conf.5.xml:2065 msgid "entry_cache_user_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2067 +#: sssd.conf.5.xml:2068 msgid "" "How many seconds should nss_sss consider user entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2071 sssd.conf.5.xml:2084 sssd.conf.5.xml:2097 -#: sssd.conf.5.xml:2110 sssd.conf.5.xml:2123 sssd.conf.5.xml:2137 -#: sssd.conf.5.xml:2151 +#: sssd.conf.5.xml:2072 sssd.conf.5.xml:2085 sssd.conf.5.xml:2098 +#: sssd.conf.5.xml:2111 sssd.conf.5.xml:2124 sssd.conf.5.xml:2138 +#: sssd.conf.5.xml:2152 msgid "Default: entry_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2077 +#: sssd.conf.5.xml:2078 msgid "entry_cache_group_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2080 +#: sssd.conf.5.xml:2081 msgid "" "How many seconds should nss_sss consider group entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2090 +#: sssd.conf.5.xml:2091 msgid "entry_cache_netgroup_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2093 +#: sssd.conf.5.xml:2094 msgid "" "How many seconds should nss_sss consider netgroup entries valid before " "asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2103 +#: sssd.conf.5.xml:2104 msgid "entry_cache_service_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2106 +#: sssd.conf.5.xml:2107 msgid "" "How many seconds should nss_sss consider service entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2116 +#: sssd.conf.5.xml:2117 msgid "entry_cache_sudo_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2119 +#: sssd.conf.5.xml:2120 msgid "" "How many seconds should sudo consider rules valid before asking the backend " "again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2129 +#: sssd.conf.5.xml:2130 msgid "entry_cache_autofs_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2132 +#: sssd.conf.5.xml:2133 msgid "" "How many seconds should the autofs service consider automounter maps valid " "before asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2143 +#: sssd.conf.5.xml:2144 msgid "entry_cache_ssh_host_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2146 +#: sssd.conf.5.xml:2147 msgid "" "How many seconds to keep a host ssh key after refresh. IE how long to cache " "the host key for." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2157 +#: sssd.conf.5.xml:2158 msgid "refresh_expired_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2160 +#: sssd.conf.5.xml:2161 msgid "" "Specifies how many seconds SSSD has to wait before triggering a background " "refresh task which will refresh all expired or nearly expired records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2165 +#: sssd.conf.5.xml:2166 msgid "" "The background refresh will process users, groups and netgroups in the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2169 +#: sssd.conf.5.xml:2170 msgid "You can consider setting this value to 3/4 * entry_cache_timeout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2173 sssd-ldap.5.xml:746 sssd-ipa.5.xml:254 +#: sssd.conf.5.xml:2174 sssd-ldap.5.xml:784 sssd-ipa.5.xml:254 msgid "Default: 0 (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2179 +#: sssd.conf.5.xml:2180 msgid "cache_credentials (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2182 +#: sssd.conf.5.xml:2183 msgid "Determines if user credentials are also cached in the local LDB cache" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2186 +#: sssd.conf.5.xml:2187 msgid "User credentials are stored in a SHA512 hash, not in plaintext" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2196 +#: sssd.conf.5.xml:2197 msgid "cache_credentials_minimal_first_factor_length (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2199 +#: sssd.conf.5.xml:2200 msgid "" "If 2-Factor-Authentication (2FA) is used and credentials should be saved " "this value determines the minimal length the first authentication factor " @@ -2659,24 +2657,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2206 +#: sssd.conf.5.xml:2207 msgid "" "This should avoid that the short PINs of a PIN based 2FA scheme are saved in " "the cache which would make them easy targets for brute-force attacks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2211 +#: sssd.conf.5.xml:2212 msgid "Default: 8" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2217 +#: sssd.conf.5.xml:2218 msgid "account_cache_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2220 +#: sssd.conf.5.xml:2221 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " @@ -2685,17 +2683,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2227 +#: sssd.conf.5.xml:2228 msgid "Default: 0 (unlimited)" msgstr "Noklusējuma: 0 (neierobežots)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2232 +#: sssd.conf.5.xml:2233 msgid "pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2243 +#: sssd.conf.5.xml:2244 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -2704,34 +2702,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2250 +#: sssd.conf.5.xml:2251 msgid "Default: 7 (Kerberos), 0 (LDAP)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2256 +#: sssd.conf.5.xml:2257 msgid "id_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2259 +#: sssd.conf.5.xml:2260 msgid "" "The identification provider used for the domain. Supported ID providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2263 +#: sssd.conf.5.xml:2264 msgid "<quote>proxy</quote>: Support a legacy NSS provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2266 +#: sssd.conf.5.xml:2267 msgid "" "<quote>local</quote>: SSSD internal provider for local users (DEPRECATED)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2270 +#: sssd.conf.5.xml:2271 msgid "" "<quote>files</quote>: FILES provider. See <citerefentry> <refentrytitle>sssd-" "files</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -2739,7 +2737,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2278 +#: sssd.conf.5.xml:2279 msgid "" "<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -2747,8 +2745,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2286 sssd.conf.5.xml:2391 sssd.conf.5.xml:2446 -#: sssd.conf.5.xml:2509 +#: sssd.conf.5.xml:2287 sssd.conf.5.xml:2392 sssd.conf.5.xml:2447 +#: sssd.conf.5.xml:2510 msgid "" "<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management " "provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " @@ -2757,8 +2755,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2295 sssd.conf.5.xml:2400 sssd.conf.5.xml:2455 -#: sssd.conf.5.xml:2518 +#: sssd.conf.5.xml:2296 sssd.conf.5.xml:2401 sssd.conf.5.xml:2456 +#: sssd.conf.5.xml:2519 msgid "" "<quote>ad</quote>: Active Directory provider. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2766,19 +2764,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2306 +#: sssd.conf.5.xml:2307 msgid "use_fully_qualified_names (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2309 +#: sssd.conf.5.xml:2310 msgid "" "Use the full name and domain (as formatted by the domain's full_name_format) " "as the user's login name reported to NSS." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2314 +#: sssd.conf.5.xml:2315 msgid "" "If set to TRUE, all requests to this domain must use fully qualified names. " "For example, if used in LOCAL domain that contains a \"test\" user, " @@ -2787,7 +2785,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2322 +#: sssd.conf.5.xml:2323 msgid "" "NOTE: This option has no effect on netgroup lookups due to their tendency to " "include nested netgroups without qualified names. For netgroups, all domains " @@ -2795,22 +2793,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2329 +#: sssd.conf.5.xml:2330 msgid "Default: FALSE (TRUE if default_domain_suffix is used)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2335 +#: sssd.conf.5.xml:2336 msgid "ignore_group_members (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2338 +#: sssd.conf.5.xml:2339 msgid "Do not return group members for group lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2341 +#: sssd.conf.5.xml:2342 msgid "" "If set to TRUE, the group membership attribute is not requested from the " "ldap server, and group members are not returned when processing group lookup " @@ -2822,7 +2820,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2359 +#: sssd.conf.5.xml:2360 msgid "" "Enabling this option can also make access provider checks for group " "membership significantly faster, especially for groups containing many " @@ -2830,19 +2828,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2370 +#: sssd.conf.5.xml:2371 msgid "auth_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2373 +#: sssd.conf.5.xml:2374 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2377 sssd.conf.5.xml:2439 +#: sssd.conf.5.xml:2378 sssd.conf.5.xml:2440 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2850,7 +2848,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2384 +#: sssd.conf.5.xml:2385 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2858,35 +2856,35 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2408 +#: sssd.conf.5.xml:2409 msgid "" "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2411 +#: sssd.conf.5.xml:2412 msgid "<quote>local</quote>: SSSD internal provider for local users" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2415 +#: sssd.conf.5.xml:2416 msgid "<quote>none</quote> disables authentication explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2418 +#: sssd.conf.5.xml:2419 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2424 +#: sssd.conf.5.xml:2425 msgid "access_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2427 +#: sssd.conf.5.xml:2428 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " @@ -2894,19 +2892,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2433 +#: sssd.conf.5.xml:2434 msgid "" "<quote>permit</quote> always allow access. It's the only permitted access " "provider for a local domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2436 +#: sssd.conf.5.xml:2437 msgid "<quote>deny</quote> always deny access." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2463 +#: sssd.conf.5.xml:2464 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" @@ -2915,7 +2913,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2470 +#: sssd.conf.5.xml:2471 msgid "" "<quote>krb5</quote>: .k5login based access control. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum></" @@ -2923,29 +2921,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2477 +#: sssd.conf.5.xml:2478 msgid "<quote>proxy</quote> for relaying access control to another PAM module." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2480 +#: sssd.conf.5.xml:2481 msgid "Default: <quote>permit</quote>" msgstr "Noklusējuma: <quote>atļaut</quote>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2485 +#: sssd.conf.5.xml:2486 msgid "chpass_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2488 +#: sssd.conf.5.xml:2489 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2493 +#: sssd.conf.5.xml:2494 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -2953,7 +2951,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2501 +#: sssd.conf.5.xml:2502 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2961,35 +2959,35 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2526 +#: sssd.conf.5.xml:2527 msgid "" "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2530 +#: sssd.conf.5.xml:2531 msgid "<quote>none</quote> disallows password changes explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2533 +#: sssd.conf.5.xml:2534 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2540 +#: sssd.conf.5.xml:2541 msgid "sudo_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2543 +#: sssd.conf.5.xml:2544 msgid "The SUDO provider used for the domain. Supported SUDO providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2547 +#: sssd.conf.5.xml:2548 msgid "" "<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2997,32 +2995,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2555 +#: sssd.conf.5.xml:2556 msgid "" "<quote>ipa</quote> the same as <quote>ldap</quote> but with IPA default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2559 +#: sssd.conf.5.xml:2560 msgid "" "<quote>ad</quote> the same as <quote>ldap</quote> but with AD default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2563 +#: sssd.conf.5.xml:2564 msgid "<quote>none</quote> disables SUDO explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2566 sssd.conf.5.xml:2652 sssd.conf.5.xml:2722 -#: sssd.conf.5.xml:2747 +#: sssd.conf.5.xml:2567 sssd.conf.5.xml:2653 sssd.conf.5.xml:2723 +#: sssd.conf.5.xml:2748 msgid "Default: The value of <quote>id_provider</quote> is used if it is set." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2570 +#: sssd.conf.5.xml:2571 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -3033,7 +3031,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2585 +#: sssd.conf.5.xml:2586 msgid "" "<emphasis>NOTE:</emphasis> Sudo rules are periodically downloaded in the " "background unless the sudo provider is explicitly disabled. Set " @@ -3042,12 +3040,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2595 +#: sssd.conf.5.xml:2596 msgid "selinux_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2598 +#: sssd.conf.5.xml:2599 msgid "" "The provider which should handle loading of selinux settings. Note that this " "provider will be called right after access provider ends. Supported selinux " @@ -3055,7 +3053,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2604 +#: sssd.conf.5.xml:2605 msgid "" "<quote>ipa</quote> to load selinux settings from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3063,31 +3061,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2612 +#: sssd.conf.5.xml:2613 msgid "<quote>none</quote> disallows fetching selinux settings explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2615 +#: sssd.conf.5.xml:2616 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "selinux loading requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2621 +#: sssd.conf.5.xml:2622 msgid "subdomains_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2624 +#: sssd.conf.5.xml:2625 msgid "" "The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider. Supported subdomain providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2630 +#: sssd.conf.5.xml:2631 msgid "" "<quote>ipa</quote> to load a list of subdomains from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3095,7 +3093,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2639 +#: sssd.conf.5.xml:2640 msgid "" "<quote>ad</quote> to load a list of subdomains from an Active Directory " "server. See <citerefentry> <refentrytitle>sssd-ad</refentrytitle> " @@ -3104,17 +3102,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2648 +#: sssd.conf.5.xml:2649 msgid "<quote>none</quote> disallows fetching subdomains explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2658 +#: sssd.conf.5.xml:2659 msgid "session_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2661 +#: sssd.conf.5.xml:2662 msgid "" "The provider which configures and manages user session related tasks. The " "only user session task currently provided is the integration with Fleet " @@ -3122,43 +3120,43 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2668 +#: sssd.conf.5.xml:2669 msgid "<quote>ipa</quote> to allow performing user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2672 +#: sssd.conf.5.xml:2673 msgid "" "<quote>none</quote> does not perform any kind of user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2676 +#: sssd.conf.5.xml:2677 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can perform " "session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2680 +#: sssd.conf.5.xml:2681 msgid "" "<emphasis>NOTE:</emphasis> In order to have this feature working as expected " "SSSD must be running as \"root\" and not as the unprivileged user." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2688 +#: sssd.conf.5.xml:2689 msgid "autofs_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2691 +#: sssd.conf.5.xml:2692 msgid "" "The autofs provider used for the domain. Supported autofs providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2695 +#: sssd.conf.5.xml:2696 msgid "" "<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3166,7 +3164,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2702 +#: sssd.conf.5.xml:2703 msgid "" "<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> " "<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3174,7 +3172,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2710 +#: sssd.conf.5.xml:2711 msgid "" "<quote>ad</quote> to load maps stored in an AD server. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3182,24 +3180,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2719 +#: sssd.conf.5.xml:2720 msgid "<quote>none</quote> disables autofs explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2729 +#: sssd.conf.5.xml:2730 msgid "hostid_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2732 +#: sssd.conf.5.xml:2733 msgid "" "The provider used for retrieving host identity information. Supported " "hostid providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2736 +#: sssd.conf.5.xml:2737 msgid "" "<quote>ipa</quote> to load host identity stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3207,12 +3205,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2744 +#: sssd.conf.5.xml:2745 msgid "<quote>none</quote> disables hostid explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2757 +#: sssd.conf.5.xml:2758 msgid "" "Regular expression for this domain that describes how to parse the string " "containing user name and domain into these components. The \"domain\" can " @@ -3222,7 +3220,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2766 +#: sssd.conf.5.xml:2767 msgid "" "Default for the AD and IPA provider: <quote>(((?P<domain>[^\\\\]+)\\" "\\(?P<name>.+$))|((?P<name>[^@]+)@(?P<domain>.+$))|(^(?" @@ -3231,29 +3229,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2771 +#: sssd.conf.5.xml:2772 msgid "username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2774 +#: sssd.conf.5.xml:2775 msgid "username@domain.name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2777 +#: sssd.conf.5.xml:2778 msgid "domain\\username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2780 +#: sssd.conf.5.xml:2781 msgid "" "While the first two correspond to the general default the third one is " "introduced to allow easy integration of users from Windows domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2785 +#: sssd.conf.5.xml:2786 msgid "" "Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " "which translates to \"the name is everything up to the <quote>@</quote> " @@ -3261,7 +3259,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2791 +#: sssd.conf.5.xml:2792 msgid "" "NOTE: Some Active Directory groups, typically those used for MS Exchange " "contain an <quote>@</quote> sign in the name, which clashes with the default " @@ -3271,59 +3269,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2842 +#: sssd.conf.5.xml:2843 msgid "Default: <quote>%1$s@%2$s</quote>." msgstr "Noklusējuma: <quote>%1$s@%2$s</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2848 +#: sssd.conf.5.xml:2849 msgid "lookup_family_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2851 +#: sssd.conf.5.xml:2852 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2855 +#: sssd.conf.5.xml:2856 msgid "Supported values:" msgstr "Atbalstītās vērtības:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2858 +#: sssd.conf.5.xml:2859 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2861 +#: sssd.conf.5.xml:2862 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2864 +#: sssd.conf.5.xml:2865 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2867 +#: sssd.conf.5.xml:2868 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2870 +#: sssd.conf.5.xml:2871 msgid "Default: ipv4_first" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2876 +#: sssd.conf.5.xml:2877 msgid "dns_resolver_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2879 +#: sssd.conf.5.xml:2880 msgid "" "Defines the amount of time (in seconds) to wait for a reply from the " "internal fail over service before assuming that the service is unreachable. " @@ -3332,77 +3330,77 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2886 +#: sssd.conf.5.xml:2887 msgid "" "Please see the section <quote>FAILOVER</quote> for more information about " "the service resolution." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2891 sssd-ldap.5.xml:1337 sssd-ldap.5.xml:1379 -#: sssd-ldap.5.xml:1397 sssd-krb5.5.xml:248 +#: sssd.conf.5.xml:2892 sssd-ldap.5.xml:1375 sssd-ldap.5.xml:1417 +#: sssd-ldap.5.xml:1435 sssd-krb5.5.xml:248 msgid "Default: 6" msgstr "Noklusējuma: 6" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2897 +#: sssd.conf.5.xml:2898 msgid "dns_discovery_domain (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2900 +#: sssd.conf.5.xml:2901 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2904 +#: sssd.conf.5.xml:2905 msgid "Default: Use the domain part of machine's hostname" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2910 +#: sssd.conf.5.xml:2911 msgid "override_gid (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2913 +#: sssd.conf.5.xml:2914 msgid "Override the primary GID value with the one specified." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2919 +#: sssd.conf.5.xml:2920 msgid "case_sensitive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2930 +#: sssd.conf.5.xml:2931 msgid "True" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2933 +#: sssd.conf.5.xml:2934 msgid "Case sensitive. This value is invalid for AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2939 +#: sssd.conf.5.xml:2940 msgid "False" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2941 +#: sssd.conf.5.xml:2942 msgid "Case insensitive." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2945 +#: sssd.conf.5.xml:2946 msgid "Preserving" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2948 +#: sssd.conf.5.xml:2949 msgid "" "Same as False (case insensitive), but does not lowercase names in the result " "of NSS operations. Note that name aliases (and in case of services also " @@ -3410,7 +3408,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2922 +#: sssd.conf.5.xml:2923 msgid "" "Treat user and group names as case sensitive. <phrase condition=" "\"enable_local_provider\"> At the moment, this option is not supported in " @@ -3419,17 +3417,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2960 +#: sssd.conf.5.xml:2961 msgid "Default: True (False for AD provider)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2966 +#: sssd.conf.5.xml:2967 msgid "subdomain_inherit (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2969 +#: sssd.conf.5.xml:2970 msgid "" "Specifies a list of configuration parameters that should be inherited by a " "subdomain. Please note that only selected parameters can be inherited. " @@ -3437,34 +3435,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2975 +#: sssd.conf.5.xml:2976 msgid "ignore_group_members" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2978 +#: sssd.conf.5.xml:2979 msgid "ldap_purge_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2981 sssd-ldap.5.xml:1061 +#: sssd.conf.5.xml:2982 sssd-ldap.5.xml:1099 msgid "ldap_use_tokengroups" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2984 +#: sssd.conf.5.xml:2985 msgid "ldap_user_principal" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2987 +#: sssd.conf.5.xml:2988 msgid "" "ldap_krb5_keytab (the value of krb5_keytab will be used if ldap_krb5_keytab " "is not set explicitly)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:2993 +#: sssd.conf.5.xml:2994 #, no-wrap msgid "" "subdomain_inherit = ldap_purge_cache_timeout\n" @@ -3472,32 +3470,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2991 sssd-secrets.5.xml:448 +#: sssd.conf.5.xml:2992 sssd-secrets.5.xml:448 msgid "Example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3000 +#: sssd.conf.5.xml:3001 msgid "Note: This option only works with the IPA and AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3007 +#: sssd.conf.5.xml:3008 msgid "subdomain_homedir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3018 +#: sssd.conf.5.xml:3019 msgid "%F" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3019 +#: sssd.conf.5.xml:3020 msgid "flat (NetBIOS) name of a subdomain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3010 +#: sssd.conf.5.xml:3011 msgid "" "Use this homedir as default value for all subdomains within this domain in " "IPA AD trust. See <emphasis>override_homedir</emphasis> for info about " @@ -3507,47 +3505,55 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3024 +#: sssd.conf.5.xml:3025 msgid "" "The value can be overridden by <emphasis>override_homedir</emphasis> option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3028 +#: sssd.conf.5.xml:3029 msgid "Default: <filename>/home/%d/%u</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3033 +#: sssd.conf.5.xml:3034 msgid "realmd_tags (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3036 +#: sssd.conf.5.xml:3037 msgid "" "Various tags stored by the realmd configuration service for this domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3042 +#: sssd.conf.5.xml:3043 msgid "cached_auth_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3045 +#: sssd.conf.5.xml:3046 msgid "" "Specifies time in seconds since last successful online authentication for " "which user will be authenticated using cached credentials while SSSD is in " -"the online mode." +"the online mode. If the credentials are incorrect, SSSD falls back to online " +"authentication." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3051 +#: sssd.conf.5.xml:3054 +msgid "" +"This option's value is inherited by all trusted domains. At the moment it is " +"not possible to set a different value per trusted domain." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3059 msgid "Special value 0 implies that this feature is disabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3055 +#: sssd.conf.5.xml:3063 msgid "" "Please note that if <quote>cached_auth_timeout</quote> is longer than " "<quote>pam_id_timeout</quote> then the back end could be called to handle " @@ -3555,43 +3561,115 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3066 +#: sssd.conf.5.xml:3074 msgid "auto_private_groups (string)" msgstr "" -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3069 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3080 +msgid "true" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3083 +msgid "" +"Create user's private group unconditionally from user's UID number. The GID " +"number is ignored in this case." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3087 +msgid "" +"NOTE: Because the GID number and the user private group are inferred from " +"the UID number, it is not supported to have multiple entries with the same " +"UID or GID number with this option. In other words, enabling this option " +"enforces uniqueness across the ID space." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3096 +msgid "false" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3099 +msgid "" +"Always use the user's primary GID number. The GID number must refer to a " +"group object in the LDAP database." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3105 +msgid "hybrid" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3108 +msgid "" +"A primary group is autogenerated for user entries whose UID and GID numbers " +"have the same value and at the same time the GID number does not correspond " +"to a real group object in LDAP If the values are the same, but the primary " +"GID in the user entry is also used by a group object, the primary GID of the " +"user resolves to that group object." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3121 msgid "" -"If this option is enabled, SSSD will automatically create user private " -"groups based on user's UID number. The GID number is ignored in this case." +"If the UID and GID of a user are different, then the GID must correspond to " +"a group entry, otherwise the GID is simply not resolvable." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3128 +msgid "" +"This feature is useful for environments that wish to stop maintaining a " +"separate group objects for the user private groups, but also wish to retain " +"the existing user private groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3074 +#: sssd.conf.5.xml:3077 msgid "" -"For POSIX subdomains, setting the option in the main domain is inherited in " -"the subdomain." +"This option takes any of three available values: <placeholder type=" +"\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3078 +#: sssd.conf.5.xml:3140 msgid "" -"For ID-mapping subdomains, auto_private_groups is already enabled for the " -"subdomains and setting it to false will not have any effect for the " -"subdomain." +"For subdomains, the default value is False for subdomains that use assigned " +"POSIX IDs and True for subdomains that use automatic ID-mapping." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd.conf.5.xml:3148 +#, no-wrap +msgid "" +"[domain/forest.domain/sub.domain]\n" +"auto_private_groups = false\n" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd.conf.5.xml:3154 +#, no-wrap +msgid "" +"[domain/forest.domain]\n" +"subdomain_inherit = auto_private_groups\n" +"auto_private_groups = false\n" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3083 +#: sssd.conf.5.xml:3145 msgid "" -"NOTE: Because the GID number and the user private group are inferred from " -"the UID number, it is not supported to have multiple entries with the same " -"UID or GID number with this option. In other words, enabling this option " -"enforces uniqueness across the ID space." +"The value of auto_private_groups can either be set per subdomains in a " +"subsection, for example: <placeholder type=\"programlisting\" id=\"0\"/> or " +"globally for all subdomains in the main domain section using the " +"subdomain_inherit option: <placeholder type=\"programlisting\" id=\"1\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1884 +#: sssd.conf.5.xml:1885 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called <quote>[domain/<replaceable>NAME</" @@ -3599,29 +3677,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3102 +#: sssd.conf.5.xml:3169 msgid "proxy_pam_target (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3105 +#: sssd.conf.5.xml:3172 msgid "The proxy target PAM proxies to." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3108 +#: sssd.conf.5.xml:3175 msgid "" "Default: not set by default, you have to take an existing pam configuration " "or create a new one and add the service name here." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3116 +#: sssd.conf.5.xml:3183 msgid "proxy_lib_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3119 +#: sssd.conf.5.xml:3186 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " @@ -3629,12 +3707,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3129 +#: sssd.conf.5.xml:3196 msgid "proxy_fast_alias (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3132 +#: sssd.conf.5.xml:3199 msgid "" "When a user or group is looked up by name in the proxy provider, a second " "lookup by ID is performed to \"canonicalize\" the name in case the requested " @@ -3643,12 +3721,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3146 +#: sssd.conf.5.xml:3213 msgid "proxy_max_children (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3149 +#: sssd.conf.5.xml:3216 msgid "" "This option specifies the number of pre-forked proxy children. It is useful " "for high-load SSSD environments where sssd may run out of available child " @@ -3656,19 +3734,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3098 +#: sssd.conf.5.xml:3165 msgid "" "Options valid for proxy domains. <placeholder type=\"variablelist\" id=" "\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:3165 +#: sssd.conf.5.xml:3232 msgid "Application domains" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3167 +#: sssd.conf.5.xml:3234 msgid "" "SSSD, with its D-Bus interface (see <citerefentry> <refentrytitle>sssd-ifp</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry>) is appealing to " @@ -3685,7 +3763,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3187 +#: sssd.conf.5.xml:3254 msgid "" "Please note that the application domain must still be explicitly enabled in " "the <quote>domains</quote> parameter so that the lookup order between the " @@ -3693,17 +3771,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:3193 +#: sssd.conf.5.xml:3260 msgid "Application domain parameters" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3195 +#: sssd.conf.5.xml:3262 msgid "inherit_from (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3198 +#: sssd.conf.5.xml:3265 msgid "" "The SSSD POSIX-type domain the application domain inherits all settings " "from. The application domain can moreover add its own settings to the " @@ -3712,7 +3790,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3212 +#: sssd.conf.5.xml:3279 msgid "" "The following example illustrates the use of an application domain. In this " "setup, the POSIX domain is connected to an LDAP server and is used by the OS " @@ -3722,7 +3800,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><programlisting> -#: sssd.conf.5.xml:3220 +#: sssd.conf.5.xml:3287 #, no-wrap msgid "" "[sssd]\n" @@ -3742,12 +3820,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:3238 +#: sssd.conf.5.xml:3305 msgid "The local domain section" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3240 +#: sssd.conf.5.xml:3307 msgid "" "This section contains settings for domain that stores users and groups in " "SSSD native database, that is, a domain that uses " @@ -3755,73 +3833,73 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3247 +#: sssd.conf.5.xml:3314 msgid "default_shell (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3250 +#: sssd.conf.5.xml:3317 msgid "The default shell for users created with SSSD userspace tools." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3254 +#: sssd.conf.5.xml:3321 msgid "Default: <filename>/bin/bash</filename>" msgstr "Noklusējuma: <filename>/bin/bash</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3259 +#: sssd.conf.5.xml:3326 msgid "base_directory (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3262 +#: sssd.conf.5.xml:3329 msgid "" "The tools append the login name to <replaceable>base_directory</replaceable> " "and use that as the home directory." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3267 +#: sssd.conf.5.xml:3334 msgid "Default: <filename>/home</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3272 +#: sssd.conf.5.xml:3339 msgid "create_homedir (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3275 +#: sssd.conf.5.xml:3342 msgid "" "Indicate if a home directory should be created by default for new users. " "Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3279 sssd.conf.5.xml:3291 +#: sssd.conf.5.xml:3346 sssd.conf.5.xml:3358 msgid "Default: TRUE" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3284 +#: sssd.conf.5.xml:3351 msgid "remove_homedir (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3287 +#: sssd.conf.5.xml:3354 msgid "" "Indicate if a home directory should be removed by default for deleted " "users. Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3296 +#: sssd.conf.5.xml:3363 msgid "homedir_umask (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3299 +#: sssd.conf.5.xml:3366 msgid "" "Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " @@ -3829,17 +3907,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3307 +#: sssd.conf.5.xml:3374 msgid "Default: 077" msgstr "Noklusējuma: 077" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3312 +#: sssd.conf.5.xml:3379 msgid "skel_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3315 +#: sssd.conf.5.xml:3382 msgid "" "The skeleton directory, which contains files and directories to be copied in " "the user's home directory, when the home directory is created by " @@ -3848,17 +3926,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3325 +#: sssd.conf.5.xml:3392 msgid "Default: <filename>/etc/skel</filename>" msgstr "Noklusējuma: <filename>/etc/skel</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3330 +#: sssd.conf.5.xml:3397 msgid "mail_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3333 +#: sssd.conf.5.xml:3400 msgid "" "The mail spool directory. This is needed to manipulate the mailbox when its " "corresponding user account is modified or deleted. If not specified, a " @@ -3866,17 +3944,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3340 +#: sssd.conf.5.xml:3407 msgid "Default: <filename>/var/mail</filename>" msgstr "Noklusējuma: <filename>/var/mail</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3345 +#: sssd.conf.5.xml:3412 msgid "userdel_cmd (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3348 +#: sssd.conf.5.xml:3415 msgid "" "The command that is run after a user is removed. The command us passed the " "username of the user being removed as the first and only parameter. The " @@ -3884,17 +3962,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3354 +#: sssd.conf.5.xml:3421 msgid "Default: None, no command is run" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3364 +#: sssd.conf.5.xml:3431 msgid "TRUSTED DOMAIN SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3366 +#: sssd.conf.5.xml:3433 msgid "" "Some options used in the domain section can also be used in the trusted " "domain section, that is, in a section called <quote>[domain/" @@ -3905,64 +3983,69 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3373 +#: sssd.conf.5.xml:3440 msgid "ldap_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3374 +#: sssd.conf.5.xml:3441 msgid "ldap_user_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3375 +#: sssd.conf.5.xml:3442 msgid "ldap_group_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3376 +#: sssd.conf.5.xml:3443 msgid "ldap_netgroup_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3377 +#: sssd.conf.5.xml:3444 msgid "ldap_service_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3378 +#: sssd.conf.5.xml:3445 +msgid "ldap_sasl_mech," +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:3446 msgid "ad_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3379 +#: sssd.conf.5.xml:3447 msgid "ad_backup_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3380 +#: sssd.conf.5.xml:3448 msgid "ad_site," msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3381 sssd-ipa.5.xml:797 +#: sssd.conf.5.xml:3449 sssd-ipa.5.xml:797 msgid "use_fully_qualified_names" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3383 +#: sssd.conf.5.xml:3451 msgid "" "For more details about these options see their individual description in the " "manual page." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3389 +#: sssd.conf.5.xml:3457 msgid "CERTIFICATE MAPPING SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3391 +#: sssd.conf.5.xml:3459 msgid "" "To allow authentication with Smartcards and certificates SSSD must be able " "to map certificates to users. This can be done by adding the full " @@ -3975,7 +4058,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3405 +#: sssd.conf.5.xml:3473 msgid "" "To make the mapping more flexible mapping and matching rules were added to " "SSSD (see <citerefentry> <refentrytitle>sss-certmap</refentrytitle> " @@ -3983,7 +4066,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3414 +#: sssd.conf.5.xml:3482 msgid "" "A mapping and matching rule can be added to the SSSD configuration in a " "section on its own with a name like <quote>[certmap/" @@ -3992,57 +4075,55 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3421 +#: sssd.conf.5.xml:3489 msgid "matchrule (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3424 +#: sssd.conf.5.xml:3492 msgid "" "Only certificates from the Smartcard which matches this rule will be " "processed, all others are ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3428 +#: sssd.conf.5.xml:3496 msgid "" "Default: KRB5:<EKU>clientAuth, i.e. only certificates which have the " "Extended Key Usage <quote>clientAuth</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3435 +#: sssd.conf.5.xml:3503 msgid "maprule (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3438 +#: sssd.conf.5.xml:3506 msgid "Defines how the user is found for a given certificate." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3444 +#: sssd.conf.5.xml:3512 msgid "" "LDAP:(userCertificate;binary={cert!bin}) for LDAP based providers like " "<quote>ldap</quote>, <quote>AD</quote> or <quote>ipa</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3450 +#: sssd.conf.5.xml:3518 msgid "" "The RULE_NAME for the <quote>files</quote> provider which tries to find a " "user with the same name." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3459 -#, fuzzy -#| msgid "domains" +#: sssd.conf.5.xml:3527 msgid "domains (string)" -msgstr "domēni" +msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3462 +#: sssd.conf.5.xml:3530 msgid "" "Comma separated list of domain names the rule should be applied. By default " "a rule is only valid in the domain configured in sssd.conf. If the provider " @@ -4051,19 +4132,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3469 +#: sssd.conf.5.xml:3537 msgid "Default: the configured domain in sssd.conf" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3474 -#, fuzzy -#| msgid "timeout (integer)" +#: sssd.conf.5.xml:3542 msgid "priority (integer)" -msgstr "noildze (vesels skaitlis)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3477 +#: sssd.conf.5.xml:3545 msgid "" "Unsigned integer value defining the priority of the rule. The higher the " "number the lower the priority. <quote>0</quote> stands for the highest " @@ -4071,28 +4150,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3483 -#, fuzzy -#| msgid "Default: 0 (No limit)" +#: sssd.conf.5.xml:3551 msgid "Default: the lowest priority" -msgstr "Noklusējuma: 0 (bez ierobežojuma)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3489 +#: sssd.conf.5.xml:3557 msgid "" "To make the configuration simple and reduce the amount of configuration " "options the <quote>files</quote> provider has some special properties:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3495 +#: sssd.conf.5.xml:3563 msgid "" "if maprule is not set the RULE_NAME name is assumed to be the name of the " "matching user" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3501 +#: sssd.conf.5.xml:3569 msgid "" "if a maprule is used both a single user name or a template like " "<quote>{subject_rfc822_name.short_name}</quote> must be in braces like e.g. " @@ -4101,17 +4178,128 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3510 +#: sssd.conf.5.xml:3578 msgid "the <quote>domains</quote> option is ignored" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3518 idmap_sss.8.xml:43 +#: sssd.conf.5.xml:3586 +#, fuzzy +#| msgid "CONFIGURATION OPTIONS" +msgid "PROMPTING CONFIGURATION SECTION" +msgstr "KONFIGURĒŠANAS IESPĒJAS" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:3588 +msgid "" +"If a special file (<filename>/var/lib/sss/pubconf/pam_preauth_available</" +"filename>) exists SSSD's PAM module pam_sss will ask SSSD to figure out " +"which authentication methods are available for the user trying to log in. " +"Based on the results pam_sss will prompt the user for appropriate " +"credentials." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:3596 +msgid "" +"With the growing number of authentication methods and the possibility that " +"there are multiple ones for a single user the heuristic used by pam_sss to " +"select the prompting might not be suitable for all use cases. To following " +"options should provide a better flexibility here." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3608 +msgid "[prompting/password]" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3611 +#, fuzzy +#| msgid "password" +msgid "password_prompt" +msgstr "parole" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3612 +msgid "to change the string of the password prompt" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3610 +msgid "" +"to configure password prompting, allowed options are: <placeholder type=" +"\"variablelist\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3620 +msgid "[prompting/2fa]" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3624 +msgid "first_prompt" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3625 +msgid "to change the string of the prompt for the first factor" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3628 +msgid "second_prompt" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3629 +msgid "to change the string of the prompt for the second factor" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3632 +msgid "single_prompt" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3633 +msgid "" +"boolean value, if True there will be only a single prompt using the value of " +"first_prompt where it is expected that both factor are entered as a single " +"string" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3622 +msgid "" +"to configure two-factor authentication prompting, allowed options are: " +"<placeholder type=\"variablelist\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:3603 +msgid "" +"Each supported authentication method has it's own configuration sub-section " +"under <quote>[prompting/...]</quote>. Currently there are: <placeholder type=" +"\"variablelist\" id=\"0\"/> <placeholder type=\"variablelist\" id=\"1\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:3645 +msgid "" +"It is possible to add a sub-section for specific PAM services like e.g. " +"<quote>[prompting/password/sshd]</quote> to individual change the prompting " +"for this service." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sssd.conf.5.xml:3652 idmap_sss.8.xml:43 msgid "EXAMPLES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3524 +#: sssd.conf.5.xml:3658 #, no-wrap msgid "" "[sssd]\n" @@ -4141,7 +4329,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3520 +#: sssd.conf.5.xml:3654 msgid "" "1. The following example shows a typical SSSD config. It does not describe " "configuration of the domains themselves - refer to documentation on " @@ -4150,7 +4338,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3557 +#: sssd.conf.5.xml:3691 #, no-wrap msgid "" "[domain/ipa.com/child.ad.com]\n" @@ -4158,7 +4346,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3551 +#: sssd.conf.5.xml:3685 msgid "" "2. The following example shows configuration of IPA AD trust where the AD " "forest consists of two domains in a parent-child structure. Suppose IPA " @@ -4169,7 +4357,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3571 +#: sssd.conf.5.xml:3705 #, no-wrap msgid "" "[certmap/my.domain/rule_name]\n" @@ -4183,7 +4371,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3562 +#: sssd.conf.5.xml:3696 msgid "" "3. The following example shows the configuration for two certificate mapping " "rules. The first is valid for the configured domain <quote>my.domain</quote> " @@ -4333,7 +4521,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:662 sssd-ad.5.xml:286 +#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:700 sssd-ad.5.xml:286 #: sss_override.8.xml:137 sss_override.8.xml:234 msgid "Examples:" msgstr "" @@ -4428,123 +4616,166 @@ msgstr "Noklusējuma: rfc2307" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:209 -msgid "ldap_default_bind_dn (string)" +msgid "ldap_pwmodify_mode (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:212 +msgid "Specify the operation that is used to modify user password." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:216 +#, fuzzy +#| msgid "The two mechanisms currently supported are:" +msgid "Two modes are currently supported:" +msgstr "Divi pašlaik atbalstītie mehānismi ir:" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ldap.5.xml:220 +msgid "exop - Password Modify Extended Operation (RFC 3062)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ldap.5.xml:226 +msgid "ldap_modify - Direct modification of userPassword (not recommended)." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:233 +msgid "" +"Note: First, a new connection is established to verify current password by " +"binding as the user that requested password change. If successful, this " +"connection is used to change the password therefore the user must have write " +"access to userPassword attribute." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:241 +#, fuzzy +#| msgid "Default: 1" +msgid "Default: exop" +msgstr "Noklusējuma: 1" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:247 +msgid "ldap_default_bind_dn (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:250 msgid "The default bind DN to use for performing LDAP operations." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:219 +#: sssd-ldap.5.xml:257 msgid "ldap_default_authtok_type (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:222 +#: sssd-ldap.5.xml:260 msgid "The type of the authentication token of the default bind DN." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:226 +#: sssd-ldap.5.xml:264 msgid "The two mechanisms currently supported are:" msgstr "Divi pašlaik atbalstītie mehānismi ir:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:229 +#: sssd-ldap.5.xml:267 msgid "password" msgstr "parole" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:232 +#: sssd-ldap.5.xml:270 msgid "obfuscated_password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:235 +#: sssd-ldap.5.xml:273 msgid "Default: password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:241 +#: sssd-ldap.5.xml:279 msgid "ldap_default_authtok (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:244 +#: sssd-ldap.5.xml:282 msgid "" "The authentication token of the default bind DN. Only clear text passwords " "are currently supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:251 +#: sssd-ldap.5.xml:289 msgid "ldap_user_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:254 +#: sssd-ldap.5.xml:292 msgid "The object class of a user entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:257 +#: sssd-ldap.5.xml:295 msgid "Default: posixAccount" msgstr "Noklusējuma: posixAccount" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:263 +#: sssd-ldap.5.xml:301 msgid "ldap_user_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:266 +#: sssd-ldap.5.xml:304 msgid "The LDAP attribute that corresponds to the user's login name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:270 +#: sssd-ldap.5.xml:308 msgid "Default: uid (rfc2307, rfc2307bis and IPA), sAMAccountName (AD)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:277 +#: sssd-ldap.5.xml:315 msgid "ldap_user_uid_number (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:280 +#: sssd-ldap.5.xml:318 msgid "The LDAP attribute that corresponds to the user's id." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:284 +#: sssd-ldap.5.xml:322 msgid "Default: uidNumber" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:290 +#: sssd-ldap.5.xml:328 msgid "ldap_user_gid_number (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:293 +#: sssd-ldap.5.xml:331 msgid "The LDAP attribute that corresponds to the user's primary group id." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:297 sssd-ldap.5.xml:929 +#: sssd-ldap.5.xml:335 sssd-ldap.5.xml:967 msgid "Default: gidNumber" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:303 +#: sssd-ldap.5.xml:341 msgid "ldap_user_primary_group (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:306 +#: sssd-ldap.5.xml:344 msgid "" "Active Directory primary group attribute for ID-mapping. Note that this " "attribute should only be set manually if you are running the <quote>ldap</" @@ -4552,113 +4783,113 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:312 +#: sssd-ldap.5.xml:350 msgid "Default: unset (LDAP), primaryGroupID (AD)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:318 +#: sssd-ldap.5.xml:356 msgid "ldap_user_gecos (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:321 +#: sssd-ldap.5.xml:359 msgid "The LDAP attribute that corresponds to the user's gecos field." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:325 +#: sssd-ldap.5.xml:363 msgid "Default: gecos" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:331 +#: sssd-ldap.5.xml:369 msgid "ldap_user_home_directory (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:334 +#: sssd-ldap.5.xml:372 msgid "The LDAP attribute that contains the name of the user's home directory." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:338 +#: sssd-ldap.5.xml:376 msgid "Default: homeDirectory" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:344 +#: sssd-ldap.5.xml:382 msgid "ldap_user_shell (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:347 +#: sssd-ldap.5.xml:385 msgid "The LDAP attribute that contains the path to the user's default shell." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:351 +#: sssd-ldap.5.xml:389 msgid "Default: loginShell" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:357 +#: sssd-ldap.5.xml:395 msgid "ldap_user_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:360 +#: sssd-ldap.5.xml:398 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:364 sssd-ldap.5.xml:955 +#: sssd-ldap.5.xml:402 sssd-ldap.5.xml:993 msgid "" "Default: not set in the general case, objectGUID for AD and ipaUniqueID for " "IPA" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:371 +#: sssd-ldap.5.xml:409 msgid "ldap_user_objectsid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:374 +#: sssd-ldap.5.xml:412 msgid "" "The LDAP attribute that contains the objectSID of an LDAP user object. This " "is usually only necessary for ActiveDirectory servers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:379 sssd-ldap.5.xml:970 +#: sssd-ldap.5.xml:417 sssd-ldap.5.xml:1008 msgid "Default: objectSid for ActiveDirectory, not set for other servers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:386 +#: sssd-ldap.5.xml:424 msgid "ldap_user_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:389 sssd-ldap.5.xml:980 sssd-ldap.5.xml:1144 +#: sssd-ldap.5.xml:427 sssd-ldap.5.xml:1018 sssd-ldap.5.xml:1182 msgid "" "The LDAP attribute that contains timestamp of the last modification of the " "parent object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:393 sssd-ldap.5.xml:984 sssd-ldap.5.xml:1151 +#: sssd-ldap.5.xml:431 sssd-ldap.5.xml:1022 sssd-ldap.5.xml:1189 msgid "Default: modifyTimestamp" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:399 +#: sssd-ldap.5.xml:437 msgid "ldap_user_shadow_last_change (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:402 +#: sssd-ldap.5.xml:440 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -4667,17 +4898,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:412 +#: sssd-ldap.5.xml:450 msgid "Default: shadowLastChange" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:418 +#: sssd-ldap.5.xml:456 msgid "ldap_user_shadow_min (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:421 +#: sssd-ldap.5.xml:459 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -4686,17 +4917,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:430 +#: sssd-ldap.5.xml:468 msgid "Default: shadowMin" msgstr "Noklusējuma: shadowMin" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:436 +#: sssd-ldap.5.xml:474 msgid "ldap_user_shadow_max (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:439 +#: sssd-ldap.5.xml:477 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -4705,17 +4936,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:448 +#: sssd-ldap.5.xml:486 msgid "Default: shadowMax" msgstr "Noklusējuma: shadowMax" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:454 +#: sssd-ldap.5.xml:492 msgid "ldap_user_shadow_warning (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:457 +#: sssd-ldap.5.xml:495 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -4724,17 +4955,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:467 +#: sssd-ldap.5.xml:505 msgid "Default: shadowWarning" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:473 +#: sssd-ldap.5.xml:511 msgid "ldap_user_shadow_inactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:476 +#: sssd-ldap.5.xml:514 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -4743,17 +4974,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:486 +#: sssd-ldap.5.xml:524 msgid "Default: shadowInactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:492 +#: sssd-ldap.5.xml:530 msgid "ldap_user_shadow_expire (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:495 +#: sssd-ldap.5.xml:533 msgid "" "When using ldap_pwd_policy=shadow or ldap_account_expire_policy=shadow, this " "parameter contains the name of an LDAP attribute corresponding to its " @@ -4762,17 +4993,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:505 +#: sssd-ldap.5.xml:543 msgid "Default: shadowExpire" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:511 +#: sssd-ldap.5.xml:549 msgid "ldap_user_krb_last_pwd_change (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:514 +#: sssd-ldap.5.xml:552 msgid "" "When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " "an LDAP attribute storing the date and time of last password change in " @@ -4780,155 +5011,155 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:520 +#: sssd-ldap.5.xml:558 msgid "Default: krbLastPwdChange" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:526 +#: sssd-ldap.5.xml:564 msgid "ldap_user_krb_password_expiration (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:529 +#: sssd-ldap.5.xml:567 msgid "" "When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " "an LDAP attribute storing the date and time when current password expires." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:535 +#: sssd-ldap.5.xml:573 msgid "Default: krbPasswordExpiration" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:541 +#: sssd-ldap.5.xml:579 msgid "ldap_user_ad_account_expires (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:544 +#: sssd-ldap.5.xml:582 msgid "" "When using ldap_account_expire_policy=ad, this parameter contains the name " "of an LDAP attribute storing the expiration time of the account." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:549 +#: sssd-ldap.5.xml:587 msgid "Default: accountExpires" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:555 +#: sssd-ldap.5.xml:593 msgid "ldap_user_ad_user_account_control (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:558 +#: sssd-ldap.5.xml:596 msgid "" "When using ldap_account_expire_policy=ad, this parameter contains the name " "of an LDAP attribute storing the user account control bit field." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:563 +#: sssd-ldap.5.xml:601 msgid "Default: userAccountControl" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:569 +#: sssd-ldap.5.xml:607 msgid "ldap_ns_account_lock (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:572 +#: sssd-ldap.5.xml:610 msgid "" "When using ldap_account_expire_policy=rhds or equivalent, this parameter " "determines if access is allowed or not." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:577 +#: sssd-ldap.5.xml:615 msgid "Default: nsAccountLock" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:583 +#: sssd-ldap.5.xml:621 msgid "ldap_user_nds_login_disabled (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:586 +#: sssd-ldap.5.xml:624 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines if " "access is allowed or not." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:590 sssd-ldap.5.xml:604 +#: sssd-ldap.5.xml:628 sssd-ldap.5.xml:642 msgid "Default: loginDisabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:596 +#: sssd-ldap.5.xml:634 msgid "ldap_user_nds_login_expiration_time (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:599 +#: sssd-ldap.5.xml:637 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines until " "which date access is granted." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:610 +#: sssd-ldap.5.xml:648 msgid "ldap_user_nds_login_allowed_time_map (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:613 +#: sssd-ldap.5.xml:651 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines the " "hours of a day in a week when access is granted." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:618 +#: sssd-ldap.5.xml:656 msgid "Default: loginAllowedTimeMap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:624 +#: sssd-ldap.5.xml:662 msgid "ldap_user_principal (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:627 +#: sssd-ldap.5.xml:665 msgid "" "The LDAP attribute that contains the user's Kerberos User Principal Name " "(UPN)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:631 +#: sssd-ldap.5.xml:669 msgid "Default: krbPrincipalName" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:637 +#: sssd-ldap.5.xml:675 msgid "ldap_user_extra_attrs (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:640 +#: sssd-ldap.5.xml:678 msgid "" "Comma-separated list of LDAP attributes that SSSD would fetch along with the " "usual set of user attributes." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:645 +#: sssd-ldap.5.xml:683 msgid "" "The list can either contain LDAP attribute names only, or colon-separated " "tuples of SSSD cache attribute name and LDAP attribute name. In case only " @@ -4938,7 +5169,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:655 +#: sssd-ldap.5.xml:693 msgid "" "Please note that several attribute names are reserved by SSSD, notably the " "<quote>name</quote> attribute. SSSD would report an error if any of the " @@ -4946,51 +5177,51 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:665 +#: sssd-ldap.5.xml:703 msgid "ldap_user_extra_attrs = telephoneNumber" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:668 +#: sssd-ldap.5.xml:706 msgid "" "Save the <quote>telephoneNumber</quote> attribute from LDAP as " "<quote>telephoneNumber</quote> to the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:672 +#: sssd-ldap.5.xml:710 msgid "ldap_user_extra_attrs = phone:telephoneNumber" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:675 +#: sssd-ldap.5.xml:713 msgid "" "Save the <quote>telephoneNumber</quote> attribute from LDAP as <quote>phone</" "quote> to the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:685 +#: sssd-ldap.5.xml:723 msgid "ldap_user_ssh_public_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:688 +#: sssd-ldap.5.xml:726 msgid "The LDAP attribute that contains the user's SSH public keys." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:692 sssd-ldap.5.xml:1247 +#: sssd-ldap.5.xml:730 sssd-ldap.5.xml:1285 msgid "Default: sshPublicKey" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:698 +#: sssd-ldap.5.xml:736 msgid "ldap_force_upper_case_realm (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:701 +#: sssd-ldap.5.xml:739 msgid "" "Some directory servers, for example Active Directory, might deliver the " "realm part of the UPN in lower case, which might cause the authentication to " @@ -4999,24 +5230,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:714 +#: sssd-ldap.5.xml:752 msgid "ldap_enumeration_refresh_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:717 +#: sssd-ldap.5.xml:755 msgid "" "Specifies how many seconds SSSD has to wait before refreshing its cache of " "enumerated records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:728 +#: sssd-ldap.5.xml:766 msgid "ldap_purge_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:731 +#: sssd-ldap.5.xml:769 msgid "" "Determine how often to check the cache for inactive entries (such as groups " "with no members and users who have never logged in) and remove them to save " @@ -5024,7 +5255,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:737 +#: sssd-ldap.5.xml:775 msgid "" "Setting this option to zero will disable the cache cleanup operation. Please " "note that if enumeration is enabled, the cleanup task is required in order " @@ -5033,43 +5264,43 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:752 +#: sssd-ldap.5.xml:790 msgid "ldap_user_fullname (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:755 +#: sssd-ldap.5.xml:793 msgid "The LDAP attribute that corresponds to the user's full name." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:759 sssd-ldap.5.xml:1102 sssd-ldap.5.xml:1176 -#: sssd-ldap.5.xml:1285 sssd-ldap.5.xml:2346 sssd-ipa.5.xml:622 +#: sssd-ldap.5.xml:797 sssd-ldap.5.xml:1140 sssd-ldap.5.xml:1214 +#: sssd-ldap.5.xml:1323 sssd-ldap.5.xml:2404 sssd-ipa.5.xml:622 msgid "Default: cn" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:765 +#: sssd-ldap.5.xml:803 msgid "ldap_user_member_of (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:768 +#: sssd-ldap.5.xml:806 msgid "The LDAP attribute that lists the user's group memberships." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:772 sssd-ldap.5.xml:1215 +#: sssd-ldap.5.xml:810 sssd-ldap.5.xml:1253 msgid "Default: memberOf" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:778 +#: sssd-ldap.5.xml:816 msgid "ldap_user_authorized_service (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:781 +#: sssd-ldap.5.xml:819 msgid "" "If access_provider=ldap and ldap_access_order=authorized_service, SSSD will " "use the presence of the authorizedService attribute in the user's LDAP entry " @@ -5077,14 +5308,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:788 +#: sssd-ldap.5.xml:826 msgid "" "An explicit deny (!svc) is resolved first. Second, SSSD searches for " "explicit allow (svc) and finally for allow_all (*)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:793 +#: sssd-ldap.5.xml:831 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>authorized_service</quote> in order for the " @@ -5092,17 +5323,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:800 +#: sssd-ldap.5.xml:838 msgid "Default: authorizedService" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:806 +#: sssd-ldap.5.xml:844 msgid "ldap_user_authorized_host (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:809 +#: sssd-ldap.5.xml:847 msgid "" "If access_provider=ldap and ldap_access_order=host, SSSD will use the " "presence of the host attribute in the user's LDAP entry to determine access " @@ -5110,14 +5341,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:815 +#: sssd-ldap.5.xml:853 msgid "" "An explicit deny (!host) is resolved first. Second, SSSD searches for " "explicit allow (host) and finally for allow_all (*)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:820 +#: sssd-ldap.5.xml:858 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>host</quote> in order for the " @@ -5125,17 +5356,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:827 +#: sssd-ldap.5.xml:865 msgid "Default: host" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:833 +#: sssd-ldap.5.xml:871 msgid "ldap_user_authorized_rhost (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:836 +#: sssd-ldap.5.xml:874 msgid "" "If access_provider=ldap and ldap_access_order=rhost, SSSD will use the " "presence of the rhost attribute in the user's LDAP entry to determine access " @@ -5143,14 +5374,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:843 +#: sssd-ldap.5.xml:881 msgid "" "An explicit deny (!rhost) is resolved first. Second, SSSD searches for " "explicit allow (rhost) and finally for allow_all (*)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:848 +#: sssd-ldap.5.xml:886 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>rhost</quote> in order for the " @@ -5158,37 +5389,37 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:855 +#: sssd-ldap.5.xml:893 msgid "Default: rhost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:861 +#: sssd-ldap.5.xml:899 msgid "ldap_user_certificate (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:864 +#: sssd-ldap.5.xml:902 msgid "Name of the LDAP attribute containing the X509 certificate of the user." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:868 +#: sssd-ldap.5.xml:906 msgid "Default: userCertificate;binary" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:874 +#: sssd-ldap.5.xml:912 msgid "ldap_user_email (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:877 +#: sssd-ldap.5.xml:915 msgid "Name of the LDAP attribute containing the email address of the user." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:881 +#: sssd-ldap.5.xml:919 msgid "" "Note: If an email address of a user conflicts with an email address or fully " "qualified name of another user, then SSSD will not be able to serve those " @@ -5198,106 +5429,106 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:890 +#: sssd-ldap.5.xml:928 msgid "Default: mail" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:896 +#: sssd-ldap.5.xml:934 msgid "ldap_group_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:899 +#: sssd-ldap.5.xml:937 msgid "The object class of a group entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:902 +#: sssd-ldap.5.xml:940 msgid "Default: posixGroup" msgstr "Noklusējuma: posixGroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:908 +#: sssd-ldap.5.xml:946 msgid "ldap_group_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:911 +#: sssd-ldap.5.xml:949 msgid "The LDAP attribute that corresponds to the group name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:915 +#: sssd-ldap.5.xml:953 msgid "Default: cn (rfc2307, rfc2307bis and IPA), sAMAccountName (AD)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:922 +#: sssd-ldap.5.xml:960 msgid "ldap_group_gid_number (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:925 +#: sssd-ldap.5.xml:963 msgid "The LDAP attribute that corresponds to the group's id." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:935 +#: sssd-ldap.5.xml:973 msgid "ldap_group_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:938 +#: sssd-ldap.5.xml:976 msgid "The LDAP attribute that contains the names of the group's members." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:942 +#: sssd-ldap.5.xml:980 msgid "Default: memberuid (rfc2307) / member (rfc2307bis)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:948 +#: sssd-ldap.5.xml:986 msgid "ldap_group_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:951 +#: sssd-ldap.5.xml:989 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:962 +#: sssd-ldap.5.xml:1000 msgid "ldap_group_objectsid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:965 +#: sssd-ldap.5.xml:1003 msgid "" "The LDAP attribute that contains the objectSID of an LDAP group object. This " "is usually only necessary for ActiveDirectory servers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:977 +#: sssd-ldap.5.xml:1015 msgid "ldap_group_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:990 +#: sssd-ldap.5.xml:1028 msgid "ldap_group_type (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:993 +#: sssd-ldap.5.xml:1031 msgid "" "The LDAP attribute that contains an integer value indicating the type of the " "group and maybe other flags." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:998 +#: sssd-ldap.5.xml:1036 msgid "" "This attribute is currently only used by the AD provider to determine if a " "group is a domain local groups and has to be filtered out for trusted " @@ -5305,34 +5536,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1004 +#: sssd-ldap.5.xml:1042 msgid "Default: groupType in the AD provider, otherwise not set" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1011 +#: sssd-ldap.5.xml:1049 msgid "ldap_group_external_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1014 +#: sssd-ldap.5.xml:1052 msgid "" "The LDAP attribute that references group members that are defined in an " "external domain. At the moment, only IPA's external members are supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1020 +#: sssd-ldap.5.xml:1058 msgid "Default: ipaExternalMember in the IPA provider, otherwise unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1027 +#: sssd-ldap.5.xml:1065 msgid "ldap_group_nesting_level (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1030 +#: sssd-ldap.5.xml:1068 msgid "" "If ldap_schema is set to a schema format that supports nested groups (e.g. " "RFC2307bis), then this option controls how many levels of nesting SSSD will " @@ -5340,7 +5571,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1037 +#: sssd-ldap.5.xml:1075 msgid "" "Note: This option specifies the guaranteed level of nested groups to be " "processed for any lookup. However, nested groups beyond this limit " @@ -5350,7 +5581,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1046 +#: sssd-ldap.5.xml:1084 msgid "" "If ldap_group_nesting_level is set to 0 then no nested groups are processed " "at all. However, when connected to Active-Directory Server 2008 and later " @@ -5360,177 +5591,177 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1055 +#: sssd-ldap.5.xml:1093 msgid "Default: 2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1064 +#: sssd-ldap.5.xml:1102 msgid "" "This options enables or disables use of Token-Groups attribute when " "performing initgroup for users from Active Directory Server 2008 and later." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1069 +#: sssd-ldap.5.xml:1107 msgid "Default: True for AD and IPA otherwise False." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1075 +#: sssd-ldap.5.xml:1113 msgid "ldap_netgroup_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1078 +#: sssd-ldap.5.xml:1116 msgid "The object class of a netgroup entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1081 +#: sssd-ldap.5.xml:1119 msgid "In IPA provider, ipa_netgroup_object_class should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1085 +#: sssd-ldap.5.xml:1123 msgid "Default: nisNetgroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1091 +#: sssd-ldap.5.xml:1129 msgid "ldap_netgroup_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1094 +#: sssd-ldap.5.xml:1132 msgid "The LDAP attribute that corresponds to the netgroup name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1098 +#: sssd-ldap.5.xml:1136 msgid "In IPA provider, ipa_netgroup_name should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1108 +#: sssd-ldap.5.xml:1146 msgid "ldap_netgroup_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1111 +#: sssd-ldap.5.xml:1149 msgid "The LDAP attribute that contains the names of the netgroup's members." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1115 +#: sssd-ldap.5.xml:1153 msgid "In IPA provider, ipa_netgroup_member should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1119 +#: sssd-ldap.5.xml:1157 msgid "Default: memberNisNetgroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1125 +#: sssd-ldap.5.xml:1163 msgid "ldap_netgroup_triple (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1128 +#: sssd-ldap.5.xml:1166 msgid "" "The LDAP attribute that contains the (host, user, domain) netgroup triples." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1132 sssd-ldap.5.xml:1148 +#: sssd-ldap.5.xml:1170 sssd-ldap.5.xml:1186 msgid "This option is not available in IPA provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1135 +#: sssd-ldap.5.xml:1173 msgid "Default: nisNetgroupTriple" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1141 +#: sssd-ldap.5.xml:1179 msgid "ldap_netgroup_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1157 +#: sssd-ldap.5.xml:1195 msgid "ldap_host_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1160 +#: sssd-ldap.5.xml:1198 msgid "The object class of a host entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1163 sssd-ldap.5.xml:1272 +#: sssd-ldap.5.xml:1201 sssd-ldap.5.xml:1310 msgid "Default: ipService" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1169 +#: sssd-ldap.5.xml:1207 msgid "ldap_host_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1172 sssd-ldap.5.xml:1198 +#: sssd-ldap.5.xml:1210 sssd-ldap.5.xml:1236 msgid "The LDAP attribute that corresponds to the host's name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1182 +#: sssd-ldap.5.xml:1220 msgid "ldap_host_fqdn (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1185 +#: sssd-ldap.5.xml:1223 msgid "" "The LDAP attribute that corresponds to the host's fully-qualified domain " "name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1189 +#: sssd-ldap.5.xml:1227 msgid "Default: fqdn" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1195 +#: sssd-ldap.5.xml:1233 msgid "ldap_host_serverhostname (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1202 +#: sssd-ldap.5.xml:1240 msgid "Default: serverHostname" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1208 +#: sssd-ldap.5.xml:1246 msgid "ldap_host_member_of (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1211 +#: sssd-ldap.5.xml:1249 msgid "The LDAP attribute that lists the host's group memberships." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1221 +#: sssd-ldap.5.xml:1259 msgid "ldap_host_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1224 +#: sssd-ldap.5.xml:1262 msgid "Optional. Use the given string as search base for host objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1228 sssd-ipa.5.xml:374 sssd-ipa.5.xml:393 +#: sssd-ldap.5.xml:1266 sssd-ipa.5.xml:374 sssd-ipa.5.xml:393 #: sssd-ipa.5.xml:412 sssd-ipa.5.xml:431 msgid "" "See <quote>ldap_search_base</quote> for information about configuring " @@ -5538,95 +5769,95 @@ msgid "" msgstr "" #. type: Content of: <listitem><para> -#: sssd-ldap.5.xml:1233 sssd-ipa.5.xml:379 include/ldap_search_bases.xml:27 +#: sssd-ldap.5.xml:1271 sssd-ipa.5.xml:379 include/ldap_search_bases.xml:27 msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1240 +#: sssd-ldap.5.xml:1278 msgid "ldap_host_ssh_public_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1243 +#: sssd-ldap.5.xml:1281 msgid "The LDAP attribute that contains the host's SSH public keys." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1253 +#: sssd-ldap.5.xml:1291 msgid "ldap_host_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1256 +#: sssd-ldap.5.xml:1294 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP host object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1266 +#: sssd-ldap.5.xml:1304 msgid "ldap_service_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1269 +#: sssd-ldap.5.xml:1307 msgid "The object class of a service entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1278 +#: sssd-ldap.5.xml:1316 msgid "ldap_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1281 +#: sssd-ldap.5.xml:1319 msgid "" "The LDAP attribute that contains the name of service attributes and their " "aliases." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1291 +#: sssd-ldap.5.xml:1329 msgid "ldap_service_port (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1294 +#: sssd-ldap.5.xml:1332 msgid "The LDAP attribute that contains the port managed by this service." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1298 +#: sssd-ldap.5.xml:1336 msgid "Default: ipServicePort" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1304 +#: sssd-ldap.5.xml:1342 msgid "ldap_service_proto (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1307 +#: sssd-ldap.5.xml:1345 msgid "" "The LDAP attribute that contains the protocols understood by this service." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1311 +#: sssd-ldap.5.xml:1349 msgid "Default: ipServiceProtocol" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1317 +#: sssd-ldap.5.xml:1355 msgid "ldap_service_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1322 +#: sssd-ldap.5.xml:1360 msgid "ldap_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1325 +#: sssd-ldap.5.xml:1363 msgid "" "Specifies the timeout (in seconds) that ldap searches are allowed to run " "before they are cancelled and cached results are returned (and offline mode " @@ -5634,7 +5865,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1331 +#: sssd-ldap.5.xml:1369 msgid "" "Note: this option is subject to change in future versions of the SSSD. It " "will likely be replaced at some point by a series of timeouts for specific " @@ -5642,12 +5873,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1343 +#: sssd-ldap.5.xml:1381 msgid "ldap_enumeration_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1346 +#: sssd-ldap.5.xml:1384 msgid "" "Specifies the timeout (in seconds) that ldap searches for user and group " "enumerations are allowed to run before they are cancelled and cached results " @@ -5655,12 +5886,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1359 +#: sssd-ldap.5.xml:1397 msgid "ldap_network_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1362 +#: sssd-ldap.5.xml:1400 msgid "" "Specifies the timeout (in seconds) after which the <citerefentry> " "<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" @@ -5671,12 +5902,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1385 +#: sssd-ldap.5.xml:1423 msgid "ldap_opt_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1388 +#: sssd-ldap.5.xml:1426 msgid "" "Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " "will abort if no response is received. Also controls the timeout when " @@ -5685,12 +5916,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1403 +#: sssd-ldap.5.xml:1441 msgid "ldap_connection_expire_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1406 +#: sssd-ldap.5.xml:1444 msgid "" "Specifies a timeout (in seconds) that a connection to an LDAP server will be " "maintained. After this time, the connection will be re-established. If used " @@ -5699,34 +5930,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1414 sssd-ldap.5.xml:2503 +#: sssd-ldap.5.xml:1452 sssd-ldap.5.xml:2572 msgid "Default: 900 (15 minutes)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1420 +#: sssd-ldap.5.xml:1458 msgid "ldap_page_size (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1423 +#: sssd-ldap.5.xml:1461 msgid "" "Specify the number of records to retrieve from LDAP in a single request. " "Some LDAP servers enforce a maximum limit per-request." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1428 +#: sssd-ldap.5.xml:1466 msgid "Default: 1000" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1434 +#: sssd-ldap.5.xml:1472 msgid "ldap_disable_paging (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1437 +#: sssd-ldap.5.xml:1475 msgid "" "Disable the LDAP paging control. This option should be used if the LDAP " "server reports that it supports the LDAP paging control in its RootDSE but " @@ -5734,14 +5965,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1443 +#: sssd-ldap.5.xml:1481 msgid "" "Example: OpenLDAP servers with the paging control module installed on the " "server but not enabled will report it in the RootDSE but be unable to use it." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1449 +#: sssd-ldap.5.xml:1487 msgid "" "Example: 389 DS has a bug where it can only support a one paging control at " "a time on a single connection. On busy clients, this can result in some " @@ -5749,17 +5980,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1461 +#: sssd-ldap.5.xml:1499 msgid "ldap_disable_range_retrieval (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1464 +#: sssd-ldap.5.xml:1502 msgid "Disable Active Directory range retrieval." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1467 +#: sssd-ldap.5.xml:1505 msgid "" "Active Directory limits the number of members to be retrieved in a single " "lookup using the MaxValRange policy (which defaults to 1500 members). If a " @@ -5769,12 +6000,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1482 +#: sssd-ldap.5.xml:1520 msgid "ldap_sasl_minssf (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1485 +#: sssd-ldap.5.xml:1523 msgid "" "When communicating with an LDAP server using SASL, specify the minimum " "security level necessary to establish the connection. The values of this " @@ -5782,17 +6013,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1491 +#: sssd-ldap.5.xml:1529 msgid "Default: Use the system default (usually specified by ldap.conf)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1498 +#: sssd-ldap.5.xml:1536 msgid "ldap_deref_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1501 +#: sssd-ldap.5.xml:1539 msgid "" "Specify the number of group members that must be missing from the internal " "cache in order to trigger a dereference lookup. If less members are missing, " @@ -5800,13 +6031,18 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1507 +#: sssd-ldap.5.xml:1545 msgid "" -"You can turn off dereference lookups completely by setting the value to 0." +"You can turn off dereference lookups completely by setting the value to 0. " +"Please note that there are some codepaths in SSSD, like the IPA HBAC " +"provider, that are only implemented using the dereference call, so even with " +"dereference explicitly disabled, those parts will still use dereference if " +"the server supports it and advertises the dereference control in the rootDSE " +"object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1511 +#: sssd-ldap.5.xml:1556 msgid "" "A dereference lookup is a means of fetching all group members in a single " "LDAP call. Different LDAP servers may implement different dereference " @@ -5815,7 +6051,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1519 +#: sssd-ldap.5.xml:1564 msgid "" "<emphasis>Note:</emphasis> If any of the search bases specifies a search " "filter, then the dereference lookup performance enhancement will be disabled " @@ -5823,26 +6059,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1532 +#: sssd-ldap.5.xml:1577 msgid "ldap_tls_reqcert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1535 +#: sssd-ldap.5.xml:1580 msgid "" "Specifies what checks to perform on server certificates in a TLS session, if " "any. It can be specified as one of the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1541 +#: sssd-ldap.5.xml:1586 msgid "" "<emphasis>never</emphasis> = The client will not request or check any server " "certificate." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1545 +#: sssd-ldap.5.xml:1590 msgid "" "<emphasis>allow</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -5850,7 +6086,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1552 +#: sssd-ldap.5.xml:1597 msgid "" "<emphasis>try</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -5858,7 +6094,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1558 +#: sssd-ldap.5.xml:1603 msgid "" "<emphasis>demand</emphasis> = The server certificate is requested. If no " "certificate is provided, or a bad certificate is provided, the session is " @@ -5866,41 +6102,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1564 +#: sssd-ldap.5.xml:1609 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1568 +#: sssd-ldap.5.xml:1613 msgid "Default: hard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1574 +#: sssd-ldap.5.xml:1619 msgid "ldap_tls_cacert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1577 +#: sssd-ldap.5.xml:1622 msgid "" "Specifies the file that contains certificates for all of the Certificate " "Authorities that <command>sssd</command> will recognize." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1582 sssd-ldap.5.xml:1600 sssd-ldap.5.xml:1641 +#: sssd-ldap.5.xml:1627 sssd-ldap.5.xml:1645 sssd-ldap.5.xml:1686 msgid "" "Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." "conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1589 +#: sssd-ldap.5.xml:1634 msgid "ldap_tls_cacertdir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1592 +#: sssd-ldap.5.xml:1637 msgid "" "Specifies the path of a directory that contains Certificate Authority " "certificates in separate individual files. Typically the file names need to " @@ -5909,32 +6145,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1607 +#: sssd-ldap.5.xml:1652 msgid "ldap_tls_cert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1610 +#: sssd-ldap.5.xml:1655 msgid "Specifies the file that contains the certificate for the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1620 +#: sssd-ldap.5.xml:1665 msgid "ldap_tls_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1623 +#: sssd-ldap.5.xml:1668 msgid "Specifies the file that contains the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1632 +#: sssd-ldap.5.xml:1677 msgid "ldap_tls_cipher_suite (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1635 +#: sssd-ldap.5.xml:1680 msgid "" "Specifies acceptable cipher suites. Typically this is a colon separated " "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " @@ -5942,24 +6178,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1648 +#: sssd-ldap.5.xml:1693 msgid "ldap_id_use_start_tls (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1651 +#: sssd-ldap.5.xml:1696 msgid "" "Specifies that the id_provider connection must also use <systemitem class=" "\"protocol\">tls</systemitem> to protect the channel." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1661 +#: sssd-ldap.5.xml:1706 msgid "ldap_id_mapping (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1664 +#: sssd-ldap.5.xml:1709 msgid "" "Specifies that SSSD should attempt to map user and group IDs from the " "ldap_user_objectsid and ldap_group_objectsid attributes instead of relying " @@ -5967,17 +6203,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1670 +#: sssd-ldap.5.xml:1715 msgid "Currently this feature supports only ActiveDirectory objectSID mapping." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1680 +#: sssd-ldap.5.xml:1725 msgid "ldap_min_id, ldap_max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1683 +#: sssd-ldap.5.xml:1728 msgid "" "In contrast to the SID based ID mapping which is used if ldap_id_mapping is " "set to true the allowed ID range for ldap_user_uid_number and " @@ -5988,29 +6224,40 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1695 +#: sssd-ldap.5.xml:1740 msgid "Default: not set (both options are set to 0)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1701 +#: sssd-ldap.5.xml:1746 msgid "ldap_sasl_mech (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1704 +#: sssd-ldap.5.xml:1749 msgid "" -"Specify the SASL mechanism to use. Currently only GSSAPI is tested and " -"supported." +"Specify the SASL mechanism to use. Currently only GSSAPI and GSS-SPNEGO are " +"tested and supported." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1753 +msgid "" +"If the backend supports sub-domains the value of ldap_sasl_mech is " +"automatically inherited to the sub-domains. If a different value is needed " +"for a sub-domain it can be overwritten by setting ldap_sasl_mech for this " +"sub-domain explicitly. Please see TRUSTED DOMAIN SECTION in " +"<citerefentry><refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" +"manvolnum></citerefentry> for details." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1714 +#: sssd-ldap.5.xml:1769 msgid "ldap_sasl_authid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ldap.5.xml:1725 +#: sssd-ldap.5.xml:1781 #, no-wrap msgid "" "hostname@REALM\n" @@ -6023,29 +6270,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1717 +#: sssd-ldap.5.xml:1772 msgid "" -"Specify the SASL authorization id to use. When GSSAPI is used, this " -"represents the Kerberos principal used for authentication to the directory. " -"This option can either contain the full principal (for example host/" -"myhost@EXAMPLE.COM) or just the principal name (for example host/myhost). By " -"default, the value is not set and the following principals are used: " -"<placeholder type=\"programlisting\" id=\"0\"/> If none of them are found, " -"the first principal in keytab is returned." +"Specify the SASL authorization id to use. When GSSAPI/GSS-SPNEGO are used, " +"this represents the Kerberos principal used for authentication to the " +"directory. This option can either contain the full principal (for example " +"host/myhost@EXAMPLE.COM) or just the principal name (for example host/" +"myhost). By default, the value is not set and the following principals are " +"used: <placeholder type=\"programlisting\" id=\"0\"/> If none of them are " +"found, the first principal in keytab is returned." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1736 +#: sssd-ldap.5.xml:1792 msgid "Default: host/hostname@REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1742 +#: sssd-ldap.5.xml:1798 msgid "ldap_sasl_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1745 +#: sssd-ldap.5.xml:1801 msgid "" "Specify the SASL realm to use. When not specified, this option defaults to " "the value of krb5_realm. If the ldap_sasl_authid contains the realm as " @@ -6053,77 +6300,78 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1751 +#: sssd-ldap.5.xml:1807 msgid "Default: the value of krb5_realm." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1757 +#: sssd-ldap.5.xml:1813 msgid "ldap_sasl_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1760 +#: sssd-ldap.5.xml:1816 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1765 +#: sssd-ldap.5.xml:1821 msgid "Default: false;" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1771 +#: sssd-ldap.5.xml:1827 msgid "ldap_krb5_keytab (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1774 -msgid "Specify the keytab to use when using SASL/GSSAPI." +#: sssd-ldap.5.xml:1830 +msgid "Specify the keytab to use when using SASL/GSSAPI/GSS-SPNEGO." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1777 +#: sssd-ldap.5.xml:1834 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1783 +#: sssd-ldap.5.xml:1840 msgid "ldap_krb5_init_creds (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1786 +#: sssd-ldap.5.xml:1843 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " -"GSSAPI." +"GSSAPI or GSS-SPNEGO." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1798 +#: sssd-ldap.5.xml:1855 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1801 -msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." +#: sssd-ldap.5.xml:1858 +msgid "" +"Specifies the lifetime in seconds of the TGT if GSSAPI or GSS-SPNEGO is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1805 sssd-ad.5.xml:959 +#: sssd-ldap.5.xml:1862 sssd-ad.5.xml:978 msgid "Default: 86400 (24 hours)" msgstr "Noklusējuma: 86400 (24 stundas)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1811 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:1868 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1814 +#: sssd-ldap.5.xml:1871 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of preference. " @@ -6135,7 +6383,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1826 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:1883 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -6143,7 +6391,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1831 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1888 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " @@ -6151,39 +6399,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1840 sssd-ipa.5.xml:443 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1897 sssd-ipa.5.xml:443 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1843 -msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." +#: sssd-ldap.5.xml:1900 +msgid "Specify the Kerberos REALM (for SASL/GSSAPI/GSS-SPNEGO auth)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1846 +#: sssd-ldap.5.xml:1904 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1852 sssd-krb5.5.xml:462 +#: sssd-ldap.5.xml:1910 sssd-krb5.5.xml:462 msgid "krb5_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1855 +#: sssd-ldap.5.xml:1913 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1867 sssd-krb5.5.xml:477 +#: sssd-ldap.5.xml:1925 sssd-krb5.5.xml:477 msgid "krb5_use_kdcinfo (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1870 sssd-krb5.5.xml:480 +#: sssd-ldap.5.xml:1928 sssd-krb5.5.xml:480 msgid "" "Specifies if the SSSD should instruct the Kerberos libraries what realm and " "which KDCs to use. This option is on by default, if you disable it, you need " @@ -6193,7 +6441,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1881 sssd-krb5.5.xml:491 +#: sssd-ldap.5.xml:1939 sssd-krb5.5.xml:491 msgid "" "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more " @@ -6201,26 +6449,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1895 +#: sssd-ldap.5.xml:1953 msgid "ldap_pwd_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1898 +#: sssd-ldap.5.xml:1956 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1903 +#: sssd-ldap.5.xml:1961 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1908 +#: sssd-ldap.5.xml:1966 msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " @@ -6228,7 +6476,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1914 +#: sssd-ldap.5.xml:1972 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " @@ -6236,31 +6484,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1923 +#: sssd-ldap.5.xml:1981 msgid "" "<emphasis>Note</emphasis>: if a password policy is configured on server " "side, it always takes precedence over policy set with this option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1931 +#: sssd-ldap.5.xml:1989 msgid "ldap_referrals (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1934 +#: sssd-ldap.5.xml:1992 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1938 +#: sssd-ldap.5.xml:1996 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1943 +#: sssd-ldap.5.xml:2001 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " @@ -6269,56 +6517,56 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1957 +#: sssd-ldap.5.xml:2015 msgid "ldap_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1960 +#: sssd-ldap.5.xml:2018 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1964 +#: sssd-ldap.5.xml:2022 msgid "Default: ldap" msgstr "Noklusējuma: ldap" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1970 +#: sssd-ldap.5.xml:2028 msgid "ldap_chpass_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1973 +#: sssd-ldap.5.xml:2031 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1978 +#: sssd-ldap.5.xml:2036 msgid "Default: not set, i.e. service discovery is disabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1984 +#: sssd-ldap.5.xml:2042 msgid "ldap_chpass_update_last_change (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1987 +#: sssd-ldap.5.xml:2045 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1999 +#: sssd-ldap.5.xml:2057 msgid "ldap_access_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2002 +#: sssd-ldap.5.xml:2060 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -6334,12 +6582,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2022 +#: sssd-ldap.5.xml:2080 msgid "Example:" msgstr "Piemērs:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:2025 +#: sssd-ldap.5.xml:2083 #, no-wrap msgid "" "access_provider = ldap\n" @@ -6348,14 +6596,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2029 +#: sssd-ldap.5.xml:2087 msgid "" "This example means that access to this host is restricted to users whose " "employeeType attribute is set to \"admin\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2034 +#: sssd-ldap.5.xml:2092 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -6364,24 +6612,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2042 sssd-ldap.5.xml:2099 +#: sssd-ldap.5.xml:2100 sssd-ldap.5.xml:2157 msgid "Default: Empty" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2048 +#: sssd-ldap.5.xml:2106 msgid "ldap_account_expire_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2051 +#: sssd-ldap.5.xml:2109 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2055 +#: sssd-ldap.5.xml:2113 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -6389,19 +6637,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2062 +#: sssd-ldap.5.xml:2120 msgid "The following values are allowed:" msgstr "Atļautas šādas vērtības:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2065 +#: sssd-ldap.5.xml:2123 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2070 +#: sssd-ldap.5.xml:2128 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -6410,7 +6658,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2077 +#: sssd-ldap.5.xml:2135 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " @@ -6418,7 +6666,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2083 +#: sssd-ldap.5.xml:2141 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -6427,7 +6675,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2092 +#: sssd-ldap.5.xml:2150 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>expire</quote> in order for the " @@ -6435,22 +6683,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2105 +#: sssd-ldap.5.xml:2163 msgid "ldap_access_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2108 +#: sssd-ldap.5.xml:2166 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2112 +#: sssd-ldap.5.xml:2170 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2115 +#: sssd-ldap.5.xml:2173 msgid "" "<emphasis>lockout</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -6460,14 +6708,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2125 +#: sssd-ldap.5.xml:2183 msgid "" "<emphasis> Please note that this option is superseded by the <quote>ppolicy</" "quote> option and might be removed in a future release. </emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2132 +#: sssd-ldap.5.xml:2190 msgid "" "<emphasis>ppolicy</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -6480,12 +6728,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2149 +#: sssd-ldap.5.xml:2207 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2153 +#: sssd-ldap.5.xml:2211 msgid "" "<emphasis>pwd_expire_policy_reject, pwd_expire_policy_warn, " "pwd_expire_policy_renew: </emphasis> These options are useful if users are " @@ -6495,7 +6743,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2163 +#: sssd-ldap.5.xml:2221 msgid "" "The difference between these options is the action taken if user password is " "expired: pwd_expire_policy_reject - user is denied to log in, " @@ -6505,63 +6753,63 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2171 +#: sssd-ldap.5.xml:2229 msgid "" "Note If user password is expired no explicit message is prompted by SSSD." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2175 +#: sssd-ldap.5.xml:2233 msgid "" "Please note that 'access_provider = ldap' must be set for this feature to " "work. Also 'ldap_pwd_policy' must be set to an appropriate password policy." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2180 +#: sssd-ldap.5.xml:2238 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2185 +#: sssd-ldap.5.xml:2243 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2189 +#: sssd-ldap.5.xml:2247 msgid "" "<emphasis>rhost</emphasis>: use the rhost attribute to determine whether " "remote host can access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2193 +#: sssd-ldap.5.xml:2251 msgid "" "Please note, rhost field in pam is set by application, it is better to check " "what the application sends to pam, before enabling this access control option" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2198 +#: sssd-ldap.5.xml:2256 msgid "Default: filter" msgstr "Noklusējuma: filtrēt" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2201 +#: sssd-ldap.5.xml:2259 msgid "" "Please note that it is a configuration error if a value is used more than " "once." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2208 +#: sssd-ldap.5.xml:2266 msgid "ldap_pwdlockout_dn (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2211 +#: sssd-ldap.5.xml:2269 msgid "" "This option specifies the DN of password policy entry on LDAP server. Please " "note that absence of this option in sssd.conf in case of enabled account " @@ -6570,74 +6818,74 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2219 +#: sssd-ldap.5.xml:2277 msgid "Example: cn=ppolicy,ou=policies,dc=example,dc=com" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2222 +#: sssd-ldap.5.xml:2280 msgid "Default: cn=ppolicy,ou=policies,$ldap_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2228 +#: sssd-ldap.5.xml:2286 msgid "ldap_deref (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2231 +#: sssd-ldap.5.xml:2289 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2236 +#: sssd-ldap.5.xml:2294 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2240 +#: sssd-ldap.5.xml:2298 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2245 +#: sssd-ldap.5.xml:2303 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2250 +#: sssd-ldap.5.xml:2308 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2255 +#: sssd-ldap.5.xml:2313 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2263 +#: sssd-ldap.5.xml:2321 msgid "ldap_rfc2307_fallback_to_local_users (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2266 +#: sssd-ldap.5.xml:2324 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2270 +#: sssd-ldap.5.xml:2328 msgid "" "In some environments where the RFC2307 schema is used, local users are made " "members of LDAP groups by adding their names to the memberUid attribute. " @@ -6648,7 +6896,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2281 +#: sssd-ldap.5.xml:2339 msgid "" "This option falls back to checking if local users are referenced, and caches " "them so that later initgroups() calls will augment the local users with the " @@ -6656,24 +6904,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2293 sssd-ifp.5.xml:136 +#: sssd-ldap.5.xml:2351 sssd-ifp.5.xml:136 msgid "wildcard_limit (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2296 +#: sssd-ldap.5.xml:2354 msgid "" "Specifies an upper limit on the number of entries that are downloaded during " "a wildcard lookup." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2300 +#: sssd-ldap.5.xml:2358 msgid "At the moment, only the InfoPipe responder supports wildcard lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2304 +#: sssd-ldap.5.xml:2362 msgid "Default: 1000 (often the size of one page)" msgstr "" @@ -6688,12 +6936,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2314 +#: sssd-ldap.5.xml:2372 msgid "SUDO OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2316 +#: sssd-ldap.5.xml:2374 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -6701,317 +6949,327 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2327 +#: sssd-ldap.5.xml:2385 msgid "ldap_sudorule_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2330 +#: sssd-ldap.5.xml:2388 msgid "The object class of a sudo rule entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2333 +#: sssd-ldap.5.xml:2391 msgid "Default: sudoRole" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2339 +#: sssd-ldap.5.xml:2397 msgid "ldap_sudorule_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2342 +#: sssd-ldap.5.xml:2400 msgid "The LDAP attribute that corresponds to the sudo rule name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2352 +#: sssd-ldap.5.xml:2410 msgid "ldap_sudorule_command (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2355 +#: sssd-ldap.5.xml:2413 msgid "The LDAP attribute that corresponds to the command name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2359 +#: sssd-ldap.5.xml:2417 msgid "Default: sudoCommand" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2365 +#: sssd-ldap.5.xml:2423 msgid "ldap_sudorule_host (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2368 +#: sssd-ldap.5.xml:2426 msgid "" "The LDAP attribute that corresponds to the host name (or host IP address, " "host IP network, or host netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2373 +#: sssd-ldap.5.xml:2431 msgid "Default: sudoHost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2379 +#: sssd-ldap.5.xml:2437 msgid "ldap_sudorule_user (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2382 +#: sssd-ldap.5.xml:2440 msgid "" "The LDAP attribute that corresponds to the user name (or UID, group name or " "user's netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2386 +#: sssd-ldap.5.xml:2444 msgid "Default: sudoUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2392 +#: sssd-ldap.5.xml:2450 msgid "ldap_sudorule_option (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2395 +#: sssd-ldap.5.xml:2453 msgid "The LDAP attribute that corresponds to the sudo options." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2399 +#: sssd-ldap.5.xml:2457 msgid "Default: sudoOption" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2405 +#: sssd-ldap.5.xml:2463 msgid "ldap_sudorule_runasuser (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2408 +#: sssd-ldap.5.xml:2466 msgid "" "The LDAP attribute that corresponds to the user name that commands may be " "run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2412 +#: sssd-ldap.5.xml:2470 msgid "Default: sudoRunAsUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2418 +#: sssd-ldap.5.xml:2476 msgid "ldap_sudorule_runasgroup (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2421 +#: sssd-ldap.5.xml:2479 msgid "" "The LDAP attribute that corresponds to the group name or group GID that " "commands may be run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2425 +#: sssd-ldap.5.xml:2483 msgid "Default: sudoRunAsGroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2431 +#: sssd-ldap.5.xml:2489 msgid "ldap_sudorule_notbefore (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2434 +#: sssd-ldap.5.xml:2492 msgid "" "The LDAP attribute that corresponds to the start date/time for when the sudo " "rule is valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2438 +#: sssd-ldap.5.xml:2496 msgid "Default: sudoNotBefore" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2444 +#: sssd-ldap.5.xml:2502 msgid "ldap_sudorule_notafter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2447 +#: sssd-ldap.5.xml:2505 msgid "" "The LDAP attribute that corresponds to the expiration date/time, after which " "the sudo rule will no longer be valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2452 +#: sssd-ldap.5.xml:2510 msgid "Default: sudoNotAfter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2458 +#: sssd-ldap.5.xml:2516 msgid "ldap_sudorule_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2461 +#: sssd-ldap.5.xml:2519 msgid "The LDAP attribute that corresponds to the ordering index of the rule." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2465 +#: sssd-ldap.5.xml:2523 msgid "Default: sudoOrder" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2471 +#: sssd-ldap.5.xml:2529 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2474 +#: sssd-ldap.5.xml:2532 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2479 +#: sssd-ldap.5.xml:2537 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </" "emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2484 +#: sssd-ldap.5.xml:2542 msgid "Default: 21600 (6 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2490 +#: sssd-ldap.5.xml:2548 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2493 +#: sssd-ldap.5.xml:2551 msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " -"rules (which downloads all rules that have USN higher than the highest USN " -"of cached rules)." +"rules (which downloads all rules that have USN higher than the highest " +"server USN value that is currently known by SSSD)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2499 +#: sssd-ldap.5.xml:2557 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:2561 +msgid "" +"<emphasis>Note:</emphasis> the highest USN value can be updated by three " +"tasks: 1) By sudo full and smart refresh (if updated rules are found), 2) by " +"enumeration of users and groups (if enabled and updated users or groups are " +"found) and 3) by reconnecting to the server (by default every 15 minutes, " +"see <emphasis>ldap_connection_expire_timeout</emphasis>)." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2509 +#: sssd-ldap.5.xml:2578 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2512 +#: sssd-ldap.5.xml:2581 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2523 +#: sssd-ldap.5.xml:2592 msgid "ldap_sudo_hostnames (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2526 +#: sssd-ldap.5.xml:2595 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2531 +#: sssd-ldap.5.xml:2600 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2536 sssd-ldap.5.xml:2559 sssd-ldap.5.xml:2577 -#: sssd-ldap.5.xml:2595 +#: sssd-ldap.5.xml:2605 sssd-ldap.5.xml:2628 sssd-ldap.5.xml:2646 +#: sssd-ldap.5.xml:2664 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</" "emphasis> then this option has no effect." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2541 sssd-ldap.5.xml:2564 +#: sssd-ldap.5.xml:2610 sssd-ldap.5.xml:2633 msgid "Default: not specified" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2547 +#: sssd-ldap.5.xml:2616 msgid "ldap_sudo_ip (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2550 +#: sssd-ldap.5.xml:2619 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2555 +#: sssd-ldap.5.xml:2624 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2570 +#: sssd-ldap.5.xml:2639 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2573 +#: sssd-ldap.5.xml:2642 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2588 +#: sssd-ldap.5.xml:2657 msgid "ldap_sudo_include_regexp (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2591 +#: sssd-ldap.5.xml:2660 msgid "" "If true then SSSD will download every rule that contains a wildcard in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><note><para> -#: sssd-ldap.5.xml:2601 +#: sssd-ldap.5.xml:2670 msgid "" "Using wildcard is an operation that is very costly to evaluate on the LDAP " "server side!" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2613 +#: sssd-ldap.5.xml:2682 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -7020,111 +7278,111 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2623 +#: sssd-ldap.5.xml:2692 msgid "AUTOFS OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2625 +#: sssd-ldap.5.xml:2694 msgid "" "Some of the defaults for the parameters below are dependent on the LDAP " "schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2631 +#: sssd-ldap.5.xml:2700 msgid "ldap_autofs_map_master_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2634 +#: sssd-ldap.5.xml:2703 msgid "The name of the automount master map in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2637 +#: sssd-ldap.5.xml:2706 msgid "Default: auto.master" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2644 +#: sssd-ldap.5.xml:2713 msgid "ldap_autofs_map_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2647 +#: sssd-ldap.5.xml:2716 msgid "The object class of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2650 +#: sssd-ldap.5.xml:2719 msgid "Default: nisMap (rfc2307, autofs_provider=ad), otherwise automountMap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2658 +#: sssd-ldap.5.xml:2727 msgid "ldap_autofs_map_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2661 +#: sssd-ldap.5.xml:2730 msgid "The name of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2664 +#: sssd-ldap.5.xml:2733 msgid "" "Default: nisMapName (rfc2307, autofs_provider=ad), otherwise automountMapName" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2672 +#: sssd-ldap.5.xml:2741 msgid "ldap_autofs_entry_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2675 +#: sssd-ldap.5.xml:2744 msgid "" "The object class of an automount entry in LDAP. The entry usually " "corresponds to a mount point." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2680 +#: sssd-ldap.5.xml:2749 msgid "Default: nisObject (rfc2307, autofs_provider=ad), otherwise automount" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2688 +#: sssd-ldap.5.xml:2757 msgid "ldap_autofs_entry_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2691 sssd-ldap.5.xml:2706 +#: sssd-ldap.5.xml:2760 sssd-ldap.5.xml:2775 msgid "" "The key of an automount entry in LDAP. The entry usually corresponds to a " "mount point." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2695 +#: sssd-ldap.5.xml:2764 msgid "Default: cn (rfc2307, autofs_provider=ad), otherwise automountKey" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2703 +#: sssd-ldap.5.xml:2772 msgid "ldap_autofs_entry_value (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2710 +#: sssd-ldap.5.xml:2779 msgid "" "Default: nisMapEntry (rfc2307, autofs_provider=ad), otherwise " "automountInformation" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2629 +#: sssd-ldap.5.xml:2698 msgid "" "<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" "\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " @@ -7133,32 +7391,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2721 +#: sssd-ldap.5.xml:2790 msgid "ADVANCED OPTIONS" msgstr "PAPLAŠINĀTĀS IESPĒJAS" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2728 +#: sssd-ldap.5.xml:2797 msgid "ldap_netgroup_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2733 +#: sssd-ldap.5.xml:2802 msgid "ldap_user_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2738 +#: sssd-ldap.5.xml:2807 msgid "ldap_group_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note> -#: sssd-ldap.5.xml:2743 +#: sssd-ldap.5.xml:2812 msgid "<note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note><para> -#: sssd-ldap.5.xml:2745 +#: sssd-ldap.5.xml:2814 msgid "" "If the option <quote>ldap_use_tokengroups</quote> is enabled, the searches " "against Active Directory will not be restricted and return all groups " @@ -7167,22 +7425,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist> -#: sssd-ldap.5.xml:2752 +#: sssd-ldap.5.xml:2821 msgid "</note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2754 +#: sssd-ldap.5.xml:2823 msgid "ldap_sudo_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2759 +#: sssd-ldap.5.xml:2828 msgid "ldap_autofs_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2723 +#: sssd-ldap.5.xml:2792 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -7191,14 +7449,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2774 sssd-simple.5.xml:131 sssd-ipa.5.xml:843 -#: sssd-ad.5.xml:1078 sssd-krb5.5.xml:570 sss_rpcidmapd.5.xml:98 +#: sssd-ldap.5.xml:2843 sssd-simple.5.xml:131 sssd-ipa.5.xml:843 +#: sssd-ad.5.xml:1097 sssd-krb5.5.xml:604 sss_rpcidmapd.5.xml:98 #: sssd-files.5.xml:130 sssd-session-recording.5.xml:144 msgid "EXAMPLE" msgstr "PIEMĒRS" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2776 +#: sssd-ldap.5.xml:2845 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -7206,7 +7464,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2782 +#: sssd-ldap.5.xml:2851 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -7219,27 +7477,27 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:2781 sssd-ldap.5.xml:2799 sssd-simple.5.xml:139 -#: sssd-ipa.5.xml:851 sssd-ad.5.xml:1086 sssd-sudo.5.xml:56 sssd-krb5.5.xml:579 +#: sssd-ldap.5.xml:2850 sssd-ldap.5.xml:2868 sssd-simple.5.xml:139 +#: sssd-ipa.5.xml:851 sssd-ad.5.xml:1105 sssd-sudo.5.xml:56 sssd-krb5.5.xml:613 #: sssd-files.5.xml:137 sssd-files.5.xml:148 sssd-session-recording.5.xml:150 #: include/ldap_id_mapping.xml:105 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2793 +#: sssd-ldap.5.xml:2862 msgid "LDAP ACCESS FILTER EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2795 +#: sssd-ldap.5.xml:2864 msgid "" "The following example assumes that SSSD is correctly configured and to use " "the ldap_access_order=lockout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2800 +#: sssd-ldap.5.xml:2869 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -7255,13 +7513,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2815 sssd_krb5_locator_plugin.8.xml:81 sssd-simple.5.xml:148 -#: sssd-ad.5.xml:1101 sssd.8.xml:257 sss_seed.8.xml:163 +#: sssd-ldap.5.xml:2884 sssd_krb5_locator_plugin.8.xml:83 sssd-simple.5.xml:148 +#: sssd-ad.5.xml:1120 sssd.8.xml:257 sss_seed.8.xml:163 msgid "NOTES" msgstr "PIEZĪMES" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2817 +#: sssd-ldap.5.xml:2886 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -7466,17 +7724,15 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: pam_sss.8.xml:211 -#, fuzzy -#| msgid "<option>use_authtok</option>" msgid "<option>try_cert_auth</option>" -msgstr "<option>use_authtok</option>" +msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: pam_sss.8.xml:215 msgid "" "Try to use certificate based authentication, i.e. authentication with a " "Smartcard or similar devices. If a Smartcard is available and the service is " -"allowed for Smartcard authentication the use will be prompted for a PIN and " +"allowed for Smartcard authentication the user will be prompted for a PIN and " "the certificate based authentication will continue" msgstr "" @@ -7489,10 +7745,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: pam_sss.8.xml:231 -#, fuzzy -#| msgid "<option>use_authtok</option>" msgid "<option>require_cert_auth</option>" -msgstr "<option>use_authtok</option>" +msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: pam_sss.8.xml:235 @@ -7525,13 +7779,22 @@ msgid "" "<option>password</option> and <option>session</option>) are provided." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para> +#: pam_sss.8.xml:259 +msgid "" +"If SSSD's PAM responder is not running, e.g. if the PAM responder socket is " +"not available, pam_sss will return PAM_USER_UNKNOWN when called as " +"<option>account</option> module to avoid issues with users from other " +"sources during access control." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><title> -#: pam_sss.8.xml:262 +#: pam_sss.8.xml:266 msgid "FILES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:263 +#: pam_sss.8.xml:267 msgid "" "If a password reset by root fails, because the corresponding SSSD provider " "does not support password resets, an individual message can be displayed. " @@ -7539,7 +7802,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:268 +#: pam_sss.8.xml:272 msgid "" "The message is read from the file <filename>pam_sss_pw_reset_message.LOC</" "filename> where LOC stands for a locale string returned by <citerefentry> " @@ -7551,7 +7814,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:278 +#: pam_sss.8.xml:282 msgid "" "These files are searched in the directory <filename>/etc/sssd/customize/" "DOMAIN_NAME/</filename>. If no matching file is present a generic message is " @@ -7601,34 +7864,44 @@ msgstr "" msgid "" "The plugin reads the information about the KDCs of a given realm from a file " "called <filename>kdcinfo.REALM</filename>. The file should contain one or " -"more IP addresses either in dotted-decimal IPv4 notation or the hexadecimal " -"IPv6 notation. An optional port number can be added to the end separated " -"with a colon, the IPv6 address has to be enclosed in squared brackets in " -"this case as usual. Valid entries are:" +"more DNS names or IP addresses either in dotted-decimal IPv4 notation or the " +"hexadecimal IPv6 notation. An optional port number can be added to the end " +"separated with a colon, the IPv6 address has to be enclosed in squared " +"brackets in this case as usual. Valid entries are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> #: sssd_krb5_locator_plugin.8.xml:58 -msgid "1.2.3.4" +msgid "kdc.example.com" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> #: sssd_krb5_locator_plugin.8.xml:59 -msgid "5.6.7.8:99" +msgid "kdc.example.com:321" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> #: sssd_krb5_locator_plugin.8.xml:60 -msgid "2001:db8:85a3::8a2e:370:7334" +msgid "1.2.3.4" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> #: sssd_krb5_locator_plugin.8.xml:61 +msgid "5.6.7.8:99" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd_krb5_locator_plugin.8.xml:62 +msgid "2001:db8:85a3::8a2e:370:7334" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd_krb5_locator_plugin.8.xml:63 msgid "[2001:db8:85a3::8a2e:370:7334]:321" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:63 +#: sssd_krb5_locator_plugin.8.xml:65 msgid "" "SSSD's krb5 auth-provider which is used by the IPA and AD providers as well " "adds the address of the current KDC or domain controller SSSD is using to " @@ -7636,7 +7909,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:68 +#: sssd_krb5_locator_plugin.8.xml:70 msgid "" "In environments with read-only and read-write KDCs where clients are " "expected to use the read-only instances for the general operations and only " @@ -7649,7 +7922,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:83 +#: sssd_krb5_locator_plugin.8.xml:85 msgid "" "Not all Kerberos implementations support the use of plugins. If " "<command>sssd_krb5_locator_plugin</command> is not available on your system " @@ -7657,20 +7930,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:89 +#: sssd_krb5_locator_plugin.8.xml:91 msgid "" "If the environment variable SSSD_KRB5_LOCATOR_DEBUG is set to any value " "debug messages will be sent to stderr." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:93 +#: sssd_krb5_locator_plugin.8.xml:95 msgid "" "If the environment variable SSSD_KRB5_LOCATOR_DISABLE is set to any value " "the plugin is disabled and will just return KRB5_PLUGIN_NO_HANDLE to the " "caller." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:100 +msgid "" +"If the environment variable SSSD_KRB5_LOCATOR_IGNORE_DNS_FAILURES is set to " +"any value plugin will try to resolve all DNS names in kdcinfo file. By " +"default plugin returns KRB5_PLUGIN_NO_HANDLE to the caller immediately on " +"first DNS resolving failure." +msgstr "" + #. type: Content of: <reference><refentry><refnamediv><refname> #: sssd-simple.5.xml:10 sssd-simple.5.xml:16 msgid "sssd-simple" @@ -8767,7 +9049,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:128 sssd-ad.5.xml:888 +#: sssd-ipa.5.xml:128 sssd-ad.5.xml:907 msgid "dyndns_update (boolean)" msgstr "" @@ -8782,7 +9064,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:140 sssd-ad.5.xml:902 +#: sssd-ipa.5.xml:140 sssd-ad.5.xml:921 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" @@ -8797,12 +9079,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:157 sssd-ad.5.xml:913 +#: sssd-ipa.5.xml:157 sssd-ad.5.xml:932 msgid "dyndns_ttl (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:160 sssd-ad.5.xml:916 +#: sssd-ipa.5.xml:160 sssd-ad.5.xml:935 msgid "" "The TTL to apply to the client DNS record when updating it. If " "dyndns_update is false this has no effect. This will override the TTL " @@ -8823,12 +9105,12 @@ msgid "Default: 1200 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:177 sssd-ad.5.xml:927 +#: sssd-ipa.5.xml:177 sssd-ad.5.xml:946 msgid "dyndns_iface (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:180 sssd-ad.5.xml:930 +#: sssd-ipa.5.xml:180 sssd-ad.5.xml:949 msgid "" "Optional. Applicable only when dyndns_update is true. Choose the interface " "or a list of interfaces whose IP addresses should be used for dynamic DNS " @@ -8852,17 +9134,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:197 sssd-ad.5.xml:941 +#: sssd-ipa.5.xml:197 sssd-ad.5.xml:960 msgid "Example: dyndns_iface = em1, vnet1, vnet2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:203 sssd-ad.5.xml:992 +#: sssd-ipa.5.xml:203 sssd-ad.5.xml:1011 msgid "dyndns_auth (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:206 sssd-ad.5.xml:995 +#: sssd-ipa.5.xml:206 sssd-ad.5.xml:1014 msgid "" "Whether the nsupdate utility should use GSS-TSIG authentication for secure " "updates with the DNS server, insecure updates can be sent by setting this " @@ -8870,7 +9152,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:212 sssd-ad.5.xml:1001 +#: sssd-ipa.5.xml:212 sssd-ad.5.xml:1020 msgid "Default: GSS-TSIG" msgstr "" @@ -8897,7 +9179,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:244 sssd-ad.5.xml:947 +#: sssd-ipa.5.xml:244 sssd-ad.5.xml:966 msgid "dyndns_refresh_interval (integer)" msgstr "" @@ -8910,12 +9192,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:260 sssd-ad.5.xml:965 +#: sssd-ipa.5.xml:260 sssd-ad.5.xml:984 msgid "dyndns_update_ptr (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:263 sssd-ad.5.xml:968 +#: sssd-ipa.5.xml:263 sssd-ad.5.xml:987 msgid "" "Whether the PTR record should also be explicitly updated when updating the " "client's DNS records. Applicable only when dyndns_update is true." @@ -8934,60 +9216,60 @@ msgid "Default: False (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:280 sssd-ad.5.xml:979 +#: sssd-ipa.5.xml:280 sssd-ad.5.xml:998 msgid "dyndns_force_tcp (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:283 sssd-ad.5.xml:982 +#: sssd-ipa.5.xml:283 sssd-ad.5.xml:1001 msgid "" "Whether the nsupdate utility should default to using TCP for communicating " "with the DNS server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:287 sssd-ad.5.xml:986 +#: sssd-ipa.5.xml:287 sssd-ad.5.xml:1005 msgid "Default: False (let nsupdate choose the protocol)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:293 sssd-ad.5.xml:1007 +#: sssd-ipa.5.xml:293 sssd-ad.5.xml:1026 msgid "dyndns_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:296 sssd-ad.5.xml:1010 +#: sssd-ipa.5.xml:296 sssd-ad.5.xml:1029 msgid "" "The DNS server to use when performing a DNS update. In most setups, it's " "recommended to leave this option unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:301 sssd-ad.5.xml:1015 +#: sssd-ipa.5.xml:301 sssd-ad.5.xml:1034 msgid "" "Setting this option makes sense for environments where the DNS server is " "different from the identity server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:306 sssd-ad.5.xml:1020 +#: sssd-ipa.5.xml:306 sssd-ad.5.xml:1039 msgid "" "Please note that this option will be only used in fallback attempt when " "previous attempt using autodetected settings failed." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:311 sssd-ad.5.xml:1025 +#: sssd-ipa.5.xml:311 sssd-ad.5.xml:1044 msgid "Default: None (let nsupdate choose the server)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:317 sssd-ad.5.xml:1031 +#: sssd-ipa.5.xml:317 sssd-ad.5.xml:1050 msgid "dyndns_update_per_family (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:320 sssd-ad.5.xml:1034 +#: sssd-ipa.5.xml:320 sssd-ad.5.xml:1053 msgid "" "DNS update is by default performed in two steps - IPv4 update and then IPv6 " "update. In some cases it might be desirable to perform IPv4 and IPv6 update " @@ -9101,26 +9383,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:458 sssd-ad.5.xml:1049 +#: sssd-ipa.5.xml:458 sssd-ad.5.xml:1068 msgid "krb5_confd_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:461 sssd-ad.5.xml:1052 +#: sssd-ipa.5.xml:461 sssd-ad.5.xml:1071 msgid "" "Absolute path of a directory where SSSD should place Kerberos configuration " "snippets." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:465 sssd-ad.5.xml:1056 +#: sssd-ipa.5.xml:465 sssd-ad.5.xml:1075 msgid "" "To disable the creation of the configuration snippets set the parameter to " "'none'." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:469 sssd-ad.5.xml:1060 +#: sssd-ipa.5.xml:469 sssd-ad.5.xml:1079 msgid "" "Default: not set (krb5.include.d subdirectory of SSSD's pubconf directory)" msgstr "" @@ -9139,7 +9421,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:486 sssd-ipa.5.xml:516 sssd-ipa.5.xml:532 sssd-ad.5.xml:452 +#: sssd-ipa.5.xml:486 sssd-ipa.5.xml:516 sssd-ipa.5.xml:532 sssd-ad.5.xml:471 msgid "Default: 5 (seconds)" msgstr "" @@ -10015,12 +10297,27 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:442 +#: sssd-ad.5.xml:441 +msgid "ad_gpo_ignore_unreadable (boolean)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:444 +msgid "" +"Normally when some group policy containers (AD object) of applicable group " +"policy objects are not readable by SSSD then users are denied access. This " +"option allows to ignore group policy containers and with them associated " +"policies if their attributes in group policy containers are not readable for " +"SSSD." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:461 msgid "ad_gpo_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:445 +#: sssd-ad.5.xml:464 msgid "" "The amount of time between lookups of GPO policy files against the AD " "server. This will reduce the latency and load on the AD server if there are " @@ -10028,12 +10325,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:458 +#: sssd-ad.5.xml:477 msgid "ad_gpo_map_interactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:461 +#: sssd-ad.5.xml:480 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the InteractiveLogonRight and " @@ -10041,14 +10338,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:467 +#: sssd-ad.5.xml:486 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on locally\" and \"Deny log on locally\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:481 +#: sssd-ad.5.xml:500 #, no-wrap msgid "" "ad_gpo_map_interactive = +my_pam_service, -login\n" @@ -10056,7 +10353,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:472 +#: sssd-ad.5.xml:491 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -10068,42 +10365,42 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:504 +#: sssd-ad.5.xml:523 msgid "gdm-fingerprint" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:524 +#: sssd-ad.5.xml:543 msgid "lightdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:529 +#: sssd-ad.5.xml:548 msgid "lxdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:534 +#: sssd-ad.5.xml:553 msgid "sddm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:539 +#: sssd-ad.5.xml:558 msgid "unity" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:544 +#: sssd-ad.5.xml:563 msgid "xdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:553 +#: sssd-ad.5.xml:572 msgid "ad_gpo_map_remote_interactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:556 +#: sssd-ad.5.xml:575 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the RemoteInteractiveLogonRight and " @@ -10111,7 +10408,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:562 +#: sssd-ad.5.xml:581 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on through Remote Desktop Services\" and \"Deny log on through Remote " @@ -10119,7 +10416,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:577 +#: sssd-ad.5.xml:596 #, no-wrap msgid "" "ad_gpo_map_remote_interactive = +my_pam_service, -sshd\n" @@ -10127,7 +10424,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:568 +#: sssd-ad.5.xml:587 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -10139,22 +10436,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:585 +#: sssd-ad.5.xml:604 msgid "sshd" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:590 +#: sssd-ad.5.xml:609 msgid "cockpit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:599 +#: sssd-ad.5.xml:618 msgid "ad_gpo_map_network (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:602 +#: sssd-ad.5.xml:621 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the NetworkLogonRight and " @@ -10162,7 +10459,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:608 +#: sssd-ad.5.xml:627 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Access " "this computer from the network\" and \"Deny access to this computer from the " @@ -10170,7 +10467,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:623 +#: sssd-ad.5.xml:642 #, no-wrap msgid "" "ad_gpo_map_network = +my_pam_service, -ftp\n" @@ -10178,7 +10475,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:614 +#: sssd-ad.5.xml:633 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -10190,22 +10487,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:631 +#: sssd-ad.5.xml:650 msgid "ftp" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:636 +#: sssd-ad.5.xml:655 msgid "samba" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:645 +#: sssd-ad.5.xml:664 msgid "ad_gpo_map_batch (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:648 +#: sssd-ad.5.xml:667 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the BatchLogonRight and DenyBatchLogonRight " @@ -10213,14 +10510,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:654 +#: sssd-ad.5.xml:673 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a batch job\" and \"Deny log on as a batch job\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:668 +#: sssd-ad.5.xml:687 #, no-wrap msgid "" "ad_gpo_map_batch = +my_pam_service, -crond\n" @@ -10228,7 +10525,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:659 +#: sssd-ad.5.xml:678 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -10240,23 +10537,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:671 +#: sssd-ad.5.xml:690 msgid "" "Note: Cron service name may differ depending on Linux distribution used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:677 +#: sssd-ad.5.xml:696 msgid "crond" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:686 +#: sssd-ad.5.xml:705 msgid "ad_gpo_map_service (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:689 +#: sssd-ad.5.xml:708 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the ServiceLogonRight and " @@ -10264,14 +10561,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:695 +#: sssd-ad.5.xml:714 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a service\" and \"Deny log on as a service\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:708 +#: sssd-ad.5.xml:727 #, no-wrap msgid "" "ad_gpo_map_service = +my_pam_service\n" @@ -10279,7 +10576,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:700 sssd-ad.5.xml:775 +#: sssd-ad.5.xml:719 sssd-ad.5.xml:794 msgid "" "It is possible to add a PAM service name to the default set by using <quote>" "+service_name</quote>. Since the default set is empty, it is not possible " @@ -10290,19 +10587,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:718 +#: sssd-ad.5.xml:737 msgid "ad_gpo_map_permit (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:721 +#: sssd-ad.5.xml:740 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always granted, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:735 +#: sssd-ad.5.xml:754 #, no-wrap msgid "" "ad_gpo_map_permit = +my_pam_service, -sudo\n" @@ -10310,7 +10607,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:726 +#: sssd-ad.5.xml:745 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -10322,29 +10619,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:743 +#: sssd-ad.5.xml:762 msgid "polkit-1" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:758 +#: sssd-ad.5.xml:777 msgid "systemd-user" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:767 +#: sssd-ad.5.xml:786 msgid "ad_gpo_map_deny (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:770 +#: sssd-ad.5.xml:789 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always denied, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:783 +#: sssd-ad.5.xml:802 #, no-wrap msgid "" "ad_gpo_map_deny = +my_pam_service\n" @@ -10352,12 +10649,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:793 +#: sssd-ad.5.xml:812 msgid "ad_gpo_default_right (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:796 +#: sssd-ad.5.xml:815 msgid "" "This option defines how access control is evaluated for PAM service names " "that are not explicitly listed in one of the ad_gpo_map_* options. This " @@ -10370,57 +10667,57 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:809 +#: sssd-ad.5.xml:828 msgid "Supported values for this option include:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:813 +#: sssd-ad.5.xml:832 msgid "interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:818 +#: sssd-ad.5.xml:837 msgid "remote_interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:823 +#: sssd-ad.5.xml:842 msgid "network" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:828 +#: sssd-ad.5.xml:847 msgid "batch" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:833 +#: sssd-ad.5.xml:852 msgid "service" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:838 +#: sssd-ad.5.xml:857 msgid "permit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:843 +#: sssd-ad.5.xml:862 msgid "deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:849 +#: sssd-ad.5.xml:868 msgid "Default: deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:855 +#: sssd-ad.5.xml:874 msgid "ad_maximum_machine_account_password_age (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:858 +#: sssd-ad.5.xml:877 msgid "" "SSSD will check once a day if the machine account password is older than the " "given age in days and try to renew it. A value of 0 will disable the renewal " @@ -10428,17 +10725,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:864 +#: sssd-ad.5.xml:883 msgid "Default: 30 days" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:870 +#: sssd-ad.5.xml:889 msgid "ad_machine_account_password_renewal_opts (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:873 +#: sssd-ad.5.xml:892 msgid "" "This option should only be used to test the machine account renewal task. " "The option expects 2 integers separated by a colon (':'). The first integer " @@ -10448,12 +10745,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:882 +#: sssd-ad.5.xml:901 msgid "Default: 86400:750 (24h and 15m)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:891 +#: sssd-ad.5.xml:910 msgid "" "Optional. This option tells SSSD to automatically update the Active " "Directory DNS server with the IP address of this client. The update is " @@ -10464,19 +10761,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:921 +#: sssd-ad.5.xml:940 msgid "Default: 3600 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:937 +#: sssd-ad.5.xml:956 msgid "" "Default: Use the IP addresses of the interface which is used for AD LDAP " "connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:950 +#: sssd-ad.5.xml:969 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -10486,12 +10783,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:973 sss_rpcidmapd.5.xml:76 +#: sssd-ad.5.xml:992 sss_rpcidmapd.5.xml:76 msgid "Default: True" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1080 +#: sssd-ad.5.xml:1099 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -10499,7 +10796,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1087 +#: sssd-ad.5.xml:1106 #, no-wrap msgid "" "[domain/EXAMPLE]\n" @@ -10514,7 +10811,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1107 +#: sssd-ad.5.xml:1126 #, no-wrap msgid "" "access_provider = ldap\n" @@ -10523,7 +10820,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1103 +#: sssd-ad.5.xml:1122 msgid "" "The AD access control provider checks if the account is expired. It has the " "same effect as the following configuration of the LDAP provider: " @@ -10531,7 +10828,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1113 +#: sssd-ad.5.xml:1132 msgid "" "However, unless the <quote>ad</quote> access control provider is explicitly " "configured, the default access provider is <quote>permit</quote>. Please " @@ -10541,7 +10838,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1121 +#: sssd-ad.5.xml:1140 msgid "" "When the autofs provider is set to <quote>ad</quote>, the RFC2307 schema " "attribute mapping (nisMap, nisObject, ...) is used, because these attributes " @@ -12025,23 +12322,61 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-krb5.5.xml:505 -msgid "krb5_use_enterprise_principal (boolean)" +msgid "krb5_kdcinfo_lookahead (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:508 msgid "" +"When krb5_use_kdcinfo is set to true, you can limit the amount of servers " +"handed to <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" +"refentrytitle> <manvolnum>8</manvolnum> </citerefentry>. This might be " +"helpful when there are too many servers discovered using SRV record." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:518 +msgid "" +"The krb5_kdcinfo_lookahead option contains two numbers seperated by a colon. " +"The first number represents number of primary servers used and the second " +"number specifies the number of backup servers." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:524 +msgid "" +"For example <emphasis>10:0</emphasis> means that up to 10 primary servers " +"will be handed to <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" +"refentrytitle> <manvolnum>8</manvolnum> </citerefentry>. but no backup " +"servers." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:533 +#, fuzzy +#| msgid "Default: 1" +msgid "Default: 3:1" +msgstr "Noklusējuma: 1" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-krb5.5.xml:539 +msgid "krb5_use_enterprise_principal (boolean)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:542 +msgid "" "Specifies if the user principal should be treated as enterprise principal. " "See section 5 of RFC 6806 for more details about enterprise principals." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:514 +#: sssd-krb5.5.xml:548 msgid "Default: false (AD provider: true)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:517 +#: sssd-krb5.5.xml:551 msgid "" "The IPA provider will set to option to 'true' if it detects that the server " "is capable of handling enterprise principals and the option is not set " @@ -12049,12 +12384,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:526 +#: sssd-krb5.5.xml:560 msgid "krb5_map_user (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:529 +#: sssd-krb5.5.xml:563 msgid "" "The list of mappings is given as a comma-separated list of pairs " "<quote>username:primary</quote> where <quote>username</quote> is a UNIX user " @@ -12064,7 +12399,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-krb5.5.xml:541 +#: sssd-krb5.5.xml:575 #, no-wrap msgid "" "krb5_realm = REALM\n" @@ -12072,7 +12407,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:546 +#: sssd-krb5.5.xml:580 msgid "" "<quote>joe</quote> and <quote>dick</quote> are UNIX user names and " "<quote>juser</quote> and <quote>richard</quote> are primaries of kerberos " @@ -12092,7 +12427,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:572 +#: sssd-krb5.5.xml:606 msgid "" "The following example assumes that SSSD is correctly configured and FOO is " "one of the domains in the <replaceable>[sssd]</replaceable> section. This " @@ -12101,7 +12436,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-krb5.5.xml:580 +#: sssd-krb5.5.xml:614 #, no-wrap msgid "" "[domain/FOO]\n" diff --git a/src/man/po/nl.po b/src/man/po/nl.po index 6887a40e0ab..ab9a2fd4e6b 100644 --- a/src/man/po/nl.po +++ b/src/man/po/nl.po @@ -6,9 +6,9 @@ # Wijnand Modderman-Lenstra <accounts-transifex@maze.io>, 2011 msgid "" msgstr "" -"Project-Id-Version: sssd-docs 1.16.2\n" +"Project-Id-Version: sssd-docs 2.0.99\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2019-02-27 19:54+0100\n" +"POT-Creation-Date: 2019-06-13 20:34+0200\n" "PO-Revision-Date: 2014-12-15 12:02+0000\n" "Last-Translator: Copied by Zanata <copied-by-zanata@zanata.org>\n" "Language-Team: Dutch (http://www.transifex.com/projects/p/sssd/language/" @@ -318,11 +318,11 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:133 sssd.conf.5.xml:579 sssd.conf.5.xml:875 -#: sssd.conf.5.xml:1648 sssd.conf.5.xml:1678 sssd-ldap.5.xml:1792 -#: sssd-ldap.5.xml:1889 sssd-ldap.5.xml:1951 sssd-ldap.5.xml:2517 -#: sssd-ldap.5.xml:2582 sssd-ipa.5.xml:326 sssd-ad.5.xml:227 sssd-ad.5.xml:341 -#: sssd-ad.5.xml:907 sssd-ad.5.xml:1040 sssd-krb5.5.xml:499 +#: sssd.conf.5.xml:133 sssd.conf.5.xml:579 sssd.conf.5.xml:876 +#: sssd.conf.5.xml:1649 sssd.conf.5.xml:1679 sssd-ldap.5.xml:1849 +#: sssd-ldap.5.xml:1947 sssd-ldap.5.xml:2009 sssd-ldap.5.xml:2586 +#: sssd-ldap.5.xml:2651 sssd-ipa.5.xml:326 sssd-ad.5.xml:227 sssd-ad.5.xml:341 +#: sssd-ad.5.xml:926 sssd-ad.5.xml:1059 sssd-krb5.5.xml:499 #: sssd-secrets.5.xml:351 sssd-secrets.5.xml:364 msgid "Default: true" msgstr "Standaard: true" @@ -341,16 +341,16 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:146 sssd.conf.5.xml:576 sssd.conf.5.xml:758 -#: sssd.conf.5.xml:1581 sssd.conf.5.xml:3140 sssd-ldap.5.xml:708 -#: sssd-ldap.5.xml:1655 sssd-ldap.5.xml:1674 sssd-ldap.5.xml:1861 -#: sssd-ldap.5.xml:2287 sssd-ldap.5.xml:2606 sssd-ipa.5.xml:151 +#: sssd.conf.5.xml:1582 sssd.conf.5.xml:3207 sssd-ldap.5.xml:746 +#: sssd-ldap.5.xml:1700 sssd-ldap.5.xml:1719 sssd-ldap.5.xml:1919 +#: sssd-ldap.5.xml:2345 sssd-ldap.5.xml:2675 sssd-ipa.5.xml:151 #: sssd-ipa.5.xml:238 sssd-ipa.5.xml:574 sssd-krb5.5.xml:266 #: sssd-krb5.5.xml:300 sssd-krb5.5.xml:471 msgid "Default: false" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:2325 +#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:2383 #: sssd-systemtap.5.xml:82 sssd-systemtap.5.xml:143 sssd-systemtap.5.xml:210 #: sssd-systemtap.5.xml:248 sssd-systemtap.5.xml:304 msgid "<placeholder type=\"variablelist\" id=\"0\"/>" @@ -375,8 +375,8 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:169 sssd.conf.5.xml:1412 sssd.conf.5.xml:3156 -#: sssd-ldap.5.xml:1526 include/ldap_id_mapping.xml:264 +#: sssd.conf.5.xml:169 sssd.conf.5.xml:1413 sssd.conf.5.xml:3223 +#: sssd-ldap.5.xml:1571 include/ldap_id_mapping.xml:264 msgid "Default: 10" msgstr "" @@ -391,7 +391,7 @@ msgid "The [sssd] section" msgstr "De [sssd] sectie" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:191 sssd.conf.5.xml:3245 +#: sssd.conf.5.xml:191 sssd.conf.5.xml:3312 msgid "Section parameters" msgstr "Sectie parameters" @@ -475,7 +475,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:259 sssd.conf.5.xml:2754 +#: sssd.conf.5.xml:259 sssd.conf.5.xml:2755 msgid "re_expression (string)" msgstr "re_expression (tekst)" @@ -495,12 +495,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:276 sssd.conf.5.xml:2802 +#: sssd.conf.5.xml:276 sssd.conf.5.xml:2803 msgid "full_name_format (string)" msgstr "full_name_format (tekst)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:279 sssd.conf.5.xml:2805 +#: sssd.conf.5.xml:279 sssd.conf.5.xml:2806 msgid "" "A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" "manvolnum> </citerefentry>-compatible format that describes how to compose a " @@ -508,39 +508,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:290 sssd.conf.5.xml:2816 +#: sssd.conf.5.xml:290 sssd.conf.5.xml:2817 msgid "%1$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:291 sssd.conf.5.xml:2817 +#: sssd.conf.5.xml:291 sssd.conf.5.xml:2818 msgid "user name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:294 sssd.conf.5.xml:2820 +#: sssd.conf.5.xml:294 sssd.conf.5.xml:2821 msgid "%2$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:297 sssd.conf.5.xml:2823 +#: sssd.conf.5.xml:297 sssd.conf.5.xml:2824 msgid "domain name as specified in the SSSD config file." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:303 sssd.conf.5.xml:2829 +#: sssd.conf.5.xml:303 sssd.conf.5.xml:2830 msgid "%3$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:306 sssd.conf.5.xml:2832 +#: sssd.conf.5.xml:306 sssd.conf.5.xml:2833 msgid "" "domain flat name. Mostly usable for Active Directory domains, both directly " "configured or discovered via IPA trusts." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:287 sssd.conf.5.xml:2813 +#: sssd.conf.5.xml:287 sssd.conf.5.xml:2814 msgid "" "The following expansions are supported: <placeholder type=\"variablelist\" " "id=\"0\"/>" @@ -678,10 +678,10 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:418 sssd.conf.5.xml:1201 sssd-ldap.5.xml:679 -#: sssd-ldap.5.xml:1260 sssd-ldap.5.xml:1614 sssd-ldap.5.xml:1626 -#: sssd-ldap.5.xml:1708 sssd-ad.5.xml:712 sssd-ad.5.xml:787 sssd.8.xml:126 -#: sssd-krb5.5.xml:410 sssd-krb5.5.xml:556 sssd-secrets.5.xml:339 +#: sssd.conf.5.xml:418 sssd.conf.5.xml:1202 sssd-ldap.5.xml:717 +#: sssd-ldap.5.xml:1298 sssd-ldap.5.xml:1659 sssd-ldap.5.xml:1671 +#: sssd-ldap.5.xml:1763 sssd-ad.5.xml:731 sssd-ad.5.xml:806 sssd.8.xml:126 +#: sssd-krb5.5.xml:410 sssd-krb5.5.xml:590 sssd-secrets.5.xml:339 #: sssd-secrets.5.xml:377 sssd-secrets.5.xml:390 sssd-secrets.5.xml:404 #: sssd-secrets.5.xml:415 include/ldap_id_mapping.xml:205 #: include/ldap_id_mapping.xml:216 @@ -824,12 +824,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:533 sssd.conf.5.xml:1397 sssd.conf.5.xml:1703 +#: sssd.conf.5.xml:533 sssd.conf.5.xml:1398 sssd.conf.5.xml:1704 msgid "This man page was generated for the NSS version." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:536 sssd.conf.5.xml:1400 sssd.conf.5.xml:1706 +#: sssd.conf.5.xml:536 sssd.conf.5.xml:1401 sssd.conf.5.xml:1707 msgid "This man page was generated for the OpenSSL version." msgstr "" @@ -913,7 +913,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:624 sssd.conf.5.xml:1424 sssd.conf.5.xml:3206 +#: sssd.conf.5.xml:624 sssd.conf.5.xml:1425 sssd.conf.5.xml:3273 #: sssd-ad.5.xml:164 sssd-ad.5.xml:302 sssd-ad.5.xml:316 msgid "Default: Not set" msgstr "" @@ -989,8 +989,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:692 sssd.conf.5.xml:724 sssd.conf.5.xml:1006 -#: sssd.conf.5.xml:1267 sssd.conf.5.xml:1513 sssd-ldap.5.xml:1353 +#: sssd.conf.5.xml:692 sssd.conf.5.xml:724 sssd.conf.5.xml:1007 +#: sssd.conf.5.xml:1268 sssd.conf.5.xml:1514 sssd-ldap.5.xml:1391 msgid "Default: 60" msgstr "" @@ -1050,8 +1050,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:746 sssd.conf.5.xml:1019 sssd.conf.5.xml:1773 -#: sssd-ldap.5.xml:722 +#: sssd.conf.5.xml:746 sssd.conf.5.xml:1020 sssd.conf.5.xml:1774 +#: sssd-ldap.5.xml:760 msgid "Default: 300" msgstr "" @@ -1132,7 +1132,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:812 sssd.conf.5.xml:1602 +#: sssd.conf.5.xml:812 sssd.conf.5.xml:1603 msgid "Default: 50" msgstr "" @@ -1150,7 +1150,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:826 sssd.conf.5.xml:1626 +#: sssd.conf.5.xml:826 sssd.conf.5.xml:1627 msgid "Default: 15" msgstr "" @@ -1183,11 +1183,11 @@ msgid "" "Exclude certain users or groups from being fetched from the sss NSS " "database. This is particularly useful for system accounts. This option can " "also be set per-domain or include fully-qualified names to filter only users " -"from the particular domain." +"from the particular domain or by a user principal name (UPN)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:855 +#: sssd.conf.5.xml:856 msgid "" "NOTE: The filter_groups option doesn't affect inheritance of nested group " "members, since filtering happens after they are propagated for returning via " @@ -1196,41 +1196,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:863 +#: sssd.conf.5.xml:864 msgid "Default: root" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:868 +#: sssd.conf.5.xml:869 msgid "filter_users_in_groups (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:871 +#: sssd.conf.5.xml:872 msgid "" "If you want filtered user still be group members set this option to false." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:882 +#: sssd.conf.5.xml:883 msgid "fallback_homedir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:885 +#: sssd.conf.5.xml:886 msgid "" "Set a default template for a user's home directory if one is not specified " "explicitly by the domain's data provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:890 +#: sssd.conf.5.xml:891 msgid "" "The available values for this option are the same as for override_homedir." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:896 +#: sssd.conf.5.xml:897 #, no-wrap msgid "" "fallback_homedir = /home/%u\n" @@ -1238,23 +1238,23 @@ msgid "" msgstr "" #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:894 sssd.conf.5.xml:1334 sssd.conf.5.xml:1353 -#: sssd-krb5.5.xml:539 include/override_homedir.xml:59 +#: sssd.conf.5.xml:895 sssd.conf.5.xml:1335 sssd.conf.5.xml:1354 +#: sssd-krb5.5.xml:573 include/override_homedir.xml:59 msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:900 +#: sssd.conf.5.xml:901 msgid "Default: not set (no substitution for unset home directories)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:906 +#: sssd.conf.5.xml:907 msgid "override_shell (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:909 +#: sssd.conf.5.xml:910 msgid "" "Override the login shell for all users. This option supersedes any other " "shell options if it takes effect and can be set either in the [nss] section " @@ -1262,47 +1262,47 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:915 +#: sssd.conf.5.xml:916 msgid "Default: not set (SSSD will use the value retrieved from LDAP)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:921 +#: sssd.conf.5.xml:922 msgid "allowed_shells (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:924 +#: sssd.conf.5.xml:925 msgid "" "Restrict user shell to one of the listed values. The order of evaluation is:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:927 +#: sssd.conf.5.xml:928 msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:931 +#: sssd.conf.5.xml:932 msgid "" "2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</" "quote>, use the value of the shell_fallback parameter." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:936 +#: sssd.conf.5.xml:937 msgid "" "3. If the shell is not in the allowed_shells list and not in <quote>/etc/" "shells</quote>, a nologin shell is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:941 +#: sssd.conf.5.xml:942 msgid "The wildcard (*) can be used to allow any shell." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:944 +#: sssd.conf.5.xml:945 msgid "" "The (*) is useful if you want to use shell_fallback in case that user's " "shell is not in <quote>/etc/shells</quote> and maintaining list of all " @@ -1310,112 +1310,112 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:951 +#: sssd.conf.5.xml:952 msgid "An empty string for shell is passed as-is to libc." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:954 +#: sssd.conf.5.xml:955 msgid "" "The <quote>/etc/shells</quote> is only read on SSSD start up, which means " "that a restart of the SSSD is required in case a new shell is installed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:958 +#: sssd.conf.5.xml:959 msgid "Default: Not set. The user shell is automatically used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:963 +#: sssd.conf.5.xml:964 msgid "vetoed_shells (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:966 +#: sssd.conf.5.xml:967 msgid "Replace any instance of these shells with the shell_fallback" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:971 +#: sssd.conf.5.xml:972 msgid "shell_fallback (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:974 +#: sssd.conf.5.xml:975 msgid "" "The default shell to use if an allowed shell is not installed on the machine." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:978 +#: sssd.conf.5.xml:979 msgid "Default: /bin/sh" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:983 +#: sssd.conf.5.xml:984 msgid "default_shell" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:986 +#: sssd.conf.5.xml:987 msgid "" "The default shell to use if the provider does not return one during lookup. " "This option can be specified globally in the [nss] section or per-domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:992 +#: sssd.conf.5.xml:993 msgid "" "Default: not set (Return NULL if no shell is specified and rely on libc to " "substitute something sensible when necessary, usually /bin/sh)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:999 sssd.conf.5.xml:1260 +#: sssd.conf.5.xml:1000 sssd.conf.5.xml:1261 msgid "get_domains_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1002 sssd.conf.5.xml:1263 +#: sssd.conf.5.xml:1003 sssd.conf.5.xml:1264 msgid "" "Specifies time in seconds for which the list of subdomains will be " "considered valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1011 +#: sssd.conf.5.xml:1012 msgid "memcache_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1014 +#: sssd.conf.5.xml:1015 msgid "" "Specifies time in seconds for which records in the in-memory cache will be " "valid. Setting this option to zero will disable the in-memory cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1022 +#: sssd.conf.5.xml:1023 msgid "" "WARNING: Disabling the in-memory cache will have significant negative impact " "on SSSD's performance and should only be used for testing." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1028 +#: sssd.conf.5.xml:1029 msgid "" "NOTE: If the environment variable SSS_NSS_USE_MEMCACHE is set to \"NO\", " "client applications will not use the fast in-memory cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1036 sssd-ifp.5.xml:74 +#: sssd.conf.5.xml:1037 sssd-ifp.5.xml:74 msgid "user_attributes (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1039 +#: sssd.conf.5.xml:1040 msgid "" "Some of the additional NSS responder requests can return more attributes " "than just the POSIX ones defined by the NSS interface. The list of " @@ -1426,96 +1426,96 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1052 +#: sssd.conf.5.xml:1053 msgid "" "To make configuration more easy the NSS responder will check the InfoPipe " "option if it is not set for the NSS responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1057 +#: sssd.conf.5.xml:1058 msgid "Default: not set, fallback to InfoPipe option" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1062 +#: sssd.conf.5.xml:1063 msgid "pwfield (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1065 +#: sssd.conf.5.xml:1066 msgid "" "The value that NSS operations that return users or groups will return for " "the <quote>password</quote> field." msgstr "" #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:1070 include/override_homedir.xml:56 +#: sssd.conf.5.xml:1071 include/override_homedir.xml:56 msgid "This option can also be set per-domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1073 +#: sssd.conf.5.xml:1074 msgid "" "Default: <quote>*</quote> (remote domains) or <quote>x</quote> (the files " "domain)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1081 +#: sssd.conf.5.xml:1082 msgid "PAM configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1083 +#: sssd.conf.5.xml:1084 msgid "" "These options can be used to configure the Pluggable Authentication Module " "(PAM) service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1088 +#: sssd.conf.5.xml:1089 msgid "offline_credentials_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1091 +#: sssd.conf.5.xml:1092 msgid "" "If the authentication provider is offline, how long should we allow cached " "logins (in days since the last successful online login)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1096 sssd.conf.5.xml:1109 +#: sssd.conf.5.xml:1097 sssd.conf.5.xml:1110 msgid "Default: 0 (No limit)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1102 +#: sssd.conf.5.xml:1103 msgid "offline_failed_login_attempts (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1105 +#: sssd.conf.5.xml:1106 msgid "" "If the authentication provider is offline, how many failed login attempts " "are allowed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1115 +#: sssd.conf.5.xml:1116 msgid "offline_failed_login_delay (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1118 +#: sssd.conf.5.xml:1119 msgid "" "The time in minutes which has to pass after offline_failed_login_attempts " "has been reached before a new login attempt is possible." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1123 +#: sssd.conf.5.xml:1124 msgid "" "If set to 0 the user cannot authenticate offline if " "offline_failed_login_attempts has been reached. Only a successful online " @@ -1523,59 +1523,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1129 sssd.conf.5.xml:1227 +#: sssd.conf.5.xml:1130 sssd.conf.5.xml:1228 msgid "Default: 5" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1135 +#: sssd.conf.5.xml:1136 msgid "pam_verbosity (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1138 +#: sssd.conf.5.xml:1139 msgid "" "Controls what kind of messages are shown to the user during authentication. " "The higher the number to more messages are displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1143 +#: sssd.conf.5.xml:1144 msgid "Currently sssd supports the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1146 +#: sssd.conf.5.xml:1147 msgid "<emphasis>0</emphasis>: do not show any message" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1149 +#: sssd.conf.5.xml:1150 msgid "<emphasis>1</emphasis>: show only important messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1153 +#: sssd.conf.5.xml:1154 msgid "<emphasis>2</emphasis>: show informational messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1156 +#: sssd.conf.5.xml:1157 msgid "<emphasis>3</emphasis>: show all messages and debug information" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1160 sssd.8.xml:63 +#: sssd.conf.5.xml:1161 sssd.8.xml:63 msgid "Default: 1" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1166 +#: sssd.conf.5.xml:1167 msgid "pam_response_filter (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1169 +#: sssd.conf.5.xml:1170 msgid "" "A comma separated list of strings which allows to remove (filter) data sent " "by the PAM responder to pam_sss PAM module. There are different kind of " @@ -1584,61 +1584,61 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1177 +#: sssd.conf.5.xml:1178 msgid "" "While messages already can be controlled with the help of the pam_verbosity " "option this option allows to filter out other kind of responses as well." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1184 +#: sssd.conf.5.xml:1185 msgid "ENV" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1185 +#: sssd.conf.5.xml:1186 msgid "Do not send any environment variables to any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1188 +#: sssd.conf.5.xml:1189 msgid "ENV:var_name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1189 +#: sssd.conf.5.xml:1190 msgid "Do not send environment variable var_name to any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1193 +#: sssd.conf.5.xml:1194 msgid "ENV:var_name:service" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1194 +#: sssd.conf.5.xml:1195 msgid "Do not send environment variable var_name to service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1182 +#: sssd.conf.5.xml:1183 msgid "" "Currently the following filters are supported: <placeholder type=" "\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1204 +#: sssd.conf.5.xml:1205 msgid "Example: ENV:KRB5CCNAME:sudo-i" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1210 +#: sssd.conf.5.xml:1211 msgid "pam_id_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1213 +#: sssd.conf.5.xml:1214 msgid "" "For any PAM request while SSSD is online, the SSSD will attempt to " "immediately update the cached identity information for the user in order to " @@ -1646,7 +1646,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1219 +#: sssd.conf.5.xml:1220 msgid "" "A complete PAM conversation may perform multiple PAM requests, such as " "account management and session opening. This option controls (on a per-" @@ -1655,17 +1655,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1233 +#: sssd.conf.5.xml:1234 msgid "pam_pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1236 sssd.conf.5.xml:2235 +#: sssd.conf.5.xml:1237 sssd.conf.5.xml:2236 msgid "Display a warning N days before the password expires." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1239 +#: sssd.conf.5.xml:1240 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -1673,31 +1673,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1245 sssd.conf.5.xml:2238 +#: sssd.conf.5.xml:1246 sssd.conf.5.xml:2239 msgid "" "If zero is set, then this filter is not applied, i.e. if the expiration " "warning was received from backend server, it will automatically be displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1250 +#: sssd.conf.5.xml:1251 msgid "" "This setting can be overridden by setting <emphasis>pwd_expiration_warning</" "emphasis> for a particular domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1255 sssd.conf.5.xml:3061 sssd.8.xml:79 +#: sssd.conf.5.xml:1256 sssd.conf.5.xml:3069 sssd.8.xml:79 msgid "Default: 0" msgstr "Standaard: 0" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1272 +#: sssd.conf.5.xml:1273 msgid "pam_trusted_users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1275 +#: sssd.conf.5.xml:1276 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to run PAM conversations against trusted domains. Users not " @@ -1707,75 +1707,75 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1285 +#: sssd.conf.5.xml:1286 msgid "Default: All users are considered trusted by default" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1289 +#: sssd.conf.5.xml:1290 msgid "" "Please note that UID 0 is always allowed to access the PAM responder even in " "case it is not in the pam_trusted_users list." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1296 +#: sssd.conf.5.xml:1297 msgid "pam_public_domains (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1299 +#: sssd.conf.5.xml:1300 msgid "" "Specifies the comma-separated list of domain names that are accessible even " "to untrusted users." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1303 +#: sssd.conf.5.xml:1304 msgid "Two special values for pam_public_domains option are defined:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1307 +#: sssd.conf.5.xml:1308 msgid "" "all (Untrusted users are allowed to access all domains in PAM responder.)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1311 +#: sssd.conf.5.xml:1312 msgid "" "none (Untrusted users are not allowed to access any domains PAM in " "responder.)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1315 sssd.conf.5.xml:1340 sssd.conf.5.xml:1359 -#: sssd.conf.5.xml:1546 sssd.conf.5.xml:2032 sssd.conf.5.xml:2997 -#: sssd-ldap.5.xml:1920 +#: sssd.conf.5.xml:1316 sssd.conf.5.xml:1341 sssd.conf.5.xml:1360 +#: sssd.conf.5.xml:1547 sssd.conf.5.xml:2033 sssd.conf.5.xml:2998 +#: sssd-ldap.5.xml:1978 msgid "Default: none" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1320 +#: sssd.conf.5.xml:1321 msgid "pam_account_expired_message (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1323 +#: sssd.conf.5.xml:1324 msgid "" "Allows a custom expiration message to be set, replacing the default " "'Permission denied' message." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1328 +#: sssd.conf.5.xml:1329 msgid "" "Note: Please be aware that message is only printed for the SSH service " "unless pam_verbosity is set to 3 (show all messages and debug information)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1336 +#: sssd.conf.5.xml:1337 #, no-wrap msgid "" "pam_account_expired_message = Account expired, please contact help desk.\n" @@ -1783,19 +1783,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1345 +#: sssd.conf.5.xml:1346 msgid "pam_account_locked_message (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1348 +#: sssd.conf.5.xml:1349 msgid "" "Allows a custom lockout message to be set, replacing the default 'Permission " "denied' message." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1355 +#: sssd.conf.5.xml:1356 #, no-wrap msgid "" "pam_account_locked_message = Account locked, please contact help desk.\n" @@ -1803,12 +1803,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1364 +#: sssd.conf.5.xml:1365 msgid "pam_cert_auth (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1367 +#: sssd.conf.5.xml:1368 msgid "" "Enable certificate based Smartcard authentication. Since this requires " "additional communication with the Smartcard which will delay the " @@ -1816,77 +1816,77 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1373 sssd.conf.5.xml:3090 sssd-ldap.5.xml:1455 -#: sssd-ldap.5.xml:1476 sssd-ldap.5.xml:1993 sssd-ad.5.xml:435 +#: sssd.conf.5.xml:1374 sssd-ldap.5.xml:1493 sssd-ldap.5.xml:1514 +#: sssd-ldap.5.xml:2051 sssd-ad.5.xml:435 sssd-ad.5.xml:453 #: include/ldap_id_mapping.xml:244 msgid "Default: False" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1378 +#: sssd.conf.5.xml:1379 msgid "pam_cert_db_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1381 +#: sssd.conf.5.xml:1382 msgid "" "The path to the certificate database which contain the PKCS#11 modules to " "access the Smartcard." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1385 sssd.conf.5.xml:1691 sssd.conf.5.xml:3441 +#: sssd.conf.5.xml:1386 sssd.conf.5.xml:1692 sssd.conf.5.xml:3509 msgid "Default:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1387 sssd.conf.5.xml:1693 +#: sssd.conf.5.xml:1388 sssd.conf.5.xml:1694 msgid "/etc/pki/nssdb (NSS version, path to a NSS database)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1390 sssd.conf.5.xml:1696 +#: sssd.conf.5.xml:1391 sssd.conf.5.xml:1697 msgid "" "/etc/sssd/pki/sssd_auth_ca_db.pem (OpenSSL version, path to a file with " "trusted CA certificates in PEM format)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1405 +#: sssd.conf.5.xml:1406 msgid "p11_child_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1408 +#: sssd.conf.5.xml:1409 msgid "How many seconds will pam_sss wait for p11_child to finish." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1417 +#: sssd.conf.5.xml:1418 msgid "pam_app_services (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1420 +#: sssd.conf.5.xml:1421 msgid "" "Which PAM services are permitted to contact domains of type " "<quote>application</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1429 +#: sssd.conf.5.xml:1430 msgid "pam_p11_allowed_services (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1432 +#: sssd.conf.5.xml:1433 msgid "" "A comma-separated list of PAM service names for which it will be allowed to " "use Smartcards." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1447 +#: sssd.conf.5.xml:1448 #, no-wrap msgid "" "pam_p11_allowed_services = +my_pam_service, -login\n" @@ -1894,7 +1894,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1436 +#: sssd.conf.5.xml:1437 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -1906,65 +1906,63 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1451 sssd-ad.5.xml:485 sssd-ad.5.xml:581 sssd-ad.5.xml:627 -#: sssd-ad.5.xml:673 sssd-ad.5.xml:739 +#: sssd.conf.5.xml:1452 sssd-ad.5.xml:504 sssd-ad.5.xml:600 sssd-ad.5.xml:646 +#: sssd-ad.5.xml:692 sssd-ad.5.xml:758 msgid "Default: the default set of PAM service names includes:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1456 sssd-ad.5.xml:489 +#: sssd.conf.5.xml:1457 sssd-ad.5.xml:508 msgid "login" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1461 sssd-ad.5.xml:494 +#: sssd.conf.5.xml:1462 sssd-ad.5.xml:513 msgid "su" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1466 sssd-ad.5.xml:499 +#: sssd.conf.5.xml:1467 sssd-ad.5.xml:518 msgid "su-l" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1471 sssd-ad.5.xml:514 +#: sssd.conf.5.xml:1472 sssd-ad.5.xml:533 msgid "gdm-smartcard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1476 sssd-ad.5.xml:509 +#: sssd.conf.5.xml:1477 sssd-ad.5.xml:528 msgid "gdm-password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1481 sssd-ad.5.xml:519 +#: sssd.conf.5.xml:1482 sssd-ad.5.xml:538 msgid "kdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1486 sssd-ad.5.xml:748 +#: sssd.conf.5.xml:1487 sssd-ad.5.xml:767 msgid "sudo" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1491 sssd-ad.5.xml:753 +#: sssd.conf.5.xml:1492 sssd-ad.5.xml:772 msgid "sudo-i" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1496 +#: sssd.conf.5.xml:1497 msgid "gnome-screensaver" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1504 -#, fuzzy -#| msgid "enum_cache_timeout (integer)" +#: sssd.conf.5.xml:1505 msgid "p11_wait_for_card_timeout (integer)" -msgstr "enum_cache_timeout (numeriek)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1507 +#: sssd.conf.5.xml:1508 msgid "" "If Smartcard authentication is required how many extra seconds in addition " "to p11_child_timeout should the PAM responder wait until a Smartcard is " @@ -1972,25 +1970,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1518 -#, fuzzy -#| msgid "re_expression (string)" +#: sssd.conf.5.xml:1519 msgid "p11_uri (string)" -msgstr "re_expression (tekst)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1521 +#: sssd.conf.5.xml:1522 msgid "" "PKCS#11 URI (see RFC-7512 for details) which can be used to restrict the " "selection of devices used for Smartcard authentication. By default SSSD's " "p11_child will search for a PKCS#11 slot (reader) where the 'removable' " "flags is set and read the certificates from the inserted token from the " -"first slot found. If multiple readers are connected p11_uri can be use to " +"first slot found. If multiple readers are connected p11_uri can be used to " "tell p11_child to use a specific reader." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1534 +#: sssd.conf.5.xml:1535 #, no-wrap msgid "" "p11_uri = slot-description=My%20Smartcar%20Reader\n" @@ -1998,7 +1994,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1538 +#: sssd.conf.5.xml:1539 #, no-wrap msgid "" "p11_uri = library-description=OpenSC%20smartcard%20framework;slot-id=2\n" @@ -2006,7 +2002,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1532 +#: sssd.conf.5.xml:1533 msgid "" "Example: <placeholder type=\"programlisting\" id=\"0\"/> or <placeholder " "type=\"programlisting\" id=\"1\"/> To find suitable URI please check the " @@ -2015,12 +2011,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1554 +#: sssd.conf.5.xml:1555 msgid "SUDO configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1556 +#: sssd.conf.5.xml:1557 msgid "" "These options can be used to configure the sudo service. The detailed " "instructions for configuration of <citerefentry> <refentrytitle>sudo</" @@ -2031,24 +2027,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1573 +#: sssd.conf.5.xml:1574 msgid "sudo_timed (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1576 +#: sssd.conf.5.xml:1577 msgid "" "Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " "that implement time-dependent sudoers entries." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1588 +#: sssd.conf.5.xml:1589 msgid "sudo_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1591 +#: sssd.conf.5.xml:1592 msgid "" "Maximum number of expired rules that can be refreshed at once. If number of " "expired rules is below threshold, those rules are refreshed with " @@ -2058,22 +2054,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1610 +#: sssd.conf.5.xml:1611 msgid "AUTOFS configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1612 +#: sssd.conf.5.xml:1613 msgid "These options can be used to configure the autofs service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1616 +#: sssd.conf.5.xml:1617 msgid "autofs_negative_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1619 +#: sssd.conf.5.xml:1620 msgid "" "Specifies for how many seconds should the autofs responder negative cache " "hits (that is, queries for invalid map entries, like nonexistent ones) " @@ -2081,51 +2077,51 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1635 +#: sssd.conf.5.xml:1636 msgid "SSH configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1637 +#: sssd.conf.5.xml:1638 msgid "These options can be used to configure the SSH service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1641 +#: sssd.conf.5.xml:1642 msgid "ssh_hash_known_hosts (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1644 +#: sssd.conf.5.xml:1645 msgid "" "Whether or not to hash host names and addresses in the managed known_hosts " "file." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1653 +#: sssd.conf.5.xml:1654 msgid "ssh_known_hosts_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1656 +#: sssd.conf.5.xml:1657 msgid "" "How many seconds to keep a host in the managed known_hosts file after its " "host keys were requested." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1660 +#: sssd.conf.5.xml:1661 msgid "Default: 180" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1665 +#: sssd.conf.5.xml:1666 msgid "ssh_use_certificate_keys (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1668 +#: sssd.conf.5.xml:1669 msgid "" "If set to true the <command>sss_ssh_authorizedkeys</command> will return ssh " "keys derived from the public key of X.509 certificates stored in the user " @@ -2134,24 +2130,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1683 +#: sssd.conf.5.xml:1684 msgid "ca_db (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1686 +#: sssd.conf.5.xml:1687 msgid "" "Path to a storage of trusted CA certificates. The option is used to validate " "user certificates before deriving public ssh keys from them." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1714 +#: sssd.conf.5.xml:1715 msgid "PAC responder configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1716 +#: sssd.conf.5.xml:1717 msgid "" "The PAC responder works together with the authorization data plugin for MIT " "Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the " @@ -2162,7 +2158,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1725 +#: sssd.conf.5.xml:1726 msgid "" "If the remote user does not exist in the cache, it is created. The UID is " "determined with the help of the SID, trusted domains will have UPGs and the " @@ -2173,24 +2169,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1733 +#: sssd.conf.5.xml:1734 msgid "" "If there are SIDs of groups from domains sssd knows about, the user will be " "added to those groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1739 +#: sssd.conf.5.xml:1740 msgid "These options can be used to configure the PAC responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1743 sssd-ifp.5.xml:50 +#: sssd.conf.5.xml:1744 sssd-ifp.5.xml:50 msgid "allowed_uids (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1746 +#: sssd.conf.5.xml:1747 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to access the PAC responder. User names are resolved to UIDs at " @@ -2198,12 +2194,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1752 +#: sssd.conf.5.xml:1753 msgid "Default: 0 (only the root user is allowed to access the PAC responder)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1756 +#: sssd.conf.5.xml:1757 msgid "" "Please note that although the UID 0 is used as the default it will be " "overwritten with this option. If you still want to allow the root user to " @@ -2212,24 +2208,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1765 +#: sssd.conf.5.xml:1766 msgid "pac_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1768 +#: sssd.conf.5.xml:1769 msgid "" "Lifetime of the PAC entry in seconds. As long as the PAC is valid the PAC " "data can be used to determine the group memberships of a user." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1781 +#: sssd.conf.5.xml:1782 msgid "Session recording configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1783 +#: sssd.conf.5.xml:1784 msgid "" "Session recording works in conjunction with <citerefentry> " "<refentrytitle>tlog-rec-session</refentrytitle> <manvolnum>8</manvolnum> </" @@ -2239,66 +2235,66 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1796 +#: sssd.conf.5.xml:1797 msgid "These options can be used to configure session recording." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1800 sssd-session-recording.5.xml:64 +#: sssd.conf.5.xml:1801 sssd-session-recording.5.xml:64 msgid "scope (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1807 sssd-session-recording.5.xml:71 +#: sssd.conf.5.xml:1808 sssd-session-recording.5.xml:71 msgid "\"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1810 sssd-session-recording.5.xml:74 +#: sssd.conf.5.xml:1811 sssd-session-recording.5.xml:74 msgid "No users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1815 sssd-session-recording.5.xml:79 +#: sssd.conf.5.xml:1816 sssd-session-recording.5.xml:79 msgid "\"some\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1818 sssd-session-recording.5.xml:82 +#: sssd.conf.5.xml:1819 sssd-session-recording.5.xml:82 msgid "" "Users/groups specified by <replaceable>users</replaceable> and " "<replaceable>groups</replaceable> options are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1827 sssd-session-recording.5.xml:91 +#: sssd.conf.5.xml:1828 sssd-session-recording.5.xml:91 msgid "\"all\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1830 sssd-session-recording.5.xml:94 +#: sssd.conf.5.xml:1831 sssd-session-recording.5.xml:94 msgid "All users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1803 sssd-session-recording.5.xml:67 +#: sssd.conf.5.xml:1804 sssd-session-recording.5.xml:67 msgid "" "One of the following strings specifying the scope of session recording: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1837 sssd-session-recording.5.xml:101 +#: sssd.conf.5.xml:1838 sssd-session-recording.5.xml:101 msgid "Default: \"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1842 sssd-session-recording.5.xml:106 +#: sssd.conf.5.xml:1843 sssd-session-recording.5.xml:106 msgid "users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1845 sssd-session-recording.5.xml:109 +#: sssd.conf.5.xml:1846 sssd-session-recording.5.xml:109 msgid "" "A comma-separated list of users which should have session recording enabled. " "Matches user names as returned by NSS. I.e. after the possible space " @@ -2306,17 +2302,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1851 sssd-session-recording.5.xml:115 +#: sssd.conf.5.xml:1852 sssd-session-recording.5.xml:115 msgid "Default: Empty. Matches no users." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1856 sssd-session-recording.5.xml:120 +#: sssd.conf.5.xml:1857 sssd-session-recording.5.xml:120 msgid "groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1859 sssd-session-recording.5.xml:123 +#: sssd.conf.5.xml:1860 sssd-session-recording.5.xml:123 msgid "" "A comma-separated list of groups, members of which should have session " "recording enabled. Matches group names as returned by NSS. I.e. after the " @@ -2324,7 +2320,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1865 sssd-session-recording.5.xml:129 +#: sssd.conf.5.xml:1866 sssd-session-recording.5.xml:129 msgid "" "NOTE: using this option (having it set to anything) has a considerable " "performance cost, because each uncached request for a user requires " @@ -2332,22 +2328,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1872 sssd-session-recording.5.xml:136 +#: sssd.conf.5.xml:1873 sssd-session-recording.5.xml:136 msgid "Default: Empty. Matches no groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1882 +#: sssd.conf.5.xml:1883 msgid "DOMAIN SECTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1889 +#: sssd.conf.5.xml:1890 msgid "domain_type (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1892 +#: sssd.conf.5.xml:1893 msgid "" "Specifies whether the domain is meant to be used by POSIX-aware clients such " "as the Name Service Switch or by applications that do not need POSIX data to " @@ -2356,14 +2352,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1900 +#: sssd.conf.5.xml:1901 msgid "" "Allowed values for this option are <quote>posix</quote> and " "<quote>application</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1904 +#: sssd.conf.5.xml:1905 msgid "" "POSIX domains are reachable by all services. Application domains are only " "reachable from the InfoPipe responder (see <citerefentry> " @@ -2372,38 +2368,38 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1912 +#: sssd.conf.5.xml:1913 msgid "" "NOTE: The application domains are currently well tested with " "<quote>id_provider=ldap</quote> only." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1916 +#: sssd.conf.5.xml:1917 msgid "" "For an easy way to configure a non-POSIX domains, please see the " "<quote>Application domains</quote> section." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1920 +#: sssd.conf.5.xml:1921 msgid "Default: posix" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1926 +#: sssd.conf.5.xml:1927 msgid "min_id,max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1929 +#: sssd.conf.5.xml:1930 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1934 +#: sssd.conf.5.xml:1935 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For non-" @@ -2412,24 +2408,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1941 +#: sssd.conf.5.xml:1942 msgid "" "These ID limits affect even saving entries to cache, not only returning them " "by name or ID." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1945 +#: sssd.conf.5.xml:1946 msgid "Default: 1 for min_id, 0 (no limit) for max_id" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1951 +#: sssd.conf.5.xml:1952 msgid "enumerate (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1954 +#: sssd.conf.5.xml:1955 msgid "" "Determines if a domain can be enumerated, that is, whether the domain can " "list all the users and group it contains. Note that it is not required to " @@ -2438,29 +2434,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1962 +#: sssd.conf.5.xml:1963 msgid "TRUE = Users and groups are enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1965 +#: sssd.conf.5.xml:1966 msgid "FALSE = No enumerations for this domain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1968 sssd.conf.5.xml:2190 sssd.conf.5.xml:2365 +#: sssd.conf.5.xml:1969 sssd.conf.5.xml:2191 sssd.conf.5.xml:2366 msgid "Default: FALSE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1971 +#: sssd.conf.5.xml:1972 msgid "" "Enumerating a domain requires SSSD to download and store ALL user and group " "entries from the remote server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1976 +#: sssd.conf.5.xml:1977 msgid "" "Note: Enabling enumeration has a moderate performance impact on SSSD while " "enumeration is running. It may take up to several minutes after SSSD startup " @@ -2474,14 +2470,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1991 +#: sssd.conf.5.xml:1992 msgid "" "While the first enumeration is running, requests for the complete user or " "group lists may return no results until it completes." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1996 +#: sssd.conf.5.xml:1997 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " @@ -2490,39 +2486,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2004 +#: sssd.conf.5.xml:2005 msgid "" "For the reasons cited above, enabling enumeration is not recommended, " "especially in large environments." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2012 +#: sssd.conf.5.xml:2013 msgid "subdomain_enumerate (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2019 +#: sssd.conf.5.xml:2020 msgid "all" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2020 +#: sssd.conf.5.xml:2021 msgid "All discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2023 +#: sssd.conf.5.xml:2024 msgid "none" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2024 +#: sssd.conf.5.xml:2025 msgid "No discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2015 +#: sssd.conf.5.xml:2016 msgid "" "Whether any of autodetected trusted domains should be enumerated. The " "supported values are: <placeholder type=\"variablelist\" id=\"0\"/> " @@ -2531,19 +2527,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2038 +#: sssd.conf.5.xml:2039 msgid "entry_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2041 +#: sssd.conf.5.xml:2042 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2045 +#: sssd.conf.5.xml:2046 msgid "" "The cache expiration timestamps are stored as attributes of individual " "objects in the cache. Therefore, changing the cache timeout only has effect " @@ -2554,151 +2550,151 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2058 +#: sssd.conf.5.xml:2059 msgid "Default: 5400" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2064 +#: sssd.conf.5.xml:2065 msgid "entry_cache_user_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2067 +#: sssd.conf.5.xml:2068 msgid "" "How many seconds should nss_sss consider user entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2071 sssd.conf.5.xml:2084 sssd.conf.5.xml:2097 -#: sssd.conf.5.xml:2110 sssd.conf.5.xml:2123 sssd.conf.5.xml:2137 -#: sssd.conf.5.xml:2151 +#: sssd.conf.5.xml:2072 sssd.conf.5.xml:2085 sssd.conf.5.xml:2098 +#: sssd.conf.5.xml:2111 sssd.conf.5.xml:2124 sssd.conf.5.xml:2138 +#: sssd.conf.5.xml:2152 msgid "Default: entry_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2077 +#: sssd.conf.5.xml:2078 msgid "entry_cache_group_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2080 +#: sssd.conf.5.xml:2081 msgid "" "How many seconds should nss_sss consider group entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2090 +#: sssd.conf.5.xml:2091 msgid "entry_cache_netgroup_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2093 +#: sssd.conf.5.xml:2094 msgid "" "How many seconds should nss_sss consider netgroup entries valid before " "asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2103 +#: sssd.conf.5.xml:2104 msgid "entry_cache_service_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2106 +#: sssd.conf.5.xml:2107 msgid "" "How many seconds should nss_sss consider service entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2116 +#: sssd.conf.5.xml:2117 msgid "entry_cache_sudo_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2119 +#: sssd.conf.5.xml:2120 msgid "" "How many seconds should sudo consider rules valid before asking the backend " "again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2129 +#: sssd.conf.5.xml:2130 msgid "entry_cache_autofs_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2132 +#: sssd.conf.5.xml:2133 msgid "" "How many seconds should the autofs service consider automounter maps valid " "before asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2143 +#: sssd.conf.5.xml:2144 msgid "entry_cache_ssh_host_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2146 +#: sssd.conf.5.xml:2147 msgid "" "How many seconds to keep a host ssh key after refresh. IE how long to cache " "the host key for." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2157 +#: sssd.conf.5.xml:2158 msgid "refresh_expired_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2160 +#: sssd.conf.5.xml:2161 msgid "" "Specifies how many seconds SSSD has to wait before triggering a background " "refresh task which will refresh all expired or nearly expired records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2165 +#: sssd.conf.5.xml:2166 msgid "" "The background refresh will process users, groups and netgroups in the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2169 +#: sssd.conf.5.xml:2170 msgid "You can consider setting this value to 3/4 * entry_cache_timeout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2173 sssd-ldap.5.xml:746 sssd-ipa.5.xml:254 +#: sssd.conf.5.xml:2174 sssd-ldap.5.xml:784 sssd-ipa.5.xml:254 msgid "Default: 0 (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2179 +#: sssd.conf.5.xml:2180 msgid "cache_credentials (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2182 +#: sssd.conf.5.xml:2183 msgid "Determines if user credentials are also cached in the local LDB cache" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2186 +#: sssd.conf.5.xml:2187 msgid "User credentials are stored in a SHA512 hash, not in plaintext" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2196 +#: sssd.conf.5.xml:2197 msgid "cache_credentials_minimal_first_factor_length (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2199 +#: sssd.conf.5.xml:2200 msgid "" "If 2-Factor-Authentication (2FA) is used and credentials should be saved " "this value determines the minimal length the first authentication factor " @@ -2706,24 +2702,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2206 +#: sssd.conf.5.xml:2207 msgid "" "This should avoid that the short PINs of a PIN based 2FA scheme are saved in " "the cache which would make them easy targets for brute-force attacks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2211 +#: sssd.conf.5.xml:2212 msgid "Default: 8" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2217 +#: sssd.conf.5.xml:2218 msgid "account_cache_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2220 +#: sssd.conf.5.xml:2221 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " @@ -2732,17 +2728,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2227 +#: sssd.conf.5.xml:2228 msgid "Default: 0 (unlimited)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2232 +#: sssd.conf.5.xml:2233 msgid "pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2243 +#: sssd.conf.5.xml:2244 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -2751,34 +2747,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2250 +#: sssd.conf.5.xml:2251 msgid "Default: 7 (Kerberos), 0 (LDAP)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2256 +#: sssd.conf.5.xml:2257 msgid "id_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2259 +#: sssd.conf.5.xml:2260 msgid "" "The identification provider used for the domain. Supported ID providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2263 +#: sssd.conf.5.xml:2264 msgid "<quote>proxy</quote>: Support a legacy NSS provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2266 +#: sssd.conf.5.xml:2267 msgid "" "<quote>local</quote>: SSSD internal provider for local users (DEPRECATED)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2270 +#: sssd.conf.5.xml:2271 msgid "" "<quote>files</quote>: FILES provider. See <citerefentry> <refentrytitle>sssd-" "files</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -2786,7 +2782,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2278 +#: sssd.conf.5.xml:2279 msgid "" "<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -2794,8 +2790,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2286 sssd.conf.5.xml:2391 sssd.conf.5.xml:2446 -#: sssd.conf.5.xml:2509 +#: sssd.conf.5.xml:2287 sssd.conf.5.xml:2392 sssd.conf.5.xml:2447 +#: sssd.conf.5.xml:2510 msgid "" "<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management " "provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " @@ -2804,8 +2800,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2295 sssd.conf.5.xml:2400 sssd.conf.5.xml:2455 -#: sssd.conf.5.xml:2518 +#: sssd.conf.5.xml:2296 sssd.conf.5.xml:2401 sssd.conf.5.xml:2456 +#: sssd.conf.5.xml:2519 msgid "" "<quote>ad</quote>: Active Directory provider. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2813,19 +2809,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2306 +#: sssd.conf.5.xml:2307 msgid "use_fully_qualified_names (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2309 +#: sssd.conf.5.xml:2310 msgid "" "Use the full name and domain (as formatted by the domain's full_name_format) " "as the user's login name reported to NSS." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2314 +#: sssd.conf.5.xml:2315 msgid "" "If set to TRUE, all requests to this domain must use fully qualified names. " "For example, if used in LOCAL domain that contains a \"test\" user, " @@ -2834,7 +2830,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2322 +#: sssd.conf.5.xml:2323 msgid "" "NOTE: This option has no effect on netgroup lookups due to their tendency to " "include nested netgroups without qualified names. For netgroups, all domains " @@ -2842,22 +2838,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2329 +#: sssd.conf.5.xml:2330 msgid "Default: FALSE (TRUE if default_domain_suffix is used)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2335 +#: sssd.conf.5.xml:2336 msgid "ignore_group_members (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2338 +#: sssd.conf.5.xml:2339 msgid "Do not return group members for group lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2341 +#: sssd.conf.5.xml:2342 msgid "" "If set to TRUE, the group membership attribute is not requested from the " "ldap server, and group members are not returned when processing group lookup " @@ -2869,7 +2865,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2359 +#: sssd.conf.5.xml:2360 msgid "" "Enabling this option can also make access provider checks for group " "membership significantly faster, especially for groups containing many " @@ -2877,19 +2873,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2370 +#: sssd.conf.5.xml:2371 msgid "auth_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2373 +#: sssd.conf.5.xml:2374 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2377 sssd.conf.5.xml:2439 +#: sssd.conf.5.xml:2378 sssd.conf.5.xml:2440 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2897,7 +2893,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2384 +#: sssd.conf.5.xml:2385 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2905,35 +2901,35 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2408 +#: sssd.conf.5.xml:2409 msgid "" "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2411 +#: sssd.conf.5.xml:2412 msgid "<quote>local</quote>: SSSD internal provider for local users" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2415 +#: sssd.conf.5.xml:2416 msgid "<quote>none</quote> disables authentication explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2418 +#: sssd.conf.5.xml:2419 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2424 +#: sssd.conf.5.xml:2425 msgid "access_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2427 +#: sssd.conf.5.xml:2428 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " @@ -2941,19 +2937,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2433 +#: sssd.conf.5.xml:2434 msgid "" "<quote>permit</quote> always allow access. It's the only permitted access " "provider for a local domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2436 +#: sssd.conf.5.xml:2437 msgid "<quote>deny</quote> always deny access." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2463 +#: sssd.conf.5.xml:2464 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" @@ -2962,7 +2958,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2470 +#: sssd.conf.5.xml:2471 msgid "" "<quote>krb5</quote>: .k5login based access control. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum></" @@ -2970,29 +2966,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2477 +#: sssd.conf.5.xml:2478 msgid "<quote>proxy</quote> for relaying access control to another PAM module." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2480 +#: sssd.conf.5.xml:2481 msgid "Default: <quote>permit</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2485 +#: sssd.conf.5.xml:2486 msgid "chpass_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2488 +#: sssd.conf.5.xml:2489 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2493 +#: sssd.conf.5.xml:2494 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -3000,7 +2996,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2501 +#: sssd.conf.5.xml:2502 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3008,35 +3004,35 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2526 +#: sssd.conf.5.xml:2527 msgid "" "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2530 +#: sssd.conf.5.xml:2531 msgid "<quote>none</quote> disallows password changes explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2533 +#: sssd.conf.5.xml:2534 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2540 +#: sssd.conf.5.xml:2541 msgid "sudo_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2543 +#: sssd.conf.5.xml:2544 msgid "The SUDO provider used for the domain. Supported SUDO providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2547 +#: sssd.conf.5.xml:2548 msgid "" "<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3044,32 +3040,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2555 +#: sssd.conf.5.xml:2556 msgid "" "<quote>ipa</quote> the same as <quote>ldap</quote> but with IPA default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2559 +#: sssd.conf.5.xml:2560 msgid "" "<quote>ad</quote> the same as <quote>ldap</quote> but with AD default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2563 +#: sssd.conf.5.xml:2564 msgid "<quote>none</quote> disables SUDO explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2566 sssd.conf.5.xml:2652 sssd.conf.5.xml:2722 -#: sssd.conf.5.xml:2747 +#: sssd.conf.5.xml:2567 sssd.conf.5.xml:2653 sssd.conf.5.xml:2723 +#: sssd.conf.5.xml:2748 msgid "Default: The value of <quote>id_provider</quote> is used if it is set." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2570 +#: sssd.conf.5.xml:2571 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -3080,7 +3076,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2585 +#: sssd.conf.5.xml:2586 msgid "" "<emphasis>NOTE:</emphasis> Sudo rules are periodically downloaded in the " "background unless the sudo provider is explicitly disabled. Set " @@ -3089,12 +3085,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2595 +#: sssd.conf.5.xml:2596 msgid "selinux_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2598 +#: sssd.conf.5.xml:2599 msgid "" "The provider which should handle loading of selinux settings. Note that this " "provider will be called right after access provider ends. Supported selinux " @@ -3102,7 +3098,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2604 +#: sssd.conf.5.xml:2605 msgid "" "<quote>ipa</quote> to load selinux settings from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3110,31 +3106,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2612 +#: sssd.conf.5.xml:2613 msgid "<quote>none</quote> disallows fetching selinux settings explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2615 +#: sssd.conf.5.xml:2616 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "selinux loading requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2621 +#: sssd.conf.5.xml:2622 msgid "subdomains_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2624 +#: sssd.conf.5.xml:2625 msgid "" "The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider. Supported subdomain providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2630 +#: sssd.conf.5.xml:2631 msgid "" "<quote>ipa</quote> to load a list of subdomains from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3142,7 +3138,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2639 +#: sssd.conf.5.xml:2640 msgid "" "<quote>ad</quote> to load a list of subdomains from an Active Directory " "server. See <citerefentry> <refentrytitle>sssd-ad</refentrytitle> " @@ -3151,17 +3147,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2648 +#: sssd.conf.5.xml:2649 msgid "<quote>none</quote> disallows fetching subdomains explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2658 +#: sssd.conf.5.xml:2659 msgid "session_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2661 +#: sssd.conf.5.xml:2662 msgid "" "The provider which configures and manages user session related tasks. The " "only user session task currently provided is the integration with Fleet " @@ -3169,43 +3165,43 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2668 +#: sssd.conf.5.xml:2669 msgid "<quote>ipa</quote> to allow performing user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2672 +#: sssd.conf.5.xml:2673 msgid "" "<quote>none</quote> does not perform any kind of user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2676 +#: sssd.conf.5.xml:2677 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can perform " "session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2680 +#: sssd.conf.5.xml:2681 msgid "" "<emphasis>NOTE:</emphasis> In order to have this feature working as expected " "SSSD must be running as \"root\" and not as the unprivileged user." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2688 +#: sssd.conf.5.xml:2689 msgid "autofs_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2691 +#: sssd.conf.5.xml:2692 msgid "" "The autofs provider used for the domain. Supported autofs providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2695 +#: sssd.conf.5.xml:2696 msgid "" "<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3213,7 +3209,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2702 +#: sssd.conf.5.xml:2703 msgid "" "<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> " "<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3221,7 +3217,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2710 +#: sssd.conf.5.xml:2711 msgid "" "<quote>ad</quote> to load maps stored in an AD server. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3229,24 +3225,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2719 +#: sssd.conf.5.xml:2720 msgid "<quote>none</quote> disables autofs explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2729 +#: sssd.conf.5.xml:2730 msgid "hostid_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2732 +#: sssd.conf.5.xml:2733 msgid "" "The provider used for retrieving host identity information. Supported " "hostid providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2736 +#: sssd.conf.5.xml:2737 msgid "" "<quote>ipa</quote> to load host identity stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3254,12 +3250,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2744 +#: sssd.conf.5.xml:2745 msgid "<quote>none</quote> disables hostid explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2757 +#: sssd.conf.5.xml:2758 msgid "" "Regular expression for this domain that describes how to parse the string " "containing user name and domain into these components. The \"domain\" can " @@ -3269,7 +3265,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2766 +#: sssd.conf.5.xml:2767 msgid "" "Default for the AD and IPA provider: <quote>(((?P<domain>[^\\\\]+)\\" "\\(?P<name>.+$))|((?P<name>[^@]+)@(?P<domain>.+$))|(^(?" @@ -3278,29 +3274,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2771 +#: sssd.conf.5.xml:2772 msgid "username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2774 +#: sssd.conf.5.xml:2775 msgid "username@domain.name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2777 +#: sssd.conf.5.xml:2778 msgid "domain\\username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2780 +#: sssd.conf.5.xml:2781 msgid "" "While the first two correspond to the general default the third one is " "introduced to allow easy integration of users from Windows domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2785 +#: sssd.conf.5.xml:2786 msgid "" "Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " "which translates to \"the name is everything up to the <quote>@</quote> " @@ -3311,7 +3307,7 @@ msgstr "" "het domein alles daarna\"" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2791 +#: sssd.conf.5.xml:2792 msgid "" "NOTE: Some Active Directory groups, typically those used for MS Exchange " "contain an <quote>@</quote> sign in the name, which clashes with the default " @@ -3321,59 +3317,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2842 +#: sssd.conf.5.xml:2843 msgid "Default: <quote>%1$s@%2$s</quote>." msgstr "Standaard: <quote>%1$s@%2$s</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2848 +#: sssd.conf.5.xml:2849 msgid "lookup_family_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2851 +#: sssd.conf.5.xml:2852 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2855 +#: sssd.conf.5.xml:2856 msgid "Supported values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2858 +#: sssd.conf.5.xml:2859 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2861 +#: sssd.conf.5.xml:2862 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2864 +#: sssd.conf.5.xml:2865 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2867 +#: sssd.conf.5.xml:2868 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2870 +#: sssd.conf.5.xml:2871 msgid "Default: ipv4_first" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2876 +#: sssd.conf.5.xml:2877 msgid "dns_resolver_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2879 +#: sssd.conf.5.xml:2880 msgid "" "Defines the amount of time (in seconds) to wait for a reply from the " "internal fail over service before assuming that the service is unreachable. " @@ -3382,77 +3378,77 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2886 +#: sssd.conf.5.xml:2887 msgid "" "Please see the section <quote>FAILOVER</quote> for more information about " "the service resolution." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2891 sssd-ldap.5.xml:1337 sssd-ldap.5.xml:1379 -#: sssd-ldap.5.xml:1397 sssd-krb5.5.xml:248 +#: sssd.conf.5.xml:2892 sssd-ldap.5.xml:1375 sssd-ldap.5.xml:1417 +#: sssd-ldap.5.xml:1435 sssd-krb5.5.xml:248 msgid "Default: 6" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2897 +#: sssd.conf.5.xml:2898 msgid "dns_discovery_domain (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2900 +#: sssd.conf.5.xml:2901 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2904 +#: sssd.conf.5.xml:2905 msgid "Default: Use the domain part of machine's hostname" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2910 +#: sssd.conf.5.xml:2911 msgid "override_gid (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2913 +#: sssd.conf.5.xml:2914 msgid "Override the primary GID value with the one specified." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2919 +#: sssd.conf.5.xml:2920 msgid "case_sensitive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2930 +#: sssd.conf.5.xml:2931 msgid "True" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2933 +#: sssd.conf.5.xml:2934 msgid "Case sensitive. This value is invalid for AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2939 +#: sssd.conf.5.xml:2940 msgid "False" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2941 +#: sssd.conf.5.xml:2942 msgid "Case insensitive." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2945 +#: sssd.conf.5.xml:2946 msgid "Preserving" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2948 +#: sssd.conf.5.xml:2949 msgid "" "Same as False (case insensitive), but does not lowercase names in the result " "of NSS operations. Note that name aliases (and in case of services also " @@ -3460,7 +3456,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2922 +#: sssd.conf.5.xml:2923 msgid "" "Treat user and group names as case sensitive. <phrase condition=" "\"enable_local_provider\"> At the moment, this option is not supported in " @@ -3469,17 +3465,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2960 +#: sssd.conf.5.xml:2961 msgid "Default: True (False for AD provider)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2966 +#: sssd.conf.5.xml:2967 msgid "subdomain_inherit (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2969 +#: sssd.conf.5.xml:2970 msgid "" "Specifies a list of configuration parameters that should be inherited by a " "subdomain. Please note that only selected parameters can be inherited. " @@ -3487,34 +3483,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2975 +#: sssd.conf.5.xml:2976 msgid "ignore_group_members" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2978 +#: sssd.conf.5.xml:2979 msgid "ldap_purge_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2981 sssd-ldap.5.xml:1061 +#: sssd.conf.5.xml:2982 sssd-ldap.5.xml:1099 msgid "ldap_use_tokengroups" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2984 +#: sssd.conf.5.xml:2985 msgid "ldap_user_principal" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2987 +#: sssd.conf.5.xml:2988 msgid "" "ldap_krb5_keytab (the value of krb5_keytab will be used if ldap_krb5_keytab " "is not set explicitly)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:2993 +#: sssd.conf.5.xml:2994 #, no-wrap msgid "" "subdomain_inherit = ldap_purge_cache_timeout\n" @@ -3522,32 +3518,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2991 sssd-secrets.5.xml:448 +#: sssd.conf.5.xml:2992 sssd-secrets.5.xml:448 msgid "Example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3000 +#: sssd.conf.5.xml:3001 msgid "Note: This option only works with the IPA and AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3007 +#: sssd.conf.5.xml:3008 msgid "subdomain_homedir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3018 +#: sssd.conf.5.xml:3019 msgid "%F" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3019 +#: sssd.conf.5.xml:3020 msgid "flat (NetBIOS) name of a subdomain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3010 +#: sssd.conf.5.xml:3011 msgid "" "Use this homedir as default value for all subdomains within this domain in " "IPA AD trust. See <emphasis>override_homedir</emphasis> for info about " @@ -3557,47 +3553,55 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3024 +#: sssd.conf.5.xml:3025 msgid "" "The value can be overridden by <emphasis>override_homedir</emphasis> option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3028 +#: sssd.conf.5.xml:3029 msgid "Default: <filename>/home/%d/%u</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3033 +#: sssd.conf.5.xml:3034 msgid "realmd_tags (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3036 +#: sssd.conf.5.xml:3037 msgid "" "Various tags stored by the realmd configuration service for this domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3042 +#: sssd.conf.5.xml:3043 msgid "cached_auth_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3045 +#: sssd.conf.5.xml:3046 msgid "" "Specifies time in seconds since last successful online authentication for " "which user will be authenticated using cached credentials while SSSD is in " -"the online mode." +"the online mode. If the credentials are incorrect, SSSD falls back to online " +"authentication." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3051 +#: sssd.conf.5.xml:3054 +msgid "" +"This option's value is inherited by all trusted domains. At the moment it is " +"not possible to set a different value per trusted domain." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3059 msgid "Special value 0 implies that this feature is disabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3055 +#: sssd.conf.5.xml:3063 msgid "" "Please note that if <quote>cached_auth_timeout</quote> is longer than " "<quote>pam_id_timeout</quote> then the back end could be called to handle " @@ -3605,43 +3609,115 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3066 +#: sssd.conf.5.xml:3074 msgid "auto_private_groups (string)" msgstr "" -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3069 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3080 +msgid "true" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3083 +msgid "" +"Create user's private group unconditionally from user's UID number. The GID " +"number is ignored in this case." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3087 +msgid "" +"NOTE: Because the GID number and the user private group are inferred from " +"the UID number, it is not supported to have multiple entries with the same " +"UID or GID number with this option. In other words, enabling this option " +"enforces uniqueness across the ID space." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3096 +msgid "false" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3099 +msgid "" +"Always use the user's primary GID number. The GID number must refer to a " +"group object in the LDAP database." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3105 +msgid "hybrid" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3108 msgid "" -"If this option is enabled, SSSD will automatically create user private " -"groups based on user's UID number. The GID number is ignored in this case." +"A primary group is autogenerated for user entries whose UID and GID numbers " +"have the same value and at the same time the GID number does not correspond " +"to a real group object in LDAP If the values are the same, but the primary " +"GID in the user entry is also used by a group object, the primary GID of the " +"user resolves to that group object." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3121 +msgid "" +"If the UID and GID of a user are different, then the GID must correspond to " +"a group entry, otherwise the GID is simply not resolvable." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3128 +msgid "" +"This feature is useful for environments that wish to stop maintaining a " +"separate group objects for the user private groups, but also wish to retain " +"the existing user private groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3074 +#: sssd.conf.5.xml:3077 msgid "" -"For POSIX subdomains, setting the option in the main domain is inherited in " -"the subdomain." +"This option takes any of three available values: <placeholder type=" +"\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3078 +#: sssd.conf.5.xml:3140 msgid "" -"For ID-mapping subdomains, auto_private_groups is already enabled for the " -"subdomains and setting it to false will not have any effect for the " -"subdomain." +"For subdomains, the default value is False for subdomains that use assigned " +"POSIX IDs and True for subdomains that use automatic ID-mapping." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd.conf.5.xml:3148 +#, no-wrap +msgid "" +"[domain/forest.domain/sub.domain]\n" +"auto_private_groups = false\n" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd.conf.5.xml:3154 +#, no-wrap +msgid "" +"[domain/forest.domain]\n" +"subdomain_inherit = auto_private_groups\n" +"auto_private_groups = false\n" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3083 +#: sssd.conf.5.xml:3145 msgid "" -"NOTE: Because the GID number and the user private group are inferred from " -"the UID number, it is not supported to have multiple entries with the same " -"UID or GID number with this option. In other words, enabling this option " -"enforces uniqueness across the ID space." +"The value of auto_private_groups can either be set per subdomains in a " +"subsection, for example: <placeholder type=\"programlisting\" id=\"0\"/> or " +"globally for all subdomains in the main domain section using the " +"subdomain_inherit option: <placeholder type=\"programlisting\" id=\"1\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1884 +#: sssd.conf.5.xml:1885 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called <quote>[domain/<replaceable>NAME</" @@ -3649,29 +3725,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3102 +#: sssd.conf.5.xml:3169 msgid "proxy_pam_target (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3105 +#: sssd.conf.5.xml:3172 msgid "The proxy target PAM proxies to." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3108 +#: sssd.conf.5.xml:3175 msgid "" "Default: not set by default, you have to take an existing pam configuration " "or create a new one and add the service name here." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3116 +#: sssd.conf.5.xml:3183 msgid "proxy_lib_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3119 +#: sssd.conf.5.xml:3186 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " @@ -3679,12 +3755,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3129 +#: sssd.conf.5.xml:3196 msgid "proxy_fast_alias (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3132 +#: sssd.conf.5.xml:3199 msgid "" "When a user or group is looked up by name in the proxy provider, a second " "lookup by ID is performed to \"canonicalize\" the name in case the requested " @@ -3693,12 +3769,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3146 +#: sssd.conf.5.xml:3213 msgid "proxy_max_children (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3149 +#: sssd.conf.5.xml:3216 msgid "" "This option specifies the number of pre-forked proxy children. It is useful " "for high-load SSSD environments where sssd may run out of available child " @@ -3706,19 +3782,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3098 +#: sssd.conf.5.xml:3165 msgid "" "Options valid for proxy domains. <placeholder type=\"variablelist\" id=" "\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:3165 +#: sssd.conf.5.xml:3232 msgid "Application domains" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3167 +#: sssd.conf.5.xml:3234 msgid "" "SSSD, with its D-Bus interface (see <citerefentry> <refentrytitle>sssd-ifp</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry>) is appealing to " @@ -3735,7 +3811,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3187 +#: sssd.conf.5.xml:3254 msgid "" "Please note that the application domain must still be explicitly enabled in " "the <quote>domains</quote> parameter so that the lookup order between the " @@ -3743,17 +3819,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:3193 +#: sssd.conf.5.xml:3260 msgid "Application domain parameters" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3195 +#: sssd.conf.5.xml:3262 msgid "inherit_from (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3198 +#: sssd.conf.5.xml:3265 msgid "" "The SSSD POSIX-type domain the application domain inherits all settings " "from. The application domain can moreover add its own settings to the " @@ -3762,7 +3838,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3212 +#: sssd.conf.5.xml:3279 msgid "" "The following example illustrates the use of an application domain. In this " "setup, the POSIX domain is connected to an LDAP server and is used by the OS " @@ -3772,7 +3848,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><programlisting> -#: sssd.conf.5.xml:3220 +#: sssd.conf.5.xml:3287 #, no-wrap msgid "" "[sssd]\n" @@ -3792,12 +3868,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:3238 +#: sssd.conf.5.xml:3305 msgid "The local domain section" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3240 +#: sssd.conf.5.xml:3307 msgid "" "This section contains settings for domain that stores users and groups in " "SSSD native database, that is, a domain that uses " @@ -3805,73 +3881,73 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3247 +#: sssd.conf.5.xml:3314 msgid "default_shell (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3250 +#: sssd.conf.5.xml:3317 msgid "The default shell for users created with SSSD userspace tools." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3254 +#: sssd.conf.5.xml:3321 msgid "Default: <filename>/bin/bash</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3259 +#: sssd.conf.5.xml:3326 msgid "base_directory (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3262 +#: sssd.conf.5.xml:3329 msgid "" "The tools append the login name to <replaceable>base_directory</replaceable> " "and use that as the home directory." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3267 +#: sssd.conf.5.xml:3334 msgid "Default: <filename>/home</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3272 +#: sssd.conf.5.xml:3339 msgid "create_homedir (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3275 +#: sssd.conf.5.xml:3342 msgid "" "Indicate if a home directory should be created by default for new users. " "Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3279 sssd.conf.5.xml:3291 +#: sssd.conf.5.xml:3346 sssd.conf.5.xml:3358 msgid "Default: TRUE" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3284 +#: sssd.conf.5.xml:3351 msgid "remove_homedir (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3287 +#: sssd.conf.5.xml:3354 msgid "" "Indicate if a home directory should be removed by default for deleted " "users. Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3296 +#: sssd.conf.5.xml:3363 msgid "homedir_umask (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3299 +#: sssd.conf.5.xml:3366 msgid "" "Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " @@ -3879,17 +3955,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3307 +#: sssd.conf.5.xml:3374 msgid "Default: 077" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3312 +#: sssd.conf.5.xml:3379 msgid "skel_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3315 +#: sssd.conf.5.xml:3382 msgid "" "The skeleton directory, which contains files and directories to be copied in " "the user's home directory, when the home directory is created by " @@ -3898,17 +3974,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3325 +#: sssd.conf.5.xml:3392 msgid "Default: <filename>/etc/skel</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3330 +#: sssd.conf.5.xml:3397 msgid "mail_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3333 +#: sssd.conf.5.xml:3400 msgid "" "The mail spool directory. This is needed to manipulate the mailbox when its " "corresponding user account is modified or deleted. If not specified, a " @@ -3916,17 +3992,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3340 +#: sssd.conf.5.xml:3407 msgid "Default: <filename>/var/mail</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3345 +#: sssd.conf.5.xml:3412 msgid "userdel_cmd (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3348 +#: sssd.conf.5.xml:3415 msgid "" "The command that is run after a user is removed. The command us passed the " "username of the user being removed as the first and only parameter. The " @@ -3934,17 +4010,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3354 +#: sssd.conf.5.xml:3421 msgid "Default: None, no command is run" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3364 +#: sssd.conf.5.xml:3431 msgid "TRUSTED DOMAIN SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3366 +#: sssd.conf.5.xml:3433 msgid "" "Some options used in the domain section can also be used in the trusted " "domain section, that is, in a section called <quote>[domain/" @@ -3955,64 +4031,69 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3373 +#: sssd.conf.5.xml:3440 msgid "ldap_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3374 +#: sssd.conf.5.xml:3441 msgid "ldap_user_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3375 +#: sssd.conf.5.xml:3442 msgid "ldap_group_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3376 +#: sssd.conf.5.xml:3443 msgid "ldap_netgroup_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3377 +#: sssd.conf.5.xml:3444 msgid "ldap_service_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3378 +#: sssd.conf.5.xml:3445 +msgid "ldap_sasl_mech," +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:3446 msgid "ad_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3379 +#: sssd.conf.5.xml:3447 msgid "ad_backup_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3380 +#: sssd.conf.5.xml:3448 msgid "ad_site," msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3381 sssd-ipa.5.xml:797 +#: sssd.conf.5.xml:3449 sssd-ipa.5.xml:797 msgid "use_fully_qualified_names" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3383 +#: sssd.conf.5.xml:3451 msgid "" "For more details about these options see their individual description in the " "manual page." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3389 +#: sssd.conf.5.xml:3457 msgid "CERTIFICATE MAPPING SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3391 +#: sssd.conf.5.xml:3459 msgid "" "To allow authentication with Smartcards and certificates SSSD must be able " "to map certificates to users. This can be done by adding the full " @@ -4025,7 +4106,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3405 +#: sssd.conf.5.xml:3473 msgid "" "To make the mapping more flexible mapping and matching rules were added to " "SSSD (see <citerefentry> <refentrytitle>sss-certmap</refentrytitle> " @@ -4033,7 +4114,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3414 +#: sssd.conf.5.xml:3482 msgid "" "A mapping and matching rule can be added to the SSSD configuration in a " "section on its own with a name like <quote>[certmap/" @@ -4042,59 +4123,55 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3421 +#: sssd.conf.5.xml:3489 msgid "matchrule (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3424 +#: sssd.conf.5.xml:3492 msgid "" "Only certificates from the Smartcard which matches this rule will be " "processed, all others are ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3428 +#: sssd.conf.5.xml:3496 msgid "" "Default: KRB5:<EKU>clientAuth, i.e. only certificates which have the " "Extended Key Usage <quote>clientAuth</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3435 -#, fuzzy -#| msgid "re_expression (string)" +#: sssd.conf.5.xml:3503 msgid "maprule (string)" -msgstr "re_expression (tekst)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3438 +#: sssd.conf.5.xml:3506 msgid "Defines how the user is found for a given certificate." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3444 +#: sssd.conf.5.xml:3512 msgid "" "LDAP:(userCertificate;binary={cert!bin}) for LDAP based providers like " "<quote>ldap</quote>, <quote>AD</quote> or <quote>ipa</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3450 +#: sssd.conf.5.xml:3518 msgid "" "The RULE_NAME for the <quote>files</quote> provider which tries to find a " "user with the same name." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3459 -#, fuzzy -#| msgid "domains" +#: sssd.conf.5.xml:3527 msgid "domains (string)" -msgstr "domeinen" +msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3462 +#: sssd.conf.5.xml:3530 msgid "" "Comma separated list of domain names the rule should be applied. By default " "a rule is only valid in the domain configured in sssd.conf. If the provider " @@ -4103,19 +4180,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3469 +#: sssd.conf.5.xml:3537 msgid "Default: the configured domain in sssd.conf" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3474 -#, fuzzy -#| msgid "reconnection_retries (integer)" +#: sssd.conf.5.xml:3542 msgid "priority (integer)" -msgstr "reconnection_retries (numeriek)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3477 +#: sssd.conf.5.xml:3545 msgid "" "Unsigned integer value defining the priority of the rule. The higher the " "number the lower the priority. <quote>0</quote> stands for the highest " @@ -4123,26 +4198,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3483 +#: sssd.conf.5.xml:3551 msgid "Default: the lowest priority" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3489 +#: sssd.conf.5.xml:3557 msgid "" "To make the configuration simple and reduce the amount of configuration " "options the <quote>files</quote> provider has some special properties:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3495 +#: sssd.conf.5.xml:3563 msgid "" "if maprule is not set the RULE_NAME name is assumed to be the name of the " "matching user" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3501 +#: sssd.conf.5.xml:3569 msgid "" "if a maprule is used both a single user name or a template like " "<quote>{subject_rfc822_name.short_name}</quote> must be in braces like e.g. " @@ -4151,17 +4226,124 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3510 +#: sssd.conf.5.xml:3578 msgid "the <quote>domains</quote> option is ignored" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3518 idmap_sss.8.xml:43 +#: sssd.conf.5.xml:3586 +msgid "PROMPTING CONFIGURATION SECTION" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:3588 +msgid "" +"If a special file (<filename>/var/lib/sss/pubconf/pam_preauth_available</" +"filename>) exists SSSD's PAM module pam_sss will ask SSSD to figure out " +"which authentication methods are available for the user trying to log in. " +"Based on the results pam_sss will prompt the user for appropriate " +"credentials." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:3596 +msgid "" +"With the growing number of authentication methods and the possibility that " +"there are multiple ones for a single user the heuristic used by pam_sss to " +"select the prompting might not be suitable for all use cases. To following " +"options should provide a better flexibility here." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3608 +msgid "[prompting/password]" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3611 +msgid "password_prompt" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3612 +msgid "to change the string of the password prompt" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3610 +msgid "" +"to configure password prompting, allowed options are: <placeholder type=" +"\"variablelist\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3620 +msgid "[prompting/2fa]" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3624 +msgid "first_prompt" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3625 +msgid "to change the string of the prompt for the first factor" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3628 +msgid "second_prompt" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3629 +msgid "to change the string of the prompt for the second factor" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3632 +msgid "single_prompt" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3633 +msgid "" +"boolean value, if True there will be only a single prompt using the value of " +"first_prompt where it is expected that both factor are entered as a single " +"string" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3622 +msgid "" +"to configure two-factor authentication prompting, allowed options are: " +"<placeholder type=\"variablelist\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:3603 +msgid "" +"Each supported authentication method has it's own configuration sub-section " +"under <quote>[prompting/...]</quote>. Currently there are: <placeholder type=" +"\"variablelist\" id=\"0\"/> <placeholder type=\"variablelist\" id=\"1\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:3645 +msgid "" +"It is possible to add a sub-section for specific PAM services like e.g. " +"<quote>[prompting/password/sshd]</quote> to individual change the prompting " +"for this service." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sssd.conf.5.xml:3652 idmap_sss.8.xml:43 msgid "EXAMPLES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3524 +#: sssd.conf.5.xml:3658 #, no-wrap msgid "" "[sssd]\n" @@ -4191,7 +4373,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3520 +#: sssd.conf.5.xml:3654 msgid "" "1. The following example shows a typical SSSD config. It does not describe " "configuration of the domains themselves - refer to documentation on " @@ -4200,7 +4382,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3557 +#: sssd.conf.5.xml:3691 #, no-wrap msgid "" "[domain/ipa.com/child.ad.com]\n" @@ -4208,7 +4390,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3551 +#: sssd.conf.5.xml:3685 msgid "" "2. The following example shows configuration of IPA AD trust where the AD " "forest consists of two domains in a parent-child structure. Suppose IPA " @@ -4219,7 +4401,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3571 +#: sssd.conf.5.xml:3705 #, no-wrap msgid "" "[certmap/my.domain/rule_name]\n" @@ -4233,7 +4415,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3562 +#: sssd.conf.5.xml:3696 msgid "" "3. The following example shows the configuration for two certificate mapping " "rules. The first is valid for the configured domain <quote>my.domain</quote> " @@ -4383,7 +4565,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:662 sssd-ad.5.xml:286 +#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:700 sssd-ad.5.xml:286 #: sss_override.8.xml:137 sss_override.8.xml:234 msgid "Examples:" msgstr "" @@ -4478,123 +4660,164 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:209 -msgid "ldap_default_bind_dn (string)" +msgid "ldap_pwmodify_mode (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:212 +msgid "Specify the operation that is used to modify user password." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:216 +msgid "Two modes are currently supported:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ldap.5.xml:220 +msgid "exop - Password Modify Extended Operation (RFC 3062)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ldap.5.xml:226 +msgid "ldap_modify - Direct modification of userPassword (not recommended)." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:233 +msgid "" +"Note: First, a new connection is established to verify current password by " +"binding as the user that requested password change. If successful, this " +"connection is used to change the password therefore the user must have write " +"access to userPassword attribute." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:241 +#, fuzzy +#| msgid "Default: 3" +msgid "Default: exop" +msgstr "Standaard: 3" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:247 +msgid "ldap_default_bind_dn (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:250 msgid "The default bind DN to use for performing LDAP operations." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:219 +#: sssd-ldap.5.xml:257 msgid "ldap_default_authtok_type (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:222 +#: sssd-ldap.5.xml:260 msgid "The type of the authentication token of the default bind DN." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:226 +#: sssd-ldap.5.xml:264 msgid "The two mechanisms currently supported are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:229 +#: sssd-ldap.5.xml:267 msgid "password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:232 +#: sssd-ldap.5.xml:270 msgid "obfuscated_password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:235 +#: sssd-ldap.5.xml:273 msgid "Default: password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:241 +#: sssd-ldap.5.xml:279 msgid "ldap_default_authtok (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:244 +#: sssd-ldap.5.xml:282 msgid "" "The authentication token of the default bind DN. Only clear text passwords " "are currently supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:251 +#: sssd-ldap.5.xml:289 msgid "ldap_user_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:254 +#: sssd-ldap.5.xml:292 msgid "The object class of a user entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:257 +#: sssd-ldap.5.xml:295 msgid "Default: posixAccount" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:263 +#: sssd-ldap.5.xml:301 msgid "ldap_user_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:266 +#: sssd-ldap.5.xml:304 msgid "The LDAP attribute that corresponds to the user's login name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:270 +#: sssd-ldap.5.xml:308 msgid "Default: uid (rfc2307, rfc2307bis and IPA), sAMAccountName (AD)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:277 +#: sssd-ldap.5.xml:315 msgid "ldap_user_uid_number (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:280 +#: sssd-ldap.5.xml:318 msgid "The LDAP attribute that corresponds to the user's id." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:284 +#: sssd-ldap.5.xml:322 msgid "Default: uidNumber" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:290 +#: sssd-ldap.5.xml:328 msgid "ldap_user_gid_number (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:293 +#: sssd-ldap.5.xml:331 msgid "The LDAP attribute that corresponds to the user's primary group id." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:297 sssd-ldap.5.xml:929 +#: sssd-ldap.5.xml:335 sssd-ldap.5.xml:967 msgid "Default: gidNumber" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:303 +#: sssd-ldap.5.xml:341 msgid "ldap_user_primary_group (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:306 +#: sssd-ldap.5.xml:344 msgid "" "Active Directory primary group attribute for ID-mapping. Note that this " "attribute should only be set manually if you are running the <quote>ldap</" @@ -4602,113 +4825,113 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:312 +#: sssd-ldap.5.xml:350 msgid "Default: unset (LDAP), primaryGroupID (AD)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:318 +#: sssd-ldap.5.xml:356 msgid "ldap_user_gecos (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:321 +#: sssd-ldap.5.xml:359 msgid "The LDAP attribute that corresponds to the user's gecos field." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:325 +#: sssd-ldap.5.xml:363 msgid "Default: gecos" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:331 +#: sssd-ldap.5.xml:369 msgid "ldap_user_home_directory (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:334 +#: sssd-ldap.5.xml:372 msgid "The LDAP attribute that contains the name of the user's home directory." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:338 +#: sssd-ldap.5.xml:376 msgid "Default: homeDirectory" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:344 +#: sssd-ldap.5.xml:382 msgid "ldap_user_shell (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:347 +#: sssd-ldap.5.xml:385 msgid "The LDAP attribute that contains the path to the user's default shell." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:351 +#: sssd-ldap.5.xml:389 msgid "Default: loginShell" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:357 +#: sssd-ldap.5.xml:395 msgid "ldap_user_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:360 +#: sssd-ldap.5.xml:398 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:364 sssd-ldap.5.xml:955 +#: sssd-ldap.5.xml:402 sssd-ldap.5.xml:993 msgid "" "Default: not set in the general case, objectGUID for AD and ipaUniqueID for " "IPA" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:371 +#: sssd-ldap.5.xml:409 msgid "ldap_user_objectsid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:374 +#: sssd-ldap.5.xml:412 msgid "" "The LDAP attribute that contains the objectSID of an LDAP user object. This " "is usually only necessary for ActiveDirectory servers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:379 sssd-ldap.5.xml:970 +#: sssd-ldap.5.xml:417 sssd-ldap.5.xml:1008 msgid "Default: objectSid for ActiveDirectory, not set for other servers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:386 +#: sssd-ldap.5.xml:424 msgid "ldap_user_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:389 sssd-ldap.5.xml:980 sssd-ldap.5.xml:1144 +#: sssd-ldap.5.xml:427 sssd-ldap.5.xml:1018 sssd-ldap.5.xml:1182 msgid "" "The LDAP attribute that contains timestamp of the last modification of the " "parent object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:393 sssd-ldap.5.xml:984 sssd-ldap.5.xml:1151 +#: sssd-ldap.5.xml:431 sssd-ldap.5.xml:1022 sssd-ldap.5.xml:1189 msgid "Default: modifyTimestamp" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:399 +#: sssd-ldap.5.xml:437 msgid "ldap_user_shadow_last_change (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:402 +#: sssd-ldap.5.xml:440 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -4717,17 +4940,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:412 +#: sssd-ldap.5.xml:450 msgid "Default: shadowLastChange" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:418 +#: sssd-ldap.5.xml:456 msgid "ldap_user_shadow_min (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:421 +#: sssd-ldap.5.xml:459 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -4736,17 +4959,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:430 +#: sssd-ldap.5.xml:468 msgid "Default: shadowMin" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:436 +#: sssd-ldap.5.xml:474 msgid "ldap_user_shadow_max (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:439 +#: sssd-ldap.5.xml:477 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -4755,17 +4978,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:448 +#: sssd-ldap.5.xml:486 msgid "Default: shadowMax" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:454 +#: sssd-ldap.5.xml:492 msgid "ldap_user_shadow_warning (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:457 +#: sssd-ldap.5.xml:495 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -4774,17 +4997,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:467 +#: sssd-ldap.5.xml:505 msgid "Default: shadowWarning" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:473 +#: sssd-ldap.5.xml:511 msgid "ldap_user_shadow_inactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:476 +#: sssd-ldap.5.xml:514 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -4793,17 +5016,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:486 +#: sssd-ldap.5.xml:524 msgid "Default: shadowInactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:492 +#: sssd-ldap.5.xml:530 msgid "ldap_user_shadow_expire (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:495 +#: sssd-ldap.5.xml:533 msgid "" "When using ldap_pwd_policy=shadow or ldap_account_expire_policy=shadow, this " "parameter contains the name of an LDAP attribute corresponding to its " @@ -4812,17 +5035,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:505 +#: sssd-ldap.5.xml:543 msgid "Default: shadowExpire" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:511 +#: sssd-ldap.5.xml:549 msgid "ldap_user_krb_last_pwd_change (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:514 +#: sssd-ldap.5.xml:552 msgid "" "When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " "an LDAP attribute storing the date and time of last password change in " @@ -4830,155 +5053,155 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:520 +#: sssd-ldap.5.xml:558 msgid "Default: krbLastPwdChange" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:526 +#: sssd-ldap.5.xml:564 msgid "ldap_user_krb_password_expiration (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:529 +#: sssd-ldap.5.xml:567 msgid "" "When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " "an LDAP attribute storing the date and time when current password expires." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:535 +#: sssd-ldap.5.xml:573 msgid "Default: krbPasswordExpiration" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:541 +#: sssd-ldap.5.xml:579 msgid "ldap_user_ad_account_expires (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:544 +#: sssd-ldap.5.xml:582 msgid "" "When using ldap_account_expire_policy=ad, this parameter contains the name " "of an LDAP attribute storing the expiration time of the account." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:549 +#: sssd-ldap.5.xml:587 msgid "Default: accountExpires" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:555 +#: sssd-ldap.5.xml:593 msgid "ldap_user_ad_user_account_control (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:558 +#: sssd-ldap.5.xml:596 msgid "" "When using ldap_account_expire_policy=ad, this parameter contains the name " "of an LDAP attribute storing the user account control bit field." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:563 +#: sssd-ldap.5.xml:601 msgid "Default: userAccountControl" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:569 +#: sssd-ldap.5.xml:607 msgid "ldap_ns_account_lock (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:572 +#: sssd-ldap.5.xml:610 msgid "" "When using ldap_account_expire_policy=rhds or equivalent, this parameter " "determines if access is allowed or not." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:577 +#: sssd-ldap.5.xml:615 msgid "Default: nsAccountLock" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:583 +#: sssd-ldap.5.xml:621 msgid "ldap_user_nds_login_disabled (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:586 +#: sssd-ldap.5.xml:624 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines if " "access is allowed or not." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:590 sssd-ldap.5.xml:604 +#: sssd-ldap.5.xml:628 sssd-ldap.5.xml:642 msgid "Default: loginDisabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:596 +#: sssd-ldap.5.xml:634 msgid "ldap_user_nds_login_expiration_time (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:599 +#: sssd-ldap.5.xml:637 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines until " "which date access is granted." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:610 +#: sssd-ldap.5.xml:648 msgid "ldap_user_nds_login_allowed_time_map (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:613 +#: sssd-ldap.5.xml:651 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines the " "hours of a day in a week when access is granted." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:618 +#: sssd-ldap.5.xml:656 msgid "Default: loginAllowedTimeMap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:624 +#: sssd-ldap.5.xml:662 msgid "ldap_user_principal (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:627 +#: sssd-ldap.5.xml:665 msgid "" "The LDAP attribute that contains the user's Kerberos User Principal Name " "(UPN)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:631 +#: sssd-ldap.5.xml:669 msgid "Default: krbPrincipalName" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:637 +#: sssd-ldap.5.xml:675 msgid "ldap_user_extra_attrs (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:640 +#: sssd-ldap.5.xml:678 msgid "" "Comma-separated list of LDAP attributes that SSSD would fetch along with the " "usual set of user attributes." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:645 +#: sssd-ldap.5.xml:683 msgid "" "The list can either contain LDAP attribute names only, or colon-separated " "tuples of SSSD cache attribute name and LDAP attribute name. In case only " @@ -4988,7 +5211,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:655 +#: sssd-ldap.5.xml:693 msgid "" "Please note that several attribute names are reserved by SSSD, notably the " "<quote>name</quote> attribute. SSSD would report an error if any of the " @@ -4996,51 +5219,51 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:665 +#: sssd-ldap.5.xml:703 msgid "ldap_user_extra_attrs = telephoneNumber" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:668 +#: sssd-ldap.5.xml:706 msgid "" "Save the <quote>telephoneNumber</quote> attribute from LDAP as " "<quote>telephoneNumber</quote> to the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:672 +#: sssd-ldap.5.xml:710 msgid "ldap_user_extra_attrs = phone:telephoneNumber" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:675 +#: sssd-ldap.5.xml:713 msgid "" "Save the <quote>telephoneNumber</quote> attribute from LDAP as <quote>phone</" "quote> to the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:685 +#: sssd-ldap.5.xml:723 msgid "ldap_user_ssh_public_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:688 +#: sssd-ldap.5.xml:726 msgid "The LDAP attribute that contains the user's SSH public keys." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:692 sssd-ldap.5.xml:1247 +#: sssd-ldap.5.xml:730 sssd-ldap.5.xml:1285 msgid "Default: sshPublicKey" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:698 +#: sssd-ldap.5.xml:736 msgid "ldap_force_upper_case_realm (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:701 +#: sssd-ldap.5.xml:739 msgid "" "Some directory servers, for example Active Directory, might deliver the " "realm part of the UPN in lower case, which might cause the authentication to " @@ -5049,24 +5272,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:714 +#: sssd-ldap.5.xml:752 msgid "ldap_enumeration_refresh_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:717 +#: sssd-ldap.5.xml:755 msgid "" "Specifies how many seconds SSSD has to wait before refreshing its cache of " "enumerated records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:728 +#: sssd-ldap.5.xml:766 msgid "ldap_purge_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:731 +#: sssd-ldap.5.xml:769 msgid "" "Determine how often to check the cache for inactive entries (such as groups " "with no members and users who have never logged in) and remove them to save " @@ -5074,7 +5297,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:737 +#: sssd-ldap.5.xml:775 msgid "" "Setting this option to zero will disable the cache cleanup operation. Please " "note that if enumeration is enabled, the cleanup task is required in order " @@ -5083,43 +5306,43 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:752 +#: sssd-ldap.5.xml:790 msgid "ldap_user_fullname (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:755 +#: sssd-ldap.5.xml:793 msgid "The LDAP attribute that corresponds to the user's full name." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:759 sssd-ldap.5.xml:1102 sssd-ldap.5.xml:1176 -#: sssd-ldap.5.xml:1285 sssd-ldap.5.xml:2346 sssd-ipa.5.xml:622 +#: sssd-ldap.5.xml:797 sssd-ldap.5.xml:1140 sssd-ldap.5.xml:1214 +#: sssd-ldap.5.xml:1323 sssd-ldap.5.xml:2404 sssd-ipa.5.xml:622 msgid "Default: cn" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:765 +#: sssd-ldap.5.xml:803 msgid "ldap_user_member_of (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:768 +#: sssd-ldap.5.xml:806 msgid "The LDAP attribute that lists the user's group memberships." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:772 sssd-ldap.5.xml:1215 +#: sssd-ldap.5.xml:810 sssd-ldap.5.xml:1253 msgid "Default: memberOf" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:778 +#: sssd-ldap.5.xml:816 msgid "ldap_user_authorized_service (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:781 +#: sssd-ldap.5.xml:819 msgid "" "If access_provider=ldap and ldap_access_order=authorized_service, SSSD will " "use the presence of the authorizedService attribute in the user's LDAP entry " @@ -5127,14 +5350,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:788 +#: sssd-ldap.5.xml:826 msgid "" "An explicit deny (!svc) is resolved first. Second, SSSD searches for " "explicit allow (svc) and finally for allow_all (*)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:793 +#: sssd-ldap.5.xml:831 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>authorized_service</quote> in order for the " @@ -5142,17 +5365,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:800 +#: sssd-ldap.5.xml:838 msgid "Default: authorizedService" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:806 +#: sssd-ldap.5.xml:844 msgid "ldap_user_authorized_host (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:809 +#: sssd-ldap.5.xml:847 msgid "" "If access_provider=ldap and ldap_access_order=host, SSSD will use the " "presence of the host attribute in the user's LDAP entry to determine access " @@ -5160,14 +5383,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:815 +#: sssd-ldap.5.xml:853 msgid "" "An explicit deny (!host) is resolved first. Second, SSSD searches for " "explicit allow (host) and finally for allow_all (*)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:820 +#: sssd-ldap.5.xml:858 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>host</quote> in order for the " @@ -5175,17 +5398,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:827 +#: sssd-ldap.5.xml:865 msgid "Default: host" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:833 +#: sssd-ldap.5.xml:871 msgid "ldap_user_authorized_rhost (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:836 +#: sssd-ldap.5.xml:874 msgid "" "If access_provider=ldap and ldap_access_order=rhost, SSSD will use the " "presence of the rhost attribute in the user's LDAP entry to determine access " @@ -5193,14 +5416,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:843 +#: sssd-ldap.5.xml:881 msgid "" "An explicit deny (!rhost) is resolved first. Second, SSSD searches for " "explicit allow (rhost) and finally for allow_all (*)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:848 +#: sssd-ldap.5.xml:886 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>rhost</quote> in order for the " @@ -5208,37 +5431,37 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:855 +#: sssd-ldap.5.xml:893 msgid "Default: rhost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:861 +#: sssd-ldap.5.xml:899 msgid "ldap_user_certificate (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:864 +#: sssd-ldap.5.xml:902 msgid "Name of the LDAP attribute containing the X509 certificate of the user." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:868 +#: sssd-ldap.5.xml:906 msgid "Default: userCertificate;binary" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:874 +#: sssd-ldap.5.xml:912 msgid "ldap_user_email (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:877 +#: sssd-ldap.5.xml:915 msgid "Name of the LDAP attribute containing the email address of the user." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:881 +#: sssd-ldap.5.xml:919 msgid "" "Note: If an email address of a user conflicts with an email address or fully " "qualified name of another user, then SSSD will not be able to serve those " @@ -5248,106 +5471,106 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:890 +#: sssd-ldap.5.xml:928 msgid "Default: mail" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:896 +#: sssd-ldap.5.xml:934 msgid "ldap_group_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:899 +#: sssd-ldap.5.xml:937 msgid "The object class of a group entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:902 +#: sssd-ldap.5.xml:940 msgid "Default: posixGroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:908 +#: sssd-ldap.5.xml:946 msgid "ldap_group_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:911 +#: sssd-ldap.5.xml:949 msgid "The LDAP attribute that corresponds to the group name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:915 +#: sssd-ldap.5.xml:953 msgid "Default: cn (rfc2307, rfc2307bis and IPA), sAMAccountName (AD)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:922 +#: sssd-ldap.5.xml:960 msgid "ldap_group_gid_number (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:925 +#: sssd-ldap.5.xml:963 msgid "The LDAP attribute that corresponds to the group's id." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:935 +#: sssd-ldap.5.xml:973 msgid "ldap_group_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:938 +#: sssd-ldap.5.xml:976 msgid "The LDAP attribute that contains the names of the group's members." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:942 +#: sssd-ldap.5.xml:980 msgid "Default: memberuid (rfc2307) / member (rfc2307bis)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:948 +#: sssd-ldap.5.xml:986 msgid "ldap_group_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:951 +#: sssd-ldap.5.xml:989 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:962 +#: sssd-ldap.5.xml:1000 msgid "ldap_group_objectsid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:965 +#: sssd-ldap.5.xml:1003 msgid "" "The LDAP attribute that contains the objectSID of an LDAP group object. This " "is usually only necessary for ActiveDirectory servers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:977 +#: sssd-ldap.5.xml:1015 msgid "ldap_group_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:990 +#: sssd-ldap.5.xml:1028 msgid "ldap_group_type (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:993 +#: sssd-ldap.5.xml:1031 msgid "" "The LDAP attribute that contains an integer value indicating the type of the " "group and maybe other flags." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:998 +#: sssd-ldap.5.xml:1036 msgid "" "This attribute is currently only used by the AD provider to determine if a " "group is a domain local groups and has to be filtered out for trusted " @@ -5355,34 +5578,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1004 +#: sssd-ldap.5.xml:1042 msgid "Default: groupType in the AD provider, otherwise not set" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1011 +#: sssd-ldap.5.xml:1049 msgid "ldap_group_external_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1014 +#: sssd-ldap.5.xml:1052 msgid "" "The LDAP attribute that references group members that are defined in an " "external domain. At the moment, only IPA's external members are supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1020 +#: sssd-ldap.5.xml:1058 msgid "Default: ipaExternalMember in the IPA provider, otherwise unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1027 +#: sssd-ldap.5.xml:1065 msgid "ldap_group_nesting_level (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1030 +#: sssd-ldap.5.xml:1068 msgid "" "If ldap_schema is set to a schema format that supports nested groups (e.g. " "RFC2307bis), then this option controls how many levels of nesting SSSD will " @@ -5390,7 +5613,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1037 +#: sssd-ldap.5.xml:1075 msgid "" "Note: This option specifies the guaranteed level of nested groups to be " "processed for any lookup. However, nested groups beyond this limit " @@ -5400,7 +5623,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1046 +#: sssd-ldap.5.xml:1084 msgid "" "If ldap_group_nesting_level is set to 0 then no nested groups are processed " "at all. However, when connected to Active-Directory Server 2008 and later " @@ -5410,177 +5633,177 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1055 +#: sssd-ldap.5.xml:1093 msgid "Default: 2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1064 +#: sssd-ldap.5.xml:1102 msgid "" "This options enables or disables use of Token-Groups attribute when " "performing initgroup for users from Active Directory Server 2008 and later." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1069 +#: sssd-ldap.5.xml:1107 msgid "Default: True for AD and IPA otherwise False." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1075 +#: sssd-ldap.5.xml:1113 msgid "ldap_netgroup_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1078 +#: sssd-ldap.5.xml:1116 msgid "The object class of a netgroup entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1081 +#: sssd-ldap.5.xml:1119 msgid "In IPA provider, ipa_netgroup_object_class should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1085 +#: sssd-ldap.5.xml:1123 msgid "Default: nisNetgroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1091 +#: sssd-ldap.5.xml:1129 msgid "ldap_netgroup_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1094 +#: sssd-ldap.5.xml:1132 msgid "The LDAP attribute that corresponds to the netgroup name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1098 +#: sssd-ldap.5.xml:1136 msgid "In IPA provider, ipa_netgroup_name should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1108 +#: sssd-ldap.5.xml:1146 msgid "ldap_netgroup_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1111 +#: sssd-ldap.5.xml:1149 msgid "The LDAP attribute that contains the names of the netgroup's members." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1115 +#: sssd-ldap.5.xml:1153 msgid "In IPA provider, ipa_netgroup_member should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1119 +#: sssd-ldap.5.xml:1157 msgid "Default: memberNisNetgroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1125 +#: sssd-ldap.5.xml:1163 msgid "ldap_netgroup_triple (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1128 +#: sssd-ldap.5.xml:1166 msgid "" "The LDAP attribute that contains the (host, user, domain) netgroup triples." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1132 sssd-ldap.5.xml:1148 +#: sssd-ldap.5.xml:1170 sssd-ldap.5.xml:1186 msgid "This option is not available in IPA provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1135 +#: sssd-ldap.5.xml:1173 msgid "Default: nisNetgroupTriple" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1141 +#: sssd-ldap.5.xml:1179 msgid "ldap_netgroup_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1157 +#: sssd-ldap.5.xml:1195 msgid "ldap_host_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1160 +#: sssd-ldap.5.xml:1198 msgid "The object class of a host entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1163 sssd-ldap.5.xml:1272 +#: sssd-ldap.5.xml:1201 sssd-ldap.5.xml:1310 msgid "Default: ipService" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1169 +#: sssd-ldap.5.xml:1207 msgid "ldap_host_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1172 sssd-ldap.5.xml:1198 +#: sssd-ldap.5.xml:1210 sssd-ldap.5.xml:1236 msgid "The LDAP attribute that corresponds to the host's name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1182 +#: sssd-ldap.5.xml:1220 msgid "ldap_host_fqdn (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1185 +#: sssd-ldap.5.xml:1223 msgid "" "The LDAP attribute that corresponds to the host's fully-qualified domain " "name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1189 +#: sssd-ldap.5.xml:1227 msgid "Default: fqdn" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1195 +#: sssd-ldap.5.xml:1233 msgid "ldap_host_serverhostname (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1202 +#: sssd-ldap.5.xml:1240 msgid "Default: serverHostname" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1208 +#: sssd-ldap.5.xml:1246 msgid "ldap_host_member_of (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1211 +#: sssd-ldap.5.xml:1249 msgid "The LDAP attribute that lists the host's group memberships." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1221 +#: sssd-ldap.5.xml:1259 msgid "ldap_host_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1224 +#: sssd-ldap.5.xml:1262 msgid "Optional. Use the given string as search base for host objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1228 sssd-ipa.5.xml:374 sssd-ipa.5.xml:393 +#: sssd-ldap.5.xml:1266 sssd-ipa.5.xml:374 sssd-ipa.5.xml:393 #: sssd-ipa.5.xml:412 sssd-ipa.5.xml:431 msgid "" "See <quote>ldap_search_base</quote> for information about configuring " @@ -5588,95 +5811,95 @@ msgid "" msgstr "" #. type: Content of: <listitem><para> -#: sssd-ldap.5.xml:1233 sssd-ipa.5.xml:379 include/ldap_search_bases.xml:27 +#: sssd-ldap.5.xml:1271 sssd-ipa.5.xml:379 include/ldap_search_bases.xml:27 msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1240 +#: sssd-ldap.5.xml:1278 msgid "ldap_host_ssh_public_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1243 +#: sssd-ldap.5.xml:1281 msgid "The LDAP attribute that contains the host's SSH public keys." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1253 +#: sssd-ldap.5.xml:1291 msgid "ldap_host_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1256 +#: sssd-ldap.5.xml:1294 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP host object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1266 +#: sssd-ldap.5.xml:1304 msgid "ldap_service_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1269 +#: sssd-ldap.5.xml:1307 msgid "The object class of a service entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1278 +#: sssd-ldap.5.xml:1316 msgid "ldap_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1281 +#: sssd-ldap.5.xml:1319 msgid "" "The LDAP attribute that contains the name of service attributes and their " "aliases." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1291 +#: sssd-ldap.5.xml:1329 msgid "ldap_service_port (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1294 +#: sssd-ldap.5.xml:1332 msgid "The LDAP attribute that contains the port managed by this service." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1298 +#: sssd-ldap.5.xml:1336 msgid "Default: ipServicePort" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1304 +#: sssd-ldap.5.xml:1342 msgid "ldap_service_proto (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1307 +#: sssd-ldap.5.xml:1345 msgid "" "The LDAP attribute that contains the protocols understood by this service." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1311 +#: sssd-ldap.5.xml:1349 msgid "Default: ipServiceProtocol" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1317 +#: sssd-ldap.5.xml:1355 msgid "ldap_service_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1322 +#: sssd-ldap.5.xml:1360 msgid "ldap_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1325 +#: sssd-ldap.5.xml:1363 msgid "" "Specifies the timeout (in seconds) that ldap searches are allowed to run " "before they are cancelled and cached results are returned (and offline mode " @@ -5684,7 +5907,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1331 +#: sssd-ldap.5.xml:1369 msgid "" "Note: this option is subject to change in future versions of the SSSD. It " "will likely be replaced at some point by a series of timeouts for specific " @@ -5692,12 +5915,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1343 +#: sssd-ldap.5.xml:1381 msgid "ldap_enumeration_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1346 +#: sssd-ldap.5.xml:1384 msgid "" "Specifies the timeout (in seconds) that ldap searches for user and group " "enumerations are allowed to run before they are cancelled and cached results " @@ -5705,12 +5928,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1359 +#: sssd-ldap.5.xml:1397 msgid "ldap_network_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1362 +#: sssd-ldap.5.xml:1400 msgid "" "Specifies the timeout (in seconds) after which the <citerefentry> " "<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" @@ -5721,12 +5944,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1385 +#: sssd-ldap.5.xml:1423 msgid "ldap_opt_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1388 +#: sssd-ldap.5.xml:1426 msgid "" "Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " "will abort if no response is received. Also controls the timeout when " @@ -5735,12 +5958,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1403 +#: sssd-ldap.5.xml:1441 msgid "ldap_connection_expire_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1406 +#: sssd-ldap.5.xml:1444 msgid "" "Specifies a timeout (in seconds) that a connection to an LDAP server will be " "maintained. After this time, the connection will be re-established. If used " @@ -5749,34 +5972,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1414 sssd-ldap.5.xml:2503 +#: sssd-ldap.5.xml:1452 sssd-ldap.5.xml:2572 msgid "Default: 900 (15 minutes)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1420 +#: sssd-ldap.5.xml:1458 msgid "ldap_page_size (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1423 +#: sssd-ldap.5.xml:1461 msgid "" "Specify the number of records to retrieve from LDAP in a single request. " "Some LDAP servers enforce a maximum limit per-request." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1428 +#: sssd-ldap.5.xml:1466 msgid "Default: 1000" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1434 +#: sssd-ldap.5.xml:1472 msgid "ldap_disable_paging (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1437 +#: sssd-ldap.5.xml:1475 msgid "" "Disable the LDAP paging control. This option should be used if the LDAP " "server reports that it supports the LDAP paging control in its RootDSE but " @@ -5784,14 +6007,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1443 +#: sssd-ldap.5.xml:1481 msgid "" "Example: OpenLDAP servers with the paging control module installed on the " "server but not enabled will report it in the RootDSE but be unable to use it." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1449 +#: sssd-ldap.5.xml:1487 msgid "" "Example: 389 DS has a bug where it can only support a one paging control at " "a time on a single connection. On busy clients, this can result in some " @@ -5799,17 +6022,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1461 +#: sssd-ldap.5.xml:1499 msgid "ldap_disable_range_retrieval (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1464 +#: sssd-ldap.5.xml:1502 msgid "Disable Active Directory range retrieval." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1467 +#: sssd-ldap.5.xml:1505 msgid "" "Active Directory limits the number of members to be retrieved in a single " "lookup using the MaxValRange policy (which defaults to 1500 members). If a " @@ -5819,12 +6042,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1482 +#: sssd-ldap.5.xml:1520 msgid "ldap_sasl_minssf (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1485 +#: sssd-ldap.5.xml:1523 msgid "" "When communicating with an LDAP server using SASL, specify the minimum " "security level necessary to establish the connection. The values of this " @@ -5832,17 +6055,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1491 +#: sssd-ldap.5.xml:1529 msgid "Default: Use the system default (usually specified by ldap.conf)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1498 +#: sssd-ldap.5.xml:1536 msgid "ldap_deref_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1501 +#: sssd-ldap.5.xml:1539 msgid "" "Specify the number of group members that must be missing from the internal " "cache in order to trigger a dereference lookup. If less members are missing, " @@ -5850,13 +6073,18 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1507 +#: sssd-ldap.5.xml:1545 msgid "" -"You can turn off dereference lookups completely by setting the value to 0." +"You can turn off dereference lookups completely by setting the value to 0. " +"Please note that there are some codepaths in SSSD, like the IPA HBAC " +"provider, that are only implemented using the dereference call, so even with " +"dereference explicitly disabled, those parts will still use dereference if " +"the server supports it and advertises the dereference control in the rootDSE " +"object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1511 +#: sssd-ldap.5.xml:1556 msgid "" "A dereference lookup is a means of fetching all group members in a single " "LDAP call. Different LDAP servers may implement different dereference " @@ -5865,7 +6093,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1519 +#: sssd-ldap.5.xml:1564 msgid "" "<emphasis>Note:</emphasis> If any of the search bases specifies a search " "filter, then the dereference lookup performance enhancement will be disabled " @@ -5873,26 +6101,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1532 +#: sssd-ldap.5.xml:1577 msgid "ldap_tls_reqcert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1535 +#: sssd-ldap.5.xml:1580 msgid "" "Specifies what checks to perform on server certificates in a TLS session, if " "any. It can be specified as one of the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1541 +#: sssd-ldap.5.xml:1586 msgid "" "<emphasis>never</emphasis> = The client will not request or check any server " "certificate." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1545 +#: sssd-ldap.5.xml:1590 msgid "" "<emphasis>allow</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -5900,7 +6128,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1552 +#: sssd-ldap.5.xml:1597 msgid "" "<emphasis>try</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -5908,7 +6136,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1558 +#: sssd-ldap.5.xml:1603 msgid "" "<emphasis>demand</emphasis> = The server certificate is requested. If no " "certificate is provided, or a bad certificate is provided, the session is " @@ -5916,41 +6144,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1564 +#: sssd-ldap.5.xml:1609 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1568 +#: sssd-ldap.5.xml:1613 msgid "Default: hard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1574 +#: sssd-ldap.5.xml:1619 msgid "ldap_tls_cacert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1577 +#: sssd-ldap.5.xml:1622 msgid "" "Specifies the file that contains certificates for all of the Certificate " "Authorities that <command>sssd</command> will recognize." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1582 sssd-ldap.5.xml:1600 sssd-ldap.5.xml:1641 +#: sssd-ldap.5.xml:1627 sssd-ldap.5.xml:1645 sssd-ldap.5.xml:1686 msgid "" "Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." "conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1589 +#: sssd-ldap.5.xml:1634 msgid "ldap_tls_cacertdir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1592 +#: sssd-ldap.5.xml:1637 msgid "" "Specifies the path of a directory that contains Certificate Authority " "certificates in separate individual files. Typically the file names need to " @@ -5959,32 +6187,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1607 +#: sssd-ldap.5.xml:1652 msgid "ldap_tls_cert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1610 +#: sssd-ldap.5.xml:1655 msgid "Specifies the file that contains the certificate for the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1620 +#: sssd-ldap.5.xml:1665 msgid "ldap_tls_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1623 +#: sssd-ldap.5.xml:1668 msgid "Specifies the file that contains the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1632 +#: sssd-ldap.5.xml:1677 msgid "ldap_tls_cipher_suite (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1635 +#: sssd-ldap.5.xml:1680 msgid "" "Specifies acceptable cipher suites. Typically this is a colon separated " "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " @@ -5992,24 +6220,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1648 +#: sssd-ldap.5.xml:1693 msgid "ldap_id_use_start_tls (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1651 +#: sssd-ldap.5.xml:1696 msgid "" "Specifies that the id_provider connection must also use <systemitem class=" "\"protocol\">tls</systemitem> to protect the channel." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1661 +#: sssd-ldap.5.xml:1706 msgid "ldap_id_mapping (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1664 +#: sssd-ldap.5.xml:1709 msgid "" "Specifies that SSSD should attempt to map user and group IDs from the " "ldap_user_objectsid and ldap_group_objectsid attributes instead of relying " @@ -6017,17 +6245,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1670 +#: sssd-ldap.5.xml:1715 msgid "Currently this feature supports only ActiveDirectory objectSID mapping." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1680 +#: sssd-ldap.5.xml:1725 msgid "ldap_min_id, ldap_max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1683 +#: sssd-ldap.5.xml:1728 msgid "" "In contrast to the SID based ID mapping which is used if ldap_id_mapping is " "set to true the allowed ID range for ldap_user_uid_number and " @@ -6038,29 +6266,40 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1695 +#: sssd-ldap.5.xml:1740 msgid "Default: not set (both options are set to 0)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1701 +#: sssd-ldap.5.xml:1746 msgid "ldap_sasl_mech (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1704 +#: sssd-ldap.5.xml:1749 msgid "" -"Specify the SASL mechanism to use. Currently only GSSAPI is tested and " -"supported." +"Specify the SASL mechanism to use. Currently only GSSAPI and GSS-SPNEGO are " +"tested and supported." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1753 +msgid "" +"If the backend supports sub-domains the value of ldap_sasl_mech is " +"automatically inherited to the sub-domains. If a different value is needed " +"for a sub-domain it can be overwritten by setting ldap_sasl_mech for this " +"sub-domain explicitly. Please see TRUSTED DOMAIN SECTION in " +"<citerefentry><refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" +"manvolnum></citerefentry> for details." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1714 +#: sssd-ldap.5.xml:1769 msgid "ldap_sasl_authid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ldap.5.xml:1725 +#: sssd-ldap.5.xml:1781 #, no-wrap msgid "" "hostname@REALM\n" @@ -6073,29 +6312,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1717 +#: sssd-ldap.5.xml:1772 msgid "" -"Specify the SASL authorization id to use. When GSSAPI is used, this " -"represents the Kerberos principal used for authentication to the directory. " -"This option can either contain the full principal (for example host/" -"myhost@EXAMPLE.COM) or just the principal name (for example host/myhost). By " -"default, the value is not set and the following principals are used: " -"<placeholder type=\"programlisting\" id=\"0\"/> If none of them are found, " -"the first principal in keytab is returned." +"Specify the SASL authorization id to use. When GSSAPI/GSS-SPNEGO are used, " +"this represents the Kerberos principal used for authentication to the " +"directory. This option can either contain the full principal (for example " +"host/myhost@EXAMPLE.COM) or just the principal name (for example host/" +"myhost). By default, the value is not set and the following principals are " +"used: <placeholder type=\"programlisting\" id=\"0\"/> If none of them are " +"found, the first principal in keytab is returned." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1736 +#: sssd-ldap.5.xml:1792 msgid "Default: host/hostname@REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1742 +#: sssd-ldap.5.xml:1798 msgid "ldap_sasl_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1745 +#: sssd-ldap.5.xml:1801 msgid "" "Specify the SASL realm to use. When not specified, this option defaults to " "the value of krb5_realm. If the ldap_sasl_authid contains the realm as " @@ -6103,77 +6342,78 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1751 +#: sssd-ldap.5.xml:1807 msgid "Default: the value of krb5_realm." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1757 +#: sssd-ldap.5.xml:1813 msgid "ldap_sasl_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1760 +#: sssd-ldap.5.xml:1816 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1765 +#: sssd-ldap.5.xml:1821 msgid "Default: false;" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1771 +#: sssd-ldap.5.xml:1827 msgid "ldap_krb5_keytab (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1774 -msgid "Specify the keytab to use when using SASL/GSSAPI." +#: sssd-ldap.5.xml:1830 +msgid "Specify the keytab to use when using SASL/GSSAPI/GSS-SPNEGO." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1777 +#: sssd-ldap.5.xml:1834 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1783 +#: sssd-ldap.5.xml:1840 msgid "ldap_krb5_init_creds (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1786 +#: sssd-ldap.5.xml:1843 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " -"GSSAPI." +"GSSAPI or GSS-SPNEGO." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1798 +#: sssd-ldap.5.xml:1855 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1801 -msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." +#: sssd-ldap.5.xml:1858 +msgid "" +"Specifies the lifetime in seconds of the TGT if GSSAPI or GSS-SPNEGO is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1805 sssd-ad.5.xml:959 +#: sssd-ldap.5.xml:1862 sssd-ad.5.xml:978 msgid "Default: 86400 (24 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1811 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:1868 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1814 +#: sssd-ldap.5.xml:1871 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of preference. " @@ -6185,7 +6425,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1826 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:1883 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -6193,7 +6433,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1831 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1888 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " @@ -6201,39 +6441,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1840 sssd-ipa.5.xml:443 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1897 sssd-ipa.5.xml:443 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1843 -msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." +#: sssd-ldap.5.xml:1900 +msgid "Specify the Kerberos REALM (for SASL/GSSAPI/GSS-SPNEGO auth)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1846 +#: sssd-ldap.5.xml:1904 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1852 sssd-krb5.5.xml:462 +#: sssd-ldap.5.xml:1910 sssd-krb5.5.xml:462 msgid "krb5_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1855 +#: sssd-ldap.5.xml:1913 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1867 sssd-krb5.5.xml:477 +#: sssd-ldap.5.xml:1925 sssd-krb5.5.xml:477 msgid "krb5_use_kdcinfo (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1870 sssd-krb5.5.xml:480 +#: sssd-ldap.5.xml:1928 sssd-krb5.5.xml:480 msgid "" "Specifies if the SSSD should instruct the Kerberos libraries what realm and " "which KDCs to use. This option is on by default, if you disable it, you need " @@ -6243,7 +6483,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1881 sssd-krb5.5.xml:491 +#: sssd-ldap.5.xml:1939 sssd-krb5.5.xml:491 msgid "" "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more " @@ -6251,26 +6491,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1895 +#: sssd-ldap.5.xml:1953 msgid "ldap_pwd_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1898 +#: sssd-ldap.5.xml:1956 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1903 +#: sssd-ldap.5.xml:1961 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1908 +#: sssd-ldap.5.xml:1966 msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " @@ -6278,7 +6518,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1914 +#: sssd-ldap.5.xml:1972 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " @@ -6286,31 +6526,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1923 +#: sssd-ldap.5.xml:1981 msgid "" "<emphasis>Note</emphasis>: if a password policy is configured on server " "side, it always takes precedence over policy set with this option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1931 +#: sssd-ldap.5.xml:1989 msgid "ldap_referrals (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1934 +#: sssd-ldap.5.xml:1992 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1938 +#: sssd-ldap.5.xml:1996 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1943 +#: sssd-ldap.5.xml:2001 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " @@ -6319,56 +6559,56 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1957 +#: sssd-ldap.5.xml:2015 msgid "ldap_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1960 +#: sssd-ldap.5.xml:2018 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1964 +#: sssd-ldap.5.xml:2022 msgid "Default: ldap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1970 +#: sssd-ldap.5.xml:2028 msgid "ldap_chpass_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1973 +#: sssd-ldap.5.xml:2031 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1978 +#: sssd-ldap.5.xml:2036 msgid "Default: not set, i.e. service discovery is disabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1984 +#: sssd-ldap.5.xml:2042 msgid "ldap_chpass_update_last_change (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1987 +#: sssd-ldap.5.xml:2045 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1999 +#: sssd-ldap.5.xml:2057 msgid "ldap_access_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2002 +#: sssd-ldap.5.xml:2060 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -6384,12 +6624,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2022 +#: sssd-ldap.5.xml:2080 msgid "Example:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:2025 +#: sssd-ldap.5.xml:2083 #, no-wrap msgid "" "access_provider = ldap\n" @@ -6398,14 +6638,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2029 +#: sssd-ldap.5.xml:2087 msgid "" "This example means that access to this host is restricted to users whose " "employeeType attribute is set to \"admin\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2034 +#: sssd-ldap.5.xml:2092 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -6414,24 +6654,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2042 sssd-ldap.5.xml:2099 +#: sssd-ldap.5.xml:2100 sssd-ldap.5.xml:2157 msgid "Default: Empty" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2048 +#: sssd-ldap.5.xml:2106 msgid "ldap_account_expire_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2051 +#: sssd-ldap.5.xml:2109 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2055 +#: sssd-ldap.5.xml:2113 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -6439,19 +6679,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2062 +#: sssd-ldap.5.xml:2120 msgid "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2065 +#: sssd-ldap.5.xml:2123 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2070 +#: sssd-ldap.5.xml:2128 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -6460,7 +6700,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2077 +#: sssd-ldap.5.xml:2135 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " @@ -6468,7 +6708,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2083 +#: sssd-ldap.5.xml:2141 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -6477,7 +6717,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2092 +#: sssd-ldap.5.xml:2150 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>expire</quote> in order for the " @@ -6485,22 +6725,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2105 +#: sssd-ldap.5.xml:2163 msgid "ldap_access_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2108 +#: sssd-ldap.5.xml:2166 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2112 +#: sssd-ldap.5.xml:2170 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2115 +#: sssd-ldap.5.xml:2173 msgid "" "<emphasis>lockout</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -6510,14 +6750,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2125 +#: sssd-ldap.5.xml:2183 msgid "" "<emphasis> Please note that this option is superseded by the <quote>ppolicy</" "quote> option and might be removed in a future release. </emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2132 +#: sssd-ldap.5.xml:2190 msgid "" "<emphasis>ppolicy</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -6530,12 +6770,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2149 +#: sssd-ldap.5.xml:2207 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2153 +#: sssd-ldap.5.xml:2211 msgid "" "<emphasis>pwd_expire_policy_reject, pwd_expire_policy_warn, " "pwd_expire_policy_renew: </emphasis> These options are useful if users are " @@ -6545,7 +6785,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2163 +#: sssd-ldap.5.xml:2221 msgid "" "The difference between these options is the action taken if user password is " "expired: pwd_expire_policy_reject - user is denied to log in, " @@ -6555,63 +6795,63 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2171 +#: sssd-ldap.5.xml:2229 msgid "" "Note If user password is expired no explicit message is prompted by SSSD." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2175 +#: sssd-ldap.5.xml:2233 msgid "" "Please note that 'access_provider = ldap' must be set for this feature to " "work. Also 'ldap_pwd_policy' must be set to an appropriate password policy." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2180 +#: sssd-ldap.5.xml:2238 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2185 +#: sssd-ldap.5.xml:2243 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2189 +#: sssd-ldap.5.xml:2247 msgid "" "<emphasis>rhost</emphasis>: use the rhost attribute to determine whether " "remote host can access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2193 +#: sssd-ldap.5.xml:2251 msgid "" "Please note, rhost field in pam is set by application, it is better to check " "what the application sends to pam, before enabling this access control option" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2198 +#: sssd-ldap.5.xml:2256 msgid "Default: filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2201 +#: sssd-ldap.5.xml:2259 msgid "" "Please note that it is a configuration error if a value is used more than " "once." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2208 +#: sssd-ldap.5.xml:2266 msgid "ldap_pwdlockout_dn (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2211 +#: sssd-ldap.5.xml:2269 msgid "" "This option specifies the DN of password policy entry on LDAP server. Please " "note that absence of this option in sssd.conf in case of enabled account " @@ -6620,74 +6860,74 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2219 +#: sssd-ldap.5.xml:2277 msgid "Example: cn=ppolicy,ou=policies,dc=example,dc=com" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2222 +#: sssd-ldap.5.xml:2280 msgid "Default: cn=ppolicy,ou=policies,$ldap_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2228 +#: sssd-ldap.5.xml:2286 msgid "ldap_deref (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2231 +#: sssd-ldap.5.xml:2289 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2236 +#: sssd-ldap.5.xml:2294 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2240 +#: sssd-ldap.5.xml:2298 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2245 +#: sssd-ldap.5.xml:2303 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2250 +#: sssd-ldap.5.xml:2308 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2255 +#: sssd-ldap.5.xml:2313 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2263 +#: sssd-ldap.5.xml:2321 msgid "ldap_rfc2307_fallback_to_local_users (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2266 +#: sssd-ldap.5.xml:2324 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2270 +#: sssd-ldap.5.xml:2328 msgid "" "In some environments where the RFC2307 schema is used, local users are made " "members of LDAP groups by adding their names to the memberUid attribute. " @@ -6698,7 +6938,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2281 +#: sssd-ldap.5.xml:2339 msgid "" "This option falls back to checking if local users are referenced, and caches " "them so that later initgroups() calls will augment the local users with the " @@ -6706,24 +6946,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2293 sssd-ifp.5.xml:136 +#: sssd-ldap.5.xml:2351 sssd-ifp.5.xml:136 msgid "wildcard_limit (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2296 +#: sssd-ldap.5.xml:2354 msgid "" "Specifies an upper limit on the number of entries that are downloaded during " "a wildcard lookup." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2300 +#: sssd-ldap.5.xml:2358 msgid "At the moment, only the InfoPipe responder supports wildcard lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2304 +#: sssd-ldap.5.xml:2362 msgid "Default: 1000 (often the size of one page)" msgstr "" @@ -6738,12 +6978,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2314 +#: sssd-ldap.5.xml:2372 msgid "SUDO OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2316 +#: sssd-ldap.5.xml:2374 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -6751,317 +6991,327 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2327 +#: sssd-ldap.5.xml:2385 msgid "ldap_sudorule_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2330 +#: sssd-ldap.5.xml:2388 msgid "The object class of a sudo rule entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2333 +#: sssd-ldap.5.xml:2391 msgid "Default: sudoRole" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2339 +#: sssd-ldap.5.xml:2397 msgid "ldap_sudorule_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2342 +#: sssd-ldap.5.xml:2400 msgid "The LDAP attribute that corresponds to the sudo rule name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2352 +#: sssd-ldap.5.xml:2410 msgid "ldap_sudorule_command (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2355 +#: sssd-ldap.5.xml:2413 msgid "The LDAP attribute that corresponds to the command name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2359 +#: sssd-ldap.5.xml:2417 msgid "Default: sudoCommand" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2365 +#: sssd-ldap.5.xml:2423 msgid "ldap_sudorule_host (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2368 +#: sssd-ldap.5.xml:2426 msgid "" "The LDAP attribute that corresponds to the host name (or host IP address, " "host IP network, or host netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2373 +#: sssd-ldap.5.xml:2431 msgid "Default: sudoHost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2379 +#: sssd-ldap.5.xml:2437 msgid "ldap_sudorule_user (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2382 +#: sssd-ldap.5.xml:2440 msgid "" "The LDAP attribute that corresponds to the user name (or UID, group name or " "user's netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2386 +#: sssd-ldap.5.xml:2444 msgid "Default: sudoUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2392 +#: sssd-ldap.5.xml:2450 msgid "ldap_sudorule_option (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2395 +#: sssd-ldap.5.xml:2453 msgid "The LDAP attribute that corresponds to the sudo options." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2399 +#: sssd-ldap.5.xml:2457 msgid "Default: sudoOption" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2405 +#: sssd-ldap.5.xml:2463 msgid "ldap_sudorule_runasuser (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2408 +#: sssd-ldap.5.xml:2466 msgid "" "The LDAP attribute that corresponds to the user name that commands may be " "run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2412 +#: sssd-ldap.5.xml:2470 msgid "Default: sudoRunAsUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2418 +#: sssd-ldap.5.xml:2476 msgid "ldap_sudorule_runasgroup (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2421 +#: sssd-ldap.5.xml:2479 msgid "" "The LDAP attribute that corresponds to the group name or group GID that " "commands may be run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2425 +#: sssd-ldap.5.xml:2483 msgid "Default: sudoRunAsGroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2431 +#: sssd-ldap.5.xml:2489 msgid "ldap_sudorule_notbefore (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2434 +#: sssd-ldap.5.xml:2492 msgid "" "The LDAP attribute that corresponds to the start date/time for when the sudo " "rule is valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2438 +#: sssd-ldap.5.xml:2496 msgid "Default: sudoNotBefore" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2444 +#: sssd-ldap.5.xml:2502 msgid "ldap_sudorule_notafter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2447 +#: sssd-ldap.5.xml:2505 msgid "" "The LDAP attribute that corresponds to the expiration date/time, after which " "the sudo rule will no longer be valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2452 +#: sssd-ldap.5.xml:2510 msgid "Default: sudoNotAfter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2458 +#: sssd-ldap.5.xml:2516 msgid "ldap_sudorule_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2461 +#: sssd-ldap.5.xml:2519 msgid "The LDAP attribute that corresponds to the ordering index of the rule." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2465 +#: sssd-ldap.5.xml:2523 msgid "Default: sudoOrder" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2471 +#: sssd-ldap.5.xml:2529 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2474 +#: sssd-ldap.5.xml:2532 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2479 +#: sssd-ldap.5.xml:2537 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </" "emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2484 +#: sssd-ldap.5.xml:2542 msgid "Default: 21600 (6 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2490 +#: sssd-ldap.5.xml:2548 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2493 +#: sssd-ldap.5.xml:2551 msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " -"rules (which downloads all rules that have USN higher than the highest USN " -"of cached rules)." +"rules (which downloads all rules that have USN higher than the highest " +"server USN value that is currently known by SSSD)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2499 +#: sssd-ldap.5.xml:2557 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:2561 +msgid "" +"<emphasis>Note:</emphasis> the highest USN value can be updated by three " +"tasks: 1) By sudo full and smart refresh (if updated rules are found), 2) by " +"enumeration of users and groups (if enabled and updated users or groups are " +"found) and 3) by reconnecting to the server (by default every 15 minutes, " +"see <emphasis>ldap_connection_expire_timeout</emphasis>)." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2509 +#: sssd-ldap.5.xml:2578 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2512 +#: sssd-ldap.5.xml:2581 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2523 +#: sssd-ldap.5.xml:2592 msgid "ldap_sudo_hostnames (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2526 +#: sssd-ldap.5.xml:2595 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2531 +#: sssd-ldap.5.xml:2600 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2536 sssd-ldap.5.xml:2559 sssd-ldap.5.xml:2577 -#: sssd-ldap.5.xml:2595 +#: sssd-ldap.5.xml:2605 sssd-ldap.5.xml:2628 sssd-ldap.5.xml:2646 +#: sssd-ldap.5.xml:2664 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</" "emphasis> then this option has no effect." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2541 sssd-ldap.5.xml:2564 +#: sssd-ldap.5.xml:2610 sssd-ldap.5.xml:2633 msgid "Default: not specified" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2547 +#: sssd-ldap.5.xml:2616 msgid "ldap_sudo_ip (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2550 +#: sssd-ldap.5.xml:2619 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2555 +#: sssd-ldap.5.xml:2624 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2570 +#: sssd-ldap.5.xml:2639 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2573 +#: sssd-ldap.5.xml:2642 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2588 +#: sssd-ldap.5.xml:2657 msgid "ldap_sudo_include_regexp (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2591 +#: sssd-ldap.5.xml:2660 msgid "" "If true then SSSD will download every rule that contains a wildcard in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><note><para> -#: sssd-ldap.5.xml:2601 +#: sssd-ldap.5.xml:2670 msgid "" "Using wildcard is an operation that is very costly to evaluate on the LDAP " "server side!" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2613 +#: sssd-ldap.5.xml:2682 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -7070,111 +7320,111 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2623 +#: sssd-ldap.5.xml:2692 msgid "AUTOFS OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2625 +#: sssd-ldap.5.xml:2694 msgid "" "Some of the defaults for the parameters below are dependent on the LDAP " "schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2631 +#: sssd-ldap.5.xml:2700 msgid "ldap_autofs_map_master_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2634 +#: sssd-ldap.5.xml:2703 msgid "The name of the automount master map in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2637 +#: sssd-ldap.5.xml:2706 msgid "Default: auto.master" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2644 +#: sssd-ldap.5.xml:2713 msgid "ldap_autofs_map_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2647 +#: sssd-ldap.5.xml:2716 msgid "The object class of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2650 +#: sssd-ldap.5.xml:2719 msgid "Default: nisMap (rfc2307, autofs_provider=ad), otherwise automountMap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2658 +#: sssd-ldap.5.xml:2727 msgid "ldap_autofs_map_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2661 +#: sssd-ldap.5.xml:2730 msgid "The name of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2664 +#: sssd-ldap.5.xml:2733 msgid "" "Default: nisMapName (rfc2307, autofs_provider=ad), otherwise automountMapName" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2672 +#: sssd-ldap.5.xml:2741 msgid "ldap_autofs_entry_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2675 +#: sssd-ldap.5.xml:2744 msgid "" "The object class of an automount entry in LDAP. The entry usually " "corresponds to a mount point." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2680 +#: sssd-ldap.5.xml:2749 msgid "Default: nisObject (rfc2307, autofs_provider=ad), otherwise automount" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2688 +#: sssd-ldap.5.xml:2757 msgid "ldap_autofs_entry_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2691 sssd-ldap.5.xml:2706 +#: sssd-ldap.5.xml:2760 sssd-ldap.5.xml:2775 msgid "" "The key of an automount entry in LDAP. The entry usually corresponds to a " "mount point." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2695 +#: sssd-ldap.5.xml:2764 msgid "Default: cn (rfc2307, autofs_provider=ad), otherwise automountKey" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2703 +#: sssd-ldap.5.xml:2772 msgid "ldap_autofs_entry_value (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2710 +#: sssd-ldap.5.xml:2779 msgid "" "Default: nisMapEntry (rfc2307, autofs_provider=ad), otherwise " "automountInformation" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2629 +#: sssd-ldap.5.xml:2698 msgid "" "<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" "\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " @@ -7183,32 +7433,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2721 +#: sssd-ldap.5.xml:2790 msgid "ADVANCED OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2728 +#: sssd-ldap.5.xml:2797 msgid "ldap_netgroup_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2733 +#: sssd-ldap.5.xml:2802 msgid "ldap_user_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2738 +#: sssd-ldap.5.xml:2807 msgid "ldap_group_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note> -#: sssd-ldap.5.xml:2743 +#: sssd-ldap.5.xml:2812 msgid "<note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note><para> -#: sssd-ldap.5.xml:2745 +#: sssd-ldap.5.xml:2814 msgid "" "If the option <quote>ldap_use_tokengroups</quote> is enabled, the searches " "against Active Directory will not be restricted and return all groups " @@ -7217,22 +7467,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist> -#: sssd-ldap.5.xml:2752 +#: sssd-ldap.5.xml:2821 msgid "</note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2754 +#: sssd-ldap.5.xml:2823 msgid "ldap_sudo_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2759 +#: sssd-ldap.5.xml:2828 msgid "ldap_autofs_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2723 +#: sssd-ldap.5.xml:2792 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -7241,14 +7491,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2774 sssd-simple.5.xml:131 sssd-ipa.5.xml:843 -#: sssd-ad.5.xml:1078 sssd-krb5.5.xml:570 sss_rpcidmapd.5.xml:98 +#: sssd-ldap.5.xml:2843 sssd-simple.5.xml:131 sssd-ipa.5.xml:843 +#: sssd-ad.5.xml:1097 sssd-krb5.5.xml:604 sss_rpcidmapd.5.xml:98 #: sssd-files.5.xml:130 sssd-session-recording.5.xml:144 msgid "EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2776 +#: sssd-ldap.5.xml:2845 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -7256,7 +7506,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2782 +#: sssd-ldap.5.xml:2851 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -7269,27 +7519,27 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:2781 sssd-ldap.5.xml:2799 sssd-simple.5.xml:139 -#: sssd-ipa.5.xml:851 sssd-ad.5.xml:1086 sssd-sudo.5.xml:56 sssd-krb5.5.xml:579 +#: sssd-ldap.5.xml:2850 sssd-ldap.5.xml:2868 sssd-simple.5.xml:139 +#: sssd-ipa.5.xml:851 sssd-ad.5.xml:1105 sssd-sudo.5.xml:56 sssd-krb5.5.xml:613 #: sssd-files.5.xml:137 sssd-files.5.xml:148 sssd-session-recording.5.xml:150 #: include/ldap_id_mapping.xml:105 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2793 +#: sssd-ldap.5.xml:2862 msgid "LDAP ACCESS FILTER EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2795 +#: sssd-ldap.5.xml:2864 msgid "" "The following example assumes that SSSD is correctly configured and to use " "the ldap_access_order=lockout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2800 +#: sssd-ldap.5.xml:2869 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -7305,13 +7555,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2815 sssd_krb5_locator_plugin.8.xml:81 sssd-simple.5.xml:148 -#: sssd-ad.5.xml:1101 sssd.8.xml:257 sss_seed.8.xml:163 +#: sssd-ldap.5.xml:2884 sssd_krb5_locator_plugin.8.xml:83 sssd-simple.5.xml:148 +#: sssd-ad.5.xml:1120 sssd.8.xml:257 sss_seed.8.xml:163 msgid "NOTES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2817 +#: sssd-ldap.5.xml:2886 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -7524,7 +7774,7 @@ msgstr "" msgid "" "Try to use certificate based authentication, i.e. authentication with a " "Smartcard or similar devices. If a Smartcard is available and the service is " -"allowed for Smartcard authentication the use will be prompted for a PIN and " +"allowed for Smartcard authentication the user will be prompted for a PIN and " "the certificate based authentication will continue" msgstr "" @@ -7571,13 +7821,22 @@ msgid "" "<option>password</option> and <option>session</option>) are provided." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para> +#: pam_sss.8.xml:259 +msgid "" +"If SSSD's PAM responder is not running, e.g. if the PAM responder socket is " +"not available, pam_sss will return PAM_USER_UNKNOWN when called as " +"<option>account</option> module to avoid issues with users from other " +"sources during access control." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><title> -#: pam_sss.8.xml:262 +#: pam_sss.8.xml:266 msgid "FILES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:263 +#: pam_sss.8.xml:267 msgid "" "If a password reset by root fails, because the corresponding SSSD provider " "does not support password resets, an individual message can be displayed. " @@ -7585,7 +7844,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:268 +#: pam_sss.8.xml:272 msgid "" "The message is read from the file <filename>pam_sss_pw_reset_message.LOC</" "filename> where LOC stands for a locale string returned by <citerefentry> " @@ -7597,7 +7856,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:278 +#: pam_sss.8.xml:282 msgid "" "These files are searched in the directory <filename>/etc/sssd/customize/" "DOMAIN_NAME/</filename>. If no matching file is present a generic message is " @@ -7647,34 +7906,44 @@ msgstr "" msgid "" "The plugin reads the information about the KDCs of a given realm from a file " "called <filename>kdcinfo.REALM</filename>. The file should contain one or " -"more IP addresses either in dotted-decimal IPv4 notation or the hexadecimal " -"IPv6 notation. An optional port number can be added to the end separated " -"with a colon, the IPv6 address has to be enclosed in squared brackets in " -"this case as usual. Valid entries are:" +"more DNS names or IP addresses either in dotted-decimal IPv4 notation or the " +"hexadecimal IPv6 notation. An optional port number can be added to the end " +"separated with a colon, the IPv6 address has to be enclosed in squared " +"brackets in this case as usual. Valid entries are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> #: sssd_krb5_locator_plugin.8.xml:58 -msgid "1.2.3.4" +msgid "kdc.example.com" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> #: sssd_krb5_locator_plugin.8.xml:59 -msgid "5.6.7.8:99" +msgid "kdc.example.com:321" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> #: sssd_krb5_locator_plugin.8.xml:60 -msgid "2001:db8:85a3::8a2e:370:7334" +msgid "1.2.3.4" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> #: sssd_krb5_locator_plugin.8.xml:61 +msgid "5.6.7.8:99" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd_krb5_locator_plugin.8.xml:62 +msgid "2001:db8:85a3::8a2e:370:7334" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd_krb5_locator_plugin.8.xml:63 msgid "[2001:db8:85a3::8a2e:370:7334]:321" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:63 +#: sssd_krb5_locator_plugin.8.xml:65 msgid "" "SSSD's krb5 auth-provider which is used by the IPA and AD providers as well " "adds the address of the current KDC or domain controller SSSD is using to " @@ -7682,7 +7951,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:68 +#: sssd_krb5_locator_plugin.8.xml:70 msgid "" "In environments with read-only and read-write KDCs where clients are " "expected to use the read-only instances for the general operations and only " @@ -7695,7 +7964,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:83 +#: sssd_krb5_locator_plugin.8.xml:85 msgid "" "Not all Kerberos implementations support the use of plugins. If " "<command>sssd_krb5_locator_plugin</command> is not available on your system " @@ -7703,20 +7972,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:89 +#: sssd_krb5_locator_plugin.8.xml:91 msgid "" "If the environment variable SSSD_KRB5_LOCATOR_DEBUG is set to any value " "debug messages will be sent to stderr." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:93 +#: sssd_krb5_locator_plugin.8.xml:95 msgid "" "If the environment variable SSSD_KRB5_LOCATOR_DISABLE is set to any value " "the plugin is disabled and will just return KRB5_PLUGIN_NO_HANDLE to the " "caller." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:100 +msgid "" +"If the environment variable SSSD_KRB5_LOCATOR_IGNORE_DNS_FAILURES is set to " +"any value plugin will try to resolve all DNS names in kdcinfo file. By " +"default plugin returns KRB5_PLUGIN_NO_HANDLE to the caller immediately on " +"first DNS resolving failure." +msgstr "" + #. type: Content of: <reference><refentry><refnamediv><refname> #: sssd-simple.5.xml:10 sssd-simple.5.xml:16 msgid "sssd-simple" @@ -8813,7 +9091,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:128 sssd-ad.5.xml:888 +#: sssd-ipa.5.xml:128 sssd-ad.5.xml:907 msgid "dyndns_update (boolean)" msgstr "" @@ -8828,7 +9106,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:140 sssd-ad.5.xml:902 +#: sssd-ipa.5.xml:140 sssd-ad.5.xml:921 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" @@ -8843,12 +9121,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:157 sssd-ad.5.xml:913 +#: sssd-ipa.5.xml:157 sssd-ad.5.xml:932 msgid "dyndns_ttl (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:160 sssd-ad.5.xml:916 +#: sssd-ipa.5.xml:160 sssd-ad.5.xml:935 msgid "" "The TTL to apply to the client DNS record when updating it. If " "dyndns_update is false this has no effect. This will override the TTL " @@ -8869,12 +9147,12 @@ msgid "Default: 1200 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:177 sssd-ad.5.xml:927 +#: sssd-ipa.5.xml:177 sssd-ad.5.xml:946 msgid "dyndns_iface (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:180 sssd-ad.5.xml:930 +#: sssd-ipa.5.xml:180 sssd-ad.5.xml:949 msgid "" "Optional. Applicable only when dyndns_update is true. Choose the interface " "or a list of interfaces whose IP addresses should be used for dynamic DNS " @@ -8898,17 +9176,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:197 sssd-ad.5.xml:941 +#: sssd-ipa.5.xml:197 sssd-ad.5.xml:960 msgid "Example: dyndns_iface = em1, vnet1, vnet2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:203 sssd-ad.5.xml:992 +#: sssd-ipa.5.xml:203 sssd-ad.5.xml:1011 msgid "dyndns_auth (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:206 sssd-ad.5.xml:995 +#: sssd-ipa.5.xml:206 sssd-ad.5.xml:1014 msgid "" "Whether the nsupdate utility should use GSS-TSIG authentication for secure " "updates with the DNS server, insecure updates can be sent by setting this " @@ -8916,7 +9194,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:212 sssd-ad.5.xml:1001 +#: sssd-ipa.5.xml:212 sssd-ad.5.xml:1020 msgid "Default: GSS-TSIG" msgstr "" @@ -8943,7 +9221,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:244 sssd-ad.5.xml:947 +#: sssd-ipa.5.xml:244 sssd-ad.5.xml:966 msgid "dyndns_refresh_interval (integer)" msgstr "" @@ -8956,12 +9234,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:260 sssd-ad.5.xml:965 +#: sssd-ipa.5.xml:260 sssd-ad.5.xml:984 msgid "dyndns_update_ptr (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:263 sssd-ad.5.xml:968 +#: sssd-ipa.5.xml:263 sssd-ad.5.xml:987 msgid "" "Whether the PTR record should also be explicitly updated when updating the " "client's DNS records. Applicable only when dyndns_update is true." @@ -8980,60 +9258,60 @@ msgid "Default: False (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:280 sssd-ad.5.xml:979 +#: sssd-ipa.5.xml:280 sssd-ad.5.xml:998 msgid "dyndns_force_tcp (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:283 sssd-ad.5.xml:982 +#: sssd-ipa.5.xml:283 sssd-ad.5.xml:1001 msgid "" "Whether the nsupdate utility should default to using TCP for communicating " "with the DNS server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:287 sssd-ad.5.xml:986 +#: sssd-ipa.5.xml:287 sssd-ad.5.xml:1005 msgid "Default: False (let nsupdate choose the protocol)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:293 sssd-ad.5.xml:1007 +#: sssd-ipa.5.xml:293 sssd-ad.5.xml:1026 msgid "dyndns_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:296 sssd-ad.5.xml:1010 +#: sssd-ipa.5.xml:296 sssd-ad.5.xml:1029 msgid "" "The DNS server to use when performing a DNS update. In most setups, it's " "recommended to leave this option unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:301 sssd-ad.5.xml:1015 +#: sssd-ipa.5.xml:301 sssd-ad.5.xml:1034 msgid "" "Setting this option makes sense for environments where the DNS server is " "different from the identity server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:306 sssd-ad.5.xml:1020 +#: sssd-ipa.5.xml:306 sssd-ad.5.xml:1039 msgid "" "Please note that this option will be only used in fallback attempt when " "previous attempt using autodetected settings failed." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:311 sssd-ad.5.xml:1025 +#: sssd-ipa.5.xml:311 sssd-ad.5.xml:1044 msgid "Default: None (let nsupdate choose the server)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:317 sssd-ad.5.xml:1031 +#: sssd-ipa.5.xml:317 sssd-ad.5.xml:1050 msgid "dyndns_update_per_family (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:320 sssd-ad.5.xml:1034 +#: sssd-ipa.5.xml:320 sssd-ad.5.xml:1053 msgid "" "DNS update is by default performed in two steps - IPv4 update and then IPv6 " "update. In some cases it might be desirable to perform IPv4 and IPv6 update " @@ -9147,26 +9425,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:458 sssd-ad.5.xml:1049 +#: sssd-ipa.5.xml:458 sssd-ad.5.xml:1068 msgid "krb5_confd_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:461 sssd-ad.5.xml:1052 +#: sssd-ipa.5.xml:461 sssd-ad.5.xml:1071 msgid "" "Absolute path of a directory where SSSD should place Kerberos configuration " "snippets." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:465 sssd-ad.5.xml:1056 +#: sssd-ipa.5.xml:465 sssd-ad.5.xml:1075 msgid "" "To disable the creation of the configuration snippets set the parameter to " "'none'." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:469 sssd-ad.5.xml:1060 +#: sssd-ipa.5.xml:469 sssd-ad.5.xml:1079 msgid "" "Default: not set (krb5.include.d subdirectory of SSSD's pubconf directory)" msgstr "" @@ -9185,7 +9463,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:486 sssd-ipa.5.xml:516 sssd-ipa.5.xml:532 sssd-ad.5.xml:452 +#: sssd-ipa.5.xml:486 sssd-ipa.5.xml:516 sssd-ipa.5.xml:532 sssd-ad.5.xml:471 msgid "Default: 5 (seconds)" msgstr "" @@ -10061,12 +10339,27 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:442 +#: sssd-ad.5.xml:441 +msgid "ad_gpo_ignore_unreadable (boolean)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:444 +msgid "" +"Normally when some group policy containers (AD object) of applicable group " +"policy objects are not readable by SSSD then users are denied access. This " +"option allows to ignore group policy containers and with them associated " +"policies if their attributes in group policy containers are not readable for " +"SSSD." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:461 msgid "ad_gpo_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:445 +#: sssd-ad.5.xml:464 msgid "" "The amount of time between lookups of GPO policy files against the AD " "server. This will reduce the latency and load on the AD server if there are " @@ -10074,12 +10367,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:458 +#: sssd-ad.5.xml:477 msgid "ad_gpo_map_interactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:461 +#: sssd-ad.5.xml:480 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the InteractiveLogonRight and " @@ -10087,14 +10380,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:467 +#: sssd-ad.5.xml:486 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on locally\" and \"Deny log on locally\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:481 +#: sssd-ad.5.xml:500 #, no-wrap msgid "" "ad_gpo_map_interactive = +my_pam_service, -login\n" @@ -10102,7 +10395,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:472 +#: sssd-ad.5.xml:491 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -10114,42 +10407,42 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:504 +#: sssd-ad.5.xml:523 msgid "gdm-fingerprint" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:524 +#: sssd-ad.5.xml:543 msgid "lightdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:529 +#: sssd-ad.5.xml:548 msgid "lxdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:534 +#: sssd-ad.5.xml:553 msgid "sddm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:539 +#: sssd-ad.5.xml:558 msgid "unity" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:544 +#: sssd-ad.5.xml:563 msgid "xdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:553 +#: sssd-ad.5.xml:572 msgid "ad_gpo_map_remote_interactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:556 +#: sssd-ad.5.xml:575 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the RemoteInteractiveLogonRight and " @@ -10157,7 +10450,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:562 +#: sssd-ad.5.xml:581 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on through Remote Desktop Services\" and \"Deny log on through Remote " @@ -10165,7 +10458,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:577 +#: sssd-ad.5.xml:596 #, no-wrap msgid "" "ad_gpo_map_remote_interactive = +my_pam_service, -sshd\n" @@ -10173,7 +10466,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:568 +#: sssd-ad.5.xml:587 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -10185,22 +10478,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:585 +#: sssd-ad.5.xml:604 msgid "sshd" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:590 +#: sssd-ad.5.xml:609 msgid "cockpit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:599 +#: sssd-ad.5.xml:618 msgid "ad_gpo_map_network (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:602 +#: sssd-ad.5.xml:621 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the NetworkLogonRight and " @@ -10208,7 +10501,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:608 +#: sssd-ad.5.xml:627 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Access " "this computer from the network\" and \"Deny access to this computer from the " @@ -10216,7 +10509,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:623 +#: sssd-ad.5.xml:642 #, no-wrap msgid "" "ad_gpo_map_network = +my_pam_service, -ftp\n" @@ -10224,7 +10517,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:614 +#: sssd-ad.5.xml:633 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -10236,22 +10529,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:631 +#: sssd-ad.5.xml:650 msgid "ftp" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:636 +#: sssd-ad.5.xml:655 msgid "samba" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:645 +#: sssd-ad.5.xml:664 msgid "ad_gpo_map_batch (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:648 +#: sssd-ad.5.xml:667 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the BatchLogonRight and DenyBatchLogonRight " @@ -10259,14 +10552,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:654 +#: sssd-ad.5.xml:673 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a batch job\" and \"Deny log on as a batch job\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:668 +#: sssd-ad.5.xml:687 #, no-wrap msgid "" "ad_gpo_map_batch = +my_pam_service, -crond\n" @@ -10274,7 +10567,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:659 +#: sssd-ad.5.xml:678 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -10286,23 +10579,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:671 +#: sssd-ad.5.xml:690 msgid "" "Note: Cron service name may differ depending on Linux distribution used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:677 +#: sssd-ad.5.xml:696 msgid "crond" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:686 +#: sssd-ad.5.xml:705 msgid "ad_gpo_map_service (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:689 +#: sssd-ad.5.xml:708 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the ServiceLogonRight and " @@ -10310,14 +10603,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:695 +#: sssd-ad.5.xml:714 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a service\" and \"Deny log on as a service\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:708 +#: sssd-ad.5.xml:727 #, no-wrap msgid "" "ad_gpo_map_service = +my_pam_service\n" @@ -10325,7 +10618,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:700 sssd-ad.5.xml:775 +#: sssd-ad.5.xml:719 sssd-ad.5.xml:794 msgid "" "It is possible to add a PAM service name to the default set by using <quote>" "+service_name</quote>. Since the default set is empty, it is not possible " @@ -10336,19 +10629,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:718 +#: sssd-ad.5.xml:737 msgid "ad_gpo_map_permit (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:721 +#: sssd-ad.5.xml:740 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always granted, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:735 +#: sssd-ad.5.xml:754 #, no-wrap msgid "" "ad_gpo_map_permit = +my_pam_service, -sudo\n" @@ -10356,7 +10649,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:726 +#: sssd-ad.5.xml:745 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -10368,29 +10661,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:743 +#: sssd-ad.5.xml:762 msgid "polkit-1" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:758 +#: sssd-ad.5.xml:777 msgid "systemd-user" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:767 +#: sssd-ad.5.xml:786 msgid "ad_gpo_map_deny (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:770 +#: sssd-ad.5.xml:789 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always denied, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:783 +#: sssd-ad.5.xml:802 #, no-wrap msgid "" "ad_gpo_map_deny = +my_pam_service\n" @@ -10398,12 +10691,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:793 +#: sssd-ad.5.xml:812 msgid "ad_gpo_default_right (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:796 +#: sssd-ad.5.xml:815 msgid "" "This option defines how access control is evaluated for PAM service names " "that are not explicitly listed in one of the ad_gpo_map_* options. This " @@ -10416,57 +10709,57 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:809 +#: sssd-ad.5.xml:828 msgid "Supported values for this option include:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:813 +#: sssd-ad.5.xml:832 msgid "interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:818 +#: sssd-ad.5.xml:837 msgid "remote_interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:823 +#: sssd-ad.5.xml:842 msgid "network" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:828 +#: sssd-ad.5.xml:847 msgid "batch" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:833 +#: sssd-ad.5.xml:852 msgid "service" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:838 +#: sssd-ad.5.xml:857 msgid "permit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:843 +#: sssd-ad.5.xml:862 msgid "deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:849 +#: sssd-ad.5.xml:868 msgid "Default: deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:855 +#: sssd-ad.5.xml:874 msgid "ad_maximum_machine_account_password_age (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:858 +#: sssd-ad.5.xml:877 msgid "" "SSSD will check once a day if the machine account password is older than the " "given age in days and try to renew it. A value of 0 will disable the renewal " @@ -10474,17 +10767,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:864 +#: sssd-ad.5.xml:883 msgid "Default: 30 days" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:870 +#: sssd-ad.5.xml:889 msgid "ad_machine_account_password_renewal_opts (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:873 +#: sssd-ad.5.xml:892 msgid "" "This option should only be used to test the machine account renewal task. " "The option expects 2 integers separated by a colon (':'). The first integer " @@ -10494,12 +10787,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:882 +#: sssd-ad.5.xml:901 msgid "Default: 86400:750 (24h and 15m)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:891 +#: sssd-ad.5.xml:910 msgid "" "Optional. This option tells SSSD to automatically update the Active " "Directory DNS server with the IP address of this client. The update is " @@ -10510,19 +10803,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:921 +#: sssd-ad.5.xml:940 msgid "Default: 3600 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:937 +#: sssd-ad.5.xml:956 msgid "" "Default: Use the IP addresses of the interface which is used for AD LDAP " "connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:950 +#: sssd-ad.5.xml:969 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -10532,12 +10825,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:973 sss_rpcidmapd.5.xml:76 +#: sssd-ad.5.xml:992 sss_rpcidmapd.5.xml:76 msgid "Default: True" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1080 +#: sssd-ad.5.xml:1099 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -10545,7 +10838,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1087 +#: sssd-ad.5.xml:1106 #, no-wrap msgid "" "[domain/EXAMPLE]\n" @@ -10560,7 +10853,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1107 +#: sssd-ad.5.xml:1126 #, no-wrap msgid "" "access_provider = ldap\n" @@ -10569,7 +10862,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1103 +#: sssd-ad.5.xml:1122 msgid "" "The AD access control provider checks if the account is expired. It has the " "same effect as the following configuration of the LDAP provider: " @@ -10577,7 +10870,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1113 +#: sssd-ad.5.xml:1132 msgid "" "However, unless the <quote>ad</quote> access control provider is explicitly " "configured, the default access provider is <quote>permit</quote>. Please " @@ -10587,7 +10880,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1121 +#: sssd-ad.5.xml:1140 msgid "" "When the autofs provider is set to <quote>ad</quote>, the RFC2307 schema " "attribute mapping (nisMap, nisObject, ...) is used, because these attributes " @@ -10973,14 +11266,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd.8.xml:169 -#, fuzzy -#| msgid "" -#| "<option>-a</option>,<option>--append-group</option> <replaceable>GROUPS</" -#| "replaceable>" msgid "<option>-g</option>,<option>--genconf</option>" msgstr "" -"<option>-a</option>,<option>--append-group</option> <replaceable>GROEPEN</" -"replaceable>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.8.xml:173 @@ -10991,14 +11278,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd.8.xml:181 -#, fuzzy -#| msgid "" -#| "<option>-a</option>,<option>--append-group</option> <replaceable>GROUPS</" -#| "replaceable>" msgid "<option>-s</option>,<option>--genconf-section</option>" msgstr "" -"<option>-a</option>,<option>--append-group</option> <replaceable>GROEPEN</" -"replaceable>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.8.xml:185 @@ -12083,23 +12364,61 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-krb5.5.xml:505 -msgid "krb5_use_enterprise_principal (boolean)" +msgid "krb5_kdcinfo_lookahead (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:508 msgid "" +"When krb5_use_kdcinfo is set to true, you can limit the amount of servers " +"handed to <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" +"refentrytitle> <manvolnum>8</manvolnum> </citerefentry>. This might be " +"helpful when there are too many servers discovered using SRV record." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:518 +msgid "" +"The krb5_kdcinfo_lookahead option contains two numbers seperated by a colon. " +"The first number represents number of primary servers used and the second " +"number specifies the number of backup servers." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:524 +msgid "" +"For example <emphasis>10:0</emphasis> means that up to 10 primary servers " +"will be handed to <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" +"refentrytitle> <manvolnum>8</manvolnum> </citerefentry>. but no backup " +"servers." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:533 +#, fuzzy +#| msgid "Default: 3" +msgid "Default: 3:1" +msgstr "Standaard: 3" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-krb5.5.xml:539 +msgid "krb5_use_enterprise_principal (boolean)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:542 +msgid "" "Specifies if the user principal should be treated as enterprise principal. " "See section 5 of RFC 6806 for more details about enterprise principals." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:514 +#: sssd-krb5.5.xml:548 msgid "Default: false (AD provider: true)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:517 +#: sssd-krb5.5.xml:551 msgid "" "The IPA provider will set to option to 'true' if it detects that the server " "is capable of handling enterprise principals and the option is not set " @@ -12107,12 +12426,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:526 +#: sssd-krb5.5.xml:560 msgid "krb5_map_user (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:529 +#: sssd-krb5.5.xml:563 msgid "" "The list of mappings is given as a comma-separated list of pairs " "<quote>username:primary</quote> where <quote>username</quote> is a UNIX user " @@ -12122,7 +12441,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-krb5.5.xml:541 +#: sssd-krb5.5.xml:575 #, no-wrap msgid "" "krb5_realm = REALM\n" @@ -12130,7 +12449,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:546 +#: sssd-krb5.5.xml:580 msgid "" "<quote>joe</quote> and <quote>dick</quote> are UNIX user names and " "<quote>juser</quote> and <quote>richard</quote> are primaries of kerberos " @@ -12150,7 +12469,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:572 +#: sssd-krb5.5.xml:606 msgid "" "The following example assumes that SSSD is correctly configured and FOO is " "one of the domains in the <replaceable>[sssd]</replaceable> section. This " @@ -12159,7 +12478,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-krb5.5.xml:580 +#: sssd-krb5.5.xml:614 #, no-wrap msgid "" "[domain/FOO]\n" @@ -13332,14 +13651,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_ssh_knownhostsproxy.1.xml:89 -#, fuzzy -#| msgid "" -#| "<option>-a</option>,<option>--append-group</option> <replaceable>GROUPS</" -#| "replaceable>" msgid "<option>-k</option>,<option>--pubkey</option>" msgstr "" -"<option>-a</option>,<option>--append-group</option> <replaceable>GROEPEN</" -"replaceable>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_ssh_knownhostsproxy.1.xml:93 @@ -16105,10 +16418,8 @@ msgstr "" #. type: Content of: <refsect1><refsect2><title> #: include/ad_modified_defaults.xml:80 -#, fuzzy -#| msgid "NSS configuration options" msgid "NSS configuration" -msgstr "NSS configuratie-opties" +msgstr "" #. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> #: include/ad_modified_defaults.xml:84 @@ -16227,10 +16538,3 @@ msgstr "" #: include/ipa_modified_defaults.xml:118 msgid "ldap_group_external_member = ipaExternalMember" msgstr "" - -#~ msgid "" -#~ "PLEASE NOTE ALSO: older version of libpcre only support the Python syntax " -#~ "(?P<name>) to label subpatterns." -#~ msgstr "" -#~ "MER OOK OP: oudere versies van libpcre ondersteunen alleen de Pyton " -#~ "syntaxis (?P<name>) om subpatronen aan te geven." diff --git a/src/man/po/pt.po b/src/man/po/pt.po index 7533b44f28c..f4c4e07868f 100644 --- a/src/man/po/pt.po +++ b/src/man/po/pt.po @@ -6,9 +6,9 @@ # Miguel Sousa <migueljorgesousa@sapo.pt>, 2011 msgid "" msgstr "" -"Project-Id-Version: sssd-docs 1.16.2\n" +"Project-Id-Version: sssd-docs 2.0.99\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2019-02-27 19:54+0100\n" +"POT-Creation-Date: 2019-06-13 20:34+0200\n" "PO-Revision-Date: 2014-12-15 12:05+0000\n" "Last-Translator: Copied by Zanata <copied-by-zanata@zanata.org>\n" "Language-Team: Portuguese (http://www.transifex.com/projects/p/sssd/language/" @@ -313,11 +313,11 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:133 sssd.conf.5.xml:579 sssd.conf.5.xml:875 -#: sssd.conf.5.xml:1648 sssd.conf.5.xml:1678 sssd-ldap.5.xml:1792 -#: sssd-ldap.5.xml:1889 sssd-ldap.5.xml:1951 sssd-ldap.5.xml:2517 -#: sssd-ldap.5.xml:2582 sssd-ipa.5.xml:326 sssd-ad.5.xml:227 sssd-ad.5.xml:341 -#: sssd-ad.5.xml:907 sssd-ad.5.xml:1040 sssd-krb5.5.xml:499 +#: sssd.conf.5.xml:133 sssd.conf.5.xml:579 sssd.conf.5.xml:876 +#: sssd.conf.5.xml:1649 sssd.conf.5.xml:1679 sssd-ldap.5.xml:1849 +#: sssd-ldap.5.xml:1947 sssd-ldap.5.xml:2009 sssd-ldap.5.xml:2586 +#: sssd-ldap.5.xml:2651 sssd-ipa.5.xml:326 sssd-ad.5.xml:227 sssd-ad.5.xml:341 +#: sssd-ad.5.xml:926 sssd-ad.5.xml:1059 sssd-krb5.5.xml:499 #: sssd-secrets.5.xml:351 sssd-secrets.5.xml:364 msgid "Default: true" msgstr "" @@ -336,16 +336,16 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:146 sssd.conf.5.xml:576 sssd.conf.5.xml:758 -#: sssd.conf.5.xml:1581 sssd.conf.5.xml:3140 sssd-ldap.5.xml:708 -#: sssd-ldap.5.xml:1655 sssd-ldap.5.xml:1674 sssd-ldap.5.xml:1861 -#: sssd-ldap.5.xml:2287 sssd-ldap.5.xml:2606 sssd-ipa.5.xml:151 +#: sssd.conf.5.xml:1582 sssd.conf.5.xml:3207 sssd-ldap.5.xml:746 +#: sssd-ldap.5.xml:1700 sssd-ldap.5.xml:1719 sssd-ldap.5.xml:1919 +#: sssd-ldap.5.xml:2345 sssd-ldap.5.xml:2675 sssd-ipa.5.xml:151 #: sssd-ipa.5.xml:238 sssd-ipa.5.xml:574 sssd-krb5.5.xml:266 #: sssd-krb5.5.xml:300 sssd-krb5.5.xml:471 msgid "Default: false" msgstr "Padrão: false" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:2325 +#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:2383 #: sssd-systemtap.5.xml:82 sssd-systemtap.5.xml:143 sssd-systemtap.5.xml:210 #: sssd-systemtap.5.xml:248 sssd-systemtap.5.xml:304 msgid "<placeholder type=\"variablelist\" id=\"0\"/>" @@ -370,8 +370,8 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:169 sssd.conf.5.xml:1412 sssd.conf.5.xml:3156 -#: sssd-ldap.5.xml:1526 include/ldap_id_mapping.xml:264 +#: sssd.conf.5.xml:169 sssd.conf.5.xml:1413 sssd.conf.5.xml:3223 +#: sssd-ldap.5.xml:1571 include/ldap_id_mapping.xml:264 msgid "Default: 10" msgstr "Padrão: 10" @@ -386,7 +386,7 @@ msgid "The [sssd] section" msgstr "A seção [SSSD]" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:191 sssd.conf.5.xml:3245 +#: sssd.conf.5.xml:191 sssd.conf.5.xml:3312 msgid "Section parameters" msgstr "Parâmetros de secção" @@ -470,7 +470,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:259 sssd.conf.5.xml:2754 +#: sssd.conf.5.xml:259 sssd.conf.5.xml:2755 msgid "re_expression (string)" msgstr "re_expression (string)" @@ -490,12 +490,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:276 sssd.conf.5.xml:2802 +#: sssd.conf.5.xml:276 sssd.conf.5.xml:2803 msgid "full_name_format (string)" msgstr "full_name_format (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:279 sssd.conf.5.xml:2805 +#: sssd.conf.5.xml:279 sssd.conf.5.xml:2806 msgid "" "A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" "manvolnum> </citerefentry>-compatible format that describes how to compose a " @@ -503,39 +503,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:290 sssd.conf.5.xml:2816 +#: sssd.conf.5.xml:290 sssd.conf.5.xml:2817 msgid "%1$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:291 sssd.conf.5.xml:2817 +#: sssd.conf.5.xml:291 sssd.conf.5.xml:2818 msgid "user name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:294 sssd.conf.5.xml:2820 +#: sssd.conf.5.xml:294 sssd.conf.5.xml:2821 msgid "%2$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:297 sssd.conf.5.xml:2823 +#: sssd.conf.5.xml:297 sssd.conf.5.xml:2824 msgid "domain name as specified in the SSSD config file." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:303 sssd.conf.5.xml:2829 +#: sssd.conf.5.xml:303 sssd.conf.5.xml:2830 msgid "%3$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:306 sssd.conf.5.xml:2832 +#: sssd.conf.5.xml:306 sssd.conf.5.xml:2833 msgid "" "domain flat name. Mostly usable for Active Directory domains, both directly " "configured or discovered via IPA trusts." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:287 sssd.conf.5.xml:2813 +#: sssd.conf.5.xml:287 sssd.conf.5.xml:2814 msgid "" "The following expansions are supported: <placeholder type=\"variablelist\" " "id=\"0\"/>" @@ -659,10 +659,10 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:418 sssd.conf.5.xml:1201 sssd-ldap.5.xml:679 -#: sssd-ldap.5.xml:1260 sssd-ldap.5.xml:1614 sssd-ldap.5.xml:1626 -#: sssd-ldap.5.xml:1708 sssd-ad.5.xml:712 sssd-ad.5.xml:787 sssd.8.xml:126 -#: sssd-krb5.5.xml:410 sssd-krb5.5.xml:556 sssd-secrets.5.xml:339 +#: sssd.conf.5.xml:418 sssd.conf.5.xml:1202 sssd-ldap.5.xml:717 +#: sssd-ldap.5.xml:1298 sssd-ldap.5.xml:1659 sssd-ldap.5.xml:1671 +#: sssd-ldap.5.xml:1763 sssd-ad.5.xml:731 sssd-ad.5.xml:806 sssd.8.xml:126 +#: sssd-krb5.5.xml:410 sssd-krb5.5.xml:590 sssd-secrets.5.xml:339 #: sssd-secrets.5.xml:377 sssd-secrets.5.xml:390 sssd-secrets.5.xml:404 #: sssd-secrets.5.xml:415 include/ldap_id_mapping.xml:205 #: include/ldap_id_mapping.xml:216 @@ -805,12 +805,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:533 sssd.conf.5.xml:1397 sssd.conf.5.xml:1703 +#: sssd.conf.5.xml:533 sssd.conf.5.xml:1398 sssd.conf.5.xml:1704 msgid "This man page was generated for the NSS version." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:536 sssd.conf.5.xml:1400 sssd.conf.5.xml:1706 +#: sssd.conf.5.xml:536 sssd.conf.5.xml:1401 sssd.conf.5.xml:1707 msgid "This man page was generated for the OpenSSL version." msgstr "" @@ -894,7 +894,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:624 sssd.conf.5.xml:1424 sssd.conf.5.xml:3206 +#: sssd.conf.5.xml:624 sssd.conf.5.xml:1425 sssd.conf.5.xml:3273 #: sssd-ad.5.xml:164 sssd-ad.5.xml:302 sssd-ad.5.xml:316 msgid "Default: Not set" msgstr "" @@ -970,8 +970,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:692 sssd.conf.5.xml:724 sssd.conf.5.xml:1006 -#: sssd.conf.5.xml:1267 sssd.conf.5.xml:1513 sssd-ldap.5.xml:1353 +#: sssd.conf.5.xml:692 sssd.conf.5.xml:724 sssd.conf.5.xml:1007 +#: sssd.conf.5.xml:1268 sssd.conf.5.xml:1514 sssd-ldap.5.xml:1391 msgid "Default: 60" msgstr "Padrão: 60" @@ -1031,8 +1031,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:746 sssd.conf.5.xml:1019 sssd.conf.5.xml:1773 -#: sssd-ldap.5.xml:722 +#: sssd.conf.5.xml:746 sssd.conf.5.xml:1020 sssd.conf.5.xml:1774 +#: sssd-ldap.5.xml:760 msgid "Default: 300" msgstr "Padrão: 300" @@ -1109,7 +1109,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:812 sssd.conf.5.xml:1602 +#: sssd.conf.5.xml:812 sssd.conf.5.xml:1603 msgid "Default: 50" msgstr "Padrão: 50" @@ -1127,7 +1127,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:826 sssd.conf.5.xml:1626 +#: sssd.conf.5.xml:826 sssd.conf.5.xml:1627 msgid "Default: 15" msgstr "" @@ -1160,11 +1160,11 @@ msgid "" "Exclude certain users or groups from being fetched from the sss NSS " "database. This is particularly useful for system accounts. This option can " "also be set per-domain or include fully-qualified names to filter only users " -"from the particular domain." +"from the particular domain or by a user principal name (UPN)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:855 +#: sssd.conf.5.xml:856 msgid "" "NOTE: The filter_groups option doesn't affect inheritance of nested group " "members, since filtering happens after they are propagated for returning via " @@ -1173,41 +1173,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:863 +#: sssd.conf.5.xml:864 msgid "Default: root" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:868 +#: sssd.conf.5.xml:869 msgid "filter_users_in_groups (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:871 +#: sssd.conf.5.xml:872 msgid "" "If you want filtered user still be group members set this option to false." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:882 +#: sssd.conf.5.xml:883 msgid "fallback_homedir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:885 +#: sssd.conf.5.xml:886 msgid "" "Set a default template for a user's home directory if one is not specified " "explicitly by the domain's data provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:890 +#: sssd.conf.5.xml:891 msgid "" "The available values for this option are the same as for override_homedir." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:896 +#: sssd.conf.5.xml:897 #, no-wrap msgid "" "fallback_homedir = /home/%u\n" @@ -1215,23 +1215,23 @@ msgid "" msgstr "" #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:894 sssd.conf.5.xml:1334 sssd.conf.5.xml:1353 -#: sssd-krb5.5.xml:539 include/override_homedir.xml:59 +#: sssd.conf.5.xml:895 sssd.conf.5.xml:1335 sssd.conf.5.xml:1354 +#: sssd-krb5.5.xml:573 include/override_homedir.xml:59 msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:900 +#: sssd.conf.5.xml:901 msgid "Default: not set (no substitution for unset home directories)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:906 +#: sssd.conf.5.xml:907 msgid "override_shell (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:909 +#: sssd.conf.5.xml:910 msgid "" "Override the login shell for all users. This option supersedes any other " "shell options if it takes effect and can be set either in the [nss] section " @@ -1239,47 +1239,47 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:915 +#: sssd.conf.5.xml:916 msgid "Default: not set (SSSD will use the value retrieved from LDAP)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:921 +#: sssd.conf.5.xml:922 msgid "allowed_shells (string)" msgstr "allowed_shells (string)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:924 +#: sssd.conf.5.xml:925 msgid "" "Restrict user shell to one of the listed values. The order of evaluation is:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:927 +#: sssd.conf.5.xml:928 msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:931 +#: sssd.conf.5.xml:932 msgid "" "2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</" "quote>, use the value of the shell_fallback parameter." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:936 +#: sssd.conf.5.xml:937 msgid "" "3. If the shell is not in the allowed_shells list and not in <quote>/etc/" "shells</quote>, a nologin shell is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:941 +#: sssd.conf.5.xml:942 msgid "The wildcard (*) can be used to allow any shell." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:944 +#: sssd.conf.5.xml:945 msgid "" "The (*) is useful if you want to use shell_fallback in case that user's " "shell is not in <quote>/etc/shells</quote> and maintaining list of all " @@ -1287,112 +1287,112 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:951 +#: sssd.conf.5.xml:952 msgid "An empty string for shell is passed as-is to libc." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:954 +#: sssd.conf.5.xml:955 msgid "" "The <quote>/etc/shells</quote> is only read on SSSD start up, which means " "that a restart of the SSSD is required in case a new shell is installed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:958 +#: sssd.conf.5.xml:959 msgid "Default: Not set. The user shell is automatically used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:963 +#: sssd.conf.5.xml:964 msgid "vetoed_shells (string)" msgstr "vetoed_shells (string)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:966 +#: sssd.conf.5.xml:967 msgid "Replace any instance of these shells with the shell_fallback" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:971 +#: sssd.conf.5.xml:972 msgid "shell_fallback (string)" msgstr "shell_fallback (string)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:974 +#: sssd.conf.5.xml:975 msgid "" "The default shell to use if an allowed shell is not installed on the machine." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:978 +#: sssd.conf.5.xml:979 msgid "Default: /bin/sh" msgstr "Padrão: /bin/sh" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:983 +#: sssd.conf.5.xml:984 msgid "default_shell" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:986 +#: sssd.conf.5.xml:987 msgid "" "The default shell to use if the provider does not return one during lookup. " "This option can be specified globally in the [nss] section or per-domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:992 +#: sssd.conf.5.xml:993 msgid "" "Default: not set (Return NULL if no shell is specified and rely on libc to " "substitute something sensible when necessary, usually /bin/sh)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:999 sssd.conf.5.xml:1260 +#: sssd.conf.5.xml:1000 sssd.conf.5.xml:1261 msgid "get_domains_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1002 sssd.conf.5.xml:1263 +#: sssd.conf.5.xml:1003 sssd.conf.5.xml:1264 msgid "" "Specifies time in seconds for which the list of subdomains will be " "considered valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1011 +#: sssd.conf.5.xml:1012 msgid "memcache_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1014 +#: sssd.conf.5.xml:1015 msgid "" "Specifies time in seconds for which records in the in-memory cache will be " "valid. Setting this option to zero will disable the in-memory cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1022 +#: sssd.conf.5.xml:1023 msgid "" "WARNING: Disabling the in-memory cache will have significant negative impact " "on SSSD's performance and should only be used for testing." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1028 +#: sssd.conf.5.xml:1029 msgid "" "NOTE: If the environment variable SSS_NSS_USE_MEMCACHE is set to \"NO\", " "client applications will not use the fast in-memory cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1036 sssd-ifp.5.xml:74 +#: sssd.conf.5.xml:1037 sssd-ifp.5.xml:74 msgid "user_attributes (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1039 +#: sssd.conf.5.xml:1040 msgid "" "Some of the additional NSS responder requests can return more attributes " "than just the POSIX ones defined by the NSS interface. The list of " @@ -1403,96 +1403,96 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1052 +#: sssd.conf.5.xml:1053 msgid "" "To make configuration more easy the NSS responder will check the InfoPipe " "option if it is not set for the NSS responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1057 +#: sssd.conf.5.xml:1058 msgid "Default: not set, fallback to InfoPipe option" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1062 +#: sssd.conf.5.xml:1063 msgid "pwfield (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1065 +#: sssd.conf.5.xml:1066 msgid "" "The value that NSS operations that return users or groups will return for " "the <quote>password</quote> field." msgstr "" #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:1070 include/override_homedir.xml:56 +#: sssd.conf.5.xml:1071 include/override_homedir.xml:56 msgid "This option can also be set per-domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1073 +#: sssd.conf.5.xml:1074 msgid "" "Default: <quote>*</quote> (remote domains) or <quote>x</quote> (the files " "domain)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1081 +#: sssd.conf.5.xml:1082 msgid "PAM configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1083 +#: sssd.conf.5.xml:1084 msgid "" "These options can be used to configure the Pluggable Authentication Module " "(PAM) service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1088 +#: sssd.conf.5.xml:1089 msgid "offline_credentials_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1091 +#: sssd.conf.5.xml:1092 msgid "" "If the authentication provider is offline, how long should we allow cached " "logins (in days since the last successful online login)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1096 sssd.conf.5.xml:1109 +#: sssd.conf.5.xml:1097 sssd.conf.5.xml:1110 msgid "Default: 0 (No limit)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1102 +#: sssd.conf.5.xml:1103 msgid "offline_failed_login_attempts (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1105 +#: sssd.conf.5.xml:1106 msgid "" "If the authentication provider is offline, how many failed login attempts " "are allowed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1115 +#: sssd.conf.5.xml:1116 msgid "offline_failed_login_delay (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1118 +#: sssd.conf.5.xml:1119 msgid "" "The time in minutes which has to pass after offline_failed_login_attempts " "has been reached before a new login attempt is possible." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1123 +#: sssd.conf.5.xml:1124 msgid "" "If set to 0 the user cannot authenticate offline if " "offline_failed_login_attempts has been reached. Only a successful online " @@ -1500,59 +1500,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1129 sssd.conf.5.xml:1227 +#: sssd.conf.5.xml:1130 sssd.conf.5.xml:1228 msgid "Default: 5" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1135 +#: sssd.conf.5.xml:1136 msgid "pam_verbosity (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1138 +#: sssd.conf.5.xml:1139 msgid "" "Controls what kind of messages are shown to the user during authentication. " "The higher the number to more messages are displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1143 +#: sssd.conf.5.xml:1144 msgid "Currently sssd supports the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1146 +#: sssd.conf.5.xml:1147 msgid "<emphasis>0</emphasis>: do not show any message" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1149 +#: sssd.conf.5.xml:1150 msgid "<emphasis>1</emphasis>: show only important messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1153 +#: sssd.conf.5.xml:1154 msgid "<emphasis>2</emphasis>: show informational messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1156 +#: sssd.conf.5.xml:1157 msgid "<emphasis>3</emphasis>: show all messages and debug information" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1160 sssd.8.xml:63 +#: sssd.conf.5.xml:1161 sssd.8.xml:63 msgid "Default: 1" msgstr "Padrão: 1" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1166 +#: sssd.conf.5.xml:1167 msgid "pam_response_filter (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1169 +#: sssd.conf.5.xml:1170 msgid "" "A comma separated list of strings which allows to remove (filter) data sent " "by the PAM responder to pam_sss PAM module. There are different kind of " @@ -1561,61 +1561,61 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1177 +#: sssd.conf.5.xml:1178 msgid "" "While messages already can be controlled with the help of the pam_verbosity " "option this option allows to filter out other kind of responses as well." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1184 +#: sssd.conf.5.xml:1185 msgid "ENV" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1185 +#: sssd.conf.5.xml:1186 msgid "Do not send any environment variables to any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1188 +#: sssd.conf.5.xml:1189 msgid "ENV:var_name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1189 +#: sssd.conf.5.xml:1190 msgid "Do not send environment variable var_name to any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1193 +#: sssd.conf.5.xml:1194 msgid "ENV:var_name:service" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1194 +#: sssd.conf.5.xml:1195 msgid "Do not send environment variable var_name to service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1182 +#: sssd.conf.5.xml:1183 msgid "" "Currently the following filters are supported: <placeholder type=" "\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1204 +#: sssd.conf.5.xml:1205 msgid "Example: ENV:KRB5CCNAME:sudo-i" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1210 +#: sssd.conf.5.xml:1211 msgid "pam_id_timeout (integer)" msgstr "pam_id_timeout (integer)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1213 +#: sssd.conf.5.xml:1214 msgid "" "For any PAM request while SSSD is online, the SSSD will attempt to " "immediately update the cached identity information for the user in order to " @@ -1623,7 +1623,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1219 +#: sssd.conf.5.xml:1220 msgid "" "A complete PAM conversation may perform multiple PAM requests, such as " "account management and session opening. This option controls (on a per-" @@ -1632,17 +1632,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1233 +#: sssd.conf.5.xml:1234 msgid "pam_pwd_expiration_warning (integer)" msgstr "pam_pwd_expiration_warning (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1236 sssd.conf.5.xml:2235 +#: sssd.conf.5.xml:1237 sssd.conf.5.xml:2236 msgid "Display a warning N days before the password expires." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1239 +#: sssd.conf.5.xml:1240 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -1650,31 +1650,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1245 sssd.conf.5.xml:2238 +#: sssd.conf.5.xml:1246 sssd.conf.5.xml:2239 msgid "" "If zero is set, then this filter is not applied, i.e. if the expiration " "warning was received from backend server, it will automatically be displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1250 +#: sssd.conf.5.xml:1251 msgid "" "This setting can be overridden by setting <emphasis>pwd_expiration_warning</" "emphasis> for a particular domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1255 sssd.conf.5.xml:3061 sssd.8.xml:79 +#: sssd.conf.5.xml:1256 sssd.conf.5.xml:3069 sssd.8.xml:79 msgid "Default: 0" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1272 +#: sssd.conf.5.xml:1273 msgid "pam_trusted_users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1275 +#: sssd.conf.5.xml:1276 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to run PAM conversations against trusted domains. Users not " @@ -1684,75 +1684,75 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1285 +#: sssd.conf.5.xml:1286 msgid "Default: All users are considered trusted by default" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1289 +#: sssd.conf.5.xml:1290 msgid "" "Please note that UID 0 is always allowed to access the PAM responder even in " "case it is not in the pam_trusted_users list." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1296 +#: sssd.conf.5.xml:1297 msgid "pam_public_domains (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1299 +#: sssd.conf.5.xml:1300 msgid "" "Specifies the comma-separated list of domain names that are accessible even " "to untrusted users." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1303 +#: sssd.conf.5.xml:1304 msgid "Two special values for pam_public_domains option are defined:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1307 +#: sssd.conf.5.xml:1308 msgid "" "all (Untrusted users are allowed to access all domains in PAM responder.)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1311 +#: sssd.conf.5.xml:1312 msgid "" "none (Untrusted users are not allowed to access any domains PAM in " "responder.)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1315 sssd.conf.5.xml:1340 sssd.conf.5.xml:1359 -#: sssd.conf.5.xml:1546 sssd.conf.5.xml:2032 sssd.conf.5.xml:2997 -#: sssd-ldap.5.xml:1920 +#: sssd.conf.5.xml:1316 sssd.conf.5.xml:1341 sssd.conf.5.xml:1360 +#: sssd.conf.5.xml:1547 sssd.conf.5.xml:2033 sssd.conf.5.xml:2998 +#: sssd-ldap.5.xml:1978 msgid "Default: none" msgstr "Padrão: none" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1320 +#: sssd.conf.5.xml:1321 msgid "pam_account_expired_message (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1323 +#: sssd.conf.5.xml:1324 msgid "" "Allows a custom expiration message to be set, replacing the default " "'Permission denied' message." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1328 +#: sssd.conf.5.xml:1329 msgid "" "Note: Please be aware that message is only printed for the SSH service " "unless pam_verbosity is set to 3 (show all messages and debug information)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1336 +#: sssd.conf.5.xml:1337 #, no-wrap msgid "" "pam_account_expired_message = Account expired, please contact help desk.\n" @@ -1760,19 +1760,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1345 +#: sssd.conf.5.xml:1346 msgid "pam_account_locked_message (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1348 +#: sssd.conf.5.xml:1349 msgid "" "Allows a custom lockout message to be set, replacing the default 'Permission " "denied' message." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1355 +#: sssd.conf.5.xml:1356 #, no-wrap msgid "" "pam_account_locked_message = Account locked, please contact help desk.\n" @@ -1780,12 +1780,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1364 +#: sssd.conf.5.xml:1365 msgid "pam_cert_auth (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1367 +#: sssd.conf.5.xml:1368 msgid "" "Enable certificate based Smartcard authentication. Since this requires " "additional communication with the Smartcard which will delay the " @@ -1793,79 +1793,77 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1373 sssd.conf.5.xml:3090 sssd-ldap.5.xml:1455 -#: sssd-ldap.5.xml:1476 sssd-ldap.5.xml:1993 sssd-ad.5.xml:435 +#: sssd.conf.5.xml:1374 sssd-ldap.5.xml:1493 sssd-ldap.5.xml:1514 +#: sssd-ldap.5.xml:2051 sssd-ad.5.xml:435 sssd-ad.5.xml:453 #: include/ldap_id_mapping.xml:244 msgid "Default: False" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1378 +#: sssd.conf.5.xml:1379 msgid "pam_cert_db_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1381 +#: sssd.conf.5.xml:1382 msgid "" "The path to the certificate database which contain the PKCS#11 modules to " "access the Smartcard." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1385 sssd.conf.5.xml:1691 sssd.conf.5.xml:3441 +#: sssd.conf.5.xml:1386 sssd.conf.5.xml:1692 sssd.conf.5.xml:3509 msgid "Default:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1387 sssd.conf.5.xml:1693 +#: sssd.conf.5.xml:1388 sssd.conf.5.xml:1694 msgid "/etc/pki/nssdb (NSS version, path to a NSS database)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1390 sssd.conf.5.xml:1696 +#: sssd.conf.5.xml:1391 sssd.conf.5.xml:1697 msgid "" "/etc/sssd/pki/sssd_auth_ca_db.pem (OpenSSL version, path to a file with " "trusted CA certificates in PEM format)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1405 +#: sssd.conf.5.xml:1406 msgid "p11_child_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1408 +#: sssd.conf.5.xml:1409 msgid "How many seconds will pam_sss wait for p11_child to finish." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1417 +#: sssd.conf.5.xml:1418 msgid "pam_app_services (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1420 +#: sssd.conf.5.xml:1421 msgid "" "Which PAM services are permitted to contact domains of type " "<quote>application</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1429 -#, fuzzy -#| msgid "ldap_page_size (integer)" +#: sssd.conf.5.xml:1430 msgid "pam_p11_allowed_services (integer)" -msgstr "ldap_page_size (integer)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1432 +#: sssd.conf.5.xml:1433 msgid "" "A comma-separated list of PAM service names for which it will be allowed to " "use Smartcards." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1447 +#: sssd.conf.5.xml:1448 #, no-wrap msgid "" "pam_p11_allowed_services = +my_pam_service, -login\n" @@ -1873,7 +1871,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1436 +#: sssd.conf.5.xml:1437 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -1885,65 +1883,63 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1451 sssd-ad.5.xml:485 sssd-ad.5.xml:581 sssd-ad.5.xml:627 -#: sssd-ad.5.xml:673 sssd-ad.5.xml:739 +#: sssd.conf.5.xml:1452 sssd-ad.5.xml:504 sssd-ad.5.xml:600 sssd-ad.5.xml:646 +#: sssd-ad.5.xml:692 sssd-ad.5.xml:758 msgid "Default: the default set of PAM service names includes:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1456 sssd-ad.5.xml:489 +#: sssd.conf.5.xml:1457 sssd-ad.5.xml:508 msgid "login" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1461 sssd-ad.5.xml:494 +#: sssd.conf.5.xml:1462 sssd-ad.5.xml:513 msgid "su" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1466 sssd-ad.5.xml:499 +#: sssd.conf.5.xml:1467 sssd-ad.5.xml:518 msgid "su-l" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1471 sssd-ad.5.xml:514 +#: sssd.conf.5.xml:1472 sssd-ad.5.xml:533 msgid "gdm-smartcard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1476 sssd-ad.5.xml:509 +#: sssd.conf.5.xml:1477 sssd-ad.5.xml:528 msgid "gdm-password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1481 sssd-ad.5.xml:519 +#: sssd.conf.5.xml:1482 sssd-ad.5.xml:538 msgid "kdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1486 sssd-ad.5.xml:748 +#: sssd.conf.5.xml:1487 sssd-ad.5.xml:767 msgid "sudo" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1491 sssd-ad.5.xml:753 +#: sssd.conf.5.xml:1492 sssd-ad.5.xml:772 msgid "sudo-i" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1496 +#: sssd.conf.5.xml:1497 msgid "gnome-screensaver" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1504 -#, fuzzy -#| msgid "pam_id_timeout (integer)" +#: sssd.conf.5.xml:1505 msgid "p11_wait_for_card_timeout (integer)" -msgstr "pam_id_timeout (integer)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1507 +#: sssd.conf.5.xml:1508 msgid "" "If Smartcard authentication is required how many extra seconds in addition " "to p11_child_timeout should the PAM responder wait until a Smartcard is " @@ -1951,25 +1947,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1518 -#, fuzzy -#| msgid "ldap_deref (string)" +#: sssd.conf.5.xml:1519 msgid "p11_uri (string)" -msgstr "ldap_deref (string)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1521 +#: sssd.conf.5.xml:1522 msgid "" "PKCS#11 URI (see RFC-7512 for details) which can be used to restrict the " "selection of devices used for Smartcard authentication. By default SSSD's " "p11_child will search for a PKCS#11 slot (reader) where the 'removable' " "flags is set and read the certificates from the inserted token from the " -"first slot found. If multiple readers are connected p11_uri can be use to " +"first slot found. If multiple readers are connected p11_uri can be used to " "tell p11_child to use a specific reader." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1534 +#: sssd.conf.5.xml:1535 #, no-wrap msgid "" "p11_uri = slot-description=My%20Smartcar%20Reader\n" @@ -1977,7 +1971,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1538 +#: sssd.conf.5.xml:1539 #, no-wrap msgid "" "p11_uri = library-description=OpenSC%20smartcard%20framework;slot-id=2\n" @@ -1985,7 +1979,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1532 +#: sssd.conf.5.xml:1533 msgid "" "Example: <placeholder type=\"programlisting\" id=\"0\"/> or <placeholder " "type=\"programlisting\" id=\"1\"/> To find suitable URI please check the " @@ -1994,12 +1988,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1554 +#: sssd.conf.5.xml:1555 msgid "SUDO configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1556 +#: sssd.conf.5.xml:1557 msgid "" "These options can be used to configure the sudo service. The detailed " "instructions for configuration of <citerefentry> <refentrytitle>sudo</" @@ -2010,24 +2004,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1573 +#: sssd.conf.5.xml:1574 msgid "sudo_timed (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1576 +#: sssd.conf.5.xml:1577 msgid "" "Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " "that implement time-dependent sudoers entries." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1588 +#: sssd.conf.5.xml:1589 msgid "sudo_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1591 +#: sssd.conf.5.xml:1592 msgid "" "Maximum number of expired rules that can be refreshed at once. If number of " "expired rules is below threshold, those rules are refreshed with " @@ -2037,22 +2031,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1610 +#: sssd.conf.5.xml:1611 msgid "AUTOFS configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1612 +#: sssd.conf.5.xml:1613 msgid "These options can be used to configure the autofs service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1616 +#: sssd.conf.5.xml:1617 msgid "autofs_negative_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1619 +#: sssd.conf.5.xml:1620 msgid "" "Specifies for how many seconds should the autofs responder negative cache " "hits (that is, queries for invalid map entries, like nonexistent ones) " @@ -2060,51 +2054,51 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1635 +#: sssd.conf.5.xml:1636 msgid "SSH configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1637 +#: sssd.conf.5.xml:1638 msgid "These options can be used to configure the SSH service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1641 +#: sssd.conf.5.xml:1642 msgid "ssh_hash_known_hosts (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1644 +#: sssd.conf.5.xml:1645 msgid "" "Whether or not to hash host names and addresses in the managed known_hosts " "file." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1653 +#: sssd.conf.5.xml:1654 msgid "ssh_known_hosts_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1656 +#: sssd.conf.5.xml:1657 msgid "" "How many seconds to keep a host in the managed known_hosts file after its " "host keys were requested." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1660 +#: sssd.conf.5.xml:1661 msgid "Default: 180" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1665 +#: sssd.conf.5.xml:1666 msgid "ssh_use_certificate_keys (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1668 +#: sssd.conf.5.xml:1669 msgid "" "If set to true the <command>sss_ssh_authorizedkeys</command> will return ssh " "keys derived from the public key of X.509 certificates stored in the user " @@ -2113,24 +2107,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1683 +#: sssd.conf.5.xml:1684 msgid "ca_db (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1686 +#: sssd.conf.5.xml:1687 msgid "" "Path to a storage of trusted CA certificates. The option is used to validate " "user certificates before deriving public ssh keys from them." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1714 +#: sssd.conf.5.xml:1715 msgid "PAC responder configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1716 +#: sssd.conf.5.xml:1717 msgid "" "The PAC responder works together with the authorization data plugin for MIT " "Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the " @@ -2141,7 +2135,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1725 +#: sssd.conf.5.xml:1726 msgid "" "If the remote user does not exist in the cache, it is created. The UID is " "determined with the help of the SID, trusted domains will have UPGs and the " @@ -2152,24 +2146,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1733 +#: sssd.conf.5.xml:1734 msgid "" "If there are SIDs of groups from domains sssd knows about, the user will be " "added to those groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1739 +#: sssd.conf.5.xml:1740 msgid "These options can be used to configure the PAC responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1743 sssd-ifp.5.xml:50 +#: sssd.conf.5.xml:1744 sssd-ifp.5.xml:50 msgid "allowed_uids (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1746 +#: sssd.conf.5.xml:1747 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to access the PAC responder. User names are resolved to UIDs at " @@ -2177,12 +2171,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1752 +#: sssd.conf.5.xml:1753 msgid "Default: 0 (only the root user is allowed to access the PAC responder)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1756 +#: sssd.conf.5.xml:1757 msgid "" "Please note that although the UID 0 is used as the default it will be " "overwritten with this option. If you still want to allow the root user to " @@ -2191,24 +2185,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1765 +#: sssd.conf.5.xml:1766 msgid "pac_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1768 +#: sssd.conf.5.xml:1769 msgid "" "Lifetime of the PAC entry in seconds. As long as the PAC is valid the PAC " "data can be used to determine the group memberships of a user." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1781 +#: sssd.conf.5.xml:1782 msgid "Session recording configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1783 +#: sssd.conf.5.xml:1784 msgid "" "Session recording works in conjunction with <citerefentry> " "<refentrytitle>tlog-rec-session</refentrytitle> <manvolnum>8</manvolnum> </" @@ -2218,66 +2212,66 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1796 +#: sssd.conf.5.xml:1797 msgid "These options can be used to configure session recording." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1800 sssd-session-recording.5.xml:64 +#: sssd.conf.5.xml:1801 sssd-session-recording.5.xml:64 msgid "scope (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1807 sssd-session-recording.5.xml:71 +#: sssd.conf.5.xml:1808 sssd-session-recording.5.xml:71 msgid "\"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1810 sssd-session-recording.5.xml:74 +#: sssd.conf.5.xml:1811 sssd-session-recording.5.xml:74 msgid "No users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1815 sssd-session-recording.5.xml:79 +#: sssd.conf.5.xml:1816 sssd-session-recording.5.xml:79 msgid "\"some\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1818 sssd-session-recording.5.xml:82 +#: sssd.conf.5.xml:1819 sssd-session-recording.5.xml:82 msgid "" "Users/groups specified by <replaceable>users</replaceable> and " "<replaceable>groups</replaceable> options are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1827 sssd-session-recording.5.xml:91 +#: sssd.conf.5.xml:1828 sssd-session-recording.5.xml:91 msgid "\"all\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1830 sssd-session-recording.5.xml:94 +#: sssd.conf.5.xml:1831 sssd-session-recording.5.xml:94 msgid "All users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1803 sssd-session-recording.5.xml:67 +#: sssd.conf.5.xml:1804 sssd-session-recording.5.xml:67 msgid "" "One of the following strings specifying the scope of session recording: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1837 sssd-session-recording.5.xml:101 +#: sssd.conf.5.xml:1838 sssd-session-recording.5.xml:101 msgid "Default: \"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1842 sssd-session-recording.5.xml:106 +#: sssd.conf.5.xml:1843 sssd-session-recording.5.xml:106 msgid "users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1845 sssd-session-recording.5.xml:109 +#: sssd.conf.5.xml:1846 sssd-session-recording.5.xml:109 msgid "" "A comma-separated list of users which should have session recording enabled. " "Matches user names as returned by NSS. I.e. after the possible space " @@ -2285,17 +2279,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1851 sssd-session-recording.5.xml:115 +#: sssd.conf.5.xml:1852 sssd-session-recording.5.xml:115 msgid "Default: Empty. Matches no users." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1856 sssd-session-recording.5.xml:120 +#: sssd.conf.5.xml:1857 sssd-session-recording.5.xml:120 msgid "groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1859 sssd-session-recording.5.xml:123 +#: sssd.conf.5.xml:1860 sssd-session-recording.5.xml:123 msgid "" "A comma-separated list of groups, members of which should have session " "recording enabled. Matches group names as returned by NSS. I.e. after the " @@ -2303,7 +2297,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1865 sssd-session-recording.5.xml:129 +#: sssd.conf.5.xml:1866 sssd-session-recording.5.xml:129 msgid "" "NOTE: using this option (having it set to anything) has a considerable " "performance cost, because each uncached request for a user requires " @@ -2311,22 +2305,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1872 sssd-session-recording.5.xml:136 +#: sssd.conf.5.xml:1873 sssd-session-recording.5.xml:136 msgid "Default: Empty. Matches no groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1882 +#: sssd.conf.5.xml:1883 msgid "DOMAIN SECTIONS" msgstr "SECÇÕES DE DOMÍNIO" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1889 +#: sssd.conf.5.xml:1890 msgid "domain_type (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1892 +#: sssd.conf.5.xml:1893 msgid "" "Specifies whether the domain is meant to be used by POSIX-aware clients such " "as the Name Service Switch or by applications that do not need POSIX data to " @@ -2335,14 +2329,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1900 +#: sssd.conf.5.xml:1901 msgid "" "Allowed values for this option are <quote>posix</quote> and " "<quote>application</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1904 +#: sssd.conf.5.xml:1905 msgid "" "POSIX domains are reachable by all services. Application domains are only " "reachable from the InfoPipe responder (see <citerefentry> " @@ -2351,38 +2345,38 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1912 +#: sssd.conf.5.xml:1913 msgid "" "NOTE: The application domains are currently well tested with " "<quote>id_provider=ldap</quote> only." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1916 +#: sssd.conf.5.xml:1917 msgid "" "For an easy way to configure a non-POSIX domains, please see the " "<quote>Application domains</quote> section." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1920 +#: sssd.conf.5.xml:1921 msgid "Default: posix" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1926 +#: sssd.conf.5.xml:1927 msgid "min_id,max_id (integer)" msgstr "min_id,max_id (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1929 +#: sssd.conf.5.xml:1930 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1934 +#: sssd.conf.5.xml:1935 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For non-" @@ -2391,24 +2385,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1941 +#: sssd.conf.5.xml:1942 msgid "" "These ID limits affect even saving entries to cache, not only returning them " "by name or ID." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1945 +#: sssd.conf.5.xml:1946 msgid "Default: 1 for min_id, 0 (no limit) for max_id" msgstr "Padrão: 1 para min_id, 0 (sem limite) para max_id" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1951 +#: sssd.conf.5.xml:1952 msgid "enumerate (bool)" msgstr "enumerate (bool)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1954 +#: sssd.conf.5.xml:1955 msgid "" "Determines if a domain can be enumerated, that is, whether the domain can " "list all the users and group it contains. Note that it is not required to " @@ -2417,29 +2411,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1962 +#: sssd.conf.5.xml:1963 msgid "TRUE = Users and groups are enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1965 +#: sssd.conf.5.xml:1966 msgid "FALSE = No enumerations for this domain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1968 sssd.conf.5.xml:2190 sssd.conf.5.xml:2365 +#: sssd.conf.5.xml:1969 sssd.conf.5.xml:2191 sssd.conf.5.xml:2366 msgid "Default: FALSE" msgstr "Padrão: FALSE" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1971 +#: sssd.conf.5.xml:1972 msgid "" "Enumerating a domain requires SSSD to download and store ALL user and group " "entries from the remote server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1976 +#: sssd.conf.5.xml:1977 msgid "" "Note: Enabling enumeration has a moderate performance impact on SSSD while " "enumeration is running. It may take up to several minutes after SSSD startup " @@ -2453,14 +2447,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1991 +#: sssd.conf.5.xml:1992 msgid "" "While the first enumeration is running, requests for the complete user or " "group lists may return no results until it completes." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1996 +#: sssd.conf.5.xml:1997 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " @@ -2469,39 +2463,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2004 +#: sssd.conf.5.xml:2005 msgid "" "For the reasons cited above, enabling enumeration is not recommended, " "especially in large environments." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2012 +#: sssd.conf.5.xml:2013 msgid "subdomain_enumerate (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2019 +#: sssd.conf.5.xml:2020 msgid "all" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2020 +#: sssd.conf.5.xml:2021 msgid "All discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2023 +#: sssd.conf.5.xml:2024 msgid "none" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2024 +#: sssd.conf.5.xml:2025 msgid "No discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2015 +#: sssd.conf.5.xml:2016 msgid "" "Whether any of autodetected trusted domains should be enumerated. The " "supported values are: <placeholder type=\"variablelist\" id=\"0\"/> " @@ -2510,19 +2504,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2038 +#: sssd.conf.5.xml:2039 msgid "entry_cache_timeout (integer)" msgstr "entry_cache_timeout (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2041 +#: sssd.conf.5.xml:2042 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2045 +#: sssd.conf.5.xml:2046 msgid "" "The cache expiration timestamps are stored as attributes of individual " "objects in the cache. Therefore, changing the cache timeout only has effect " @@ -2533,151 +2527,151 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2058 +#: sssd.conf.5.xml:2059 msgid "Default: 5400" msgstr "Padrão: 5400" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2064 +#: sssd.conf.5.xml:2065 msgid "entry_cache_user_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2067 +#: sssd.conf.5.xml:2068 msgid "" "How many seconds should nss_sss consider user entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2071 sssd.conf.5.xml:2084 sssd.conf.5.xml:2097 -#: sssd.conf.5.xml:2110 sssd.conf.5.xml:2123 sssd.conf.5.xml:2137 -#: sssd.conf.5.xml:2151 +#: sssd.conf.5.xml:2072 sssd.conf.5.xml:2085 sssd.conf.5.xml:2098 +#: sssd.conf.5.xml:2111 sssd.conf.5.xml:2124 sssd.conf.5.xml:2138 +#: sssd.conf.5.xml:2152 msgid "Default: entry_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2077 +#: sssd.conf.5.xml:2078 msgid "entry_cache_group_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2080 +#: sssd.conf.5.xml:2081 msgid "" "How many seconds should nss_sss consider group entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2090 +#: sssd.conf.5.xml:2091 msgid "entry_cache_netgroup_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2093 +#: sssd.conf.5.xml:2094 msgid "" "How many seconds should nss_sss consider netgroup entries valid before " "asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2103 +#: sssd.conf.5.xml:2104 msgid "entry_cache_service_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2106 +#: sssd.conf.5.xml:2107 msgid "" "How many seconds should nss_sss consider service entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2116 +#: sssd.conf.5.xml:2117 msgid "entry_cache_sudo_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2119 +#: sssd.conf.5.xml:2120 msgid "" "How many seconds should sudo consider rules valid before asking the backend " "again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2129 +#: sssd.conf.5.xml:2130 msgid "entry_cache_autofs_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2132 +#: sssd.conf.5.xml:2133 msgid "" "How many seconds should the autofs service consider automounter maps valid " "before asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2143 +#: sssd.conf.5.xml:2144 msgid "entry_cache_ssh_host_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2146 +#: sssd.conf.5.xml:2147 msgid "" "How many seconds to keep a host ssh key after refresh. IE how long to cache " "the host key for." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2157 +#: sssd.conf.5.xml:2158 msgid "refresh_expired_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2160 +#: sssd.conf.5.xml:2161 msgid "" "Specifies how many seconds SSSD has to wait before triggering a background " "refresh task which will refresh all expired or nearly expired records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2165 +#: sssd.conf.5.xml:2166 msgid "" "The background refresh will process users, groups and netgroups in the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2169 +#: sssd.conf.5.xml:2170 msgid "You can consider setting this value to 3/4 * entry_cache_timeout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2173 sssd-ldap.5.xml:746 sssd-ipa.5.xml:254 +#: sssd.conf.5.xml:2174 sssd-ldap.5.xml:784 sssd-ipa.5.xml:254 msgid "Default: 0 (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2179 +#: sssd.conf.5.xml:2180 msgid "cache_credentials (bool)" msgstr "cache_credentials (bool)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2182 +#: sssd.conf.5.xml:2183 msgid "Determines if user credentials are also cached in the local LDB cache" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2186 +#: sssd.conf.5.xml:2187 msgid "User credentials are stored in a SHA512 hash, not in plaintext" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2196 +#: sssd.conf.5.xml:2197 msgid "cache_credentials_minimal_first_factor_length (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2199 +#: sssd.conf.5.xml:2200 msgid "" "If 2-Factor-Authentication (2FA) is used and credentials should be saved " "this value determines the minimal length the first authentication factor " @@ -2685,24 +2679,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2206 +#: sssd.conf.5.xml:2207 msgid "" "This should avoid that the short PINs of a PIN based 2FA scheme are saved in " "the cache which would make them easy targets for brute-force attacks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2211 +#: sssd.conf.5.xml:2212 msgid "Default: 8" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2217 +#: sssd.conf.5.xml:2218 msgid "account_cache_expiration (integer)" msgstr "account_cache_expiration (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2220 +#: sssd.conf.5.xml:2221 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " @@ -2711,17 +2705,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2227 +#: sssd.conf.5.xml:2228 msgid "Default: 0 (unlimited)" msgstr "Padrão: 0 (ilimitado)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2232 +#: sssd.conf.5.xml:2233 msgid "pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2243 +#: sssd.conf.5.xml:2244 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -2730,34 +2724,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2250 +#: sssd.conf.5.xml:2251 msgid "Default: 7 (Kerberos), 0 (LDAP)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2256 +#: sssd.conf.5.xml:2257 msgid "id_provider (string)" msgstr "id_provider (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2259 +#: sssd.conf.5.xml:2260 msgid "" "The identification provider used for the domain. Supported ID providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2263 +#: sssd.conf.5.xml:2264 msgid "<quote>proxy</quote>: Support a legacy NSS provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2266 +#: sssd.conf.5.xml:2267 msgid "" "<quote>local</quote>: SSSD internal provider for local users (DEPRECATED)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2270 +#: sssd.conf.5.xml:2271 msgid "" "<quote>files</quote>: FILES provider. See <citerefentry> <refentrytitle>sssd-" "files</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -2765,7 +2759,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2278 +#: sssd.conf.5.xml:2279 msgid "" "<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -2773,8 +2767,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2286 sssd.conf.5.xml:2391 sssd.conf.5.xml:2446 -#: sssd.conf.5.xml:2509 +#: sssd.conf.5.xml:2287 sssd.conf.5.xml:2392 sssd.conf.5.xml:2447 +#: sssd.conf.5.xml:2510 msgid "" "<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management " "provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " @@ -2783,8 +2777,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2295 sssd.conf.5.xml:2400 sssd.conf.5.xml:2455 -#: sssd.conf.5.xml:2518 +#: sssd.conf.5.xml:2296 sssd.conf.5.xml:2401 sssd.conf.5.xml:2456 +#: sssd.conf.5.xml:2519 msgid "" "<quote>ad</quote>: Active Directory provider. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2792,19 +2786,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2306 +#: sssd.conf.5.xml:2307 msgid "use_fully_qualified_names (bool)" msgstr "use_fully_qualified_names (bool)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2309 +#: sssd.conf.5.xml:2310 msgid "" "Use the full name and domain (as formatted by the domain's full_name_format) " "as the user's login name reported to NSS." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2314 +#: sssd.conf.5.xml:2315 msgid "" "If set to TRUE, all requests to this domain must use fully qualified names. " "For example, if used in LOCAL domain that contains a \"test\" user, " @@ -2813,7 +2807,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2322 +#: sssd.conf.5.xml:2323 msgid "" "NOTE: This option has no effect on netgroup lookups due to their tendency to " "include nested netgroups without qualified names. For netgroups, all domains " @@ -2821,22 +2815,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2329 +#: sssd.conf.5.xml:2330 msgid "Default: FALSE (TRUE if default_domain_suffix is used)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2335 +#: sssd.conf.5.xml:2336 msgid "ignore_group_members (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2338 +#: sssd.conf.5.xml:2339 msgid "Do not return group members for group lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2341 +#: sssd.conf.5.xml:2342 msgid "" "If set to TRUE, the group membership attribute is not requested from the " "ldap server, and group members are not returned when processing group lookup " @@ -2848,7 +2842,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2359 +#: sssd.conf.5.xml:2360 msgid "" "Enabling this option can also make access provider checks for group " "membership significantly faster, especially for groups containing many " @@ -2856,19 +2850,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2370 +#: sssd.conf.5.xml:2371 msgid "auth_provider (string)" msgstr "auth_provider (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2373 +#: sssd.conf.5.xml:2374 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2377 sssd.conf.5.xml:2439 +#: sssd.conf.5.xml:2378 sssd.conf.5.xml:2440 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2876,7 +2870,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2384 +#: sssd.conf.5.xml:2385 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2884,35 +2878,35 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2408 +#: sssd.conf.5.xml:2409 msgid "" "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2411 +#: sssd.conf.5.xml:2412 msgid "<quote>local</quote>: SSSD internal provider for local users" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2415 +#: sssd.conf.5.xml:2416 msgid "<quote>none</quote> disables authentication explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2418 +#: sssd.conf.5.xml:2419 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2424 +#: sssd.conf.5.xml:2425 msgid "access_provider (string)" msgstr "access_provider (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2427 +#: sssd.conf.5.xml:2428 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " @@ -2920,19 +2914,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2433 +#: sssd.conf.5.xml:2434 msgid "" "<quote>permit</quote> always allow access. It's the only permitted access " "provider for a local domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2436 +#: sssd.conf.5.xml:2437 msgid "<quote>deny</quote> always deny access." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2463 +#: sssd.conf.5.xml:2464 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" @@ -2941,7 +2935,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2470 +#: sssd.conf.5.xml:2471 msgid "" "<quote>krb5</quote>: .k5login based access control. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum></" @@ -2949,29 +2943,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2477 +#: sssd.conf.5.xml:2478 msgid "<quote>proxy</quote> for relaying access control to another PAM module." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2480 +#: sssd.conf.5.xml:2481 msgid "Default: <quote>permit</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2485 +#: sssd.conf.5.xml:2486 msgid "chpass_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2488 +#: sssd.conf.5.xml:2489 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2493 +#: sssd.conf.5.xml:2494 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -2979,7 +2973,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2501 +#: sssd.conf.5.xml:2502 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2987,35 +2981,35 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2526 +#: sssd.conf.5.xml:2527 msgid "" "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2530 +#: sssd.conf.5.xml:2531 msgid "<quote>none</quote> disallows password changes explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2533 +#: sssd.conf.5.xml:2534 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2540 +#: sssd.conf.5.xml:2541 msgid "sudo_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2543 +#: sssd.conf.5.xml:2544 msgid "The SUDO provider used for the domain. Supported SUDO providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2547 +#: sssd.conf.5.xml:2548 msgid "" "<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3023,32 +3017,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2555 +#: sssd.conf.5.xml:2556 msgid "" "<quote>ipa</quote> the same as <quote>ldap</quote> but with IPA default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2559 +#: sssd.conf.5.xml:2560 msgid "" "<quote>ad</quote> the same as <quote>ldap</quote> but with AD default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2563 +#: sssd.conf.5.xml:2564 msgid "<quote>none</quote> disables SUDO explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2566 sssd.conf.5.xml:2652 sssd.conf.5.xml:2722 -#: sssd.conf.5.xml:2747 +#: sssd.conf.5.xml:2567 sssd.conf.5.xml:2653 sssd.conf.5.xml:2723 +#: sssd.conf.5.xml:2748 msgid "Default: The value of <quote>id_provider</quote> is used if it is set." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2570 +#: sssd.conf.5.xml:2571 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -3059,7 +3053,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2585 +#: sssd.conf.5.xml:2586 msgid "" "<emphasis>NOTE:</emphasis> Sudo rules are periodically downloaded in the " "background unless the sudo provider is explicitly disabled. Set " @@ -3068,12 +3062,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2595 +#: sssd.conf.5.xml:2596 msgid "selinux_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2598 +#: sssd.conf.5.xml:2599 msgid "" "The provider which should handle loading of selinux settings. Note that this " "provider will be called right after access provider ends. Supported selinux " @@ -3081,7 +3075,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2604 +#: sssd.conf.5.xml:2605 msgid "" "<quote>ipa</quote> to load selinux settings from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3089,31 +3083,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2612 +#: sssd.conf.5.xml:2613 msgid "<quote>none</quote> disallows fetching selinux settings explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2615 +#: sssd.conf.5.xml:2616 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "selinux loading requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2621 +#: sssd.conf.5.xml:2622 msgid "subdomains_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2624 +#: sssd.conf.5.xml:2625 msgid "" "The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider. Supported subdomain providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2630 +#: sssd.conf.5.xml:2631 msgid "" "<quote>ipa</quote> to load a list of subdomains from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3121,7 +3115,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2639 +#: sssd.conf.5.xml:2640 msgid "" "<quote>ad</quote> to load a list of subdomains from an Active Directory " "server. See <citerefentry> <refentrytitle>sssd-ad</refentrytitle> " @@ -3130,17 +3124,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2648 +#: sssd.conf.5.xml:2649 msgid "<quote>none</quote> disallows fetching subdomains explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2658 +#: sssd.conf.5.xml:2659 msgid "session_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2661 +#: sssd.conf.5.xml:2662 msgid "" "The provider which configures and manages user session related tasks. The " "only user session task currently provided is the integration with Fleet " @@ -3148,43 +3142,43 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2668 +#: sssd.conf.5.xml:2669 msgid "<quote>ipa</quote> to allow performing user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2672 +#: sssd.conf.5.xml:2673 msgid "" "<quote>none</quote> does not perform any kind of user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2676 +#: sssd.conf.5.xml:2677 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can perform " "session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2680 +#: sssd.conf.5.xml:2681 msgid "" "<emphasis>NOTE:</emphasis> In order to have this feature working as expected " "SSSD must be running as \"root\" and not as the unprivileged user." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2688 +#: sssd.conf.5.xml:2689 msgid "autofs_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2691 +#: sssd.conf.5.xml:2692 msgid "" "The autofs provider used for the domain. Supported autofs providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2695 +#: sssd.conf.5.xml:2696 msgid "" "<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3192,7 +3186,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2702 +#: sssd.conf.5.xml:2703 msgid "" "<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> " "<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3200,7 +3194,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2710 +#: sssd.conf.5.xml:2711 msgid "" "<quote>ad</quote> to load maps stored in an AD server. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3208,24 +3202,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2719 +#: sssd.conf.5.xml:2720 msgid "<quote>none</quote> disables autofs explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2729 +#: sssd.conf.5.xml:2730 msgid "hostid_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2732 +#: sssd.conf.5.xml:2733 msgid "" "The provider used for retrieving host identity information. Supported " "hostid providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2736 +#: sssd.conf.5.xml:2737 msgid "" "<quote>ipa</quote> to load host identity stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3233,12 +3227,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2744 +#: sssd.conf.5.xml:2745 msgid "<quote>none</quote> disables hostid explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2757 +#: sssd.conf.5.xml:2758 msgid "" "Regular expression for this domain that describes how to parse the string " "containing user name and domain into these components. The \"domain\" can " @@ -3248,7 +3242,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2766 +#: sssd.conf.5.xml:2767 msgid "" "Default for the AD and IPA provider: <quote>(((?P<domain>[^\\\\]+)\\" "\\(?P<name>.+$))|((?P<name>[^@]+)@(?P<domain>.+$))|(^(?" @@ -3257,29 +3251,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2771 +#: sssd.conf.5.xml:2772 msgid "username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2774 +#: sssd.conf.5.xml:2775 msgid "username@domain.name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2777 +#: sssd.conf.5.xml:2778 msgid "domain\\username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2780 +#: sssd.conf.5.xml:2781 msgid "" "While the first two correspond to the general default the third one is " "introduced to allow easy integration of users from Windows domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2785 +#: sssd.conf.5.xml:2786 msgid "" "Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " "which translates to \"the name is everything up to the <quote>@</quote> " @@ -3287,7 +3281,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2791 +#: sssd.conf.5.xml:2792 msgid "" "NOTE: Some Active Directory groups, typically those used for MS Exchange " "contain an <quote>@</quote> sign in the name, which clashes with the default " @@ -3297,59 +3291,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2842 +#: sssd.conf.5.xml:2843 msgid "Default: <quote>%1$s@%2$s</quote>." msgstr "Default: <quote>%1$s@%2$s</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2848 +#: sssd.conf.5.xml:2849 msgid "lookup_family_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2851 +#: sssd.conf.5.xml:2852 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2855 +#: sssd.conf.5.xml:2856 msgid "Supported values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2858 +#: sssd.conf.5.xml:2859 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2861 +#: sssd.conf.5.xml:2862 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2864 +#: sssd.conf.5.xml:2865 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2867 +#: sssd.conf.5.xml:2868 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2870 +#: sssd.conf.5.xml:2871 msgid "Default: ipv4_first" msgstr "Default: ipv4_first" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2876 +#: sssd.conf.5.xml:2877 msgid "dns_resolver_timeout (integer)" msgstr "dns_resolver_timeout (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2879 +#: sssd.conf.5.xml:2880 msgid "" "Defines the amount of time (in seconds) to wait for a reply from the " "internal fail over service before assuming that the service is unreachable. " @@ -3358,77 +3352,77 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2886 +#: sssd.conf.5.xml:2887 msgid "" "Please see the section <quote>FAILOVER</quote> for more information about " "the service resolution." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2891 sssd-ldap.5.xml:1337 sssd-ldap.5.xml:1379 -#: sssd-ldap.5.xml:1397 sssd-krb5.5.xml:248 +#: sssd.conf.5.xml:2892 sssd-ldap.5.xml:1375 sssd-ldap.5.xml:1417 +#: sssd-ldap.5.xml:1435 sssd-krb5.5.xml:248 msgid "Default: 6" msgstr "Padrão: 6" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2897 +#: sssd.conf.5.xml:2898 msgid "dns_discovery_domain (string)" msgstr "dns_discovery_domain (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2900 +#: sssd.conf.5.xml:2901 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2904 +#: sssd.conf.5.xml:2905 msgid "Default: Use the domain part of machine's hostname" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2910 +#: sssd.conf.5.xml:2911 msgid "override_gid (integer)" msgstr "override_gid (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2913 +#: sssd.conf.5.xml:2914 msgid "Override the primary GID value with the one specified." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2919 +#: sssd.conf.5.xml:2920 msgid "case_sensitive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2930 +#: sssd.conf.5.xml:2931 msgid "True" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2933 +#: sssd.conf.5.xml:2934 msgid "Case sensitive. This value is invalid for AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2939 +#: sssd.conf.5.xml:2940 msgid "False" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2941 +#: sssd.conf.5.xml:2942 msgid "Case insensitive." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2945 +#: sssd.conf.5.xml:2946 msgid "Preserving" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2948 +#: sssd.conf.5.xml:2949 msgid "" "Same as False (case insensitive), but does not lowercase names in the result " "of NSS operations. Note that name aliases (and in case of services also " @@ -3436,7 +3430,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2922 +#: sssd.conf.5.xml:2923 msgid "" "Treat user and group names as case sensitive. <phrase condition=" "\"enable_local_provider\"> At the moment, this option is not supported in " @@ -3445,17 +3439,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2960 +#: sssd.conf.5.xml:2961 msgid "Default: True (False for AD provider)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2966 +#: sssd.conf.5.xml:2967 msgid "subdomain_inherit (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2969 +#: sssd.conf.5.xml:2970 msgid "" "Specifies a list of configuration parameters that should be inherited by a " "subdomain. Please note that only selected parameters can be inherited. " @@ -3463,34 +3457,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2975 +#: sssd.conf.5.xml:2976 msgid "ignore_group_members" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2978 +#: sssd.conf.5.xml:2979 msgid "ldap_purge_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2981 sssd-ldap.5.xml:1061 +#: sssd.conf.5.xml:2982 sssd-ldap.5.xml:1099 msgid "ldap_use_tokengroups" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2984 +#: sssd.conf.5.xml:2985 msgid "ldap_user_principal" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2987 +#: sssd.conf.5.xml:2988 msgid "" "ldap_krb5_keytab (the value of krb5_keytab will be used if ldap_krb5_keytab " "is not set explicitly)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:2993 +#: sssd.conf.5.xml:2994 #, no-wrap msgid "" "subdomain_inherit = ldap_purge_cache_timeout\n" @@ -3498,32 +3492,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2991 sssd-secrets.5.xml:448 +#: sssd.conf.5.xml:2992 sssd-secrets.5.xml:448 msgid "Example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3000 +#: sssd.conf.5.xml:3001 msgid "Note: This option only works with the IPA and AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3007 +#: sssd.conf.5.xml:3008 msgid "subdomain_homedir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3018 +#: sssd.conf.5.xml:3019 msgid "%F" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3019 +#: sssd.conf.5.xml:3020 msgid "flat (NetBIOS) name of a subdomain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3010 +#: sssd.conf.5.xml:3011 msgid "" "Use this homedir as default value for all subdomains within this domain in " "IPA AD trust. See <emphasis>override_homedir</emphasis> for info about " @@ -3533,47 +3527,55 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3024 +#: sssd.conf.5.xml:3025 msgid "" "The value can be overridden by <emphasis>override_homedir</emphasis> option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3028 +#: sssd.conf.5.xml:3029 msgid "Default: <filename>/home/%d/%u</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3033 +#: sssd.conf.5.xml:3034 msgid "realmd_tags (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3036 +#: sssd.conf.5.xml:3037 msgid "" "Various tags stored by the realmd configuration service for this domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3042 +#: sssd.conf.5.xml:3043 msgid "cached_auth_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3045 +#: sssd.conf.5.xml:3046 msgid "" "Specifies time in seconds since last successful online authentication for " "which user will be authenticated using cached credentials while SSSD is in " -"the online mode." +"the online mode. If the credentials are incorrect, SSSD falls back to online " +"authentication." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3051 +#: sssd.conf.5.xml:3054 +msgid "" +"This option's value is inherited by all trusted domains. At the moment it is " +"not possible to set a different value per trusted domain." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3059 msgid "Special value 0 implies that this feature is disabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3055 +#: sssd.conf.5.xml:3063 msgid "" "Please note that if <quote>cached_auth_timeout</quote> is longer than " "<quote>pam_id_timeout</quote> then the back end could be called to handle " @@ -3581,43 +3583,115 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3066 +#: sssd.conf.5.xml:3074 msgid "auto_private_groups (string)" msgstr "" -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3069 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3080 +msgid "true" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3083 +msgid "" +"Create user's private group unconditionally from user's UID number. The GID " +"number is ignored in this case." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3087 +msgid "" +"NOTE: Because the GID number and the user private group are inferred from " +"the UID number, it is not supported to have multiple entries with the same " +"UID or GID number with this option. In other words, enabling this option " +"enforces uniqueness across the ID space." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3096 +msgid "false" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3099 +msgid "" +"Always use the user's primary GID number. The GID number must refer to a " +"group object in the LDAP database." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3105 +msgid "hybrid" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3108 +msgid "" +"A primary group is autogenerated for user entries whose UID and GID numbers " +"have the same value and at the same time the GID number does not correspond " +"to a real group object in LDAP If the values are the same, but the primary " +"GID in the user entry is also used by a group object, the primary GID of the " +"user resolves to that group object." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3121 +msgid "" +"If the UID and GID of a user are different, then the GID must correspond to " +"a group entry, otherwise the GID is simply not resolvable." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3128 msgid "" -"If this option is enabled, SSSD will automatically create user private " -"groups based on user's UID number. The GID number is ignored in this case." +"This feature is useful for environments that wish to stop maintaining a " +"separate group objects for the user private groups, but also wish to retain " +"the existing user private groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3074 +#: sssd.conf.5.xml:3077 msgid "" -"For POSIX subdomains, setting the option in the main domain is inherited in " -"the subdomain." +"This option takes any of three available values: <placeholder type=" +"\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3078 +#: sssd.conf.5.xml:3140 msgid "" -"For ID-mapping subdomains, auto_private_groups is already enabled for the " -"subdomains and setting it to false will not have any effect for the " -"subdomain." +"For subdomains, the default value is False for subdomains that use assigned " +"POSIX IDs and True for subdomains that use automatic ID-mapping." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd.conf.5.xml:3148 +#, no-wrap +msgid "" +"[domain/forest.domain/sub.domain]\n" +"auto_private_groups = false\n" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd.conf.5.xml:3154 +#, no-wrap +msgid "" +"[domain/forest.domain]\n" +"subdomain_inherit = auto_private_groups\n" +"auto_private_groups = false\n" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3083 +#: sssd.conf.5.xml:3145 msgid "" -"NOTE: Because the GID number and the user private group are inferred from " -"the UID number, it is not supported to have multiple entries with the same " -"UID or GID number with this option. In other words, enabling this option " -"enforces uniqueness across the ID space." +"The value of auto_private_groups can either be set per subdomains in a " +"subsection, for example: <placeholder type=\"programlisting\" id=\"0\"/> or " +"globally for all subdomains in the main domain section using the " +"subdomain_inherit option: <placeholder type=\"programlisting\" id=\"1\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1884 +#: sssd.conf.5.xml:1885 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called <quote>[domain/<replaceable>NAME</" @@ -3625,29 +3699,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3102 +#: sssd.conf.5.xml:3169 msgid "proxy_pam_target (string)" msgstr "proxy_pam_target (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3105 +#: sssd.conf.5.xml:3172 msgid "The proxy target PAM proxies to." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3108 +#: sssd.conf.5.xml:3175 msgid "" "Default: not set by default, you have to take an existing pam configuration " "or create a new one and add the service name here." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3116 +#: sssd.conf.5.xml:3183 msgid "proxy_lib_name (string)" msgstr "proxy_lib_name (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3119 +#: sssd.conf.5.xml:3186 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " @@ -3655,12 +3729,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3129 +#: sssd.conf.5.xml:3196 msgid "proxy_fast_alias (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3132 +#: sssd.conf.5.xml:3199 msgid "" "When a user or group is looked up by name in the proxy provider, a second " "lookup by ID is performed to \"canonicalize\" the name in case the requested " @@ -3669,12 +3743,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3146 +#: sssd.conf.5.xml:3213 msgid "proxy_max_children (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3149 +#: sssd.conf.5.xml:3216 msgid "" "This option specifies the number of pre-forked proxy children. It is useful " "for high-load SSSD environments where sssd may run out of available child " @@ -3682,19 +3756,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3098 +#: sssd.conf.5.xml:3165 msgid "" "Options valid for proxy domains. <placeholder type=\"variablelist\" id=" "\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:3165 +#: sssd.conf.5.xml:3232 msgid "Application domains" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3167 +#: sssd.conf.5.xml:3234 msgid "" "SSSD, with its D-Bus interface (see <citerefentry> <refentrytitle>sssd-ifp</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry>) is appealing to " @@ -3711,7 +3785,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3187 +#: sssd.conf.5.xml:3254 msgid "" "Please note that the application domain must still be explicitly enabled in " "the <quote>domains</quote> parameter so that the lookup order between the " @@ -3719,17 +3793,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:3193 +#: sssd.conf.5.xml:3260 msgid "Application domain parameters" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3195 +#: sssd.conf.5.xml:3262 msgid "inherit_from (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3198 +#: sssd.conf.5.xml:3265 msgid "" "The SSSD POSIX-type domain the application domain inherits all settings " "from. The application domain can moreover add its own settings to the " @@ -3738,7 +3812,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3212 +#: sssd.conf.5.xml:3279 msgid "" "The following example illustrates the use of an application domain. In this " "setup, the POSIX domain is connected to an LDAP server and is used by the OS " @@ -3748,7 +3822,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><programlisting> -#: sssd.conf.5.xml:3220 +#: sssd.conf.5.xml:3287 #, no-wrap msgid "" "[sssd]\n" @@ -3768,12 +3842,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:3238 +#: sssd.conf.5.xml:3305 msgid "The local domain section" msgstr "A secção de domínio local" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3240 +#: sssd.conf.5.xml:3307 msgid "" "This section contains settings for domain that stores users and groups in " "SSSD native database, that is, a domain that uses " @@ -3781,73 +3855,73 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3247 +#: sssd.conf.5.xml:3314 msgid "default_shell (string)" msgstr "default_shell (string)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3250 +#: sssd.conf.5.xml:3317 msgid "The default shell for users created with SSSD userspace tools." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3254 +#: sssd.conf.5.xml:3321 msgid "Default: <filename>/bin/bash</filename>" msgstr "Padrão: <filename>bash/bin/bash</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3259 +#: sssd.conf.5.xml:3326 msgid "base_directory (string)" msgstr "base_directory (string)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3262 +#: sssd.conf.5.xml:3329 msgid "" "The tools append the login name to <replaceable>base_directory</replaceable> " "and use that as the home directory." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3267 +#: sssd.conf.5.xml:3334 msgid "Default: <filename>/home</filename>" msgstr "Padrão: <filename>/ home</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3272 +#: sssd.conf.5.xml:3339 msgid "create_homedir (bool)" msgstr "create_homedir (bool)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3275 +#: sssd.conf.5.xml:3342 msgid "" "Indicate if a home directory should be created by default for new users. " "Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3279 sssd.conf.5.xml:3291 +#: sssd.conf.5.xml:3346 sssd.conf.5.xml:3358 msgid "Default: TRUE" msgstr "Padrão: TRUE" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3284 +#: sssd.conf.5.xml:3351 msgid "remove_homedir (bool)" msgstr "remove_homedir (bool)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3287 +#: sssd.conf.5.xml:3354 msgid "" "Indicate if a home directory should be removed by default for deleted " "users. Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3296 +#: sssd.conf.5.xml:3363 msgid "homedir_umask (integer)" msgstr "homedir_umask (integer)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3299 +#: sssd.conf.5.xml:3366 msgid "" "Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " @@ -3855,17 +3929,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3307 +#: sssd.conf.5.xml:3374 msgid "Default: 077" msgstr "Padrão: 077" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3312 +#: sssd.conf.5.xml:3379 msgid "skel_dir (string)" msgstr "skel_dir (string)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3315 +#: sssd.conf.5.xml:3382 msgid "" "The skeleton directory, which contains files and directories to be copied in " "the user's home directory, when the home directory is created by " @@ -3874,17 +3948,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3325 +#: sssd.conf.5.xml:3392 msgid "Default: <filename>/etc/skel</filename>" msgstr "Padrão: <filename>skel/etc/skel</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3330 +#: sssd.conf.5.xml:3397 msgid "mail_dir (string)" msgstr "mail_dir (string)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3333 +#: sssd.conf.5.xml:3400 msgid "" "The mail spool directory. This is needed to manipulate the mailbox when its " "corresponding user account is modified or deleted. If not specified, a " @@ -3892,17 +3966,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3340 +#: sssd.conf.5.xml:3407 msgid "Default: <filename>/var/mail</filename>" msgstr "Padrão: <filename>mail/var/mail</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3345 +#: sssd.conf.5.xml:3412 msgid "userdel_cmd (string)" msgstr "userdel_cmd (string)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3348 +#: sssd.conf.5.xml:3415 msgid "" "The command that is run after a user is removed. The command us passed the " "username of the user being removed as the first and only parameter. The " @@ -3910,17 +3984,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3354 +#: sssd.conf.5.xml:3421 msgid "Default: None, no command is run" msgstr "Padrão: None, nenhum comando é executado" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3364 +#: sssd.conf.5.xml:3431 msgid "TRUSTED DOMAIN SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3366 +#: sssd.conf.5.xml:3433 msgid "" "Some options used in the domain section can also be used in the trusted " "domain section, that is, in a section called <quote>[domain/" @@ -3931,64 +4005,71 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3373 +#: sssd.conf.5.xml:3440 msgid "ldap_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3374 +#: sssd.conf.5.xml:3441 msgid "ldap_user_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3375 +#: sssd.conf.5.xml:3442 msgid "ldap_group_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3376 +#: sssd.conf.5.xml:3443 msgid "ldap_netgroup_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3377 +#: sssd.conf.5.xml:3444 msgid "ldap_service_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3378 +#: sssd.conf.5.xml:3445 +#, fuzzy +#| msgid "ldap_sasl_mech (string)" +msgid "ldap_sasl_mech," +msgstr "ldap_sasl_mech (string)" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:3446 msgid "ad_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3379 +#: sssd.conf.5.xml:3447 msgid "ad_backup_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3380 +#: sssd.conf.5.xml:3448 msgid "ad_site," msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3381 sssd-ipa.5.xml:797 +#: sssd.conf.5.xml:3449 sssd-ipa.5.xml:797 msgid "use_fully_qualified_names" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3383 +#: sssd.conf.5.xml:3451 msgid "" "For more details about these options see their individual description in the " "manual page." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3389 +#: sssd.conf.5.xml:3457 msgid "CERTIFICATE MAPPING SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3391 +#: sssd.conf.5.xml:3459 msgid "" "To allow authentication with Smartcards and certificates SSSD must be able " "to map certificates to users. This can be done by adding the full " @@ -4001,7 +4082,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3405 +#: sssd.conf.5.xml:3473 msgid "" "To make the mapping more flexible mapping and matching rules were added to " "SSSD (see <citerefentry> <refentrytitle>sss-certmap</refentrytitle> " @@ -4009,7 +4090,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3414 +#: sssd.conf.5.xml:3482 msgid "" "A mapping and matching rule can be added to the SSSD configuration in a " "section on its own with a name like <quote>[certmap/" @@ -4018,61 +4099,55 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3421 -#, fuzzy -#| msgid "auth_provider (string)" +#: sssd.conf.5.xml:3489 msgid "matchrule (string)" -msgstr "auth_provider (string)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3424 +#: sssd.conf.5.xml:3492 msgid "" "Only certificates from the Smartcard which matches this rule will be " "processed, all others are ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3428 +#: sssd.conf.5.xml:3496 msgid "" "Default: KRB5:<EKU>clientAuth, i.e. only certificates which have the " "Extended Key Usage <quote>clientAuth</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3435 -#, fuzzy -#| msgid "ldap_deref (string)" +#: sssd.conf.5.xml:3503 msgid "maprule (string)" -msgstr "ldap_deref (string)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3438 +#: sssd.conf.5.xml:3506 msgid "Defines how the user is found for a given certificate." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3444 +#: sssd.conf.5.xml:3512 msgid "" "LDAP:(userCertificate;binary={cert!bin}) for LDAP based providers like " "<quote>ldap</quote>, <quote>AD</quote> or <quote>ipa</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3450 +#: sssd.conf.5.xml:3518 msgid "" "The RULE_NAME for the <quote>files</quote> provider which tries to find a " "user with the same name." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3459 -#, fuzzy -#| msgid "ipa_domain (string)" +#: sssd.conf.5.xml:3527 msgid "domains (string)" -msgstr "ipa_domain (string)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3462 +#: sssd.conf.5.xml:3530 msgid "" "Comma separated list of domain names the rule should be applied. By default " "a rule is only valid in the domain configured in sssd.conf. If the provider " @@ -4081,19 +4156,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3469 +#: sssd.conf.5.xml:3537 msgid "Default: the configured domain in sssd.conf" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3474 -#, fuzzy -#| msgid "timeout (integer)" +#: sssd.conf.5.xml:3542 msgid "priority (integer)" -msgstr "timeout (integer)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3477 +#: sssd.conf.5.xml:3545 msgid "" "Unsigned integer value defining the priority of the rule. The higher the " "number the lower the priority. <quote>0</quote> stands for the highest " @@ -4101,28 +4174,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3483 -#, fuzzy -#| msgid "Default: homeDirectory" +#: sssd.conf.5.xml:3551 msgid "Default: the lowest priority" -msgstr "Padrão: homeDirectory" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3489 +#: sssd.conf.5.xml:3557 msgid "" "To make the configuration simple and reduce the amount of configuration " "options the <quote>files</quote> provider has some special properties:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3495 +#: sssd.conf.5.xml:3563 msgid "" "if maprule is not set the RULE_NAME name is assumed to be the name of the " "matching user" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3501 +#: sssd.conf.5.xml:3569 msgid "" "if a maprule is used both a single user name or a template like " "<quote>{subject_rfc822_name.short_name}</quote> must be in braces like e.g. " @@ -4131,17 +4202,126 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3510 +#: sssd.conf.5.xml:3578 msgid "the <quote>domains</quote> option is ignored" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3518 idmap_sss.8.xml:43 +#: sssd.conf.5.xml:3586 +#, fuzzy +#| msgid "CONFIGURATION OPTIONS" +msgid "PROMPTING CONFIGURATION SECTION" +msgstr "OPÇÕES DE CONFIGURAÇÃO" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:3588 +msgid "" +"If a special file (<filename>/var/lib/sss/pubconf/pam_preauth_available</" +"filename>) exists SSSD's PAM module pam_sss will ask SSSD to figure out " +"which authentication methods are available for the user trying to log in. " +"Based on the results pam_sss will prompt the user for appropriate " +"credentials." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:3596 +msgid "" +"With the growing number of authentication methods and the possibility that " +"there are multiple ones for a single user the heuristic used by pam_sss to " +"select the prompting might not be suitable for all use cases. To following " +"options should provide a better flexibility here." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3608 +msgid "[prompting/password]" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3611 +msgid "password_prompt" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3612 +msgid "to change the string of the password prompt" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3610 +msgid "" +"to configure password prompting, allowed options are: <placeholder type=" +"\"variablelist\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3620 +msgid "[prompting/2fa]" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3624 +msgid "first_prompt" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3625 +msgid "to change the string of the prompt for the first factor" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3628 +msgid "second_prompt" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3629 +msgid "to change the string of the prompt for the second factor" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3632 +msgid "single_prompt" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3633 +msgid "" +"boolean value, if True there will be only a single prompt using the value of " +"first_prompt where it is expected that both factor are entered as a single " +"string" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3622 +msgid "" +"to configure two-factor authentication prompting, allowed options are: " +"<placeholder type=\"variablelist\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:3603 +msgid "" +"Each supported authentication method has it's own configuration sub-section " +"under <quote>[prompting/...]</quote>. Currently there are: <placeholder type=" +"\"variablelist\" id=\"0\"/> <placeholder type=\"variablelist\" id=\"1\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:3645 +msgid "" +"It is possible to add a sub-section for specific PAM services like e.g. " +"<quote>[prompting/password/sshd]</quote> to individual change the prompting " +"for this service." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sssd.conf.5.xml:3652 idmap_sss.8.xml:43 msgid "EXAMPLES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3524 +#: sssd.conf.5.xml:3658 #, no-wrap msgid "" "[sssd]\n" @@ -4195,7 +4375,7 @@ msgstr "" "enumerate = False\n" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3520 +#: sssd.conf.5.xml:3654 msgid "" "1. The following example shows a typical SSSD config. It does not describe " "configuration of the domains themselves - refer to documentation on " @@ -4204,7 +4384,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3557 +#: sssd.conf.5.xml:3691 #, no-wrap msgid "" "[domain/ipa.com/child.ad.com]\n" @@ -4212,7 +4392,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3551 +#: sssd.conf.5.xml:3685 msgid "" "2. The following example shows configuration of IPA AD trust where the AD " "forest consists of two domains in a parent-child structure. Suppose IPA " @@ -4223,7 +4403,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3571 +#: sssd.conf.5.xml:3705 #, no-wrap msgid "" "[certmap/my.domain/rule_name]\n" @@ -4237,7 +4417,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3562 +#: sssd.conf.5.xml:3696 msgid "" "3. The following example shows the configuration for two certificate mapping " "rules. The first is valid for the configured domain <quote>my.domain</quote> " @@ -4387,7 +4567,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:662 sssd-ad.5.xml:286 +#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:700 sssd-ad.5.xml:286 #: sss_override.8.xml:137 sss_override.8.xml:234 msgid "Examples:" msgstr "Exemplos:" @@ -4486,123 +4666,166 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:209 +#, fuzzy +#| msgid "ldap_pwd_policy (string)" +msgid "ldap_pwmodify_mode (string)" +msgstr "ldap_pwd_policy (string)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:212 +msgid "Specify the operation that is used to modify user password." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:216 +msgid "Two modes are currently supported:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ldap.5.xml:220 +msgid "exop - Password Modify Extended Operation (RFC 3062)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ldap.5.xml:226 +msgid "ldap_modify - Direct modification of userPassword (not recommended)." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:233 +msgid "" +"Note: First, a new connection is established to verify current password by " +"binding as the user that requested password change. If successful, this " +"connection is used to change the password therefore the user must have write " +"access to userPassword attribute." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:241 +#, fuzzy +#| msgid "Default: 3" +msgid "Default: exop" +msgstr "Padrão: 3" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:247 msgid "ldap_default_bind_dn (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:212 +#: sssd-ldap.5.xml:250 msgid "The default bind DN to use for performing LDAP operations." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:219 +#: sssd-ldap.5.xml:257 msgid "ldap_default_authtok_type (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:222 +#: sssd-ldap.5.xml:260 msgid "The type of the authentication token of the default bind DN." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:226 +#: sssd-ldap.5.xml:264 msgid "The two mechanisms currently supported are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:229 +#: sssd-ldap.5.xml:267 msgid "password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:232 +#: sssd-ldap.5.xml:270 msgid "obfuscated_password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:235 +#: sssd-ldap.5.xml:273 msgid "Default: password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:241 +#: sssd-ldap.5.xml:279 msgid "ldap_default_authtok (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:244 +#: sssd-ldap.5.xml:282 msgid "" "The authentication token of the default bind DN. Only clear text passwords " "are currently supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:251 +#: sssd-ldap.5.xml:289 msgid "ldap_user_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:254 +#: sssd-ldap.5.xml:292 msgid "The object class of a user entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:257 +#: sssd-ldap.5.xml:295 msgid "Default: posixAccount" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:263 +#: sssd-ldap.5.xml:301 msgid "ldap_user_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:266 +#: sssd-ldap.5.xml:304 msgid "The LDAP attribute that corresponds to the user's login name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:270 +#: sssd-ldap.5.xml:308 msgid "Default: uid (rfc2307, rfc2307bis and IPA), sAMAccountName (AD)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:277 +#: sssd-ldap.5.xml:315 msgid "ldap_user_uid_number (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:280 +#: sssd-ldap.5.xml:318 msgid "The LDAP attribute that corresponds to the user's id." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:284 +#: sssd-ldap.5.xml:322 msgid "Default: uidNumber" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:290 +#: sssd-ldap.5.xml:328 msgid "ldap_user_gid_number (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:293 +#: sssd-ldap.5.xml:331 msgid "The LDAP attribute that corresponds to the user's primary group id." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:297 sssd-ldap.5.xml:929 +#: sssd-ldap.5.xml:335 sssd-ldap.5.xml:967 msgid "Default: gidNumber" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:303 +#: sssd-ldap.5.xml:341 msgid "ldap_user_primary_group (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:306 +#: sssd-ldap.5.xml:344 msgid "" "Active Directory primary group attribute for ID-mapping. Note that this " "attribute should only be set manually if you are running the <quote>ldap</" @@ -4610,113 +4833,113 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:312 +#: sssd-ldap.5.xml:350 msgid "Default: unset (LDAP), primaryGroupID (AD)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:318 +#: sssd-ldap.5.xml:356 msgid "ldap_user_gecos (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:321 +#: sssd-ldap.5.xml:359 msgid "The LDAP attribute that corresponds to the user's gecos field." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:325 +#: sssd-ldap.5.xml:363 msgid "Default: gecos" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:331 +#: sssd-ldap.5.xml:369 msgid "ldap_user_home_directory (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:334 +#: sssd-ldap.5.xml:372 msgid "The LDAP attribute that contains the name of the user's home directory." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:338 +#: sssd-ldap.5.xml:376 msgid "Default: homeDirectory" msgstr "Padrão: homeDirectory" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:344 +#: sssd-ldap.5.xml:382 msgid "ldap_user_shell (string)" msgstr "ldap_user_shell (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:347 +#: sssd-ldap.5.xml:385 msgid "The LDAP attribute that contains the path to the user's default shell." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:351 +#: sssd-ldap.5.xml:389 msgid "Default: loginShell" msgstr "Padrão: diret" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:357 +#: sssd-ldap.5.xml:395 msgid "ldap_user_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:360 +#: sssd-ldap.5.xml:398 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:364 sssd-ldap.5.xml:955 +#: sssd-ldap.5.xml:402 sssd-ldap.5.xml:993 msgid "" "Default: not set in the general case, objectGUID for AD and ipaUniqueID for " "IPA" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:371 +#: sssd-ldap.5.xml:409 msgid "ldap_user_objectsid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:374 +#: sssd-ldap.5.xml:412 msgid "" "The LDAP attribute that contains the objectSID of an LDAP user object. This " "is usually only necessary for ActiveDirectory servers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:379 sssd-ldap.5.xml:970 +#: sssd-ldap.5.xml:417 sssd-ldap.5.xml:1008 msgid "Default: objectSid for ActiveDirectory, not set for other servers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:386 +#: sssd-ldap.5.xml:424 msgid "ldap_user_modify_timestamp (string)" msgstr "ldap_user_modify_timestamp (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:389 sssd-ldap.5.xml:980 sssd-ldap.5.xml:1144 +#: sssd-ldap.5.xml:427 sssd-ldap.5.xml:1018 sssd-ldap.5.xml:1182 msgid "" "The LDAP attribute that contains timestamp of the last modification of the " "parent object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:393 sssd-ldap.5.xml:984 sssd-ldap.5.xml:1151 +#: sssd-ldap.5.xml:431 sssd-ldap.5.xml:1022 sssd-ldap.5.xml:1189 msgid "Default: modifyTimestamp" msgstr "Padrão: modifyTimestamp" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:399 +#: sssd-ldap.5.xml:437 msgid "ldap_user_shadow_last_change (string)" msgstr "ldap_user_shadow_last_change (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:402 +#: sssd-ldap.5.xml:440 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -4725,17 +4948,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:412 +#: sssd-ldap.5.xml:450 msgid "Default: shadowLastChange" msgstr "Padrão: shadowLastChange" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:418 +#: sssd-ldap.5.xml:456 msgid "ldap_user_shadow_min (string)" msgstr "ldap_user_shadow_min (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:421 +#: sssd-ldap.5.xml:459 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -4744,17 +4967,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:430 +#: sssd-ldap.5.xml:468 msgid "Default: shadowMin" msgstr "Padrão: shadowMin" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:436 +#: sssd-ldap.5.xml:474 msgid "ldap_user_shadow_max (string)" msgstr "ldap_user_shadow_max (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:439 +#: sssd-ldap.5.xml:477 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -4763,17 +4986,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:448 +#: sssd-ldap.5.xml:486 msgid "Default: shadowMax" msgstr "Padrão: shadowMax" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:454 +#: sssd-ldap.5.xml:492 msgid "ldap_user_shadow_warning (string)" msgstr "ldap_user_shadow_warning (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:457 +#: sssd-ldap.5.xml:495 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -4782,17 +5005,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:467 +#: sssd-ldap.5.xml:505 msgid "Default: shadowWarning" msgstr "Padrão: shadowWarning" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:473 +#: sssd-ldap.5.xml:511 msgid "ldap_user_shadow_inactive (string)" msgstr "ldap_user_shadow_inactive (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:476 +#: sssd-ldap.5.xml:514 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -4801,17 +5024,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:486 +#: sssd-ldap.5.xml:524 msgid "Default: shadowInactive" msgstr "Padrão: shadowInactive" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:492 +#: sssd-ldap.5.xml:530 msgid "ldap_user_shadow_expire (string)" msgstr "ldap_user_shadow_expire (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:495 +#: sssd-ldap.5.xml:533 msgid "" "When using ldap_pwd_policy=shadow or ldap_account_expire_policy=shadow, this " "parameter contains the name of an LDAP attribute corresponding to its " @@ -4820,17 +5043,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:505 +#: sssd-ldap.5.xml:543 msgid "Default: shadowExpire" msgstr "Padrão: shadowExpire" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:511 +#: sssd-ldap.5.xml:549 msgid "ldap_user_krb_last_pwd_change (string)" msgstr "ldap_user_krb_last_pwd_change (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:514 +#: sssd-ldap.5.xml:552 msgid "" "When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " "an LDAP attribute storing the date and time of last password change in " @@ -4838,155 +5061,155 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:520 +#: sssd-ldap.5.xml:558 msgid "Default: krbLastPwdChange" msgstr "Padrão: krbLastPwdChange" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:526 +#: sssd-ldap.5.xml:564 msgid "ldap_user_krb_password_expiration (string)" msgstr "ldap_user_krb_password_expiration (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:529 +#: sssd-ldap.5.xml:567 msgid "" "When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " "an LDAP attribute storing the date and time when current password expires." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:535 +#: sssd-ldap.5.xml:573 msgid "Default: krbPasswordExpiration" msgstr "Padrão: krbPasswordExpiration" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:541 +#: sssd-ldap.5.xml:579 msgid "ldap_user_ad_account_expires (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:544 +#: sssd-ldap.5.xml:582 msgid "" "When using ldap_account_expire_policy=ad, this parameter contains the name " "of an LDAP attribute storing the expiration time of the account." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:549 +#: sssd-ldap.5.xml:587 msgid "Default: accountExpires" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:555 +#: sssd-ldap.5.xml:593 msgid "ldap_user_ad_user_account_control (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:558 +#: sssd-ldap.5.xml:596 msgid "" "When using ldap_account_expire_policy=ad, this parameter contains the name " "of an LDAP attribute storing the user account control bit field." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:563 +#: sssd-ldap.5.xml:601 msgid "Default: userAccountControl" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:569 +#: sssd-ldap.5.xml:607 msgid "ldap_ns_account_lock (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:572 +#: sssd-ldap.5.xml:610 msgid "" "When using ldap_account_expire_policy=rhds or equivalent, this parameter " "determines if access is allowed or not." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:577 +#: sssd-ldap.5.xml:615 msgid "Default: nsAccountLock" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:583 +#: sssd-ldap.5.xml:621 msgid "ldap_user_nds_login_disabled (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:586 +#: sssd-ldap.5.xml:624 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines if " "access is allowed or not." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:590 sssd-ldap.5.xml:604 +#: sssd-ldap.5.xml:628 sssd-ldap.5.xml:642 msgid "Default: loginDisabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:596 +#: sssd-ldap.5.xml:634 msgid "ldap_user_nds_login_expiration_time (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:599 +#: sssd-ldap.5.xml:637 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines until " "which date access is granted." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:610 +#: sssd-ldap.5.xml:648 msgid "ldap_user_nds_login_allowed_time_map (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:613 +#: sssd-ldap.5.xml:651 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines the " "hours of a day in a week when access is granted." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:618 +#: sssd-ldap.5.xml:656 msgid "Default: loginAllowedTimeMap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:624 +#: sssd-ldap.5.xml:662 msgid "ldap_user_principal (string)" msgstr "ldap_user_principal (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:627 +#: sssd-ldap.5.xml:665 msgid "" "The LDAP attribute that contains the user's Kerberos User Principal Name " "(UPN)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:631 +#: sssd-ldap.5.xml:669 msgid "Default: krbPrincipalName" msgstr "Padrão: krbPrincipalName" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:637 +#: sssd-ldap.5.xml:675 msgid "ldap_user_extra_attrs (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:640 +#: sssd-ldap.5.xml:678 msgid "" "Comma-separated list of LDAP attributes that SSSD would fetch along with the " "usual set of user attributes." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:645 +#: sssd-ldap.5.xml:683 msgid "" "The list can either contain LDAP attribute names only, or colon-separated " "tuples of SSSD cache attribute name and LDAP attribute name. In case only " @@ -4996,7 +5219,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:655 +#: sssd-ldap.5.xml:693 msgid "" "Please note that several attribute names are reserved by SSSD, notably the " "<quote>name</quote> attribute. SSSD would report an error if any of the " @@ -5004,51 +5227,51 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:665 +#: sssd-ldap.5.xml:703 msgid "ldap_user_extra_attrs = telephoneNumber" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:668 +#: sssd-ldap.5.xml:706 msgid "" "Save the <quote>telephoneNumber</quote> attribute from LDAP as " "<quote>telephoneNumber</quote> to the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:672 +#: sssd-ldap.5.xml:710 msgid "ldap_user_extra_attrs = phone:telephoneNumber" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:675 +#: sssd-ldap.5.xml:713 msgid "" "Save the <quote>telephoneNumber</quote> attribute from LDAP as <quote>phone</" "quote> to the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:685 +#: sssd-ldap.5.xml:723 msgid "ldap_user_ssh_public_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:688 +#: sssd-ldap.5.xml:726 msgid "The LDAP attribute that contains the user's SSH public keys." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:692 sssd-ldap.5.xml:1247 +#: sssd-ldap.5.xml:730 sssd-ldap.5.xml:1285 msgid "Default: sshPublicKey" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:698 +#: sssd-ldap.5.xml:736 msgid "ldap_force_upper_case_realm (boolean)" msgstr "ldap_force_upper_case_realm (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:701 +#: sssd-ldap.5.xml:739 msgid "" "Some directory servers, for example Active Directory, might deliver the " "realm part of the UPN in lower case, which might cause the authentication to " @@ -5057,24 +5280,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:714 +#: sssd-ldap.5.xml:752 msgid "ldap_enumeration_refresh_timeout (integer)" msgstr "ldap_enumeration_refresh_timeout (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:717 +#: sssd-ldap.5.xml:755 msgid "" "Specifies how many seconds SSSD has to wait before refreshing its cache of " "enumerated records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:728 +#: sssd-ldap.5.xml:766 msgid "ldap_purge_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:731 +#: sssd-ldap.5.xml:769 msgid "" "Determine how often to check the cache for inactive entries (such as groups " "with no members and users who have never logged in) and remove them to save " @@ -5082,7 +5305,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:737 +#: sssd-ldap.5.xml:775 msgid "" "Setting this option to zero will disable the cache cleanup operation. Please " "note that if enumeration is enabled, the cleanup task is required in order " @@ -5091,43 +5314,43 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:752 +#: sssd-ldap.5.xml:790 msgid "ldap_user_fullname (string)" msgstr "ldap_user_fullname (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:755 +#: sssd-ldap.5.xml:793 msgid "The LDAP attribute that corresponds to the user's full name." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:759 sssd-ldap.5.xml:1102 sssd-ldap.5.xml:1176 -#: sssd-ldap.5.xml:1285 sssd-ldap.5.xml:2346 sssd-ipa.5.xml:622 +#: sssd-ldap.5.xml:797 sssd-ldap.5.xml:1140 sssd-ldap.5.xml:1214 +#: sssd-ldap.5.xml:1323 sssd-ldap.5.xml:2404 sssd-ipa.5.xml:622 msgid "Default: cn" msgstr "Padrão: NC" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:765 +#: sssd-ldap.5.xml:803 msgid "ldap_user_member_of (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:768 +#: sssd-ldap.5.xml:806 msgid "The LDAP attribute that lists the user's group memberships." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:772 sssd-ldap.5.xml:1215 +#: sssd-ldap.5.xml:810 sssd-ldap.5.xml:1253 msgid "Default: memberOf" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:778 +#: sssd-ldap.5.xml:816 msgid "ldap_user_authorized_service (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:781 +#: sssd-ldap.5.xml:819 msgid "" "If access_provider=ldap and ldap_access_order=authorized_service, SSSD will " "use the presence of the authorizedService attribute in the user's LDAP entry " @@ -5135,14 +5358,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:788 +#: sssd-ldap.5.xml:826 msgid "" "An explicit deny (!svc) is resolved first. Second, SSSD searches for " "explicit allow (svc) and finally for allow_all (*)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:793 +#: sssd-ldap.5.xml:831 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>authorized_service</quote> in order for the " @@ -5150,17 +5373,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:800 +#: sssd-ldap.5.xml:838 msgid "Default: authorizedService" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:806 +#: sssd-ldap.5.xml:844 msgid "ldap_user_authorized_host (string)" msgstr "ldap_user_authorized_host (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:809 +#: sssd-ldap.5.xml:847 msgid "" "If access_provider=ldap and ldap_access_order=host, SSSD will use the " "presence of the host attribute in the user's LDAP entry to determine access " @@ -5168,14 +5391,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:815 +#: sssd-ldap.5.xml:853 msgid "" "An explicit deny (!host) is resolved first. Second, SSSD searches for " "explicit allow (host) and finally for allow_all (*)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:820 +#: sssd-ldap.5.xml:858 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>host</quote> in order for the " @@ -5183,17 +5406,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:827 +#: sssd-ldap.5.xml:865 msgid "Default: host" msgstr "Padrão: host" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:833 +#: sssd-ldap.5.xml:871 msgid "ldap_user_authorized_rhost (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:836 +#: sssd-ldap.5.xml:874 msgid "" "If access_provider=ldap and ldap_access_order=rhost, SSSD will use the " "presence of the rhost attribute in the user's LDAP entry to determine access " @@ -5201,14 +5424,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:843 +#: sssd-ldap.5.xml:881 msgid "" "An explicit deny (!rhost) is resolved first. Second, SSSD searches for " "explicit allow (rhost) and finally for allow_all (*)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:848 +#: sssd-ldap.5.xml:886 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>rhost</quote> in order for the " @@ -5216,37 +5439,37 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:855 +#: sssd-ldap.5.xml:893 msgid "Default: rhost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:861 +#: sssd-ldap.5.xml:899 msgid "ldap_user_certificate (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:864 +#: sssd-ldap.5.xml:902 msgid "Name of the LDAP attribute containing the X509 certificate of the user." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:868 +#: sssd-ldap.5.xml:906 msgid "Default: userCertificate;binary" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:874 +#: sssd-ldap.5.xml:912 msgid "ldap_user_email (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:877 +#: sssd-ldap.5.xml:915 msgid "Name of the LDAP attribute containing the email address of the user." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:881 +#: sssd-ldap.5.xml:919 msgid "" "Note: If an email address of a user conflicts with an email address or fully " "qualified name of another user, then SSSD will not be able to serve those " @@ -5256,106 +5479,106 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:890 +#: sssd-ldap.5.xml:928 msgid "Default: mail" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:896 +#: sssd-ldap.5.xml:934 msgid "ldap_group_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:899 +#: sssd-ldap.5.xml:937 msgid "The object class of a group entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:902 +#: sssd-ldap.5.xml:940 msgid "Default: posixGroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:908 +#: sssd-ldap.5.xml:946 msgid "ldap_group_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:911 +#: sssd-ldap.5.xml:949 msgid "The LDAP attribute that corresponds to the group name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:915 +#: sssd-ldap.5.xml:953 msgid "Default: cn (rfc2307, rfc2307bis and IPA), sAMAccountName (AD)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:922 +#: sssd-ldap.5.xml:960 msgid "ldap_group_gid_number (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:925 +#: sssd-ldap.5.xml:963 msgid "The LDAP attribute that corresponds to the group's id." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:935 +#: sssd-ldap.5.xml:973 msgid "ldap_group_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:938 +#: sssd-ldap.5.xml:976 msgid "The LDAP attribute that contains the names of the group's members." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:942 +#: sssd-ldap.5.xml:980 msgid "Default: memberuid (rfc2307) / member (rfc2307bis)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:948 +#: sssd-ldap.5.xml:986 msgid "ldap_group_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:951 +#: sssd-ldap.5.xml:989 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:962 +#: sssd-ldap.5.xml:1000 msgid "ldap_group_objectsid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:965 +#: sssd-ldap.5.xml:1003 msgid "" "The LDAP attribute that contains the objectSID of an LDAP group object. This " "is usually only necessary for ActiveDirectory servers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:977 +#: sssd-ldap.5.xml:1015 msgid "ldap_group_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:990 +#: sssd-ldap.5.xml:1028 msgid "ldap_group_type (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:993 +#: sssd-ldap.5.xml:1031 msgid "" "The LDAP attribute that contains an integer value indicating the type of the " "group and maybe other flags." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:998 +#: sssd-ldap.5.xml:1036 msgid "" "This attribute is currently only used by the AD provider to determine if a " "group is a domain local groups and has to be filtered out for trusted " @@ -5363,34 +5586,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1004 +#: sssd-ldap.5.xml:1042 msgid "Default: groupType in the AD provider, otherwise not set" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1011 +#: sssd-ldap.5.xml:1049 msgid "ldap_group_external_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1014 +#: sssd-ldap.5.xml:1052 msgid "" "The LDAP attribute that references group members that are defined in an " "external domain. At the moment, only IPA's external members are supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1020 +#: sssd-ldap.5.xml:1058 msgid "Default: ipaExternalMember in the IPA provider, otherwise unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1027 +#: sssd-ldap.5.xml:1065 msgid "ldap_group_nesting_level (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1030 +#: sssd-ldap.5.xml:1068 msgid "" "If ldap_schema is set to a schema format that supports nested groups (e.g. " "RFC2307bis), then this option controls how many levels of nesting SSSD will " @@ -5398,7 +5621,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1037 +#: sssd-ldap.5.xml:1075 msgid "" "Note: This option specifies the guaranteed level of nested groups to be " "processed for any lookup. However, nested groups beyond this limit " @@ -5408,7 +5631,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1046 +#: sssd-ldap.5.xml:1084 msgid "" "If ldap_group_nesting_level is set to 0 then no nested groups are processed " "at all. However, when connected to Active-Directory Server 2008 and later " @@ -5418,177 +5641,177 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1055 +#: sssd-ldap.5.xml:1093 msgid "Default: 2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1064 +#: sssd-ldap.5.xml:1102 msgid "" "This options enables or disables use of Token-Groups attribute when " "performing initgroup for users from Active Directory Server 2008 and later." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1069 +#: sssd-ldap.5.xml:1107 msgid "Default: True for AD and IPA otherwise False." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1075 +#: sssd-ldap.5.xml:1113 msgid "ldap_netgroup_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1078 +#: sssd-ldap.5.xml:1116 msgid "The object class of a netgroup entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1081 +#: sssd-ldap.5.xml:1119 msgid "In IPA provider, ipa_netgroup_object_class should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1085 +#: sssd-ldap.5.xml:1123 msgid "Default: nisNetgroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1091 +#: sssd-ldap.5.xml:1129 msgid "ldap_netgroup_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1094 +#: sssd-ldap.5.xml:1132 msgid "The LDAP attribute that corresponds to the netgroup name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1098 +#: sssd-ldap.5.xml:1136 msgid "In IPA provider, ipa_netgroup_name should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1108 +#: sssd-ldap.5.xml:1146 msgid "ldap_netgroup_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1111 +#: sssd-ldap.5.xml:1149 msgid "The LDAP attribute that contains the names of the netgroup's members." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1115 +#: sssd-ldap.5.xml:1153 msgid "In IPA provider, ipa_netgroup_member should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1119 +#: sssd-ldap.5.xml:1157 msgid "Default: memberNisNetgroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1125 +#: sssd-ldap.5.xml:1163 msgid "ldap_netgroup_triple (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1128 +#: sssd-ldap.5.xml:1166 msgid "" "The LDAP attribute that contains the (host, user, domain) netgroup triples." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1132 sssd-ldap.5.xml:1148 +#: sssd-ldap.5.xml:1170 sssd-ldap.5.xml:1186 msgid "This option is not available in IPA provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1135 +#: sssd-ldap.5.xml:1173 msgid "Default: nisNetgroupTriple" msgstr "Padrão: nisNetgroupTriple" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1141 +#: sssd-ldap.5.xml:1179 msgid "ldap_netgroup_modify_timestamp (string)" msgstr "ldap_netgroup_modify_timestamp (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1157 +#: sssd-ldap.5.xml:1195 msgid "ldap_host_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1160 +#: sssd-ldap.5.xml:1198 msgid "The object class of a host entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1163 sssd-ldap.5.xml:1272 +#: sssd-ldap.5.xml:1201 sssd-ldap.5.xml:1310 msgid "Default: ipService" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1169 +#: sssd-ldap.5.xml:1207 msgid "ldap_host_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1172 sssd-ldap.5.xml:1198 +#: sssd-ldap.5.xml:1210 sssd-ldap.5.xml:1236 msgid "The LDAP attribute that corresponds to the host's name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1182 +#: sssd-ldap.5.xml:1220 msgid "ldap_host_fqdn (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1185 +#: sssd-ldap.5.xml:1223 msgid "" "The LDAP attribute that corresponds to the host's fully-qualified domain " "name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1189 +#: sssd-ldap.5.xml:1227 msgid "Default: fqdn" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1195 +#: sssd-ldap.5.xml:1233 msgid "ldap_host_serverhostname (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1202 +#: sssd-ldap.5.xml:1240 msgid "Default: serverHostname" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1208 +#: sssd-ldap.5.xml:1246 msgid "ldap_host_member_of (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1211 +#: sssd-ldap.5.xml:1249 msgid "The LDAP attribute that lists the host's group memberships." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1221 +#: sssd-ldap.5.xml:1259 msgid "ldap_host_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1224 +#: sssd-ldap.5.xml:1262 msgid "Optional. Use the given string as search base for host objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1228 sssd-ipa.5.xml:374 sssd-ipa.5.xml:393 +#: sssd-ldap.5.xml:1266 sssd-ipa.5.xml:374 sssd-ipa.5.xml:393 #: sssd-ipa.5.xml:412 sssd-ipa.5.xml:431 msgid "" "See <quote>ldap_search_base</quote> for information about configuring " @@ -5596,95 +5819,95 @@ msgid "" msgstr "" #. type: Content of: <listitem><para> -#: sssd-ldap.5.xml:1233 sssd-ipa.5.xml:379 include/ldap_search_bases.xml:27 +#: sssd-ldap.5.xml:1271 sssd-ipa.5.xml:379 include/ldap_search_bases.xml:27 msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1240 +#: sssd-ldap.5.xml:1278 msgid "ldap_host_ssh_public_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1243 +#: sssd-ldap.5.xml:1281 msgid "The LDAP attribute that contains the host's SSH public keys." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1253 +#: sssd-ldap.5.xml:1291 msgid "ldap_host_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1256 +#: sssd-ldap.5.xml:1294 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP host object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1266 +#: sssd-ldap.5.xml:1304 msgid "ldap_service_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1269 +#: sssd-ldap.5.xml:1307 msgid "The object class of a service entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1278 +#: sssd-ldap.5.xml:1316 msgid "ldap_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1281 +#: sssd-ldap.5.xml:1319 msgid "" "The LDAP attribute that contains the name of service attributes and their " "aliases." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1291 +#: sssd-ldap.5.xml:1329 msgid "ldap_service_port (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1294 +#: sssd-ldap.5.xml:1332 msgid "The LDAP attribute that contains the port managed by this service." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1298 +#: sssd-ldap.5.xml:1336 msgid "Default: ipServicePort" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1304 +#: sssd-ldap.5.xml:1342 msgid "ldap_service_proto (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1307 +#: sssd-ldap.5.xml:1345 msgid "" "The LDAP attribute that contains the protocols understood by this service." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1311 +#: sssd-ldap.5.xml:1349 msgid "Default: ipServiceProtocol" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1317 +#: sssd-ldap.5.xml:1355 msgid "ldap_service_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1322 +#: sssd-ldap.5.xml:1360 msgid "ldap_search_timeout (integer)" msgstr "ldap_search_timeout (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1325 +#: sssd-ldap.5.xml:1363 msgid "" "Specifies the timeout (in seconds) that ldap searches are allowed to run " "before they are cancelled and cached results are returned (and offline mode " @@ -5692,7 +5915,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1331 +#: sssd-ldap.5.xml:1369 msgid "" "Note: this option is subject to change in future versions of the SSSD. It " "will likely be replaced at some point by a series of timeouts for specific " @@ -5700,12 +5923,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1343 +#: sssd-ldap.5.xml:1381 msgid "ldap_enumeration_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1346 +#: sssd-ldap.5.xml:1384 msgid "" "Specifies the timeout (in seconds) that ldap searches for user and group " "enumerations are allowed to run before they are cancelled and cached results " @@ -5713,12 +5936,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1359 +#: sssd-ldap.5.xml:1397 msgid "ldap_network_timeout (integer)" msgstr "ldap_network_timeout (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1362 +#: sssd-ldap.5.xml:1400 msgid "" "Specifies the timeout (in seconds) after which the <citerefentry> " "<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" @@ -5729,12 +5952,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1385 +#: sssd-ldap.5.xml:1423 msgid "ldap_opt_timeout (integer)" msgstr "ldap_opt_timeout (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1388 +#: sssd-ldap.5.xml:1426 msgid "" "Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " "will abort if no response is received. Also controls the timeout when " @@ -5743,12 +5966,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1403 +#: sssd-ldap.5.xml:1441 msgid "ldap_connection_expire_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1406 +#: sssd-ldap.5.xml:1444 msgid "" "Specifies a timeout (in seconds) that a connection to an LDAP server will be " "maintained. After this time, the connection will be re-established. If used " @@ -5757,34 +5980,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1414 sssd-ldap.5.xml:2503 +#: sssd-ldap.5.xml:1452 sssd-ldap.5.xml:2572 msgid "Default: 900 (15 minutes)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1420 +#: sssd-ldap.5.xml:1458 msgid "ldap_page_size (integer)" msgstr "ldap_page_size (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1423 +#: sssd-ldap.5.xml:1461 msgid "" "Specify the number of records to retrieve from LDAP in a single request. " "Some LDAP servers enforce a maximum limit per-request." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1428 +#: sssd-ldap.5.xml:1466 msgid "Default: 1000" msgstr "Padrão: 1000" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1434 +#: sssd-ldap.5.xml:1472 msgid "ldap_disable_paging (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1437 +#: sssd-ldap.5.xml:1475 msgid "" "Disable the LDAP paging control. This option should be used if the LDAP " "server reports that it supports the LDAP paging control in its RootDSE but " @@ -5792,14 +6015,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1443 +#: sssd-ldap.5.xml:1481 msgid "" "Example: OpenLDAP servers with the paging control module installed on the " "server but not enabled will report it in the RootDSE but be unable to use it." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1449 +#: sssd-ldap.5.xml:1487 msgid "" "Example: 389 DS has a bug where it can only support a one paging control at " "a time on a single connection. On busy clients, this can result in some " @@ -5807,17 +6030,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1461 +#: sssd-ldap.5.xml:1499 msgid "ldap_disable_range_retrieval (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1464 +#: sssd-ldap.5.xml:1502 msgid "Disable Active Directory range retrieval." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1467 +#: sssd-ldap.5.xml:1505 msgid "" "Active Directory limits the number of members to be retrieved in a single " "lookup using the MaxValRange policy (which defaults to 1500 members). If a " @@ -5827,12 +6050,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1482 +#: sssd-ldap.5.xml:1520 msgid "ldap_sasl_minssf (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1485 +#: sssd-ldap.5.xml:1523 msgid "" "When communicating with an LDAP server using SASL, specify the minimum " "security level necessary to establish the connection. The values of this " @@ -5840,17 +6063,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1491 +#: sssd-ldap.5.xml:1529 msgid "Default: Use the system default (usually specified by ldap.conf)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1498 +#: sssd-ldap.5.xml:1536 msgid "ldap_deref_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1501 +#: sssd-ldap.5.xml:1539 msgid "" "Specify the number of group members that must be missing from the internal " "cache in order to trigger a dereference lookup. If less members are missing, " @@ -5858,13 +6081,18 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1507 +#: sssd-ldap.5.xml:1545 msgid "" -"You can turn off dereference lookups completely by setting the value to 0." +"You can turn off dereference lookups completely by setting the value to 0. " +"Please note that there are some codepaths in SSSD, like the IPA HBAC " +"provider, that are only implemented using the dereference call, so even with " +"dereference explicitly disabled, those parts will still use dereference if " +"the server supports it and advertises the dereference control in the rootDSE " +"object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1511 +#: sssd-ldap.5.xml:1556 msgid "" "A dereference lookup is a means of fetching all group members in a single " "LDAP call. Different LDAP servers may implement different dereference " @@ -5873,7 +6101,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1519 +#: sssd-ldap.5.xml:1564 msgid "" "<emphasis>Note:</emphasis> If any of the search bases specifies a search " "filter, then the dereference lookup performance enhancement will be disabled " @@ -5881,19 +6109,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1532 +#: sssd-ldap.5.xml:1577 msgid "ldap_tls_reqcert (string)" msgstr "ldap_tls_reqcert (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1535 +#: sssd-ldap.5.xml:1580 msgid "" "Specifies what checks to perform on server certificates in a TLS session, if " "any. It can be specified as one of the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1541 +#: sssd-ldap.5.xml:1586 msgid "" "<emphasis>never</emphasis> = The client will not request or check any server " "certificate." @@ -5902,7 +6130,7 @@ msgstr "" "qualquer certificado de servidor." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1545 +#: sssd-ldap.5.xml:1590 msgid "" "<emphasis>allow</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -5910,7 +6138,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1552 +#: sssd-ldap.5.xml:1597 msgid "" "<emphasis>try</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -5918,7 +6146,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1558 +#: sssd-ldap.5.xml:1603 msgid "" "<emphasis>demand</emphasis> = The server certificate is requested. If no " "certificate is provided, or a bad certificate is provided, the session is " @@ -5926,41 +6154,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1564 +#: sssd-ldap.5.xml:1609 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1568 +#: sssd-ldap.5.xml:1613 msgid "Default: hard" msgstr "Padrão: hard" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1574 +#: sssd-ldap.5.xml:1619 msgid "ldap_tls_cacert (string)" msgstr "ldap_tls_cacert (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1577 +#: sssd-ldap.5.xml:1622 msgid "" "Specifies the file that contains certificates for all of the Certificate " "Authorities that <command>sssd</command> will recognize." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1582 sssd-ldap.5.xml:1600 sssd-ldap.5.xml:1641 +#: sssd-ldap.5.xml:1627 sssd-ldap.5.xml:1645 sssd-ldap.5.xml:1686 msgid "" "Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." "conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1589 +#: sssd-ldap.5.xml:1634 msgid "ldap_tls_cacertdir (string)" msgstr "ldap_tls_cacertdir (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1592 +#: sssd-ldap.5.xml:1637 msgid "" "Specifies the path of a directory that contains Certificate Authority " "certificates in separate individual files. Typically the file names need to " @@ -5969,32 +6197,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1607 +#: sssd-ldap.5.xml:1652 msgid "ldap_tls_cert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1610 +#: sssd-ldap.5.xml:1655 msgid "Specifies the file that contains the certificate for the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1620 +#: sssd-ldap.5.xml:1665 msgid "ldap_tls_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1623 +#: sssd-ldap.5.xml:1668 msgid "Specifies the file that contains the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1632 +#: sssd-ldap.5.xml:1677 msgid "ldap_tls_cipher_suite (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1635 +#: sssd-ldap.5.xml:1680 msgid "" "Specifies acceptable cipher suites. Typically this is a colon separated " "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " @@ -6002,24 +6230,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1648 +#: sssd-ldap.5.xml:1693 msgid "ldap_id_use_start_tls (boolean)" msgstr "ldap_id_use_start_tls (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1651 +#: sssd-ldap.5.xml:1696 msgid "" "Specifies that the id_provider connection must also use <systemitem class=" "\"protocol\">tls</systemitem> to protect the channel." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1661 +#: sssd-ldap.5.xml:1706 msgid "ldap_id_mapping (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1664 +#: sssd-ldap.5.xml:1709 msgid "" "Specifies that SSSD should attempt to map user and group IDs from the " "ldap_user_objectsid and ldap_group_objectsid attributes instead of relying " @@ -6027,17 +6255,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1670 +#: sssd-ldap.5.xml:1715 msgid "Currently this feature supports only ActiveDirectory objectSID mapping." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1680 +#: sssd-ldap.5.xml:1725 msgid "ldap_min_id, ldap_max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1683 +#: sssd-ldap.5.xml:1728 msgid "" "In contrast to the SID based ID mapping which is used if ldap_id_mapping is " "set to true the allowed ID range for ldap_user_uid_number and " @@ -6048,29 +6276,40 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1695 +#: sssd-ldap.5.xml:1740 msgid "Default: not set (both options are set to 0)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1701 +#: sssd-ldap.5.xml:1746 msgid "ldap_sasl_mech (string)" msgstr "ldap_sasl_mech (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1704 +#: sssd-ldap.5.xml:1749 msgid "" -"Specify the SASL mechanism to use. Currently only GSSAPI is tested and " -"supported." +"Specify the SASL mechanism to use. Currently only GSSAPI and GSS-SPNEGO are " +"tested and supported." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1753 +msgid "" +"If the backend supports sub-domains the value of ldap_sasl_mech is " +"automatically inherited to the sub-domains. If a different value is needed " +"for a sub-domain it can be overwritten by setting ldap_sasl_mech for this " +"sub-domain explicitly. Please see TRUSTED DOMAIN SECTION in " +"<citerefentry><refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" +"manvolnum></citerefentry> for details." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1714 +#: sssd-ldap.5.xml:1769 msgid "ldap_sasl_authid (string)" msgstr "ldap_sasl_authid (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ldap.5.xml:1725 +#: sssd-ldap.5.xml:1781 #, no-wrap msgid "" "hostname@REALM\n" @@ -6083,29 +6322,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1717 +#: sssd-ldap.5.xml:1772 msgid "" -"Specify the SASL authorization id to use. When GSSAPI is used, this " -"represents the Kerberos principal used for authentication to the directory. " -"This option can either contain the full principal (for example host/" -"myhost@EXAMPLE.COM) or just the principal name (for example host/myhost). By " -"default, the value is not set and the following principals are used: " -"<placeholder type=\"programlisting\" id=\"0\"/> If none of them are found, " -"the first principal in keytab is returned." +"Specify the SASL authorization id to use. When GSSAPI/GSS-SPNEGO are used, " +"this represents the Kerberos principal used for authentication to the " +"directory. This option can either contain the full principal (for example " +"host/myhost@EXAMPLE.COM) or just the principal name (for example host/" +"myhost). By default, the value is not set and the following principals are " +"used: <placeholder type=\"programlisting\" id=\"0\"/> If none of them are " +"found, the first principal in keytab is returned." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1736 +#: sssd-ldap.5.xml:1792 msgid "Default: host/hostname@REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1742 +#: sssd-ldap.5.xml:1798 msgid "ldap_sasl_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1745 +#: sssd-ldap.5.xml:1801 msgid "" "Specify the SASL realm to use. When not specified, this option defaults to " "the value of krb5_realm. If the ldap_sasl_authid contains the realm as " @@ -6113,78 +6352,79 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1751 +#: sssd-ldap.5.xml:1807 msgid "Default: the value of krb5_realm." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1757 +#: sssd-ldap.5.xml:1813 msgid "ldap_sasl_canonicalize (boolean)" msgstr "ldap_sasl_canonicalize (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1760 +#: sssd-ldap.5.xml:1816 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1765 +#: sssd-ldap.5.xml:1821 msgid "Default: false;" msgstr "Padrão: false;" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1771 +#: sssd-ldap.5.xml:1827 msgid "ldap_krb5_keytab (string)" msgstr "ldap_krb5_keytab (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1774 -msgid "Specify the keytab to use when using SASL/GSSAPI." +#: sssd-ldap.5.xml:1830 +msgid "Specify the keytab to use when using SASL/GSSAPI/GSS-SPNEGO." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1777 +#: sssd-ldap.5.xml:1834 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" "Padrão: Sistema keytab, normalmente <filename>/etc/krb5.keytab</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1783 +#: sssd-ldap.5.xml:1840 msgid "ldap_krb5_init_creds (boolean)" msgstr "ldap_krb5_init_creds (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1786 +#: sssd-ldap.5.xml:1843 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " -"GSSAPI." +"GSSAPI or GSS-SPNEGO." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1798 +#: sssd-ldap.5.xml:1855 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "ldap_krb5_ticket_lifetime (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1801 -msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." +#: sssd-ldap.5.xml:1858 +msgid "" +"Specifies the lifetime in seconds of the TGT if GSSAPI or GSS-SPNEGO is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1805 sssd-ad.5.xml:959 +#: sssd-ldap.5.xml:1862 sssd-ad.5.xml:978 msgid "Default: 86400 (24 hours)" msgstr "Padrão: 86400 (24 horas)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1811 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:1868 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1814 +#: sssd-ldap.5.xml:1871 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of preference. " @@ -6196,7 +6436,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1826 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:1883 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -6204,7 +6444,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1831 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1888 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " @@ -6212,39 +6452,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1840 sssd-ipa.5.xml:443 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1897 sssd-ipa.5.xml:443 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "krb5_realm (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1843 -msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." +#: sssd-ldap.5.xml:1900 +msgid "Specify the Kerberos REALM (for SASL/GSSAPI/GSS-SPNEGO auth)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1846 +#: sssd-ldap.5.xml:1904 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1852 sssd-krb5.5.xml:462 +#: sssd-ldap.5.xml:1910 sssd-krb5.5.xml:462 msgid "krb5_canonicalize (boolean)" msgstr "krb5_canonicalize (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1855 +#: sssd-ldap.5.xml:1913 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1867 sssd-krb5.5.xml:477 +#: sssd-ldap.5.xml:1925 sssd-krb5.5.xml:477 msgid "krb5_use_kdcinfo (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1870 sssd-krb5.5.xml:480 +#: sssd-ldap.5.xml:1928 sssd-krb5.5.xml:480 msgid "" "Specifies if the SSSD should instruct the Kerberos libraries what realm and " "which KDCs to use. This option is on by default, if you disable it, you need " @@ -6254,7 +6494,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1881 sssd-krb5.5.xml:491 +#: sssd-ldap.5.xml:1939 sssd-krb5.5.xml:491 msgid "" "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more " @@ -6262,26 +6502,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1895 +#: sssd-ldap.5.xml:1953 msgid "ldap_pwd_policy (string)" msgstr "ldap_pwd_policy (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1898 +#: sssd-ldap.5.xml:1956 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1903 +#: sssd-ldap.5.xml:1961 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1908 +#: sssd-ldap.5.xml:1966 msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " @@ -6289,7 +6529,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1914 +#: sssd-ldap.5.xml:1972 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " @@ -6297,31 +6537,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1923 +#: sssd-ldap.5.xml:1981 msgid "" "<emphasis>Note</emphasis>: if a password policy is configured on server " "side, it always takes precedence over policy set with this option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1931 +#: sssd-ldap.5.xml:1989 msgid "ldap_referrals (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1934 +#: sssd-ldap.5.xml:1992 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1938 +#: sssd-ldap.5.xml:1996 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1943 +#: sssd-ldap.5.xml:2001 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " @@ -6330,56 +6570,56 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1957 +#: sssd-ldap.5.xml:2015 msgid "ldap_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1960 +#: sssd-ldap.5.xml:2018 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1964 +#: sssd-ldap.5.xml:2022 msgid "Default: ldap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1970 +#: sssd-ldap.5.xml:2028 msgid "ldap_chpass_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1973 +#: sssd-ldap.5.xml:2031 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1978 +#: sssd-ldap.5.xml:2036 msgid "Default: not set, i.e. service discovery is disabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1984 +#: sssd-ldap.5.xml:2042 msgid "ldap_chpass_update_last_change (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1987 +#: sssd-ldap.5.xml:2045 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1999 +#: sssd-ldap.5.xml:2057 msgid "ldap_access_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2002 +#: sssd-ldap.5.xml:2060 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -6395,12 +6635,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2022 +#: sssd-ldap.5.xml:2080 msgid "Example:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:2025 +#: sssd-ldap.5.xml:2083 #, no-wrap msgid "" "access_provider = ldap\n" @@ -6409,14 +6649,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2029 +#: sssd-ldap.5.xml:2087 msgid "" "This example means that access to this host is restricted to users whose " "employeeType attribute is set to \"admin\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2034 +#: sssd-ldap.5.xml:2092 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -6425,24 +6665,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2042 sssd-ldap.5.xml:2099 +#: sssd-ldap.5.xml:2100 sssd-ldap.5.xml:2157 msgid "Default: Empty" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2048 +#: sssd-ldap.5.xml:2106 msgid "ldap_account_expire_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2051 +#: sssd-ldap.5.xml:2109 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2055 +#: sssd-ldap.5.xml:2113 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -6450,19 +6690,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2062 +#: sssd-ldap.5.xml:2120 msgid "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2065 +#: sssd-ldap.5.xml:2123 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2070 +#: sssd-ldap.5.xml:2128 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -6471,7 +6711,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2077 +#: sssd-ldap.5.xml:2135 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " @@ -6479,7 +6719,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2083 +#: sssd-ldap.5.xml:2141 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -6488,7 +6728,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2092 +#: sssd-ldap.5.xml:2150 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>expire</quote> in order for the " @@ -6496,22 +6736,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2105 +#: sssd-ldap.5.xml:2163 msgid "ldap_access_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2108 +#: sssd-ldap.5.xml:2166 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2112 +#: sssd-ldap.5.xml:2170 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2115 +#: sssd-ldap.5.xml:2173 msgid "" "<emphasis>lockout</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -6521,14 +6761,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2125 +#: sssd-ldap.5.xml:2183 msgid "" "<emphasis> Please note that this option is superseded by the <quote>ppolicy</" "quote> option and might be removed in a future release. </emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2132 +#: sssd-ldap.5.xml:2190 msgid "" "<emphasis>ppolicy</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -6541,12 +6781,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2149 +#: sssd-ldap.5.xml:2207 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2153 +#: sssd-ldap.5.xml:2211 msgid "" "<emphasis>pwd_expire_policy_reject, pwd_expire_policy_warn, " "pwd_expire_policy_renew: </emphasis> These options are useful if users are " @@ -6556,7 +6796,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2163 +#: sssd-ldap.5.xml:2221 msgid "" "The difference between these options is the action taken if user password is " "expired: pwd_expire_policy_reject - user is denied to log in, " @@ -6566,63 +6806,63 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2171 +#: sssd-ldap.5.xml:2229 msgid "" "Note If user password is expired no explicit message is prompted by SSSD." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2175 +#: sssd-ldap.5.xml:2233 msgid "" "Please note that 'access_provider = ldap' must be set for this feature to " "work. Also 'ldap_pwd_policy' must be set to an appropriate password policy." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2180 +#: sssd-ldap.5.xml:2238 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2185 +#: sssd-ldap.5.xml:2243 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2189 +#: sssd-ldap.5.xml:2247 msgid "" "<emphasis>rhost</emphasis>: use the rhost attribute to determine whether " "remote host can access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2193 +#: sssd-ldap.5.xml:2251 msgid "" "Please note, rhost field in pam is set by application, it is better to check " "what the application sends to pam, before enabling this access control option" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2198 +#: sssd-ldap.5.xml:2256 msgid "Default: filter" msgstr "Padrão: filter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2201 +#: sssd-ldap.5.xml:2259 msgid "" "Please note that it is a configuration error if a value is used more than " "once." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2208 +#: sssd-ldap.5.xml:2266 msgid "ldap_pwdlockout_dn (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2211 +#: sssd-ldap.5.xml:2269 msgid "" "This option specifies the DN of password policy entry on LDAP server. Please " "note that absence of this option in sssd.conf in case of enabled account " @@ -6631,74 +6871,74 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2219 +#: sssd-ldap.5.xml:2277 msgid "Example: cn=ppolicy,ou=policies,dc=example,dc=com" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2222 +#: sssd-ldap.5.xml:2280 msgid "Default: cn=ppolicy,ou=policies,$ldap_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2228 +#: sssd-ldap.5.xml:2286 msgid "ldap_deref (string)" msgstr "ldap_deref (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2231 +#: sssd-ldap.5.xml:2289 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2236 +#: sssd-ldap.5.xml:2294 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2240 +#: sssd-ldap.5.xml:2298 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2245 +#: sssd-ldap.5.xml:2303 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2250 +#: sssd-ldap.5.xml:2308 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2255 +#: sssd-ldap.5.xml:2313 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2263 +#: sssd-ldap.5.xml:2321 msgid "ldap_rfc2307_fallback_to_local_users (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2266 +#: sssd-ldap.5.xml:2324 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2270 +#: sssd-ldap.5.xml:2328 msgid "" "In some environments where the RFC2307 schema is used, local users are made " "members of LDAP groups by adding their names to the memberUid attribute. " @@ -6709,7 +6949,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2281 +#: sssd-ldap.5.xml:2339 msgid "" "This option falls back to checking if local users are referenced, and caches " "them so that later initgroups() calls will augment the local users with the " @@ -6717,24 +6957,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2293 sssd-ifp.5.xml:136 +#: sssd-ldap.5.xml:2351 sssd-ifp.5.xml:136 msgid "wildcard_limit (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2296 +#: sssd-ldap.5.xml:2354 msgid "" "Specifies an upper limit on the number of entries that are downloaded during " "a wildcard lookup." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2300 +#: sssd-ldap.5.xml:2358 msgid "At the moment, only the InfoPipe responder supports wildcard lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2304 +#: sssd-ldap.5.xml:2362 msgid "Default: 1000 (often the size of one page)" msgstr "" @@ -6749,12 +6989,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2314 +#: sssd-ldap.5.xml:2372 msgid "SUDO OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2316 +#: sssd-ldap.5.xml:2374 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -6762,317 +7002,327 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2327 +#: sssd-ldap.5.xml:2385 msgid "ldap_sudorule_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2330 +#: sssd-ldap.5.xml:2388 msgid "The object class of a sudo rule entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2333 +#: sssd-ldap.5.xml:2391 msgid "Default: sudoRole" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2339 +#: sssd-ldap.5.xml:2397 msgid "ldap_sudorule_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2342 +#: sssd-ldap.5.xml:2400 msgid "The LDAP attribute that corresponds to the sudo rule name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2352 +#: sssd-ldap.5.xml:2410 msgid "ldap_sudorule_command (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2355 +#: sssd-ldap.5.xml:2413 msgid "The LDAP attribute that corresponds to the command name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2359 +#: sssd-ldap.5.xml:2417 msgid "Default: sudoCommand" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2365 +#: sssd-ldap.5.xml:2423 msgid "ldap_sudorule_host (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2368 +#: sssd-ldap.5.xml:2426 msgid "" "The LDAP attribute that corresponds to the host name (or host IP address, " "host IP network, or host netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2373 +#: sssd-ldap.5.xml:2431 msgid "Default: sudoHost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2379 +#: sssd-ldap.5.xml:2437 msgid "ldap_sudorule_user (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2382 +#: sssd-ldap.5.xml:2440 msgid "" "The LDAP attribute that corresponds to the user name (or UID, group name or " "user's netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2386 +#: sssd-ldap.5.xml:2444 msgid "Default: sudoUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2392 +#: sssd-ldap.5.xml:2450 msgid "ldap_sudorule_option (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2395 +#: sssd-ldap.5.xml:2453 msgid "The LDAP attribute that corresponds to the sudo options." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2399 +#: sssd-ldap.5.xml:2457 msgid "Default: sudoOption" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2405 +#: sssd-ldap.5.xml:2463 msgid "ldap_sudorule_runasuser (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2408 +#: sssd-ldap.5.xml:2466 msgid "" "The LDAP attribute that corresponds to the user name that commands may be " "run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2412 +#: sssd-ldap.5.xml:2470 msgid "Default: sudoRunAsUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2418 +#: sssd-ldap.5.xml:2476 msgid "ldap_sudorule_runasgroup (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2421 +#: sssd-ldap.5.xml:2479 msgid "" "The LDAP attribute that corresponds to the group name or group GID that " "commands may be run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2425 +#: sssd-ldap.5.xml:2483 msgid "Default: sudoRunAsGroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2431 +#: sssd-ldap.5.xml:2489 msgid "ldap_sudorule_notbefore (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2434 +#: sssd-ldap.5.xml:2492 msgid "" "The LDAP attribute that corresponds to the start date/time for when the sudo " "rule is valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2438 +#: sssd-ldap.5.xml:2496 msgid "Default: sudoNotBefore" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2444 +#: sssd-ldap.5.xml:2502 msgid "ldap_sudorule_notafter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2447 +#: sssd-ldap.5.xml:2505 msgid "" "The LDAP attribute that corresponds to the expiration date/time, after which " "the sudo rule will no longer be valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2452 +#: sssd-ldap.5.xml:2510 msgid "Default: sudoNotAfter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2458 +#: sssd-ldap.5.xml:2516 msgid "ldap_sudorule_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2461 +#: sssd-ldap.5.xml:2519 msgid "The LDAP attribute that corresponds to the ordering index of the rule." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2465 +#: sssd-ldap.5.xml:2523 msgid "Default: sudoOrder" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2471 +#: sssd-ldap.5.xml:2529 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2474 +#: sssd-ldap.5.xml:2532 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2479 +#: sssd-ldap.5.xml:2537 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </" "emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2484 +#: sssd-ldap.5.xml:2542 msgid "Default: 21600 (6 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2490 +#: sssd-ldap.5.xml:2548 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2493 +#: sssd-ldap.5.xml:2551 msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " -"rules (which downloads all rules that have USN higher than the highest USN " -"of cached rules)." +"rules (which downloads all rules that have USN higher than the highest " +"server USN value that is currently known by SSSD)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2499 +#: sssd-ldap.5.xml:2557 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:2561 +msgid "" +"<emphasis>Note:</emphasis> the highest USN value can be updated by three " +"tasks: 1) By sudo full and smart refresh (if updated rules are found), 2) by " +"enumeration of users and groups (if enabled and updated users or groups are " +"found) and 3) by reconnecting to the server (by default every 15 minutes, " +"see <emphasis>ldap_connection_expire_timeout</emphasis>)." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2509 +#: sssd-ldap.5.xml:2578 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2512 +#: sssd-ldap.5.xml:2581 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2523 +#: sssd-ldap.5.xml:2592 msgid "ldap_sudo_hostnames (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2526 +#: sssd-ldap.5.xml:2595 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2531 +#: sssd-ldap.5.xml:2600 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2536 sssd-ldap.5.xml:2559 sssd-ldap.5.xml:2577 -#: sssd-ldap.5.xml:2595 +#: sssd-ldap.5.xml:2605 sssd-ldap.5.xml:2628 sssd-ldap.5.xml:2646 +#: sssd-ldap.5.xml:2664 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</" "emphasis> then this option has no effect." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2541 sssd-ldap.5.xml:2564 +#: sssd-ldap.5.xml:2610 sssd-ldap.5.xml:2633 msgid "Default: not specified" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2547 +#: sssd-ldap.5.xml:2616 msgid "ldap_sudo_ip (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2550 +#: sssd-ldap.5.xml:2619 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2555 +#: sssd-ldap.5.xml:2624 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2570 +#: sssd-ldap.5.xml:2639 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2573 +#: sssd-ldap.5.xml:2642 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2588 +#: sssd-ldap.5.xml:2657 msgid "ldap_sudo_include_regexp (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2591 +#: sssd-ldap.5.xml:2660 msgid "" "If true then SSSD will download every rule that contains a wildcard in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><note><para> -#: sssd-ldap.5.xml:2601 +#: sssd-ldap.5.xml:2670 msgid "" "Using wildcard is an operation that is very costly to evaluate on the LDAP " "server side!" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2613 +#: sssd-ldap.5.xml:2682 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -7081,111 +7331,111 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2623 +#: sssd-ldap.5.xml:2692 msgid "AUTOFS OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2625 +#: sssd-ldap.5.xml:2694 msgid "" "Some of the defaults for the parameters below are dependent on the LDAP " "schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2631 +#: sssd-ldap.5.xml:2700 msgid "ldap_autofs_map_master_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2634 +#: sssd-ldap.5.xml:2703 msgid "The name of the automount master map in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2637 +#: sssd-ldap.5.xml:2706 msgid "Default: auto.master" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2644 +#: sssd-ldap.5.xml:2713 msgid "ldap_autofs_map_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2647 +#: sssd-ldap.5.xml:2716 msgid "The object class of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2650 +#: sssd-ldap.5.xml:2719 msgid "Default: nisMap (rfc2307, autofs_provider=ad), otherwise automountMap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2658 +#: sssd-ldap.5.xml:2727 msgid "ldap_autofs_map_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2661 +#: sssd-ldap.5.xml:2730 msgid "The name of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2664 +#: sssd-ldap.5.xml:2733 msgid "" "Default: nisMapName (rfc2307, autofs_provider=ad), otherwise automountMapName" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2672 +#: sssd-ldap.5.xml:2741 msgid "ldap_autofs_entry_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2675 +#: sssd-ldap.5.xml:2744 msgid "" "The object class of an automount entry in LDAP. The entry usually " "corresponds to a mount point." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2680 +#: sssd-ldap.5.xml:2749 msgid "Default: nisObject (rfc2307, autofs_provider=ad), otherwise automount" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2688 +#: sssd-ldap.5.xml:2757 msgid "ldap_autofs_entry_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2691 sssd-ldap.5.xml:2706 +#: sssd-ldap.5.xml:2760 sssd-ldap.5.xml:2775 msgid "" "The key of an automount entry in LDAP. The entry usually corresponds to a " "mount point." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2695 +#: sssd-ldap.5.xml:2764 msgid "Default: cn (rfc2307, autofs_provider=ad), otherwise automountKey" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2703 +#: sssd-ldap.5.xml:2772 msgid "ldap_autofs_entry_value (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2710 +#: sssd-ldap.5.xml:2779 msgid "" "Default: nisMapEntry (rfc2307, autofs_provider=ad), otherwise " "automountInformation" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2629 +#: sssd-ldap.5.xml:2698 msgid "" "<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" "\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " @@ -7194,32 +7444,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2721 +#: sssd-ldap.5.xml:2790 msgid "ADVANCED OPTIONS" msgstr "OPÇÕES AVANÇADAS" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2728 +#: sssd-ldap.5.xml:2797 msgid "ldap_netgroup_search_base (string)" msgstr "ldap_netgroup_search_base (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2733 +#: sssd-ldap.5.xml:2802 msgid "ldap_user_search_base (string)" msgstr "ldap_user_search_base (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2738 +#: sssd-ldap.5.xml:2807 msgid "ldap_group_search_base (string)" msgstr "ldap_group_search_base (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note> -#: sssd-ldap.5.xml:2743 +#: sssd-ldap.5.xml:2812 msgid "<note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note><para> -#: sssd-ldap.5.xml:2745 +#: sssd-ldap.5.xml:2814 msgid "" "If the option <quote>ldap_use_tokengroups</quote> is enabled, the searches " "against Active Directory will not be restricted and return all groups " @@ -7228,22 +7478,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist> -#: sssd-ldap.5.xml:2752 +#: sssd-ldap.5.xml:2821 msgid "</note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2754 +#: sssd-ldap.5.xml:2823 msgid "ldap_sudo_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2759 +#: sssd-ldap.5.xml:2828 msgid "ldap_autofs_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2723 +#: sssd-ldap.5.xml:2792 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -7252,14 +7502,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2774 sssd-simple.5.xml:131 sssd-ipa.5.xml:843 -#: sssd-ad.5.xml:1078 sssd-krb5.5.xml:570 sss_rpcidmapd.5.xml:98 +#: sssd-ldap.5.xml:2843 sssd-simple.5.xml:131 sssd-ipa.5.xml:843 +#: sssd-ad.5.xml:1097 sssd-krb5.5.xml:604 sss_rpcidmapd.5.xml:98 #: sssd-files.5.xml:130 sssd-session-recording.5.xml:144 msgid "EXAMPLE" msgstr "EXEMPLO" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2776 +#: sssd-ldap.5.xml:2845 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -7267,7 +7517,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2782 +#: sssd-ldap.5.xml:2851 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -7280,27 +7530,27 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:2781 sssd-ldap.5.xml:2799 sssd-simple.5.xml:139 -#: sssd-ipa.5.xml:851 sssd-ad.5.xml:1086 sssd-sudo.5.xml:56 sssd-krb5.5.xml:579 +#: sssd-ldap.5.xml:2850 sssd-ldap.5.xml:2868 sssd-simple.5.xml:139 +#: sssd-ipa.5.xml:851 sssd-ad.5.xml:1105 sssd-sudo.5.xml:56 sssd-krb5.5.xml:613 #: sssd-files.5.xml:137 sssd-files.5.xml:148 sssd-session-recording.5.xml:150 #: include/ldap_id_mapping.xml:105 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "<placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2793 +#: sssd-ldap.5.xml:2862 msgid "LDAP ACCESS FILTER EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2795 +#: sssd-ldap.5.xml:2864 msgid "" "The following example assumes that SSSD is correctly configured and to use " "the ldap_access_order=lockout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2800 +#: sssd-ldap.5.xml:2869 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -7316,13 +7566,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2815 sssd_krb5_locator_plugin.8.xml:81 sssd-simple.5.xml:148 -#: sssd-ad.5.xml:1101 sssd.8.xml:257 sss_seed.8.xml:163 +#: sssd-ldap.5.xml:2884 sssd_krb5_locator_plugin.8.xml:83 sssd-simple.5.xml:148 +#: sssd-ad.5.xml:1120 sssd.8.xml:257 sss_seed.8.xml:163 msgid "NOTES" msgstr "NOTAS" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2817 +#: sssd-ldap.5.xml:2886 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -7527,17 +7777,15 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: pam_sss.8.xml:211 -#, fuzzy -#| msgid "<option>use_authtok</option>" msgid "<option>try_cert_auth</option>" -msgstr "<option>use_authtok</option>" +msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: pam_sss.8.xml:215 msgid "" "Try to use certificate based authentication, i.e. authentication with a " "Smartcard or similar devices. If a Smartcard is available and the service is " -"allowed for Smartcard authentication the use will be prompted for a PIN and " +"allowed for Smartcard authentication the user will be prompted for a PIN and " "the certificate based authentication will continue" msgstr "" @@ -7550,10 +7798,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: pam_sss.8.xml:231 -#, fuzzy -#| msgid "<option>quiet</option>" msgid "<option>require_cert_auth</option>" -msgstr "<option>quiet</option>" +msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: pam_sss.8.xml:235 @@ -7586,13 +7832,22 @@ msgid "" "<option>password</option> and <option>session</option>) are provided." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para> +#: pam_sss.8.xml:259 +msgid "" +"If SSSD's PAM responder is not running, e.g. if the PAM responder socket is " +"not available, pam_sss will return PAM_USER_UNKNOWN when called as " +"<option>account</option> module to avoid issues with users from other " +"sources during access control." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><title> -#: pam_sss.8.xml:262 +#: pam_sss.8.xml:266 msgid "FILES" msgstr "FICHEIROS" #. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:263 +#: pam_sss.8.xml:267 msgid "" "If a password reset by root fails, because the corresponding SSSD provider " "does not support password resets, an individual message can be displayed. " @@ -7600,7 +7855,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:268 +#: pam_sss.8.xml:272 msgid "" "The message is read from the file <filename>pam_sss_pw_reset_message.LOC</" "filename> where LOC stands for a locale string returned by <citerefentry> " @@ -7612,7 +7867,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:278 +#: pam_sss.8.xml:282 msgid "" "These files are searched in the directory <filename>/etc/sssd/customize/" "DOMAIN_NAME/</filename>. If no matching file is present a generic message is " @@ -7662,34 +7917,44 @@ msgstr "" msgid "" "The plugin reads the information about the KDCs of a given realm from a file " "called <filename>kdcinfo.REALM</filename>. The file should contain one or " -"more IP addresses either in dotted-decimal IPv4 notation or the hexadecimal " -"IPv6 notation. An optional port number can be added to the end separated " -"with a colon, the IPv6 address has to be enclosed in squared brackets in " -"this case as usual. Valid entries are:" +"more DNS names or IP addresses either in dotted-decimal IPv4 notation or the " +"hexadecimal IPv6 notation. An optional port number can be added to the end " +"separated with a colon, the IPv6 address has to be enclosed in squared " +"brackets in this case as usual. Valid entries are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> #: sssd_krb5_locator_plugin.8.xml:58 -msgid "1.2.3.4" +msgid "kdc.example.com" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> #: sssd_krb5_locator_plugin.8.xml:59 -msgid "5.6.7.8:99" +msgid "kdc.example.com:321" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> #: sssd_krb5_locator_plugin.8.xml:60 -msgid "2001:db8:85a3::8a2e:370:7334" +msgid "1.2.3.4" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> #: sssd_krb5_locator_plugin.8.xml:61 +msgid "5.6.7.8:99" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd_krb5_locator_plugin.8.xml:62 +msgid "2001:db8:85a3::8a2e:370:7334" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd_krb5_locator_plugin.8.xml:63 msgid "[2001:db8:85a3::8a2e:370:7334]:321" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:63 +#: sssd_krb5_locator_plugin.8.xml:65 msgid "" "SSSD's krb5 auth-provider which is used by the IPA and AD providers as well " "adds the address of the current KDC or domain controller SSSD is using to " @@ -7697,7 +7962,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:68 +#: sssd_krb5_locator_plugin.8.xml:70 msgid "" "In environments with read-only and read-write KDCs where clients are " "expected to use the read-only instances for the general operations and only " @@ -7710,7 +7975,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:83 +#: sssd_krb5_locator_plugin.8.xml:85 msgid "" "Not all Kerberos implementations support the use of plugins. If " "<command>sssd_krb5_locator_plugin</command> is not available on your system " @@ -7718,20 +7983,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:89 +#: sssd_krb5_locator_plugin.8.xml:91 msgid "" "If the environment variable SSSD_KRB5_LOCATOR_DEBUG is set to any value " "debug messages will be sent to stderr." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:93 +#: sssd_krb5_locator_plugin.8.xml:95 msgid "" "If the environment variable SSSD_KRB5_LOCATOR_DISABLE is set to any value " "the plugin is disabled and will just return KRB5_PLUGIN_NO_HANDLE to the " "caller." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:100 +msgid "" +"If the environment variable SSSD_KRB5_LOCATOR_IGNORE_DNS_FAILURES is set to " +"any value plugin will try to resolve all DNS names in kdcinfo file. By " +"default plugin returns KRB5_PLUGIN_NO_HANDLE to the caller immediately on " +"first DNS resolving failure." +msgstr "" + #. type: Content of: <reference><refentry><refnamediv><refname> #: sssd-simple.5.xml:10 sssd-simple.5.xml:16 msgid "sssd-simple" @@ -8828,7 +9102,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:128 sssd-ad.5.xml:888 +#: sssd-ipa.5.xml:128 sssd-ad.5.xml:907 msgid "dyndns_update (boolean)" msgstr "" @@ -8843,7 +9117,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:140 sssd-ad.5.xml:902 +#: sssd-ipa.5.xml:140 sssd-ad.5.xml:921 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" @@ -8858,12 +9132,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:157 sssd-ad.5.xml:913 +#: sssd-ipa.5.xml:157 sssd-ad.5.xml:932 msgid "dyndns_ttl (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:160 sssd-ad.5.xml:916 +#: sssd-ipa.5.xml:160 sssd-ad.5.xml:935 msgid "" "The TTL to apply to the client DNS record when updating it. If " "dyndns_update is false this has no effect. This will override the TTL " @@ -8884,12 +9158,12 @@ msgid "Default: 1200 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:177 sssd-ad.5.xml:927 +#: sssd-ipa.5.xml:177 sssd-ad.5.xml:946 msgid "dyndns_iface (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:180 sssd-ad.5.xml:930 +#: sssd-ipa.5.xml:180 sssd-ad.5.xml:949 msgid "" "Optional. Applicable only when dyndns_update is true. Choose the interface " "or a list of interfaces whose IP addresses should be used for dynamic DNS " @@ -8913,17 +9187,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:197 sssd-ad.5.xml:941 +#: sssd-ipa.5.xml:197 sssd-ad.5.xml:960 msgid "Example: dyndns_iface = em1, vnet1, vnet2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:203 sssd-ad.5.xml:992 +#: sssd-ipa.5.xml:203 sssd-ad.5.xml:1011 msgid "dyndns_auth (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:206 sssd-ad.5.xml:995 +#: sssd-ipa.5.xml:206 sssd-ad.5.xml:1014 msgid "" "Whether the nsupdate utility should use GSS-TSIG authentication for secure " "updates with the DNS server, insecure updates can be sent by setting this " @@ -8931,7 +9205,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:212 sssd-ad.5.xml:1001 +#: sssd-ipa.5.xml:212 sssd-ad.5.xml:1020 msgid "Default: GSS-TSIG" msgstr "" @@ -8958,7 +9232,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:244 sssd-ad.5.xml:947 +#: sssd-ipa.5.xml:244 sssd-ad.5.xml:966 msgid "dyndns_refresh_interval (integer)" msgstr "" @@ -8971,12 +9245,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:260 sssd-ad.5.xml:965 +#: sssd-ipa.5.xml:260 sssd-ad.5.xml:984 msgid "dyndns_update_ptr (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:263 sssd-ad.5.xml:968 +#: sssd-ipa.5.xml:263 sssd-ad.5.xml:987 msgid "" "Whether the PTR record should also be explicitly updated when updating the " "client's DNS records. Applicable only when dyndns_update is true." @@ -8995,60 +9269,60 @@ msgid "Default: False (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:280 sssd-ad.5.xml:979 +#: sssd-ipa.5.xml:280 sssd-ad.5.xml:998 msgid "dyndns_force_tcp (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:283 sssd-ad.5.xml:982 +#: sssd-ipa.5.xml:283 sssd-ad.5.xml:1001 msgid "" "Whether the nsupdate utility should default to using TCP for communicating " "with the DNS server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:287 sssd-ad.5.xml:986 +#: sssd-ipa.5.xml:287 sssd-ad.5.xml:1005 msgid "Default: False (let nsupdate choose the protocol)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:293 sssd-ad.5.xml:1007 +#: sssd-ipa.5.xml:293 sssd-ad.5.xml:1026 msgid "dyndns_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:296 sssd-ad.5.xml:1010 +#: sssd-ipa.5.xml:296 sssd-ad.5.xml:1029 msgid "" "The DNS server to use when performing a DNS update. In most setups, it's " "recommended to leave this option unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:301 sssd-ad.5.xml:1015 +#: sssd-ipa.5.xml:301 sssd-ad.5.xml:1034 msgid "" "Setting this option makes sense for environments where the DNS server is " "different from the identity server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:306 sssd-ad.5.xml:1020 +#: sssd-ipa.5.xml:306 sssd-ad.5.xml:1039 msgid "" "Please note that this option will be only used in fallback attempt when " "previous attempt using autodetected settings failed." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:311 sssd-ad.5.xml:1025 +#: sssd-ipa.5.xml:311 sssd-ad.5.xml:1044 msgid "Default: None (let nsupdate choose the server)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:317 sssd-ad.5.xml:1031 +#: sssd-ipa.5.xml:317 sssd-ad.5.xml:1050 msgid "dyndns_update_per_family (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:320 sssd-ad.5.xml:1034 +#: sssd-ipa.5.xml:320 sssd-ad.5.xml:1053 msgid "" "DNS update is by default performed in two steps - IPv4 update and then IPv6 " "update. In some cases it might be desirable to perform IPv4 and IPv6 update " @@ -9162,26 +9436,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:458 sssd-ad.5.xml:1049 +#: sssd-ipa.5.xml:458 sssd-ad.5.xml:1068 msgid "krb5_confd_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:461 sssd-ad.5.xml:1052 +#: sssd-ipa.5.xml:461 sssd-ad.5.xml:1071 msgid "" "Absolute path of a directory where SSSD should place Kerberos configuration " "snippets." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:465 sssd-ad.5.xml:1056 +#: sssd-ipa.5.xml:465 sssd-ad.5.xml:1075 msgid "" "To disable the creation of the configuration snippets set the parameter to " "'none'." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:469 sssd-ad.5.xml:1060 +#: sssd-ipa.5.xml:469 sssd-ad.5.xml:1079 msgid "" "Default: not set (krb5.include.d subdirectory of SSSD's pubconf directory)" msgstr "" @@ -9200,7 +9474,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:486 sssd-ipa.5.xml:516 sssd-ipa.5.xml:532 sssd-ad.5.xml:452 +#: sssd-ipa.5.xml:486 sssd-ipa.5.xml:516 sssd-ipa.5.xml:532 sssd-ad.5.xml:471 msgid "Default: 5 (seconds)" msgstr "" @@ -9561,24 +9835,18 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> #: sssd-ipa.5.xml:788 -#, fuzzy -#| msgid "ldap_search_base (string)" msgid "ldap_search_base" -msgstr "ldap_search_base (string)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> #: sssd-ipa.5.xml:791 -#, fuzzy -#| msgid "ldap_user_search_base (string)" msgid "ldap_user_search_base" -msgstr "ldap_user_search_base (string)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> #: sssd-ipa.5.xml:794 -#, fuzzy -#| msgid "ldap_group_search_base (string)" msgid "ldap_group_search_base" -msgstr "ldap_group_search_base (string)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> #: sssd-ipa.5.xml:803 @@ -10067,10 +10335,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ad.5.xml:421 -#, fuzzy -#| msgid "ldap_krb5_init_creds (boolean)" msgid "ad_gpo_implicit_deny (boolean)" -msgstr "ldap_krb5_init_creds (boolean)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:424 @@ -10084,12 +10350,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:442 +#: sssd-ad.5.xml:441 +#, fuzzy +#| msgid "ldap_force_upper_case_realm (boolean)" +msgid "ad_gpo_ignore_unreadable (boolean)" +msgstr "ldap_force_upper_case_realm (boolean)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:444 +msgid "" +"Normally when some group policy containers (AD object) of applicable group " +"policy objects are not readable by SSSD then users are denied access. This " +"option allows to ignore group policy containers and with them associated " +"policies if their attributes in group policy containers are not readable for " +"SSSD." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:461 msgid "ad_gpo_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:445 +#: sssd-ad.5.xml:464 msgid "" "The amount of time between lookups of GPO policy files against the AD " "server. This will reduce the latency and load on the AD server if there are " @@ -10097,12 +10380,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:458 +#: sssd-ad.5.xml:477 msgid "ad_gpo_map_interactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:461 +#: sssd-ad.5.xml:480 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the InteractiveLogonRight and " @@ -10110,14 +10393,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:467 +#: sssd-ad.5.xml:486 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on locally\" and \"Deny log on locally\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:481 +#: sssd-ad.5.xml:500 #, no-wrap msgid "" "ad_gpo_map_interactive = +my_pam_service, -login\n" @@ -10125,7 +10408,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:472 +#: sssd-ad.5.xml:491 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -10137,42 +10420,42 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:504 +#: sssd-ad.5.xml:523 msgid "gdm-fingerprint" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:524 +#: sssd-ad.5.xml:543 msgid "lightdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:529 +#: sssd-ad.5.xml:548 msgid "lxdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:534 +#: sssd-ad.5.xml:553 msgid "sddm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:539 +#: sssd-ad.5.xml:558 msgid "unity" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:544 +#: sssd-ad.5.xml:563 msgid "xdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:553 +#: sssd-ad.5.xml:572 msgid "ad_gpo_map_remote_interactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:556 +#: sssd-ad.5.xml:575 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the RemoteInteractiveLogonRight and " @@ -10180,7 +10463,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:562 +#: sssd-ad.5.xml:581 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on through Remote Desktop Services\" and \"Deny log on through Remote " @@ -10188,7 +10471,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:577 +#: sssd-ad.5.xml:596 #, no-wrap msgid "" "ad_gpo_map_remote_interactive = +my_pam_service, -sshd\n" @@ -10196,7 +10479,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:568 +#: sssd-ad.5.xml:587 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -10208,22 +10491,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:585 +#: sssd-ad.5.xml:604 msgid "sshd" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:590 +#: sssd-ad.5.xml:609 msgid "cockpit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:599 +#: sssd-ad.5.xml:618 msgid "ad_gpo_map_network (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:602 +#: sssd-ad.5.xml:621 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the NetworkLogonRight and " @@ -10231,7 +10514,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:608 +#: sssd-ad.5.xml:627 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Access " "this computer from the network\" and \"Deny access to this computer from the " @@ -10239,7 +10522,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:623 +#: sssd-ad.5.xml:642 #, no-wrap msgid "" "ad_gpo_map_network = +my_pam_service, -ftp\n" @@ -10247,7 +10530,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:614 +#: sssd-ad.5.xml:633 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -10259,22 +10542,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:631 +#: sssd-ad.5.xml:650 msgid "ftp" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:636 +#: sssd-ad.5.xml:655 msgid "samba" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:645 +#: sssd-ad.5.xml:664 msgid "ad_gpo_map_batch (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:648 +#: sssd-ad.5.xml:667 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the BatchLogonRight and DenyBatchLogonRight " @@ -10282,14 +10565,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:654 +#: sssd-ad.5.xml:673 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a batch job\" and \"Deny log on as a batch job\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:668 +#: sssd-ad.5.xml:687 #, no-wrap msgid "" "ad_gpo_map_batch = +my_pam_service, -crond\n" @@ -10297,7 +10580,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:659 +#: sssd-ad.5.xml:678 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -10309,23 +10592,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:671 +#: sssd-ad.5.xml:690 msgid "" "Note: Cron service name may differ depending on Linux distribution used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:677 +#: sssd-ad.5.xml:696 msgid "crond" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:686 +#: sssd-ad.5.xml:705 msgid "ad_gpo_map_service (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:689 +#: sssd-ad.5.xml:708 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the ServiceLogonRight and " @@ -10333,14 +10616,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:695 +#: sssd-ad.5.xml:714 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a service\" and \"Deny log on as a service\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:708 +#: sssd-ad.5.xml:727 #, no-wrap msgid "" "ad_gpo_map_service = +my_pam_service\n" @@ -10348,7 +10631,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:700 sssd-ad.5.xml:775 +#: sssd-ad.5.xml:719 sssd-ad.5.xml:794 msgid "" "It is possible to add a PAM service name to the default set by using <quote>" "+service_name</quote>. Since the default set is empty, it is not possible " @@ -10359,19 +10642,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:718 +#: sssd-ad.5.xml:737 msgid "ad_gpo_map_permit (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:721 +#: sssd-ad.5.xml:740 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always granted, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:735 +#: sssd-ad.5.xml:754 #, no-wrap msgid "" "ad_gpo_map_permit = +my_pam_service, -sudo\n" @@ -10379,7 +10662,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:726 +#: sssd-ad.5.xml:745 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -10391,29 +10674,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:743 +#: sssd-ad.5.xml:762 msgid "polkit-1" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:758 +#: sssd-ad.5.xml:777 msgid "systemd-user" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:767 +#: sssd-ad.5.xml:786 msgid "ad_gpo_map_deny (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:770 +#: sssd-ad.5.xml:789 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always denied, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:783 +#: sssd-ad.5.xml:802 #, no-wrap msgid "" "ad_gpo_map_deny = +my_pam_service\n" @@ -10421,12 +10704,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:793 +#: sssd-ad.5.xml:812 msgid "ad_gpo_default_right (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:796 +#: sssd-ad.5.xml:815 msgid "" "This option defines how access control is evaluated for PAM service names " "that are not explicitly listed in one of the ad_gpo_map_* options. This " @@ -10439,57 +10722,57 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:809 +#: sssd-ad.5.xml:828 msgid "Supported values for this option include:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:813 +#: sssd-ad.5.xml:832 msgid "interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:818 +#: sssd-ad.5.xml:837 msgid "remote_interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:823 +#: sssd-ad.5.xml:842 msgid "network" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:828 +#: sssd-ad.5.xml:847 msgid "batch" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:833 +#: sssd-ad.5.xml:852 msgid "service" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:838 +#: sssd-ad.5.xml:857 msgid "permit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:843 +#: sssd-ad.5.xml:862 msgid "deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:849 +#: sssd-ad.5.xml:868 msgid "Default: deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:855 +#: sssd-ad.5.xml:874 msgid "ad_maximum_machine_account_password_age (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:858 +#: sssd-ad.5.xml:877 msgid "" "SSSD will check once a day if the machine account password is older than the " "given age in days and try to renew it. A value of 0 will disable the renewal " @@ -10497,17 +10780,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:864 +#: sssd-ad.5.xml:883 msgid "Default: 30 days" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:870 +#: sssd-ad.5.xml:889 msgid "ad_machine_account_password_renewal_opts (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:873 +#: sssd-ad.5.xml:892 msgid "" "This option should only be used to test the machine account renewal task. " "The option expects 2 integers separated by a colon (':'). The first integer " @@ -10517,12 +10800,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:882 +#: sssd-ad.5.xml:901 msgid "Default: 86400:750 (24h and 15m)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:891 +#: sssd-ad.5.xml:910 msgid "" "Optional. This option tells SSSD to automatically update the Active " "Directory DNS server with the IP address of this client. The update is " @@ -10533,19 +10816,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:921 +#: sssd-ad.5.xml:940 msgid "Default: 3600 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:937 +#: sssd-ad.5.xml:956 msgid "" "Default: Use the IP addresses of the interface which is used for AD LDAP " "connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:950 +#: sssd-ad.5.xml:969 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -10555,12 +10838,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:973 sss_rpcidmapd.5.xml:76 +#: sssd-ad.5.xml:992 sss_rpcidmapd.5.xml:76 msgid "Default: True" msgstr "Padrão: TRUE" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1080 +#: sssd-ad.5.xml:1099 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -10568,7 +10851,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1087 +#: sssd-ad.5.xml:1106 #, no-wrap msgid "" "[domain/EXAMPLE]\n" @@ -10583,7 +10866,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1107 +#: sssd-ad.5.xml:1126 #, no-wrap msgid "" "access_provider = ldap\n" @@ -10592,7 +10875,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1103 +#: sssd-ad.5.xml:1122 msgid "" "The AD access control provider checks if the account is expired. It has the " "same effect as the following configuration of the LDAP provider: " @@ -10600,7 +10883,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1113 +#: sssd-ad.5.xml:1132 msgid "" "However, unless the <quote>ad</quote> access control provider is explicitly " "configured, the default access provider is <quote>permit</quote>. Please " @@ -10610,7 +10893,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1121 +#: sssd-ad.5.xml:1140 msgid "" "When the autofs provider is set to <quote>ad</quote>, the RFC2307 schema " "attribute mapping (nisMap, nisObject, ...) is used, because these attributes " @@ -11000,10 +11283,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd.8.xml:169 -#, fuzzy -#| msgid "<option>-c</option>,<option>--config</option>" msgid "<option>-g</option>,<option>--genconf</option>" -msgstr "<option>-c</option>,<option>--config</option>" +msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.8.xml:173 @@ -11014,10 +11295,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd.8.xml:181 -#, fuzzy -#| msgid "<option>-s</option>,<option>--stdin</option>" msgid "<option>-s</option>,<option>--genconf-section</option>" -msgstr "<option>-s</option>,<option>--stdin</option>" +msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.8.xml:185 @@ -12108,23 +12387,63 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-krb5.5.xml:505 +#, fuzzy +#| msgid "krb5_ccachedir (string)" +msgid "krb5_kdcinfo_lookahead (string)" +msgstr "krb5_ccachedir (string)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:508 +msgid "" +"When krb5_use_kdcinfo is set to true, you can limit the amount of servers " +"handed to <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" +"refentrytitle> <manvolnum>8</manvolnum> </citerefentry>. This might be " +"helpful when there are too many servers discovered using SRV record." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:518 +msgid "" +"The krb5_kdcinfo_lookahead option contains two numbers seperated by a colon. " +"The first number represents number of primary servers used and the second " +"number specifies the number of backup servers." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:524 +msgid "" +"For example <emphasis>10:0</emphasis> means that up to 10 primary servers " +"will be handed to <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" +"refentrytitle> <manvolnum>8</manvolnum> </citerefentry>. but no backup " +"servers." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:533 +#, fuzzy +#| msgid "Default: 3" +msgid "Default: 3:1" +msgstr "Padrão: 3" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-krb5.5.xml:539 msgid "krb5_use_enterprise_principal (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:508 +#: sssd-krb5.5.xml:542 msgid "" "Specifies if the user principal should be treated as enterprise principal. " "See section 5 of RFC 6806 for more details about enterprise principals." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:514 +#: sssd-krb5.5.xml:548 msgid "Default: false (AD provider: true)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:517 +#: sssd-krb5.5.xml:551 msgid "" "The IPA provider will set to option to 'true' if it detects that the server " "is capable of handling enterprise principals and the option is not set " @@ -12132,12 +12451,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:526 +#: sssd-krb5.5.xml:560 msgid "krb5_map_user (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:529 +#: sssd-krb5.5.xml:563 msgid "" "The list of mappings is given as a comma-separated list of pairs " "<quote>username:primary</quote> where <quote>username</quote> is a UNIX user " @@ -12147,7 +12466,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-krb5.5.xml:541 +#: sssd-krb5.5.xml:575 #, no-wrap msgid "" "krb5_realm = REALM\n" @@ -12155,7 +12474,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:546 +#: sssd-krb5.5.xml:580 msgid "" "<quote>joe</quote> and <quote>dick</quote> are UNIX user names and " "<quote>juser</quote> and <quote>richard</quote> are primaries of kerberos " @@ -12175,7 +12494,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:572 +#: sssd-krb5.5.xml:606 msgid "" "The following example assumes that SSSD is correctly configured and FOO is " "one of the domains in the <replaceable>[sssd]</replaceable> section. This " @@ -12184,7 +12503,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-krb5.5.xml:580 +#: sssd-krb5.5.xml:614 #, no-wrap msgid "" "[domain/FOO]\n" @@ -13367,10 +13686,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_ssh_knownhostsproxy.1.xml:89 -#, fuzzy -#| msgid "<option>-u</option>,<option>--unlock</option>" msgid "<option>-k</option>,<option>--pubkey</option>" -msgstr "<option>-u</option>,<option>--unlock</option>" +msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_ssh_knownhostsproxy.1.xml:93 @@ -16136,10 +16453,8 @@ msgstr "" #. type: Content of: <refsect1><refsect2><title> #: include/ad_modified_defaults.xml:80 -#, fuzzy -#| msgid "Configuration" msgid "NSS configuration" -msgstr "Configuração" +msgstr "" #. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> #: include/ad_modified_defaults.xml:84 diff --git a/src/man/po/pt_BR.po b/src/man/po/pt_BR.po index 88dace1d037..f405d1d144d 100644 --- a/src/man/po/pt_BR.po +++ b/src/man/po/pt_BR.po @@ -2,9 +2,9 @@ # Rodrigo de Araujo Sousa Fonseca <rodrigodearaujo@fedoraproject.org>, 2017. #zanata msgid "" msgstr "" -"Project-Id-Version: sssd-docs 1.16.2\n" +"Project-Id-Version: sssd-docs 2.0.99\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2019-02-27 19:54+0100\n" +"POT-Creation-Date: 2019-06-13 20:34+0200\n" "PO-Revision-Date: 2017-01-29 10:11+0000\n" "Last-Translator: Rodrigo de Araujo Sousa Fonseca " "<rodrigodearaujo@fedoraproject.org>\n" @@ -289,11 +289,11 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:133 sssd.conf.5.xml:579 sssd.conf.5.xml:875 -#: sssd.conf.5.xml:1648 sssd.conf.5.xml:1678 sssd-ldap.5.xml:1792 -#: sssd-ldap.5.xml:1889 sssd-ldap.5.xml:1951 sssd-ldap.5.xml:2517 -#: sssd-ldap.5.xml:2582 sssd-ipa.5.xml:326 sssd-ad.5.xml:227 sssd-ad.5.xml:341 -#: sssd-ad.5.xml:907 sssd-ad.5.xml:1040 sssd-krb5.5.xml:499 +#: sssd.conf.5.xml:133 sssd.conf.5.xml:579 sssd.conf.5.xml:876 +#: sssd.conf.5.xml:1649 sssd.conf.5.xml:1679 sssd-ldap.5.xml:1849 +#: sssd-ldap.5.xml:1947 sssd-ldap.5.xml:2009 sssd-ldap.5.xml:2586 +#: sssd-ldap.5.xml:2651 sssd-ipa.5.xml:326 sssd-ad.5.xml:227 sssd-ad.5.xml:341 +#: sssd-ad.5.xml:926 sssd-ad.5.xml:1059 sssd-krb5.5.xml:499 #: sssd-secrets.5.xml:351 sssd-secrets.5.xml:364 msgid "Default: true" msgstr "" @@ -312,16 +312,16 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:146 sssd.conf.5.xml:576 sssd.conf.5.xml:758 -#: sssd.conf.5.xml:1581 sssd.conf.5.xml:3140 sssd-ldap.5.xml:708 -#: sssd-ldap.5.xml:1655 sssd-ldap.5.xml:1674 sssd-ldap.5.xml:1861 -#: sssd-ldap.5.xml:2287 sssd-ldap.5.xml:2606 sssd-ipa.5.xml:151 +#: sssd.conf.5.xml:1582 sssd.conf.5.xml:3207 sssd-ldap.5.xml:746 +#: sssd-ldap.5.xml:1700 sssd-ldap.5.xml:1719 sssd-ldap.5.xml:1919 +#: sssd-ldap.5.xml:2345 sssd-ldap.5.xml:2675 sssd-ipa.5.xml:151 #: sssd-ipa.5.xml:238 sssd-ipa.5.xml:574 sssd-krb5.5.xml:266 #: sssd-krb5.5.xml:300 sssd-krb5.5.xml:471 msgid "Default: false" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:2325 +#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:2383 #: sssd-systemtap.5.xml:82 sssd-systemtap.5.xml:143 sssd-systemtap.5.xml:210 #: sssd-systemtap.5.xml:248 sssd-systemtap.5.xml:304 msgid "<placeholder type=\"variablelist\" id=\"0\"/>" @@ -346,8 +346,8 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:169 sssd.conf.5.xml:1412 sssd.conf.5.xml:3156 -#: sssd-ldap.5.xml:1526 include/ldap_id_mapping.xml:264 +#: sssd.conf.5.xml:169 sssd.conf.5.xml:1413 sssd.conf.5.xml:3223 +#: sssd-ldap.5.xml:1571 include/ldap_id_mapping.xml:264 msgid "Default: 10" msgstr "" @@ -362,7 +362,7 @@ msgid "The [sssd] section" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:191 sssd.conf.5.xml:3245 +#: sssd.conf.5.xml:191 sssd.conf.5.xml:3312 msgid "Section parameters" msgstr "" @@ -442,7 +442,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:259 sssd.conf.5.xml:2754 +#: sssd.conf.5.xml:259 sssd.conf.5.xml:2755 msgid "re_expression (string)" msgstr "" @@ -462,12 +462,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:276 sssd.conf.5.xml:2802 +#: sssd.conf.5.xml:276 sssd.conf.5.xml:2803 msgid "full_name_format (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:279 sssd.conf.5.xml:2805 +#: sssd.conf.5.xml:279 sssd.conf.5.xml:2806 msgid "" "A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" "manvolnum> </citerefentry>-compatible format that describes how to compose a " @@ -475,39 +475,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:290 sssd.conf.5.xml:2816 +#: sssd.conf.5.xml:290 sssd.conf.5.xml:2817 msgid "%1$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:291 sssd.conf.5.xml:2817 +#: sssd.conf.5.xml:291 sssd.conf.5.xml:2818 msgid "user name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:294 sssd.conf.5.xml:2820 +#: sssd.conf.5.xml:294 sssd.conf.5.xml:2821 msgid "%2$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:297 sssd.conf.5.xml:2823 +#: sssd.conf.5.xml:297 sssd.conf.5.xml:2824 msgid "domain name as specified in the SSSD config file." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:303 sssd.conf.5.xml:2829 +#: sssd.conf.5.xml:303 sssd.conf.5.xml:2830 msgid "%3$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:306 sssd.conf.5.xml:2832 +#: sssd.conf.5.xml:306 sssd.conf.5.xml:2833 msgid "" "domain flat name. Mostly usable for Active Directory domains, both directly " "configured or discovered via IPA trusts." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:287 sssd.conf.5.xml:2813 +#: sssd.conf.5.xml:287 sssd.conf.5.xml:2814 msgid "" "The following expansions are supported: <placeholder type=\"variablelist\" " "id=\"0\"/>" @@ -631,10 +631,10 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:418 sssd.conf.5.xml:1201 sssd-ldap.5.xml:679 -#: sssd-ldap.5.xml:1260 sssd-ldap.5.xml:1614 sssd-ldap.5.xml:1626 -#: sssd-ldap.5.xml:1708 sssd-ad.5.xml:712 sssd-ad.5.xml:787 sssd.8.xml:126 -#: sssd-krb5.5.xml:410 sssd-krb5.5.xml:556 sssd-secrets.5.xml:339 +#: sssd.conf.5.xml:418 sssd.conf.5.xml:1202 sssd-ldap.5.xml:717 +#: sssd-ldap.5.xml:1298 sssd-ldap.5.xml:1659 sssd-ldap.5.xml:1671 +#: sssd-ldap.5.xml:1763 sssd-ad.5.xml:731 sssd-ad.5.xml:806 sssd.8.xml:126 +#: sssd-krb5.5.xml:410 sssd-krb5.5.xml:590 sssd-secrets.5.xml:339 #: sssd-secrets.5.xml:377 sssd-secrets.5.xml:390 sssd-secrets.5.xml:404 #: sssd-secrets.5.xml:415 include/ldap_id_mapping.xml:205 #: include/ldap_id_mapping.xml:216 @@ -777,12 +777,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:533 sssd.conf.5.xml:1397 sssd.conf.5.xml:1703 +#: sssd.conf.5.xml:533 sssd.conf.5.xml:1398 sssd.conf.5.xml:1704 msgid "This man page was generated for the NSS version." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:536 sssd.conf.5.xml:1400 sssd.conf.5.xml:1706 +#: sssd.conf.5.xml:536 sssd.conf.5.xml:1401 sssd.conf.5.xml:1707 msgid "This man page was generated for the OpenSSL version." msgstr "" @@ -866,7 +866,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:624 sssd.conf.5.xml:1424 sssd.conf.5.xml:3206 +#: sssd.conf.5.xml:624 sssd.conf.5.xml:1425 sssd.conf.5.xml:3273 #: sssd-ad.5.xml:164 sssd-ad.5.xml:302 sssd-ad.5.xml:316 msgid "Default: Not set" msgstr "" @@ -942,8 +942,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:692 sssd.conf.5.xml:724 sssd.conf.5.xml:1006 -#: sssd.conf.5.xml:1267 sssd.conf.5.xml:1513 sssd-ldap.5.xml:1353 +#: sssd.conf.5.xml:692 sssd.conf.5.xml:724 sssd.conf.5.xml:1007 +#: sssd.conf.5.xml:1268 sssd.conf.5.xml:1514 sssd-ldap.5.xml:1391 msgid "Default: 60" msgstr "" @@ -1003,8 +1003,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:746 sssd.conf.5.xml:1019 sssd.conf.5.xml:1773 -#: sssd-ldap.5.xml:722 +#: sssd.conf.5.xml:746 sssd.conf.5.xml:1020 sssd.conf.5.xml:1774 +#: sssd-ldap.5.xml:760 msgid "Default: 300" msgstr "" @@ -1081,7 +1081,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:812 sssd.conf.5.xml:1602 +#: sssd.conf.5.xml:812 sssd.conf.5.xml:1603 msgid "Default: 50" msgstr "" @@ -1099,7 +1099,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:826 sssd.conf.5.xml:1626 +#: sssd.conf.5.xml:826 sssd.conf.5.xml:1627 msgid "Default: 15" msgstr "" @@ -1132,11 +1132,11 @@ msgid "" "Exclude certain users or groups from being fetched from the sss NSS " "database. This is particularly useful for system accounts. This option can " "also be set per-domain or include fully-qualified names to filter only users " -"from the particular domain." +"from the particular domain or by a user principal name (UPN)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:855 +#: sssd.conf.5.xml:856 msgid "" "NOTE: The filter_groups option doesn't affect inheritance of nested group " "members, since filtering happens after they are propagated for returning via " @@ -1145,41 +1145,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:863 +#: sssd.conf.5.xml:864 msgid "Default: root" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:868 +#: sssd.conf.5.xml:869 msgid "filter_users_in_groups (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:871 +#: sssd.conf.5.xml:872 msgid "" "If you want filtered user still be group members set this option to false." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:882 +#: sssd.conf.5.xml:883 msgid "fallback_homedir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:885 +#: sssd.conf.5.xml:886 msgid "" "Set a default template for a user's home directory if one is not specified " "explicitly by the domain's data provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:890 +#: sssd.conf.5.xml:891 msgid "" "The available values for this option are the same as for override_homedir." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:896 +#: sssd.conf.5.xml:897 #, no-wrap msgid "" "fallback_homedir = /home/%u\n" @@ -1187,23 +1187,23 @@ msgid "" msgstr "" #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:894 sssd.conf.5.xml:1334 sssd.conf.5.xml:1353 -#: sssd-krb5.5.xml:539 include/override_homedir.xml:59 +#: sssd.conf.5.xml:895 sssd.conf.5.xml:1335 sssd.conf.5.xml:1354 +#: sssd-krb5.5.xml:573 include/override_homedir.xml:59 msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:900 +#: sssd.conf.5.xml:901 msgid "Default: not set (no substitution for unset home directories)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:906 +#: sssd.conf.5.xml:907 msgid "override_shell (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:909 +#: sssd.conf.5.xml:910 msgid "" "Override the login shell for all users. This option supersedes any other " "shell options if it takes effect and can be set either in the [nss] section " @@ -1211,47 +1211,47 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:915 +#: sssd.conf.5.xml:916 msgid "Default: not set (SSSD will use the value retrieved from LDAP)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:921 +#: sssd.conf.5.xml:922 msgid "allowed_shells (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:924 +#: sssd.conf.5.xml:925 msgid "" "Restrict user shell to one of the listed values. The order of evaluation is:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:927 +#: sssd.conf.5.xml:928 msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:931 +#: sssd.conf.5.xml:932 msgid "" "2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</" "quote>, use the value of the shell_fallback parameter." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:936 +#: sssd.conf.5.xml:937 msgid "" "3. If the shell is not in the allowed_shells list and not in <quote>/etc/" "shells</quote>, a nologin shell is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:941 +#: sssd.conf.5.xml:942 msgid "The wildcard (*) can be used to allow any shell." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:944 +#: sssd.conf.5.xml:945 msgid "" "The (*) is useful if you want to use shell_fallback in case that user's " "shell is not in <quote>/etc/shells</quote> and maintaining list of all " @@ -1259,112 +1259,112 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:951 +#: sssd.conf.5.xml:952 msgid "An empty string for shell is passed as-is to libc." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:954 +#: sssd.conf.5.xml:955 msgid "" "The <quote>/etc/shells</quote> is only read on SSSD start up, which means " "that a restart of the SSSD is required in case a new shell is installed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:958 +#: sssd.conf.5.xml:959 msgid "Default: Not set. The user shell is automatically used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:963 +#: sssd.conf.5.xml:964 msgid "vetoed_shells (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:966 +#: sssd.conf.5.xml:967 msgid "Replace any instance of these shells with the shell_fallback" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:971 +#: sssd.conf.5.xml:972 msgid "shell_fallback (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:974 +#: sssd.conf.5.xml:975 msgid "" "The default shell to use if an allowed shell is not installed on the machine." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:978 +#: sssd.conf.5.xml:979 msgid "Default: /bin/sh" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:983 +#: sssd.conf.5.xml:984 msgid "default_shell" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:986 +#: sssd.conf.5.xml:987 msgid "" "The default shell to use if the provider does not return one during lookup. " "This option can be specified globally in the [nss] section or per-domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:992 +#: sssd.conf.5.xml:993 msgid "" "Default: not set (Return NULL if no shell is specified and rely on libc to " "substitute something sensible when necessary, usually /bin/sh)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:999 sssd.conf.5.xml:1260 +#: sssd.conf.5.xml:1000 sssd.conf.5.xml:1261 msgid "get_domains_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1002 sssd.conf.5.xml:1263 +#: sssd.conf.5.xml:1003 sssd.conf.5.xml:1264 msgid "" "Specifies time in seconds for which the list of subdomains will be " "considered valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1011 +#: sssd.conf.5.xml:1012 msgid "memcache_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1014 +#: sssd.conf.5.xml:1015 msgid "" "Specifies time in seconds for which records in the in-memory cache will be " "valid. Setting this option to zero will disable the in-memory cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1022 +#: sssd.conf.5.xml:1023 msgid "" "WARNING: Disabling the in-memory cache will have significant negative impact " "on SSSD's performance and should only be used for testing." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1028 +#: sssd.conf.5.xml:1029 msgid "" "NOTE: If the environment variable SSS_NSS_USE_MEMCACHE is set to \"NO\", " "client applications will not use the fast in-memory cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1036 sssd-ifp.5.xml:74 +#: sssd.conf.5.xml:1037 sssd-ifp.5.xml:74 msgid "user_attributes (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1039 +#: sssd.conf.5.xml:1040 msgid "" "Some of the additional NSS responder requests can return more attributes " "than just the POSIX ones defined by the NSS interface. The list of " @@ -1375,96 +1375,96 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1052 +#: sssd.conf.5.xml:1053 msgid "" "To make configuration more easy the NSS responder will check the InfoPipe " "option if it is not set for the NSS responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1057 +#: sssd.conf.5.xml:1058 msgid "Default: not set, fallback to InfoPipe option" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1062 +#: sssd.conf.5.xml:1063 msgid "pwfield (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1065 +#: sssd.conf.5.xml:1066 msgid "" "The value that NSS operations that return users or groups will return for " "the <quote>password</quote> field." msgstr "" #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:1070 include/override_homedir.xml:56 +#: sssd.conf.5.xml:1071 include/override_homedir.xml:56 msgid "This option can also be set per-domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1073 +#: sssd.conf.5.xml:1074 msgid "" "Default: <quote>*</quote> (remote domains) or <quote>x</quote> (the files " "domain)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1081 +#: sssd.conf.5.xml:1082 msgid "PAM configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1083 +#: sssd.conf.5.xml:1084 msgid "" "These options can be used to configure the Pluggable Authentication Module " "(PAM) service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1088 +#: sssd.conf.5.xml:1089 msgid "offline_credentials_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1091 +#: sssd.conf.5.xml:1092 msgid "" "If the authentication provider is offline, how long should we allow cached " "logins (in days since the last successful online login)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1096 sssd.conf.5.xml:1109 +#: sssd.conf.5.xml:1097 sssd.conf.5.xml:1110 msgid "Default: 0 (No limit)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1102 +#: sssd.conf.5.xml:1103 msgid "offline_failed_login_attempts (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1105 +#: sssd.conf.5.xml:1106 msgid "" "If the authentication provider is offline, how many failed login attempts " "are allowed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1115 +#: sssd.conf.5.xml:1116 msgid "offline_failed_login_delay (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1118 +#: sssd.conf.5.xml:1119 msgid "" "The time in minutes which has to pass after offline_failed_login_attempts " "has been reached before a new login attempt is possible." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1123 +#: sssd.conf.5.xml:1124 msgid "" "If set to 0 the user cannot authenticate offline if " "offline_failed_login_attempts has been reached. Only a successful online " @@ -1472,59 +1472,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1129 sssd.conf.5.xml:1227 +#: sssd.conf.5.xml:1130 sssd.conf.5.xml:1228 msgid "Default: 5" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1135 +#: sssd.conf.5.xml:1136 msgid "pam_verbosity (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1138 +#: sssd.conf.5.xml:1139 msgid "" "Controls what kind of messages are shown to the user during authentication. " "The higher the number to more messages are displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1143 +#: sssd.conf.5.xml:1144 msgid "Currently sssd supports the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1146 +#: sssd.conf.5.xml:1147 msgid "<emphasis>0</emphasis>: do not show any message" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1149 +#: sssd.conf.5.xml:1150 msgid "<emphasis>1</emphasis>: show only important messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1153 +#: sssd.conf.5.xml:1154 msgid "<emphasis>2</emphasis>: show informational messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1156 +#: sssd.conf.5.xml:1157 msgid "<emphasis>3</emphasis>: show all messages and debug information" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1160 sssd.8.xml:63 +#: sssd.conf.5.xml:1161 sssd.8.xml:63 msgid "Default: 1" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1166 +#: sssd.conf.5.xml:1167 msgid "pam_response_filter (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1169 +#: sssd.conf.5.xml:1170 msgid "" "A comma separated list of strings which allows to remove (filter) data sent " "by the PAM responder to pam_sss PAM module. There are different kind of " @@ -1533,61 +1533,61 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1177 +#: sssd.conf.5.xml:1178 msgid "" "While messages already can be controlled with the help of the pam_verbosity " "option this option allows to filter out other kind of responses as well." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1184 +#: sssd.conf.5.xml:1185 msgid "ENV" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1185 +#: sssd.conf.5.xml:1186 msgid "Do not send any environment variables to any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1188 +#: sssd.conf.5.xml:1189 msgid "ENV:var_name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1189 +#: sssd.conf.5.xml:1190 msgid "Do not send environment variable var_name to any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1193 +#: sssd.conf.5.xml:1194 msgid "ENV:var_name:service" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1194 +#: sssd.conf.5.xml:1195 msgid "Do not send environment variable var_name to service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1182 +#: sssd.conf.5.xml:1183 msgid "" "Currently the following filters are supported: <placeholder type=" "\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1204 +#: sssd.conf.5.xml:1205 msgid "Example: ENV:KRB5CCNAME:sudo-i" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1210 +#: sssd.conf.5.xml:1211 msgid "pam_id_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1213 +#: sssd.conf.5.xml:1214 msgid "" "For any PAM request while SSSD is online, the SSSD will attempt to " "immediately update the cached identity information for the user in order to " @@ -1595,7 +1595,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1219 +#: sssd.conf.5.xml:1220 msgid "" "A complete PAM conversation may perform multiple PAM requests, such as " "account management and session opening. This option controls (on a per-" @@ -1604,17 +1604,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1233 +#: sssd.conf.5.xml:1234 msgid "pam_pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1236 sssd.conf.5.xml:2235 +#: sssd.conf.5.xml:1237 sssd.conf.5.xml:2236 msgid "Display a warning N days before the password expires." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1239 +#: sssd.conf.5.xml:1240 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -1622,31 +1622,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1245 sssd.conf.5.xml:2238 +#: sssd.conf.5.xml:1246 sssd.conf.5.xml:2239 msgid "" "If zero is set, then this filter is not applied, i.e. if the expiration " "warning was received from backend server, it will automatically be displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1250 +#: sssd.conf.5.xml:1251 msgid "" "This setting can be overridden by setting <emphasis>pwd_expiration_warning</" "emphasis> for a particular domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1255 sssd.conf.5.xml:3061 sssd.8.xml:79 +#: sssd.conf.5.xml:1256 sssd.conf.5.xml:3069 sssd.8.xml:79 msgid "Default: 0" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1272 +#: sssd.conf.5.xml:1273 msgid "pam_trusted_users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1275 +#: sssd.conf.5.xml:1276 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to run PAM conversations against trusted domains. Users not " @@ -1656,75 +1656,75 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1285 +#: sssd.conf.5.xml:1286 msgid "Default: All users are considered trusted by default" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1289 +#: sssd.conf.5.xml:1290 msgid "" "Please note that UID 0 is always allowed to access the PAM responder even in " "case it is not in the pam_trusted_users list." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1296 +#: sssd.conf.5.xml:1297 msgid "pam_public_domains (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1299 +#: sssd.conf.5.xml:1300 msgid "" "Specifies the comma-separated list of domain names that are accessible even " "to untrusted users." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1303 +#: sssd.conf.5.xml:1304 msgid "Two special values for pam_public_domains option are defined:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1307 +#: sssd.conf.5.xml:1308 msgid "" "all (Untrusted users are allowed to access all domains in PAM responder.)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1311 +#: sssd.conf.5.xml:1312 msgid "" "none (Untrusted users are not allowed to access any domains PAM in " "responder.)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1315 sssd.conf.5.xml:1340 sssd.conf.5.xml:1359 -#: sssd.conf.5.xml:1546 sssd.conf.5.xml:2032 sssd.conf.5.xml:2997 -#: sssd-ldap.5.xml:1920 +#: sssd.conf.5.xml:1316 sssd.conf.5.xml:1341 sssd.conf.5.xml:1360 +#: sssd.conf.5.xml:1547 sssd.conf.5.xml:2033 sssd.conf.5.xml:2998 +#: sssd-ldap.5.xml:1978 msgid "Default: none" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1320 +#: sssd.conf.5.xml:1321 msgid "pam_account_expired_message (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1323 +#: sssd.conf.5.xml:1324 msgid "" "Allows a custom expiration message to be set, replacing the default " "'Permission denied' message." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1328 +#: sssd.conf.5.xml:1329 msgid "" "Note: Please be aware that message is only printed for the SSH service " "unless pam_verbosity is set to 3 (show all messages and debug information)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1336 +#: sssd.conf.5.xml:1337 #, no-wrap msgid "" "pam_account_expired_message = Account expired, please contact help desk.\n" @@ -1732,19 +1732,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1345 +#: sssd.conf.5.xml:1346 msgid "pam_account_locked_message (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1348 +#: sssd.conf.5.xml:1349 msgid "" "Allows a custom lockout message to be set, replacing the default 'Permission " "denied' message." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1355 +#: sssd.conf.5.xml:1356 #, no-wrap msgid "" "pam_account_locked_message = Account locked, please contact help desk.\n" @@ -1752,12 +1752,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1364 +#: sssd.conf.5.xml:1365 msgid "pam_cert_auth (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1367 +#: sssd.conf.5.xml:1368 msgid "" "Enable certificate based Smartcard authentication. Since this requires " "additional communication with the Smartcard which will delay the " @@ -1765,77 +1765,77 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1373 sssd.conf.5.xml:3090 sssd-ldap.5.xml:1455 -#: sssd-ldap.5.xml:1476 sssd-ldap.5.xml:1993 sssd-ad.5.xml:435 +#: sssd.conf.5.xml:1374 sssd-ldap.5.xml:1493 sssd-ldap.5.xml:1514 +#: sssd-ldap.5.xml:2051 sssd-ad.5.xml:435 sssd-ad.5.xml:453 #: include/ldap_id_mapping.xml:244 msgid "Default: False" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1378 +#: sssd.conf.5.xml:1379 msgid "pam_cert_db_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1381 +#: sssd.conf.5.xml:1382 msgid "" "The path to the certificate database which contain the PKCS#11 modules to " "access the Smartcard." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1385 sssd.conf.5.xml:1691 sssd.conf.5.xml:3441 +#: sssd.conf.5.xml:1386 sssd.conf.5.xml:1692 sssd.conf.5.xml:3509 msgid "Default:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1387 sssd.conf.5.xml:1693 +#: sssd.conf.5.xml:1388 sssd.conf.5.xml:1694 msgid "/etc/pki/nssdb (NSS version, path to a NSS database)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1390 sssd.conf.5.xml:1696 +#: sssd.conf.5.xml:1391 sssd.conf.5.xml:1697 msgid "" "/etc/sssd/pki/sssd_auth_ca_db.pem (OpenSSL version, path to a file with " "trusted CA certificates in PEM format)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1405 +#: sssd.conf.5.xml:1406 msgid "p11_child_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1408 +#: sssd.conf.5.xml:1409 msgid "How many seconds will pam_sss wait for p11_child to finish." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1417 +#: sssd.conf.5.xml:1418 msgid "pam_app_services (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1420 +#: sssd.conf.5.xml:1421 msgid "" "Which PAM services are permitted to contact domains of type " "<quote>application</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1429 +#: sssd.conf.5.xml:1430 msgid "pam_p11_allowed_services (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1432 +#: sssd.conf.5.xml:1433 msgid "" "A comma-separated list of PAM service names for which it will be allowed to " "use Smartcards." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1447 +#: sssd.conf.5.xml:1448 #, no-wrap msgid "" "pam_p11_allowed_services = +my_pam_service, -login\n" @@ -1843,7 +1843,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1436 +#: sssd.conf.5.xml:1437 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -1855,63 +1855,63 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1451 sssd-ad.5.xml:485 sssd-ad.5.xml:581 sssd-ad.5.xml:627 -#: sssd-ad.5.xml:673 sssd-ad.5.xml:739 +#: sssd.conf.5.xml:1452 sssd-ad.5.xml:504 sssd-ad.5.xml:600 sssd-ad.5.xml:646 +#: sssd-ad.5.xml:692 sssd-ad.5.xml:758 msgid "Default: the default set of PAM service names includes:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1456 sssd-ad.5.xml:489 +#: sssd.conf.5.xml:1457 sssd-ad.5.xml:508 msgid "login" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1461 sssd-ad.5.xml:494 +#: sssd.conf.5.xml:1462 sssd-ad.5.xml:513 msgid "su" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1466 sssd-ad.5.xml:499 +#: sssd.conf.5.xml:1467 sssd-ad.5.xml:518 msgid "su-l" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1471 sssd-ad.5.xml:514 +#: sssd.conf.5.xml:1472 sssd-ad.5.xml:533 msgid "gdm-smartcard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1476 sssd-ad.5.xml:509 +#: sssd.conf.5.xml:1477 sssd-ad.5.xml:528 msgid "gdm-password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1481 sssd-ad.5.xml:519 +#: sssd.conf.5.xml:1482 sssd-ad.5.xml:538 msgid "kdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1486 sssd-ad.5.xml:748 +#: sssd.conf.5.xml:1487 sssd-ad.5.xml:767 msgid "sudo" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1491 sssd-ad.5.xml:753 +#: sssd.conf.5.xml:1492 sssd-ad.5.xml:772 msgid "sudo-i" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1496 +#: sssd.conf.5.xml:1497 msgid "gnome-screensaver" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1504 +#: sssd.conf.5.xml:1505 msgid "p11_wait_for_card_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1507 +#: sssd.conf.5.xml:1508 msgid "" "If Smartcard authentication is required how many extra seconds in addition " "to p11_child_timeout should the PAM responder wait until a Smartcard is " @@ -1919,23 +1919,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1518 +#: sssd.conf.5.xml:1519 msgid "p11_uri (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1521 +#: sssd.conf.5.xml:1522 msgid "" "PKCS#11 URI (see RFC-7512 for details) which can be used to restrict the " "selection of devices used for Smartcard authentication. By default SSSD's " "p11_child will search for a PKCS#11 slot (reader) where the 'removable' " "flags is set and read the certificates from the inserted token from the " -"first slot found. If multiple readers are connected p11_uri can be use to " +"first slot found. If multiple readers are connected p11_uri can be used to " "tell p11_child to use a specific reader." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1534 +#: sssd.conf.5.xml:1535 #, no-wrap msgid "" "p11_uri = slot-description=My%20Smartcar%20Reader\n" @@ -1943,7 +1943,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1538 +#: sssd.conf.5.xml:1539 #, no-wrap msgid "" "p11_uri = library-description=OpenSC%20smartcard%20framework;slot-id=2\n" @@ -1951,7 +1951,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1532 +#: sssd.conf.5.xml:1533 msgid "" "Example: <placeholder type=\"programlisting\" id=\"0\"/> or <placeholder " "type=\"programlisting\" id=\"1\"/> To find suitable URI please check the " @@ -1960,12 +1960,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1554 +#: sssd.conf.5.xml:1555 msgid "SUDO configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1556 +#: sssd.conf.5.xml:1557 msgid "" "These options can be used to configure the sudo service. The detailed " "instructions for configuration of <citerefentry> <refentrytitle>sudo</" @@ -1976,24 +1976,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1573 +#: sssd.conf.5.xml:1574 msgid "sudo_timed (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1576 +#: sssd.conf.5.xml:1577 msgid "" "Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " "that implement time-dependent sudoers entries." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1588 +#: sssd.conf.5.xml:1589 msgid "sudo_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1591 +#: sssd.conf.5.xml:1592 msgid "" "Maximum number of expired rules that can be refreshed at once. If number of " "expired rules is below threshold, those rules are refreshed with " @@ -2003,22 +2003,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1610 +#: sssd.conf.5.xml:1611 msgid "AUTOFS configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1612 +#: sssd.conf.5.xml:1613 msgid "These options can be used to configure the autofs service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1616 +#: sssd.conf.5.xml:1617 msgid "autofs_negative_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1619 +#: sssd.conf.5.xml:1620 msgid "" "Specifies for how many seconds should the autofs responder negative cache " "hits (that is, queries for invalid map entries, like nonexistent ones) " @@ -2026,51 +2026,51 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1635 +#: sssd.conf.5.xml:1636 msgid "SSH configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1637 +#: sssd.conf.5.xml:1638 msgid "These options can be used to configure the SSH service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1641 +#: sssd.conf.5.xml:1642 msgid "ssh_hash_known_hosts (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1644 +#: sssd.conf.5.xml:1645 msgid "" "Whether or not to hash host names and addresses in the managed known_hosts " "file." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1653 +#: sssd.conf.5.xml:1654 msgid "ssh_known_hosts_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1656 +#: sssd.conf.5.xml:1657 msgid "" "How many seconds to keep a host in the managed known_hosts file after its " "host keys were requested." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1660 +#: sssd.conf.5.xml:1661 msgid "Default: 180" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1665 +#: sssd.conf.5.xml:1666 msgid "ssh_use_certificate_keys (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1668 +#: sssd.conf.5.xml:1669 msgid "" "If set to true the <command>sss_ssh_authorizedkeys</command> will return ssh " "keys derived from the public key of X.509 certificates stored in the user " @@ -2079,24 +2079,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1683 +#: sssd.conf.5.xml:1684 msgid "ca_db (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1686 +#: sssd.conf.5.xml:1687 msgid "" "Path to a storage of trusted CA certificates. The option is used to validate " "user certificates before deriving public ssh keys from them." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1714 +#: sssd.conf.5.xml:1715 msgid "PAC responder configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1716 +#: sssd.conf.5.xml:1717 msgid "" "The PAC responder works together with the authorization data plugin for MIT " "Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the " @@ -2107,7 +2107,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1725 +#: sssd.conf.5.xml:1726 msgid "" "If the remote user does not exist in the cache, it is created. The UID is " "determined with the help of the SID, trusted domains will have UPGs and the " @@ -2118,24 +2118,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1733 +#: sssd.conf.5.xml:1734 msgid "" "If there are SIDs of groups from domains sssd knows about, the user will be " "added to those groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1739 +#: sssd.conf.5.xml:1740 msgid "These options can be used to configure the PAC responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1743 sssd-ifp.5.xml:50 +#: sssd.conf.5.xml:1744 sssd-ifp.5.xml:50 msgid "allowed_uids (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1746 +#: sssd.conf.5.xml:1747 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to access the PAC responder. User names are resolved to UIDs at " @@ -2143,12 +2143,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1752 +#: sssd.conf.5.xml:1753 msgid "Default: 0 (only the root user is allowed to access the PAC responder)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1756 +#: sssd.conf.5.xml:1757 msgid "" "Please note that although the UID 0 is used as the default it will be " "overwritten with this option. If you still want to allow the root user to " @@ -2157,24 +2157,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1765 +#: sssd.conf.5.xml:1766 msgid "pac_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1768 +#: sssd.conf.5.xml:1769 msgid "" "Lifetime of the PAC entry in seconds. As long as the PAC is valid the PAC " "data can be used to determine the group memberships of a user." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1781 +#: sssd.conf.5.xml:1782 msgid "Session recording configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1783 +#: sssd.conf.5.xml:1784 msgid "" "Session recording works in conjunction with <citerefentry> " "<refentrytitle>tlog-rec-session</refentrytitle> <manvolnum>8</manvolnum> </" @@ -2184,66 +2184,66 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1796 +#: sssd.conf.5.xml:1797 msgid "These options can be used to configure session recording." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1800 sssd-session-recording.5.xml:64 +#: sssd.conf.5.xml:1801 sssd-session-recording.5.xml:64 msgid "scope (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1807 sssd-session-recording.5.xml:71 +#: sssd.conf.5.xml:1808 sssd-session-recording.5.xml:71 msgid "\"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1810 sssd-session-recording.5.xml:74 +#: sssd.conf.5.xml:1811 sssd-session-recording.5.xml:74 msgid "No users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1815 sssd-session-recording.5.xml:79 +#: sssd.conf.5.xml:1816 sssd-session-recording.5.xml:79 msgid "\"some\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1818 sssd-session-recording.5.xml:82 +#: sssd.conf.5.xml:1819 sssd-session-recording.5.xml:82 msgid "" "Users/groups specified by <replaceable>users</replaceable> and " "<replaceable>groups</replaceable> options are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1827 sssd-session-recording.5.xml:91 +#: sssd.conf.5.xml:1828 sssd-session-recording.5.xml:91 msgid "\"all\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1830 sssd-session-recording.5.xml:94 +#: sssd.conf.5.xml:1831 sssd-session-recording.5.xml:94 msgid "All users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1803 sssd-session-recording.5.xml:67 +#: sssd.conf.5.xml:1804 sssd-session-recording.5.xml:67 msgid "" "One of the following strings specifying the scope of session recording: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1837 sssd-session-recording.5.xml:101 +#: sssd.conf.5.xml:1838 sssd-session-recording.5.xml:101 msgid "Default: \"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1842 sssd-session-recording.5.xml:106 +#: sssd.conf.5.xml:1843 sssd-session-recording.5.xml:106 msgid "users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1845 sssd-session-recording.5.xml:109 +#: sssd.conf.5.xml:1846 sssd-session-recording.5.xml:109 msgid "" "A comma-separated list of users which should have session recording enabled. " "Matches user names as returned by NSS. I.e. after the possible space " @@ -2251,17 +2251,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1851 sssd-session-recording.5.xml:115 +#: sssd.conf.5.xml:1852 sssd-session-recording.5.xml:115 msgid "Default: Empty. Matches no users." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1856 sssd-session-recording.5.xml:120 +#: sssd.conf.5.xml:1857 sssd-session-recording.5.xml:120 msgid "groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1859 sssd-session-recording.5.xml:123 +#: sssd.conf.5.xml:1860 sssd-session-recording.5.xml:123 msgid "" "A comma-separated list of groups, members of which should have session " "recording enabled. Matches group names as returned by NSS. I.e. after the " @@ -2269,7 +2269,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1865 sssd-session-recording.5.xml:129 +#: sssd.conf.5.xml:1866 sssd-session-recording.5.xml:129 msgid "" "NOTE: using this option (having it set to anything) has a considerable " "performance cost, because each uncached request for a user requires " @@ -2277,22 +2277,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1872 sssd-session-recording.5.xml:136 +#: sssd.conf.5.xml:1873 sssd-session-recording.5.xml:136 msgid "Default: Empty. Matches no groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1882 +#: sssd.conf.5.xml:1883 msgid "DOMAIN SECTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1889 +#: sssd.conf.5.xml:1890 msgid "domain_type (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1892 +#: sssd.conf.5.xml:1893 msgid "" "Specifies whether the domain is meant to be used by POSIX-aware clients such " "as the Name Service Switch or by applications that do not need POSIX data to " @@ -2301,14 +2301,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1900 +#: sssd.conf.5.xml:1901 msgid "" "Allowed values for this option are <quote>posix</quote> and " "<quote>application</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1904 +#: sssd.conf.5.xml:1905 msgid "" "POSIX domains are reachable by all services. Application domains are only " "reachable from the InfoPipe responder (see <citerefentry> " @@ -2317,38 +2317,38 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1912 +#: sssd.conf.5.xml:1913 msgid "" "NOTE: The application domains are currently well tested with " "<quote>id_provider=ldap</quote> only." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1916 +#: sssd.conf.5.xml:1917 msgid "" "For an easy way to configure a non-POSIX domains, please see the " "<quote>Application domains</quote> section." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1920 +#: sssd.conf.5.xml:1921 msgid "Default: posix" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1926 +#: sssd.conf.5.xml:1927 msgid "min_id,max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1929 +#: sssd.conf.5.xml:1930 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1934 +#: sssd.conf.5.xml:1935 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For non-" @@ -2357,24 +2357,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1941 +#: sssd.conf.5.xml:1942 msgid "" "These ID limits affect even saving entries to cache, not only returning them " "by name or ID." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1945 +#: sssd.conf.5.xml:1946 msgid "Default: 1 for min_id, 0 (no limit) for max_id" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1951 +#: sssd.conf.5.xml:1952 msgid "enumerate (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1954 +#: sssd.conf.5.xml:1955 msgid "" "Determines if a domain can be enumerated, that is, whether the domain can " "list all the users and group it contains. Note that it is not required to " @@ -2383,29 +2383,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1962 +#: sssd.conf.5.xml:1963 msgid "TRUE = Users and groups are enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1965 +#: sssd.conf.5.xml:1966 msgid "FALSE = No enumerations for this domain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1968 sssd.conf.5.xml:2190 sssd.conf.5.xml:2365 +#: sssd.conf.5.xml:1969 sssd.conf.5.xml:2191 sssd.conf.5.xml:2366 msgid "Default: FALSE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1971 +#: sssd.conf.5.xml:1972 msgid "" "Enumerating a domain requires SSSD to download and store ALL user and group " "entries from the remote server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1976 +#: sssd.conf.5.xml:1977 msgid "" "Note: Enabling enumeration has a moderate performance impact on SSSD while " "enumeration is running. It may take up to several minutes after SSSD startup " @@ -2419,14 +2419,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1991 +#: sssd.conf.5.xml:1992 msgid "" "While the first enumeration is running, requests for the complete user or " "group lists may return no results until it completes." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1996 +#: sssd.conf.5.xml:1997 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " @@ -2435,39 +2435,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2004 +#: sssd.conf.5.xml:2005 msgid "" "For the reasons cited above, enabling enumeration is not recommended, " "especially in large environments." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2012 +#: sssd.conf.5.xml:2013 msgid "subdomain_enumerate (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2019 +#: sssd.conf.5.xml:2020 msgid "all" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2020 +#: sssd.conf.5.xml:2021 msgid "All discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2023 +#: sssd.conf.5.xml:2024 msgid "none" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2024 +#: sssd.conf.5.xml:2025 msgid "No discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2015 +#: sssd.conf.5.xml:2016 msgid "" "Whether any of autodetected trusted domains should be enumerated. The " "supported values are: <placeholder type=\"variablelist\" id=\"0\"/> " @@ -2476,19 +2476,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2038 +#: sssd.conf.5.xml:2039 msgid "entry_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2041 +#: sssd.conf.5.xml:2042 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2045 +#: sssd.conf.5.xml:2046 msgid "" "The cache expiration timestamps are stored as attributes of individual " "objects in the cache. Therefore, changing the cache timeout only has effect " @@ -2499,151 +2499,151 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2058 +#: sssd.conf.5.xml:2059 msgid "Default: 5400" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2064 +#: sssd.conf.5.xml:2065 msgid "entry_cache_user_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2067 +#: sssd.conf.5.xml:2068 msgid "" "How many seconds should nss_sss consider user entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2071 sssd.conf.5.xml:2084 sssd.conf.5.xml:2097 -#: sssd.conf.5.xml:2110 sssd.conf.5.xml:2123 sssd.conf.5.xml:2137 -#: sssd.conf.5.xml:2151 +#: sssd.conf.5.xml:2072 sssd.conf.5.xml:2085 sssd.conf.5.xml:2098 +#: sssd.conf.5.xml:2111 sssd.conf.5.xml:2124 sssd.conf.5.xml:2138 +#: sssd.conf.5.xml:2152 msgid "Default: entry_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2077 +#: sssd.conf.5.xml:2078 msgid "entry_cache_group_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2080 +#: sssd.conf.5.xml:2081 msgid "" "How many seconds should nss_sss consider group entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2090 +#: sssd.conf.5.xml:2091 msgid "entry_cache_netgroup_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2093 +#: sssd.conf.5.xml:2094 msgid "" "How many seconds should nss_sss consider netgroup entries valid before " "asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2103 +#: sssd.conf.5.xml:2104 msgid "entry_cache_service_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2106 +#: sssd.conf.5.xml:2107 msgid "" "How many seconds should nss_sss consider service entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2116 +#: sssd.conf.5.xml:2117 msgid "entry_cache_sudo_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2119 +#: sssd.conf.5.xml:2120 msgid "" "How many seconds should sudo consider rules valid before asking the backend " "again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2129 +#: sssd.conf.5.xml:2130 msgid "entry_cache_autofs_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2132 +#: sssd.conf.5.xml:2133 msgid "" "How many seconds should the autofs service consider automounter maps valid " "before asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2143 +#: sssd.conf.5.xml:2144 msgid "entry_cache_ssh_host_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2146 +#: sssd.conf.5.xml:2147 msgid "" "How many seconds to keep a host ssh key after refresh. IE how long to cache " "the host key for." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2157 +#: sssd.conf.5.xml:2158 msgid "refresh_expired_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2160 +#: sssd.conf.5.xml:2161 msgid "" "Specifies how many seconds SSSD has to wait before triggering a background " "refresh task which will refresh all expired or nearly expired records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2165 +#: sssd.conf.5.xml:2166 msgid "" "The background refresh will process users, groups and netgroups in the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2169 +#: sssd.conf.5.xml:2170 msgid "You can consider setting this value to 3/4 * entry_cache_timeout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2173 sssd-ldap.5.xml:746 sssd-ipa.5.xml:254 +#: sssd.conf.5.xml:2174 sssd-ldap.5.xml:784 sssd-ipa.5.xml:254 msgid "Default: 0 (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2179 +#: sssd.conf.5.xml:2180 msgid "cache_credentials (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2182 +#: sssd.conf.5.xml:2183 msgid "Determines if user credentials are also cached in the local LDB cache" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2186 +#: sssd.conf.5.xml:2187 msgid "User credentials are stored in a SHA512 hash, not in plaintext" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2196 +#: sssd.conf.5.xml:2197 msgid "cache_credentials_minimal_first_factor_length (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2199 +#: sssd.conf.5.xml:2200 msgid "" "If 2-Factor-Authentication (2FA) is used and credentials should be saved " "this value determines the minimal length the first authentication factor " @@ -2651,24 +2651,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2206 +#: sssd.conf.5.xml:2207 msgid "" "This should avoid that the short PINs of a PIN based 2FA scheme are saved in " "the cache which would make them easy targets for brute-force attacks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2211 +#: sssd.conf.5.xml:2212 msgid "Default: 8" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2217 +#: sssd.conf.5.xml:2218 msgid "account_cache_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2220 +#: sssd.conf.5.xml:2221 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " @@ -2677,17 +2677,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2227 +#: sssd.conf.5.xml:2228 msgid "Default: 0 (unlimited)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2232 +#: sssd.conf.5.xml:2233 msgid "pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2243 +#: sssd.conf.5.xml:2244 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -2696,34 +2696,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2250 +#: sssd.conf.5.xml:2251 msgid "Default: 7 (Kerberos), 0 (LDAP)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2256 +#: sssd.conf.5.xml:2257 msgid "id_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2259 +#: sssd.conf.5.xml:2260 msgid "" "The identification provider used for the domain. Supported ID providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2263 +#: sssd.conf.5.xml:2264 msgid "<quote>proxy</quote>: Support a legacy NSS provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2266 +#: sssd.conf.5.xml:2267 msgid "" "<quote>local</quote>: SSSD internal provider for local users (DEPRECATED)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2270 +#: sssd.conf.5.xml:2271 msgid "" "<quote>files</quote>: FILES provider. See <citerefentry> <refentrytitle>sssd-" "files</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -2731,7 +2731,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2278 +#: sssd.conf.5.xml:2279 msgid "" "<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -2739,8 +2739,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2286 sssd.conf.5.xml:2391 sssd.conf.5.xml:2446 -#: sssd.conf.5.xml:2509 +#: sssd.conf.5.xml:2287 sssd.conf.5.xml:2392 sssd.conf.5.xml:2447 +#: sssd.conf.5.xml:2510 msgid "" "<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management " "provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " @@ -2749,8 +2749,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2295 sssd.conf.5.xml:2400 sssd.conf.5.xml:2455 -#: sssd.conf.5.xml:2518 +#: sssd.conf.5.xml:2296 sssd.conf.5.xml:2401 sssd.conf.5.xml:2456 +#: sssd.conf.5.xml:2519 msgid "" "<quote>ad</quote>: Active Directory provider. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2758,19 +2758,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2306 +#: sssd.conf.5.xml:2307 msgid "use_fully_qualified_names (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2309 +#: sssd.conf.5.xml:2310 msgid "" "Use the full name and domain (as formatted by the domain's full_name_format) " "as the user's login name reported to NSS." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2314 +#: sssd.conf.5.xml:2315 msgid "" "If set to TRUE, all requests to this domain must use fully qualified names. " "For example, if used in LOCAL domain that contains a \"test\" user, " @@ -2779,7 +2779,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2322 +#: sssd.conf.5.xml:2323 msgid "" "NOTE: This option has no effect on netgroup lookups due to their tendency to " "include nested netgroups without qualified names. For netgroups, all domains " @@ -2787,22 +2787,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2329 +#: sssd.conf.5.xml:2330 msgid "Default: FALSE (TRUE if default_domain_suffix is used)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2335 +#: sssd.conf.5.xml:2336 msgid "ignore_group_members (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2338 +#: sssd.conf.5.xml:2339 msgid "Do not return group members for group lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2341 +#: sssd.conf.5.xml:2342 msgid "" "If set to TRUE, the group membership attribute is not requested from the " "ldap server, and group members are not returned when processing group lookup " @@ -2814,7 +2814,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2359 +#: sssd.conf.5.xml:2360 msgid "" "Enabling this option can also make access provider checks for group " "membership significantly faster, especially for groups containing many " @@ -2822,19 +2822,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2370 +#: sssd.conf.5.xml:2371 msgid "auth_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2373 +#: sssd.conf.5.xml:2374 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2377 sssd.conf.5.xml:2439 +#: sssd.conf.5.xml:2378 sssd.conf.5.xml:2440 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2842,7 +2842,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2384 +#: sssd.conf.5.xml:2385 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2850,35 +2850,35 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2408 +#: sssd.conf.5.xml:2409 msgid "" "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2411 +#: sssd.conf.5.xml:2412 msgid "<quote>local</quote>: SSSD internal provider for local users" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2415 +#: sssd.conf.5.xml:2416 msgid "<quote>none</quote> disables authentication explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2418 +#: sssd.conf.5.xml:2419 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2424 +#: sssd.conf.5.xml:2425 msgid "access_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2427 +#: sssd.conf.5.xml:2428 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " @@ -2886,19 +2886,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2433 +#: sssd.conf.5.xml:2434 msgid "" "<quote>permit</quote> always allow access. It's the only permitted access " "provider for a local domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2436 +#: sssd.conf.5.xml:2437 msgid "<quote>deny</quote> always deny access." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2463 +#: sssd.conf.5.xml:2464 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" @@ -2907,7 +2907,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2470 +#: sssd.conf.5.xml:2471 msgid "" "<quote>krb5</quote>: .k5login based access control. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum></" @@ -2915,29 +2915,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2477 +#: sssd.conf.5.xml:2478 msgid "<quote>proxy</quote> for relaying access control to another PAM module." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2480 +#: sssd.conf.5.xml:2481 msgid "Default: <quote>permit</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2485 +#: sssd.conf.5.xml:2486 msgid "chpass_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2488 +#: sssd.conf.5.xml:2489 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2493 +#: sssd.conf.5.xml:2494 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -2945,7 +2945,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2501 +#: sssd.conf.5.xml:2502 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2953,35 +2953,35 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2526 +#: sssd.conf.5.xml:2527 msgid "" "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2530 +#: sssd.conf.5.xml:2531 msgid "<quote>none</quote> disallows password changes explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2533 +#: sssd.conf.5.xml:2534 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2540 +#: sssd.conf.5.xml:2541 msgid "sudo_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2543 +#: sssd.conf.5.xml:2544 msgid "The SUDO provider used for the domain. Supported SUDO providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2547 +#: sssd.conf.5.xml:2548 msgid "" "<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2989,32 +2989,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2555 +#: sssd.conf.5.xml:2556 msgid "" "<quote>ipa</quote> the same as <quote>ldap</quote> but with IPA default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2559 +#: sssd.conf.5.xml:2560 msgid "" "<quote>ad</quote> the same as <quote>ldap</quote> but with AD default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2563 +#: sssd.conf.5.xml:2564 msgid "<quote>none</quote> disables SUDO explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2566 sssd.conf.5.xml:2652 sssd.conf.5.xml:2722 -#: sssd.conf.5.xml:2747 +#: sssd.conf.5.xml:2567 sssd.conf.5.xml:2653 sssd.conf.5.xml:2723 +#: sssd.conf.5.xml:2748 msgid "Default: The value of <quote>id_provider</quote> is used if it is set." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2570 +#: sssd.conf.5.xml:2571 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -3025,7 +3025,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2585 +#: sssd.conf.5.xml:2586 msgid "" "<emphasis>NOTE:</emphasis> Sudo rules are periodically downloaded in the " "background unless the sudo provider is explicitly disabled. Set " @@ -3034,12 +3034,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2595 +#: sssd.conf.5.xml:2596 msgid "selinux_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2598 +#: sssd.conf.5.xml:2599 msgid "" "The provider which should handle loading of selinux settings. Note that this " "provider will be called right after access provider ends. Supported selinux " @@ -3047,7 +3047,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2604 +#: sssd.conf.5.xml:2605 msgid "" "<quote>ipa</quote> to load selinux settings from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3055,31 +3055,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2612 +#: sssd.conf.5.xml:2613 msgid "<quote>none</quote> disallows fetching selinux settings explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2615 +#: sssd.conf.5.xml:2616 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "selinux loading requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2621 +#: sssd.conf.5.xml:2622 msgid "subdomains_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2624 +#: sssd.conf.5.xml:2625 msgid "" "The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider. Supported subdomain providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2630 +#: sssd.conf.5.xml:2631 msgid "" "<quote>ipa</quote> to load a list of subdomains from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3087,7 +3087,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2639 +#: sssd.conf.5.xml:2640 msgid "" "<quote>ad</quote> to load a list of subdomains from an Active Directory " "server. See <citerefentry> <refentrytitle>sssd-ad</refentrytitle> " @@ -3096,17 +3096,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2648 +#: sssd.conf.5.xml:2649 msgid "<quote>none</quote> disallows fetching subdomains explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2658 +#: sssd.conf.5.xml:2659 msgid "session_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2661 +#: sssd.conf.5.xml:2662 msgid "" "The provider which configures and manages user session related tasks. The " "only user session task currently provided is the integration with Fleet " @@ -3114,43 +3114,43 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2668 +#: sssd.conf.5.xml:2669 msgid "<quote>ipa</quote> to allow performing user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2672 +#: sssd.conf.5.xml:2673 msgid "" "<quote>none</quote> does not perform any kind of user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2676 +#: sssd.conf.5.xml:2677 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can perform " "session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2680 +#: sssd.conf.5.xml:2681 msgid "" "<emphasis>NOTE:</emphasis> In order to have this feature working as expected " "SSSD must be running as \"root\" and not as the unprivileged user." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2688 +#: sssd.conf.5.xml:2689 msgid "autofs_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2691 +#: sssd.conf.5.xml:2692 msgid "" "The autofs provider used for the domain. Supported autofs providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2695 +#: sssd.conf.5.xml:2696 msgid "" "<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3158,7 +3158,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2702 +#: sssd.conf.5.xml:2703 msgid "" "<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> " "<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3166,7 +3166,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2710 +#: sssd.conf.5.xml:2711 msgid "" "<quote>ad</quote> to load maps stored in an AD server. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3174,24 +3174,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2719 +#: sssd.conf.5.xml:2720 msgid "<quote>none</quote> disables autofs explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2729 +#: sssd.conf.5.xml:2730 msgid "hostid_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2732 +#: sssd.conf.5.xml:2733 msgid "" "The provider used for retrieving host identity information. Supported " "hostid providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2736 +#: sssd.conf.5.xml:2737 msgid "" "<quote>ipa</quote> to load host identity stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3199,12 +3199,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2744 +#: sssd.conf.5.xml:2745 msgid "<quote>none</quote> disables hostid explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2757 +#: sssd.conf.5.xml:2758 msgid "" "Regular expression for this domain that describes how to parse the string " "containing user name and domain into these components. The \"domain\" can " @@ -3214,7 +3214,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2766 +#: sssd.conf.5.xml:2767 msgid "" "Default for the AD and IPA provider: <quote>(((?P<domain>[^\\\\]+)\\" "\\(?P<name>.+$))|((?P<name>[^@]+)@(?P<domain>.+$))|(^(?" @@ -3223,29 +3223,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2771 +#: sssd.conf.5.xml:2772 msgid "username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2774 +#: sssd.conf.5.xml:2775 msgid "username@domain.name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2777 +#: sssd.conf.5.xml:2778 msgid "domain\\username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2780 +#: sssd.conf.5.xml:2781 msgid "" "While the first two correspond to the general default the third one is " "introduced to allow easy integration of users from Windows domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2785 +#: sssd.conf.5.xml:2786 msgid "" "Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " "which translates to \"the name is everything up to the <quote>@</quote> " @@ -3253,7 +3253,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2791 +#: sssd.conf.5.xml:2792 msgid "" "NOTE: Some Active Directory groups, typically those used for MS Exchange " "contain an <quote>@</quote> sign in the name, which clashes with the default " @@ -3263,59 +3263,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2842 +#: sssd.conf.5.xml:2843 msgid "Default: <quote>%1$s@%2$s</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2848 +#: sssd.conf.5.xml:2849 msgid "lookup_family_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2851 +#: sssd.conf.5.xml:2852 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2855 +#: sssd.conf.5.xml:2856 msgid "Supported values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2858 +#: sssd.conf.5.xml:2859 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2861 +#: sssd.conf.5.xml:2862 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2864 +#: sssd.conf.5.xml:2865 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2867 +#: sssd.conf.5.xml:2868 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2870 +#: sssd.conf.5.xml:2871 msgid "Default: ipv4_first" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2876 +#: sssd.conf.5.xml:2877 msgid "dns_resolver_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2879 +#: sssd.conf.5.xml:2880 msgid "" "Defines the amount of time (in seconds) to wait for a reply from the " "internal fail over service before assuming that the service is unreachable. " @@ -3324,77 +3324,77 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2886 +#: sssd.conf.5.xml:2887 msgid "" "Please see the section <quote>FAILOVER</quote> for more information about " "the service resolution." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2891 sssd-ldap.5.xml:1337 sssd-ldap.5.xml:1379 -#: sssd-ldap.5.xml:1397 sssd-krb5.5.xml:248 +#: sssd.conf.5.xml:2892 sssd-ldap.5.xml:1375 sssd-ldap.5.xml:1417 +#: sssd-ldap.5.xml:1435 sssd-krb5.5.xml:248 msgid "Default: 6" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2897 +#: sssd.conf.5.xml:2898 msgid "dns_discovery_domain (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2900 +#: sssd.conf.5.xml:2901 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2904 +#: sssd.conf.5.xml:2905 msgid "Default: Use the domain part of machine's hostname" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2910 +#: sssd.conf.5.xml:2911 msgid "override_gid (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2913 +#: sssd.conf.5.xml:2914 msgid "Override the primary GID value with the one specified." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2919 +#: sssd.conf.5.xml:2920 msgid "case_sensitive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2930 +#: sssd.conf.5.xml:2931 msgid "True" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2933 +#: sssd.conf.5.xml:2934 msgid "Case sensitive. This value is invalid for AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2939 +#: sssd.conf.5.xml:2940 msgid "False" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2941 +#: sssd.conf.5.xml:2942 msgid "Case insensitive." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2945 +#: sssd.conf.5.xml:2946 msgid "Preserving" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2948 +#: sssd.conf.5.xml:2949 msgid "" "Same as False (case insensitive), but does not lowercase names in the result " "of NSS operations. Note that name aliases (and in case of services also " @@ -3402,7 +3402,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2922 +#: sssd.conf.5.xml:2923 msgid "" "Treat user and group names as case sensitive. <phrase condition=" "\"enable_local_provider\"> At the moment, this option is not supported in " @@ -3411,17 +3411,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2960 +#: sssd.conf.5.xml:2961 msgid "Default: True (False for AD provider)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2966 +#: sssd.conf.5.xml:2967 msgid "subdomain_inherit (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2969 +#: sssd.conf.5.xml:2970 msgid "" "Specifies a list of configuration parameters that should be inherited by a " "subdomain. Please note that only selected parameters can be inherited. " @@ -3429,34 +3429,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2975 +#: sssd.conf.5.xml:2976 msgid "ignore_group_members" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2978 +#: sssd.conf.5.xml:2979 msgid "ldap_purge_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2981 sssd-ldap.5.xml:1061 +#: sssd.conf.5.xml:2982 sssd-ldap.5.xml:1099 msgid "ldap_use_tokengroups" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2984 +#: sssd.conf.5.xml:2985 msgid "ldap_user_principal" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2987 +#: sssd.conf.5.xml:2988 msgid "" "ldap_krb5_keytab (the value of krb5_keytab will be used if ldap_krb5_keytab " "is not set explicitly)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:2993 +#: sssd.conf.5.xml:2994 #, no-wrap msgid "" "subdomain_inherit = ldap_purge_cache_timeout\n" @@ -3464,32 +3464,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2991 sssd-secrets.5.xml:448 +#: sssd.conf.5.xml:2992 sssd-secrets.5.xml:448 msgid "Example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3000 +#: sssd.conf.5.xml:3001 msgid "Note: This option only works with the IPA and AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3007 +#: sssd.conf.5.xml:3008 msgid "subdomain_homedir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3018 +#: sssd.conf.5.xml:3019 msgid "%F" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3019 +#: sssd.conf.5.xml:3020 msgid "flat (NetBIOS) name of a subdomain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3010 +#: sssd.conf.5.xml:3011 msgid "" "Use this homedir as default value for all subdomains within this domain in " "IPA AD trust. See <emphasis>override_homedir</emphasis> for info about " @@ -3499,47 +3499,55 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3024 +#: sssd.conf.5.xml:3025 msgid "" "The value can be overridden by <emphasis>override_homedir</emphasis> option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3028 +#: sssd.conf.5.xml:3029 msgid "Default: <filename>/home/%d/%u</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3033 +#: sssd.conf.5.xml:3034 msgid "realmd_tags (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3036 +#: sssd.conf.5.xml:3037 msgid "" "Various tags stored by the realmd configuration service for this domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3042 +#: sssd.conf.5.xml:3043 msgid "cached_auth_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3045 +#: sssd.conf.5.xml:3046 msgid "" "Specifies time in seconds since last successful online authentication for " "which user will be authenticated using cached credentials while SSSD is in " -"the online mode." +"the online mode. If the credentials are incorrect, SSSD falls back to online " +"authentication." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3051 +#: sssd.conf.5.xml:3054 +msgid "" +"This option's value is inherited by all trusted domains. At the moment it is " +"not possible to set a different value per trusted domain." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3059 msgid "Special value 0 implies that this feature is disabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3055 +#: sssd.conf.5.xml:3063 msgid "" "Please note that if <quote>cached_auth_timeout</quote> is longer than " "<quote>pam_id_timeout</quote> then the back end could be called to handle " @@ -3547,43 +3555,115 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3066 +#: sssd.conf.5.xml:3074 msgid "auto_private_groups (string)" msgstr "" -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3069 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3080 +msgid "true" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3083 +msgid "" +"Create user's private group unconditionally from user's UID number. The GID " +"number is ignored in this case." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3087 +msgid "" +"NOTE: Because the GID number and the user private group are inferred from " +"the UID number, it is not supported to have multiple entries with the same " +"UID or GID number with this option. In other words, enabling this option " +"enforces uniqueness across the ID space." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3096 +msgid "false" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3099 +msgid "" +"Always use the user's primary GID number. The GID number must refer to a " +"group object in the LDAP database." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3105 +msgid "hybrid" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3108 +msgid "" +"A primary group is autogenerated for user entries whose UID and GID numbers " +"have the same value and at the same time the GID number does not correspond " +"to a real group object in LDAP If the values are the same, but the primary " +"GID in the user entry is also used by a group object, the primary GID of the " +"user resolves to that group object." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3121 msgid "" -"If this option is enabled, SSSD will automatically create user private " -"groups based on user's UID number. The GID number is ignored in this case." +"If the UID and GID of a user are different, then the GID must correspond to " +"a group entry, otherwise the GID is simply not resolvable." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3128 +msgid "" +"This feature is useful for environments that wish to stop maintaining a " +"separate group objects for the user private groups, but also wish to retain " +"the existing user private groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3074 +#: sssd.conf.5.xml:3077 msgid "" -"For POSIX subdomains, setting the option in the main domain is inherited in " -"the subdomain." +"This option takes any of three available values: <placeholder type=" +"\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3078 +#: sssd.conf.5.xml:3140 +msgid "" +"For subdomains, the default value is False for subdomains that use assigned " +"POSIX IDs and True for subdomains that use automatic ID-mapping." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd.conf.5.xml:3148 +#, no-wrap msgid "" -"For ID-mapping subdomains, auto_private_groups is already enabled for the " -"subdomains and setting it to false will not have any effect for the " -"subdomain." +"[domain/forest.domain/sub.domain]\n" +"auto_private_groups = false\n" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd.conf.5.xml:3154 +#, no-wrap +msgid "" +"[domain/forest.domain]\n" +"subdomain_inherit = auto_private_groups\n" +"auto_private_groups = false\n" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3083 +#: sssd.conf.5.xml:3145 msgid "" -"NOTE: Because the GID number and the user private group are inferred from " -"the UID number, it is not supported to have multiple entries with the same " -"UID or GID number with this option. In other words, enabling this option " -"enforces uniqueness across the ID space." +"The value of auto_private_groups can either be set per subdomains in a " +"subsection, for example: <placeholder type=\"programlisting\" id=\"0\"/> or " +"globally for all subdomains in the main domain section using the " +"subdomain_inherit option: <placeholder type=\"programlisting\" id=\"1\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1884 +#: sssd.conf.5.xml:1885 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called <quote>[domain/<replaceable>NAME</" @@ -3591,29 +3671,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3102 +#: sssd.conf.5.xml:3169 msgid "proxy_pam_target (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3105 +#: sssd.conf.5.xml:3172 msgid "The proxy target PAM proxies to." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3108 +#: sssd.conf.5.xml:3175 msgid "" "Default: not set by default, you have to take an existing pam configuration " "or create a new one and add the service name here." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3116 +#: sssd.conf.5.xml:3183 msgid "proxy_lib_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3119 +#: sssd.conf.5.xml:3186 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " @@ -3621,12 +3701,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3129 +#: sssd.conf.5.xml:3196 msgid "proxy_fast_alias (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3132 +#: sssd.conf.5.xml:3199 msgid "" "When a user or group is looked up by name in the proxy provider, a second " "lookup by ID is performed to \"canonicalize\" the name in case the requested " @@ -3635,12 +3715,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3146 +#: sssd.conf.5.xml:3213 msgid "proxy_max_children (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3149 +#: sssd.conf.5.xml:3216 msgid "" "This option specifies the number of pre-forked proxy children. It is useful " "for high-load SSSD environments where sssd may run out of available child " @@ -3648,19 +3728,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3098 +#: sssd.conf.5.xml:3165 msgid "" "Options valid for proxy domains. <placeholder type=\"variablelist\" id=" "\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:3165 +#: sssd.conf.5.xml:3232 msgid "Application domains" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3167 +#: sssd.conf.5.xml:3234 msgid "" "SSSD, with its D-Bus interface (see <citerefentry> <refentrytitle>sssd-ifp</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry>) is appealing to " @@ -3677,7 +3757,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3187 +#: sssd.conf.5.xml:3254 msgid "" "Please note that the application domain must still be explicitly enabled in " "the <quote>domains</quote> parameter so that the lookup order between the " @@ -3685,17 +3765,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:3193 +#: sssd.conf.5.xml:3260 msgid "Application domain parameters" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3195 +#: sssd.conf.5.xml:3262 msgid "inherit_from (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3198 +#: sssd.conf.5.xml:3265 msgid "" "The SSSD POSIX-type domain the application domain inherits all settings " "from. The application domain can moreover add its own settings to the " @@ -3704,7 +3784,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3212 +#: sssd.conf.5.xml:3279 msgid "" "The following example illustrates the use of an application domain. In this " "setup, the POSIX domain is connected to an LDAP server and is used by the OS " @@ -3714,7 +3794,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><programlisting> -#: sssd.conf.5.xml:3220 +#: sssd.conf.5.xml:3287 #, no-wrap msgid "" "[sssd]\n" @@ -3734,12 +3814,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:3238 +#: sssd.conf.5.xml:3305 msgid "The local domain section" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3240 +#: sssd.conf.5.xml:3307 msgid "" "This section contains settings for domain that stores users and groups in " "SSSD native database, that is, a domain that uses " @@ -3747,73 +3827,73 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3247 +#: sssd.conf.5.xml:3314 msgid "default_shell (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3250 +#: sssd.conf.5.xml:3317 msgid "The default shell for users created with SSSD userspace tools." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3254 +#: sssd.conf.5.xml:3321 msgid "Default: <filename>/bin/bash</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3259 +#: sssd.conf.5.xml:3326 msgid "base_directory (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3262 +#: sssd.conf.5.xml:3329 msgid "" "The tools append the login name to <replaceable>base_directory</replaceable> " "and use that as the home directory." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3267 +#: sssd.conf.5.xml:3334 msgid "Default: <filename>/home</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3272 +#: sssd.conf.5.xml:3339 msgid "create_homedir (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3275 +#: sssd.conf.5.xml:3342 msgid "" "Indicate if a home directory should be created by default for new users. " "Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3279 sssd.conf.5.xml:3291 +#: sssd.conf.5.xml:3346 sssd.conf.5.xml:3358 msgid "Default: TRUE" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3284 +#: sssd.conf.5.xml:3351 msgid "remove_homedir (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3287 +#: sssd.conf.5.xml:3354 msgid "" "Indicate if a home directory should be removed by default for deleted " "users. Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3296 +#: sssd.conf.5.xml:3363 msgid "homedir_umask (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3299 +#: sssd.conf.5.xml:3366 msgid "" "Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " @@ -3821,17 +3901,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3307 +#: sssd.conf.5.xml:3374 msgid "Default: 077" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3312 +#: sssd.conf.5.xml:3379 msgid "skel_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3315 +#: sssd.conf.5.xml:3382 msgid "" "The skeleton directory, which contains files and directories to be copied in " "the user's home directory, when the home directory is created by " @@ -3840,17 +3920,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3325 +#: sssd.conf.5.xml:3392 msgid "Default: <filename>/etc/skel</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3330 +#: sssd.conf.5.xml:3397 msgid "mail_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3333 +#: sssd.conf.5.xml:3400 msgid "" "The mail spool directory. This is needed to manipulate the mailbox when its " "corresponding user account is modified or deleted. If not specified, a " @@ -3858,17 +3938,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3340 +#: sssd.conf.5.xml:3407 msgid "Default: <filename>/var/mail</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3345 +#: sssd.conf.5.xml:3412 msgid "userdel_cmd (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3348 +#: sssd.conf.5.xml:3415 msgid "" "The command that is run after a user is removed. The command us passed the " "username of the user being removed as the first and only parameter. The " @@ -3876,17 +3956,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3354 +#: sssd.conf.5.xml:3421 msgid "Default: None, no command is run" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3364 +#: sssd.conf.5.xml:3431 msgid "TRUSTED DOMAIN SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3366 +#: sssd.conf.5.xml:3433 msgid "" "Some options used in the domain section can also be used in the trusted " "domain section, that is, in a section called <quote>[domain/" @@ -3897,64 +3977,69 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3373 +#: sssd.conf.5.xml:3440 msgid "ldap_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3374 +#: sssd.conf.5.xml:3441 msgid "ldap_user_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3375 +#: sssd.conf.5.xml:3442 msgid "ldap_group_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3376 +#: sssd.conf.5.xml:3443 msgid "ldap_netgroup_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3377 +#: sssd.conf.5.xml:3444 msgid "ldap_service_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3378 +#: sssd.conf.5.xml:3445 +msgid "ldap_sasl_mech," +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:3446 msgid "ad_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3379 +#: sssd.conf.5.xml:3447 msgid "ad_backup_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3380 +#: sssd.conf.5.xml:3448 msgid "ad_site," msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3381 sssd-ipa.5.xml:797 +#: sssd.conf.5.xml:3449 sssd-ipa.5.xml:797 msgid "use_fully_qualified_names" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3383 +#: sssd.conf.5.xml:3451 msgid "" "For more details about these options see their individual description in the " "manual page." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3389 +#: sssd.conf.5.xml:3457 msgid "CERTIFICATE MAPPING SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3391 +#: sssd.conf.5.xml:3459 msgid "" "To allow authentication with Smartcards and certificates SSSD must be able " "to map certificates to users. This can be done by adding the full " @@ -3967,7 +4052,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3405 +#: sssd.conf.5.xml:3473 msgid "" "To make the mapping more flexible mapping and matching rules were added to " "SSSD (see <citerefentry> <refentrytitle>sss-certmap</refentrytitle> " @@ -3975,7 +4060,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3414 +#: sssd.conf.5.xml:3482 msgid "" "A mapping and matching rule can be added to the SSSD configuration in a " "section on its own with a name like <quote>[certmap/" @@ -3984,55 +4069,55 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3421 +#: sssd.conf.5.xml:3489 msgid "matchrule (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3424 +#: sssd.conf.5.xml:3492 msgid "" "Only certificates from the Smartcard which matches this rule will be " "processed, all others are ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3428 +#: sssd.conf.5.xml:3496 msgid "" "Default: KRB5:<EKU>clientAuth, i.e. only certificates which have the " "Extended Key Usage <quote>clientAuth</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3435 +#: sssd.conf.5.xml:3503 msgid "maprule (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3438 +#: sssd.conf.5.xml:3506 msgid "Defines how the user is found for a given certificate." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3444 +#: sssd.conf.5.xml:3512 msgid "" "LDAP:(userCertificate;binary={cert!bin}) for LDAP based providers like " "<quote>ldap</quote>, <quote>AD</quote> or <quote>ipa</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3450 +#: sssd.conf.5.xml:3518 msgid "" "The RULE_NAME for the <quote>files</quote> provider which tries to find a " "user with the same name." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3459 +#: sssd.conf.5.xml:3527 msgid "domains (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3462 +#: sssd.conf.5.xml:3530 msgid "" "Comma separated list of domain names the rule should be applied. By default " "a rule is only valid in the domain configured in sssd.conf. If the provider " @@ -4041,17 +4126,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3469 +#: sssd.conf.5.xml:3537 msgid "Default: the configured domain in sssd.conf" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3474 +#: sssd.conf.5.xml:3542 msgid "priority (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3477 +#: sssd.conf.5.xml:3545 msgid "" "Unsigned integer value defining the priority of the rule. The higher the " "number the lower the priority. <quote>0</quote> stands for the highest " @@ -4059,26 +4144,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3483 +#: sssd.conf.5.xml:3551 msgid "Default: the lowest priority" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3489 +#: sssd.conf.5.xml:3557 msgid "" "To make the configuration simple and reduce the amount of configuration " "options the <quote>files</quote> provider has some special properties:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3495 +#: sssd.conf.5.xml:3563 msgid "" "if maprule is not set the RULE_NAME name is assumed to be the name of the " "matching user" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3501 +#: sssd.conf.5.xml:3569 msgid "" "if a maprule is used both a single user name or a template like " "<quote>{subject_rfc822_name.short_name}</quote> must be in braces like e.g. " @@ -4087,17 +4172,124 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3510 +#: sssd.conf.5.xml:3578 msgid "the <quote>domains</quote> option is ignored" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3518 idmap_sss.8.xml:43 +#: sssd.conf.5.xml:3586 +msgid "PROMPTING CONFIGURATION SECTION" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:3588 +msgid "" +"If a special file (<filename>/var/lib/sss/pubconf/pam_preauth_available</" +"filename>) exists SSSD's PAM module pam_sss will ask SSSD to figure out " +"which authentication methods are available for the user trying to log in. " +"Based on the results pam_sss will prompt the user for appropriate " +"credentials." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:3596 +msgid "" +"With the growing number of authentication methods and the possibility that " +"there are multiple ones for a single user the heuristic used by pam_sss to " +"select the prompting might not be suitable for all use cases. To following " +"options should provide a better flexibility here." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3608 +msgid "[prompting/password]" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3611 +msgid "password_prompt" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3612 +msgid "to change the string of the password prompt" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3610 +msgid "" +"to configure password prompting, allowed options are: <placeholder type=" +"\"variablelist\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3620 +msgid "[prompting/2fa]" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3624 +msgid "first_prompt" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3625 +msgid "to change the string of the prompt for the first factor" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3628 +msgid "second_prompt" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3629 +msgid "to change the string of the prompt for the second factor" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3632 +msgid "single_prompt" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3633 +msgid "" +"boolean value, if True there will be only a single prompt using the value of " +"first_prompt where it is expected that both factor are entered as a single " +"string" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3622 +msgid "" +"to configure two-factor authentication prompting, allowed options are: " +"<placeholder type=\"variablelist\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:3603 +msgid "" +"Each supported authentication method has it's own configuration sub-section " +"under <quote>[prompting/...]</quote>. Currently there are: <placeholder type=" +"\"variablelist\" id=\"0\"/> <placeholder type=\"variablelist\" id=\"1\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:3645 +msgid "" +"It is possible to add a sub-section for specific PAM services like e.g. " +"<quote>[prompting/password/sshd]</quote> to individual change the prompting " +"for this service." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sssd.conf.5.xml:3652 idmap_sss.8.xml:43 msgid "EXAMPLES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3524 +#: sssd.conf.5.xml:3658 #, no-wrap msgid "" "[sssd]\n" @@ -4127,7 +4319,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3520 +#: sssd.conf.5.xml:3654 msgid "" "1. The following example shows a typical SSSD config. It does not describe " "configuration of the domains themselves - refer to documentation on " @@ -4136,7 +4328,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3557 +#: sssd.conf.5.xml:3691 #, no-wrap msgid "" "[domain/ipa.com/child.ad.com]\n" @@ -4144,7 +4336,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3551 +#: sssd.conf.5.xml:3685 msgid "" "2. The following example shows configuration of IPA AD trust where the AD " "forest consists of two domains in a parent-child structure. Suppose IPA " @@ -4155,7 +4347,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3571 +#: sssd.conf.5.xml:3705 #, no-wrap msgid "" "[certmap/my.domain/rule_name]\n" @@ -4169,7 +4361,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3562 +#: sssd.conf.5.xml:3696 msgid "" "3. The following example shows the configuration for two certificate mapping " "rules. The first is valid for the configured domain <quote>my.domain</quote> " @@ -4319,7 +4511,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:662 sssd-ad.5.xml:286 +#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:700 sssd-ad.5.xml:286 #: sss_override.8.xml:137 sss_override.8.xml:234 msgid "Examples:" msgstr "" @@ -4414,123 +4606,162 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:209 -msgid "ldap_default_bind_dn (string)" +msgid "ldap_pwmodify_mode (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:212 +msgid "Specify the operation that is used to modify user password." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:216 +msgid "Two modes are currently supported:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ldap.5.xml:220 +msgid "exop - Password Modify Extended Operation (RFC 3062)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ldap.5.xml:226 +msgid "ldap_modify - Direct modification of userPassword (not recommended)." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:233 +msgid "" +"Note: First, a new connection is established to verify current password by " +"binding as the user that requested password change. If successful, this " +"connection is used to change the password therefore the user must have write " +"access to userPassword attribute." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:241 +msgid "Default: exop" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:247 +msgid "ldap_default_bind_dn (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:250 msgid "The default bind DN to use for performing LDAP operations." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:219 +#: sssd-ldap.5.xml:257 msgid "ldap_default_authtok_type (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:222 +#: sssd-ldap.5.xml:260 msgid "The type of the authentication token of the default bind DN." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:226 +#: sssd-ldap.5.xml:264 msgid "The two mechanisms currently supported are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:229 +#: sssd-ldap.5.xml:267 msgid "password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:232 +#: sssd-ldap.5.xml:270 msgid "obfuscated_password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:235 +#: sssd-ldap.5.xml:273 msgid "Default: password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:241 +#: sssd-ldap.5.xml:279 msgid "ldap_default_authtok (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:244 +#: sssd-ldap.5.xml:282 msgid "" "The authentication token of the default bind DN. Only clear text passwords " "are currently supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:251 +#: sssd-ldap.5.xml:289 msgid "ldap_user_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:254 +#: sssd-ldap.5.xml:292 msgid "The object class of a user entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:257 +#: sssd-ldap.5.xml:295 msgid "Default: posixAccount" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:263 +#: sssd-ldap.5.xml:301 msgid "ldap_user_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:266 +#: sssd-ldap.5.xml:304 msgid "The LDAP attribute that corresponds to the user's login name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:270 +#: sssd-ldap.5.xml:308 msgid "Default: uid (rfc2307, rfc2307bis and IPA), sAMAccountName (AD)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:277 +#: sssd-ldap.5.xml:315 msgid "ldap_user_uid_number (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:280 +#: sssd-ldap.5.xml:318 msgid "The LDAP attribute that corresponds to the user's id." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:284 +#: sssd-ldap.5.xml:322 msgid "Default: uidNumber" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:290 +#: sssd-ldap.5.xml:328 msgid "ldap_user_gid_number (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:293 +#: sssd-ldap.5.xml:331 msgid "The LDAP attribute that corresponds to the user's primary group id." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:297 sssd-ldap.5.xml:929 +#: sssd-ldap.5.xml:335 sssd-ldap.5.xml:967 msgid "Default: gidNumber" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:303 +#: sssd-ldap.5.xml:341 msgid "ldap_user_primary_group (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:306 +#: sssd-ldap.5.xml:344 msgid "" "Active Directory primary group attribute for ID-mapping. Note that this " "attribute should only be set manually if you are running the <quote>ldap</" @@ -4538,113 +4769,113 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:312 +#: sssd-ldap.5.xml:350 msgid "Default: unset (LDAP), primaryGroupID (AD)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:318 +#: sssd-ldap.5.xml:356 msgid "ldap_user_gecos (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:321 +#: sssd-ldap.5.xml:359 msgid "The LDAP attribute that corresponds to the user's gecos field." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:325 +#: sssd-ldap.5.xml:363 msgid "Default: gecos" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:331 +#: sssd-ldap.5.xml:369 msgid "ldap_user_home_directory (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:334 +#: sssd-ldap.5.xml:372 msgid "The LDAP attribute that contains the name of the user's home directory." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:338 +#: sssd-ldap.5.xml:376 msgid "Default: homeDirectory" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:344 +#: sssd-ldap.5.xml:382 msgid "ldap_user_shell (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:347 +#: sssd-ldap.5.xml:385 msgid "The LDAP attribute that contains the path to the user's default shell." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:351 +#: sssd-ldap.5.xml:389 msgid "Default: loginShell" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:357 +#: sssd-ldap.5.xml:395 msgid "ldap_user_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:360 +#: sssd-ldap.5.xml:398 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:364 sssd-ldap.5.xml:955 +#: sssd-ldap.5.xml:402 sssd-ldap.5.xml:993 msgid "" "Default: not set in the general case, objectGUID for AD and ipaUniqueID for " "IPA" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:371 +#: sssd-ldap.5.xml:409 msgid "ldap_user_objectsid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:374 +#: sssd-ldap.5.xml:412 msgid "" "The LDAP attribute that contains the objectSID of an LDAP user object. This " "is usually only necessary for ActiveDirectory servers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:379 sssd-ldap.5.xml:970 +#: sssd-ldap.5.xml:417 sssd-ldap.5.xml:1008 msgid "Default: objectSid for ActiveDirectory, not set for other servers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:386 +#: sssd-ldap.5.xml:424 msgid "ldap_user_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:389 sssd-ldap.5.xml:980 sssd-ldap.5.xml:1144 +#: sssd-ldap.5.xml:427 sssd-ldap.5.xml:1018 sssd-ldap.5.xml:1182 msgid "" "The LDAP attribute that contains timestamp of the last modification of the " "parent object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:393 sssd-ldap.5.xml:984 sssd-ldap.5.xml:1151 +#: sssd-ldap.5.xml:431 sssd-ldap.5.xml:1022 sssd-ldap.5.xml:1189 msgid "Default: modifyTimestamp" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:399 +#: sssd-ldap.5.xml:437 msgid "ldap_user_shadow_last_change (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:402 +#: sssd-ldap.5.xml:440 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -4653,17 +4884,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:412 +#: sssd-ldap.5.xml:450 msgid "Default: shadowLastChange" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:418 +#: sssd-ldap.5.xml:456 msgid "ldap_user_shadow_min (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:421 +#: sssd-ldap.5.xml:459 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -4672,17 +4903,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:430 +#: sssd-ldap.5.xml:468 msgid "Default: shadowMin" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:436 +#: sssd-ldap.5.xml:474 msgid "ldap_user_shadow_max (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:439 +#: sssd-ldap.5.xml:477 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -4691,17 +4922,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:448 +#: sssd-ldap.5.xml:486 msgid "Default: shadowMax" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:454 +#: sssd-ldap.5.xml:492 msgid "ldap_user_shadow_warning (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:457 +#: sssd-ldap.5.xml:495 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -4710,17 +4941,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:467 +#: sssd-ldap.5.xml:505 msgid "Default: shadowWarning" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:473 +#: sssd-ldap.5.xml:511 msgid "ldap_user_shadow_inactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:476 +#: sssd-ldap.5.xml:514 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -4729,17 +4960,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:486 +#: sssd-ldap.5.xml:524 msgid "Default: shadowInactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:492 +#: sssd-ldap.5.xml:530 msgid "ldap_user_shadow_expire (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:495 +#: sssd-ldap.5.xml:533 msgid "" "When using ldap_pwd_policy=shadow or ldap_account_expire_policy=shadow, this " "parameter contains the name of an LDAP attribute corresponding to its " @@ -4748,17 +4979,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:505 +#: sssd-ldap.5.xml:543 msgid "Default: shadowExpire" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:511 +#: sssd-ldap.5.xml:549 msgid "ldap_user_krb_last_pwd_change (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:514 +#: sssd-ldap.5.xml:552 msgid "" "When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " "an LDAP attribute storing the date and time of last password change in " @@ -4766,155 +4997,155 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:520 +#: sssd-ldap.5.xml:558 msgid "Default: krbLastPwdChange" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:526 +#: sssd-ldap.5.xml:564 msgid "ldap_user_krb_password_expiration (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:529 +#: sssd-ldap.5.xml:567 msgid "" "When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " "an LDAP attribute storing the date and time when current password expires." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:535 +#: sssd-ldap.5.xml:573 msgid "Default: krbPasswordExpiration" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:541 +#: sssd-ldap.5.xml:579 msgid "ldap_user_ad_account_expires (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:544 +#: sssd-ldap.5.xml:582 msgid "" "When using ldap_account_expire_policy=ad, this parameter contains the name " "of an LDAP attribute storing the expiration time of the account." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:549 +#: sssd-ldap.5.xml:587 msgid "Default: accountExpires" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:555 +#: sssd-ldap.5.xml:593 msgid "ldap_user_ad_user_account_control (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:558 +#: sssd-ldap.5.xml:596 msgid "" "When using ldap_account_expire_policy=ad, this parameter contains the name " "of an LDAP attribute storing the user account control bit field." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:563 +#: sssd-ldap.5.xml:601 msgid "Default: userAccountControl" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:569 +#: sssd-ldap.5.xml:607 msgid "ldap_ns_account_lock (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:572 +#: sssd-ldap.5.xml:610 msgid "" "When using ldap_account_expire_policy=rhds or equivalent, this parameter " "determines if access is allowed or not." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:577 +#: sssd-ldap.5.xml:615 msgid "Default: nsAccountLock" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:583 +#: sssd-ldap.5.xml:621 msgid "ldap_user_nds_login_disabled (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:586 +#: sssd-ldap.5.xml:624 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines if " "access is allowed or not." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:590 sssd-ldap.5.xml:604 +#: sssd-ldap.5.xml:628 sssd-ldap.5.xml:642 msgid "Default: loginDisabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:596 +#: sssd-ldap.5.xml:634 msgid "ldap_user_nds_login_expiration_time (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:599 +#: sssd-ldap.5.xml:637 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines until " "which date access is granted." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:610 +#: sssd-ldap.5.xml:648 msgid "ldap_user_nds_login_allowed_time_map (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:613 +#: sssd-ldap.5.xml:651 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines the " "hours of a day in a week when access is granted." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:618 +#: sssd-ldap.5.xml:656 msgid "Default: loginAllowedTimeMap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:624 +#: sssd-ldap.5.xml:662 msgid "ldap_user_principal (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:627 +#: sssd-ldap.5.xml:665 msgid "" "The LDAP attribute that contains the user's Kerberos User Principal Name " "(UPN)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:631 +#: sssd-ldap.5.xml:669 msgid "Default: krbPrincipalName" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:637 +#: sssd-ldap.5.xml:675 msgid "ldap_user_extra_attrs (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:640 +#: sssd-ldap.5.xml:678 msgid "" "Comma-separated list of LDAP attributes that SSSD would fetch along with the " "usual set of user attributes." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:645 +#: sssd-ldap.5.xml:683 msgid "" "The list can either contain LDAP attribute names only, or colon-separated " "tuples of SSSD cache attribute name and LDAP attribute name. In case only " @@ -4924,7 +5155,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:655 +#: sssd-ldap.5.xml:693 msgid "" "Please note that several attribute names are reserved by SSSD, notably the " "<quote>name</quote> attribute. SSSD would report an error if any of the " @@ -4932,51 +5163,51 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:665 +#: sssd-ldap.5.xml:703 msgid "ldap_user_extra_attrs = telephoneNumber" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:668 +#: sssd-ldap.5.xml:706 msgid "" "Save the <quote>telephoneNumber</quote> attribute from LDAP as " "<quote>telephoneNumber</quote> to the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:672 +#: sssd-ldap.5.xml:710 msgid "ldap_user_extra_attrs = phone:telephoneNumber" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:675 +#: sssd-ldap.5.xml:713 msgid "" "Save the <quote>telephoneNumber</quote> attribute from LDAP as <quote>phone</" "quote> to the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:685 +#: sssd-ldap.5.xml:723 msgid "ldap_user_ssh_public_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:688 +#: sssd-ldap.5.xml:726 msgid "The LDAP attribute that contains the user's SSH public keys." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:692 sssd-ldap.5.xml:1247 +#: sssd-ldap.5.xml:730 sssd-ldap.5.xml:1285 msgid "Default: sshPublicKey" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:698 +#: sssd-ldap.5.xml:736 msgid "ldap_force_upper_case_realm (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:701 +#: sssd-ldap.5.xml:739 msgid "" "Some directory servers, for example Active Directory, might deliver the " "realm part of the UPN in lower case, which might cause the authentication to " @@ -4985,24 +5216,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:714 +#: sssd-ldap.5.xml:752 msgid "ldap_enumeration_refresh_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:717 +#: sssd-ldap.5.xml:755 msgid "" "Specifies how many seconds SSSD has to wait before refreshing its cache of " "enumerated records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:728 +#: sssd-ldap.5.xml:766 msgid "ldap_purge_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:731 +#: sssd-ldap.5.xml:769 msgid "" "Determine how often to check the cache for inactive entries (such as groups " "with no members and users who have never logged in) and remove them to save " @@ -5010,7 +5241,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:737 +#: sssd-ldap.5.xml:775 msgid "" "Setting this option to zero will disable the cache cleanup operation. Please " "note that if enumeration is enabled, the cleanup task is required in order " @@ -5019,43 +5250,43 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:752 +#: sssd-ldap.5.xml:790 msgid "ldap_user_fullname (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:755 +#: sssd-ldap.5.xml:793 msgid "The LDAP attribute that corresponds to the user's full name." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:759 sssd-ldap.5.xml:1102 sssd-ldap.5.xml:1176 -#: sssd-ldap.5.xml:1285 sssd-ldap.5.xml:2346 sssd-ipa.5.xml:622 +#: sssd-ldap.5.xml:797 sssd-ldap.5.xml:1140 sssd-ldap.5.xml:1214 +#: sssd-ldap.5.xml:1323 sssd-ldap.5.xml:2404 sssd-ipa.5.xml:622 msgid "Default: cn" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:765 +#: sssd-ldap.5.xml:803 msgid "ldap_user_member_of (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:768 +#: sssd-ldap.5.xml:806 msgid "The LDAP attribute that lists the user's group memberships." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:772 sssd-ldap.5.xml:1215 +#: sssd-ldap.5.xml:810 sssd-ldap.5.xml:1253 msgid "Default: memberOf" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:778 +#: sssd-ldap.5.xml:816 msgid "ldap_user_authorized_service (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:781 +#: sssd-ldap.5.xml:819 msgid "" "If access_provider=ldap and ldap_access_order=authorized_service, SSSD will " "use the presence of the authorizedService attribute in the user's LDAP entry " @@ -5063,14 +5294,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:788 +#: sssd-ldap.5.xml:826 msgid "" "An explicit deny (!svc) is resolved first. Second, SSSD searches for " "explicit allow (svc) and finally for allow_all (*)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:793 +#: sssd-ldap.5.xml:831 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>authorized_service</quote> in order for the " @@ -5078,17 +5309,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:800 +#: sssd-ldap.5.xml:838 msgid "Default: authorizedService" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:806 +#: sssd-ldap.5.xml:844 msgid "ldap_user_authorized_host (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:809 +#: sssd-ldap.5.xml:847 msgid "" "If access_provider=ldap and ldap_access_order=host, SSSD will use the " "presence of the host attribute in the user's LDAP entry to determine access " @@ -5096,14 +5327,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:815 +#: sssd-ldap.5.xml:853 msgid "" "An explicit deny (!host) is resolved first. Second, SSSD searches for " "explicit allow (host) and finally for allow_all (*)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:820 +#: sssd-ldap.5.xml:858 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>host</quote> in order for the " @@ -5111,17 +5342,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:827 +#: sssd-ldap.5.xml:865 msgid "Default: host" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:833 +#: sssd-ldap.5.xml:871 msgid "ldap_user_authorized_rhost (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:836 +#: sssd-ldap.5.xml:874 msgid "" "If access_provider=ldap and ldap_access_order=rhost, SSSD will use the " "presence of the rhost attribute in the user's LDAP entry to determine access " @@ -5129,14 +5360,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:843 +#: sssd-ldap.5.xml:881 msgid "" "An explicit deny (!rhost) is resolved first. Second, SSSD searches for " "explicit allow (rhost) and finally for allow_all (*)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:848 +#: sssd-ldap.5.xml:886 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>rhost</quote> in order for the " @@ -5144,37 +5375,37 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:855 +#: sssd-ldap.5.xml:893 msgid "Default: rhost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:861 +#: sssd-ldap.5.xml:899 msgid "ldap_user_certificate (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:864 +#: sssd-ldap.5.xml:902 msgid "Name of the LDAP attribute containing the X509 certificate of the user." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:868 +#: sssd-ldap.5.xml:906 msgid "Default: userCertificate;binary" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:874 +#: sssd-ldap.5.xml:912 msgid "ldap_user_email (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:877 +#: sssd-ldap.5.xml:915 msgid "Name of the LDAP attribute containing the email address of the user." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:881 +#: sssd-ldap.5.xml:919 msgid "" "Note: If an email address of a user conflicts with an email address or fully " "qualified name of another user, then SSSD will not be able to serve those " @@ -5184,106 +5415,106 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:890 +#: sssd-ldap.5.xml:928 msgid "Default: mail" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:896 +#: sssd-ldap.5.xml:934 msgid "ldap_group_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:899 +#: sssd-ldap.5.xml:937 msgid "The object class of a group entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:902 +#: sssd-ldap.5.xml:940 msgid "Default: posixGroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:908 +#: sssd-ldap.5.xml:946 msgid "ldap_group_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:911 +#: sssd-ldap.5.xml:949 msgid "The LDAP attribute that corresponds to the group name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:915 +#: sssd-ldap.5.xml:953 msgid "Default: cn (rfc2307, rfc2307bis and IPA), sAMAccountName (AD)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:922 +#: sssd-ldap.5.xml:960 msgid "ldap_group_gid_number (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:925 +#: sssd-ldap.5.xml:963 msgid "The LDAP attribute that corresponds to the group's id." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:935 +#: sssd-ldap.5.xml:973 msgid "ldap_group_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:938 +#: sssd-ldap.5.xml:976 msgid "The LDAP attribute that contains the names of the group's members." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:942 +#: sssd-ldap.5.xml:980 msgid "Default: memberuid (rfc2307) / member (rfc2307bis)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:948 +#: sssd-ldap.5.xml:986 msgid "ldap_group_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:951 +#: sssd-ldap.5.xml:989 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:962 +#: sssd-ldap.5.xml:1000 msgid "ldap_group_objectsid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:965 +#: sssd-ldap.5.xml:1003 msgid "" "The LDAP attribute that contains the objectSID of an LDAP group object. This " "is usually only necessary for ActiveDirectory servers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:977 +#: sssd-ldap.5.xml:1015 msgid "ldap_group_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:990 +#: sssd-ldap.5.xml:1028 msgid "ldap_group_type (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:993 +#: sssd-ldap.5.xml:1031 msgid "" "The LDAP attribute that contains an integer value indicating the type of the " "group and maybe other flags." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:998 +#: sssd-ldap.5.xml:1036 msgid "" "This attribute is currently only used by the AD provider to determine if a " "group is a domain local groups and has to be filtered out for trusted " @@ -5291,34 +5522,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1004 +#: sssd-ldap.5.xml:1042 msgid "Default: groupType in the AD provider, otherwise not set" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1011 +#: sssd-ldap.5.xml:1049 msgid "ldap_group_external_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1014 +#: sssd-ldap.5.xml:1052 msgid "" "The LDAP attribute that references group members that are defined in an " "external domain. At the moment, only IPA's external members are supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1020 +#: sssd-ldap.5.xml:1058 msgid "Default: ipaExternalMember in the IPA provider, otherwise unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1027 +#: sssd-ldap.5.xml:1065 msgid "ldap_group_nesting_level (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1030 +#: sssd-ldap.5.xml:1068 msgid "" "If ldap_schema is set to a schema format that supports nested groups (e.g. " "RFC2307bis), then this option controls how many levels of nesting SSSD will " @@ -5326,7 +5557,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1037 +#: sssd-ldap.5.xml:1075 msgid "" "Note: This option specifies the guaranteed level of nested groups to be " "processed for any lookup. However, nested groups beyond this limit " @@ -5336,7 +5567,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1046 +#: sssd-ldap.5.xml:1084 msgid "" "If ldap_group_nesting_level is set to 0 then no nested groups are processed " "at all. However, when connected to Active-Directory Server 2008 and later " @@ -5346,177 +5577,177 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1055 +#: sssd-ldap.5.xml:1093 msgid "Default: 2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1064 +#: sssd-ldap.5.xml:1102 msgid "" "This options enables or disables use of Token-Groups attribute when " "performing initgroup for users from Active Directory Server 2008 and later." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1069 +#: sssd-ldap.5.xml:1107 msgid "Default: True for AD and IPA otherwise False." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1075 +#: sssd-ldap.5.xml:1113 msgid "ldap_netgroup_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1078 +#: sssd-ldap.5.xml:1116 msgid "The object class of a netgroup entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1081 +#: sssd-ldap.5.xml:1119 msgid "In IPA provider, ipa_netgroup_object_class should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1085 +#: sssd-ldap.5.xml:1123 msgid "Default: nisNetgroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1091 +#: sssd-ldap.5.xml:1129 msgid "ldap_netgroup_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1094 +#: sssd-ldap.5.xml:1132 msgid "The LDAP attribute that corresponds to the netgroup name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1098 +#: sssd-ldap.5.xml:1136 msgid "In IPA provider, ipa_netgroup_name should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1108 +#: sssd-ldap.5.xml:1146 msgid "ldap_netgroup_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1111 +#: sssd-ldap.5.xml:1149 msgid "The LDAP attribute that contains the names of the netgroup's members." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1115 +#: sssd-ldap.5.xml:1153 msgid "In IPA provider, ipa_netgroup_member should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1119 +#: sssd-ldap.5.xml:1157 msgid "Default: memberNisNetgroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1125 +#: sssd-ldap.5.xml:1163 msgid "ldap_netgroup_triple (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1128 +#: sssd-ldap.5.xml:1166 msgid "" "The LDAP attribute that contains the (host, user, domain) netgroup triples." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1132 sssd-ldap.5.xml:1148 +#: sssd-ldap.5.xml:1170 sssd-ldap.5.xml:1186 msgid "This option is not available in IPA provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1135 +#: sssd-ldap.5.xml:1173 msgid "Default: nisNetgroupTriple" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1141 +#: sssd-ldap.5.xml:1179 msgid "ldap_netgroup_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1157 +#: sssd-ldap.5.xml:1195 msgid "ldap_host_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1160 +#: sssd-ldap.5.xml:1198 msgid "The object class of a host entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1163 sssd-ldap.5.xml:1272 +#: sssd-ldap.5.xml:1201 sssd-ldap.5.xml:1310 msgid "Default: ipService" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1169 +#: sssd-ldap.5.xml:1207 msgid "ldap_host_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1172 sssd-ldap.5.xml:1198 +#: sssd-ldap.5.xml:1210 sssd-ldap.5.xml:1236 msgid "The LDAP attribute that corresponds to the host's name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1182 +#: sssd-ldap.5.xml:1220 msgid "ldap_host_fqdn (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1185 +#: sssd-ldap.5.xml:1223 msgid "" "The LDAP attribute that corresponds to the host's fully-qualified domain " "name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1189 +#: sssd-ldap.5.xml:1227 msgid "Default: fqdn" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1195 +#: sssd-ldap.5.xml:1233 msgid "ldap_host_serverhostname (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1202 +#: sssd-ldap.5.xml:1240 msgid "Default: serverHostname" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1208 +#: sssd-ldap.5.xml:1246 msgid "ldap_host_member_of (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1211 +#: sssd-ldap.5.xml:1249 msgid "The LDAP attribute that lists the host's group memberships." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1221 +#: sssd-ldap.5.xml:1259 msgid "ldap_host_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1224 +#: sssd-ldap.5.xml:1262 msgid "Optional. Use the given string as search base for host objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1228 sssd-ipa.5.xml:374 sssd-ipa.5.xml:393 +#: sssd-ldap.5.xml:1266 sssd-ipa.5.xml:374 sssd-ipa.5.xml:393 #: sssd-ipa.5.xml:412 sssd-ipa.5.xml:431 msgid "" "See <quote>ldap_search_base</quote> for information about configuring " @@ -5524,95 +5755,95 @@ msgid "" msgstr "" #. type: Content of: <listitem><para> -#: sssd-ldap.5.xml:1233 sssd-ipa.5.xml:379 include/ldap_search_bases.xml:27 +#: sssd-ldap.5.xml:1271 sssd-ipa.5.xml:379 include/ldap_search_bases.xml:27 msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1240 +#: sssd-ldap.5.xml:1278 msgid "ldap_host_ssh_public_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1243 +#: sssd-ldap.5.xml:1281 msgid "The LDAP attribute that contains the host's SSH public keys." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1253 +#: sssd-ldap.5.xml:1291 msgid "ldap_host_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1256 +#: sssd-ldap.5.xml:1294 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP host object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1266 +#: sssd-ldap.5.xml:1304 msgid "ldap_service_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1269 +#: sssd-ldap.5.xml:1307 msgid "The object class of a service entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1278 +#: sssd-ldap.5.xml:1316 msgid "ldap_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1281 +#: sssd-ldap.5.xml:1319 msgid "" "The LDAP attribute that contains the name of service attributes and their " "aliases." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1291 +#: sssd-ldap.5.xml:1329 msgid "ldap_service_port (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1294 +#: sssd-ldap.5.xml:1332 msgid "The LDAP attribute that contains the port managed by this service." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1298 +#: sssd-ldap.5.xml:1336 msgid "Default: ipServicePort" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1304 +#: sssd-ldap.5.xml:1342 msgid "ldap_service_proto (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1307 +#: sssd-ldap.5.xml:1345 msgid "" "The LDAP attribute that contains the protocols understood by this service." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1311 +#: sssd-ldap.5.xml:1349 msgid "Default: ipServiceProtocol" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1317 +#: sssd-ldap.5.xml:1355 msgid "ldap_service_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1322 +#: sssd-ldap.5.xml:1360 msgid "ldap_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1325 +#: sssd-ldap.5.xml:1363 msgid "" "Specifies the timeout (in seconds) that ldap searches are allowed to run " "before they are cancelled and cached results are returned (and offline mode " @@ -5620,7 +5851,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1331 +#: sssd-ldap.5.xml:1369 msgid "" "Note: this option is subject to change in future versions of the SSSD. It " "will likely be replaced at some point by a series of timeouts for specific " @@ -5628,12 +5859,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1343 +#: sssd-ldap.5.xml:1381 msgid "ldap_enumeration_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1346 +#: sssd-ldap.5.xml:1384 msgid "" "Specifies the timeout (in seconds) that ldap searches for user and group " "enumerations are allowed to run before they are cancelled and cached results " @@ -5641,12 +5872,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1359 +#: sssd-ldap.5.xml:1397 msgid "ldap_network_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1362 +#: sssd-ldap.5.xml:1400 msgid "" "Specifies the timeout (in seconds) after which the <citerefentry> " "<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" @@ -5657,12 +5888,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1385 +#: sssd-ldap.5.xml:1423 msgid "ldap_opt_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1388 +#: sssd-ldap.5.xml:1426 msgid "" "Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " "will abort if no response is received. Also controls the timeout when " @@ -5671,12 +5902,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1403 +#: sssd-ldap.5.xml:1441 msgid "ldap_connection_expire_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1406 +#: sssd-ldap.5.xml:1444 msgid "" "Specifies a timeout (in seconds) that a connection to an LDAP server will be " "maintained. After this time, the connection will be re-established. If used " @@ -5685,34 +5916,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1414 sssd-ldap.5.xml:2503 +#: sssd-ldap.5.xml:1452 sssd-ldap.5.xml:2572 msgid "Default: 900 (15 minutes)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1420 +#: sssd-ldap.5.xml:1458 msgid "ldap_page_size (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1423 +#: sssd-ldap.5.xml:1461 msgid "" "Specify the number of records to retrieve from LDAP in a single request. " "Some LDAP servers enforce a maximum limit per-request." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1428 +#: sssd-ldap.5.xml:1466 msgid "Default: 1000" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1434 +#: sssd-ldap.5.xml:1472 msgid "ldap_disable_paging (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1437 +#: sssd-ldap.5.xml:1475 msgid "" "Disable the LDAP paging control. This option should be used if the LDAP " "server reports that it supports the LDAP paging control in its RootDSE but " @@ -5720,14 +5951,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1443 +#: sssd-ldap.5.xml:1481 msgid "" "Example: OpenLDAP servers with the paging control module installed on the " "server but not enabled will report it in the RootDSE but be unable to use it." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1449 +#: sssd-ldap.5.xml:1487 msgid "" "Example: 389 DS has a bug where it can only support a one paging control at " "a time on a single connection. On busy clients, this can result in some " @@ -5735,17 +5966,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1461 +#: sssd-ldap.5.xml:1499 msgid "ldap_disable_range_retrieval (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1464 +#: sssd-ldap.5.xml:1502 msgid "Disable Active Directory range retrieval." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1467 +#: sssd-ldap.5.xml:1505 msgid "" "Active Directory limits the number of members to be retrieved in a single " "lookup using the MaxValRange policy (which defaults to 1500 members). If a " @@ -5755,12 +5986,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1482 +#: sssd-ldap.5.xml:1520 msgid "ldap_sasl_minssf (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1485 +#: sssd-ldap.5.xml:1523 msgid "" "When communicating with an LDAP server using SASL, specify the minimum " "security level necessary to establish the connection. The values of this " @@ -5768,17 +5999,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1491 +#: sssd-ldap.5.xml:1529 msgid "Default: Use the system default (usually specified by ldap.conf)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1498 +#: sssd-ldap.5.xml:1536 msgid "ldap_deref_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1501 +#: sssd-ldap.5.xml:1539 msgid "" "Specify the number of group members that must be missing from the internal " "cache in order to trigger a dereference lookup. If less members are missing, " @@ -5786,13 +6017,18 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1507 +#: sssd-ldap.5.xml:1545 msgid "" -"You can turn off dereference lookups completely by setting the value to 0." +"You can turn off dereference lookups completely by setting the value to 0. " +"Please note that there are some codepaths in SSSD, like the IPA HBAC " +"provider, that are only implemented using the dereference call, so even with " +"dereference explicitly disabled, those parts will still use dereference if " +"the server supports it and advertises the dereference control in the rootDSE " +"object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1511 +#: sssd-ldap.5.xml:1556 msgid "" "A dereference lookup is a means of fetching all group members in a single " "LDAP call. Different LDAP servers may implement different dereference " @@ -5801,7 +6037,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1519 +#: sssd-ldap.5.xml:1564 msgid "" "<emphasis>Note:</emphasis> If any of the search bases specifies a search " "filter, then the dereference lookup performance enhancement will be disabled " @@ -5809,26 +6045,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1532 +#: sssd-ldap.5.xml:1577 msgid "ldap_tls_reqcert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1535 +#: sssd-ldap.5.xml:1580 msgid "" "Specifies what checks to perform on server certificates in a TLS session, if " "any. It can be specified as one of the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1541 +#: sssd-ldap.5.xml:1586 msgid "" "<emphasis>never</emphasis> = The client will not request or check any server " "certificate." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1545 +#: sssd-ldap.5.xml:1590 msgid "" "<emphasis>allow</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -5836,7 +6072,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1552 +#: sssd-ldap.5.xml:1597 msgid "" "<emphasis>try</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -5844,7 +6080,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1558 +#: sssd-ldap.5.xml:1603 msgid "" "<emphasis>demand</emphasis> = The server certificate is requested. If no " "certificate is provided, or a bad certificate is provided, the session is " @@ -5852,41 +6088,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1564 +#: sssd-ldap.5.xml:1609 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1568 +#: sssd-ldap.5.xml:1613 msgid "Default: hard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1574 +#: sssd-ldap.5.xml:1619 msgid "ldap_tls_cacert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1577 +#: sssd-ldap.5.xml:1622 msgid "" "Specifies the file that contains certificates for all of the Certificate " "Authorities that <command>sssd</command> will recognize." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1582 sssd-ldap.5.xml:1600 sssd-ldap.5.xml:1641 +#: sssd-ldap.5.xml:1627 sssd-ldap.5.xml:1645 sssd-ldap.5.xml:1686 msgid "" "Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." "conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1589 +#: sssd-ldap.5.xml:1634 msgid "ldap_tls_cacertdir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1592 +#: sssd-ldap.5.xml:1637 msgid "" "Specifies the path of a directory that contains Certificate Authority " "certificates in separate individual files. Typically the file names need to " @@ -5895,32 +6131,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1607 +#: sssd-ldap.5.xml:1652 msgid "ldap_tls_cert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1610 +#: sssd-ldap.5.xml:1655 msgid "Specifies the file that contains the certificate for the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1620 +#: sssd-ldap.5.xml:1665 msgid "ldap_tls_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1623 +#: sssd-ldap.5.xml:1668 msgid "Specifies the file that contains the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1632 +#: sssd-ldap.5.xml:1677 msgid "ldap_tls_cipher_suite (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1635 +#: sssd-ldap.5.xml:1680 msgid "" "Specifies acceptable cipher suites. Typically this is a colon separated " "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " @@ -5928,24 +6164,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1648 +#: sssd-ldap.5.xml:1693 msgid "ldap_id_use_start_tls (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1651 +#: sssd-ldap.5.xml:1696 msgid "" "Specifies that the id_provider connection must also use <systemitem class=" "\"protocol\">tls</systemitem> to protect the channel." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1661 +#: sssd-ldap.5.xml:1706 msgid "ldap_id_mapping (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1664 +#: sssd-ldap.5.xml:1709 msgid "" "Specifies that SSSD should attempt to map user and group IDs from the " "ldap_user_objectsid and ldap_group_objectsid attributes instead of relying " @@ -5953,17 +6189,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1670 +#: sssd-ldap.5.xml:1715 msgid "Currently this feature supports only ActiveDirectory objectSID mapping." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1680 +#: sssd-ldap.5.xml:1725 msgid "ldap_min_id, ldap_max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1683 +#: sssd-ldap.5.xml:1728 msgid "" "In contrast to the SID based ID mapping which is used if ldap_id_mapping is " "set to true the allowed ID range for ldap_user_uid_number and " @@ -5974,29 +6210,40 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1695 +#: sssd-ldap.5.xml:1740 msgid "Default: not set (both options are set to 0)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1701 +#: sssd-ldap.5.xml:1746 msgid "ldap_sasl_mech (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1704 +#: sssd-ldap.5.xml:1749 +msgid "" +"Specify the SASL mechanism to use. Currently only GSSAPI and GSS-SPNEGO are " +"tested and supported." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1753 msgid "" -"Specify the SASL mechanism to use. Currently only GSSAPI is tested and " -"supported." +"If the backend supports sub-domains the value of ldap_sasl_mech is " +"automatically inherited to the sub-domains. If a different value is needed " +"for a sub-domain it can be overwritten by setting ldap_sasl_mech for this " +"sub-domain explicitly. Please see TRUSTED DOMAIN SECTION in " +"<citerefentry><refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" +"manvolnum></citerefentry> for details." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1714 +#: sssd-ldap.5.xml:1769 msgid "ldap_sasl_authid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ldap.5.xml:1725 +#: sssd-ldap.5.xml:1781 #, no-wrap msgid "" "hostname@REALM\n" @@ -6009,29 +6256,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1717 +#: sssd-ldap.5.xml:1772 msgid "" -"Specify the SASL authorization id to use. When GSSAPI is used, this " -"represents the Kerberos principal used for authentication to the directory. " -"This option can either contain the full principal (for example host/" -"myhost@EXAMPLE.COM) or just the principal name (for example host/myhost). By " -"default, the value is not set and the following principals are used: " -"<placeholder type=\"programlisting\" id=\"0\"/> If none of them are found, " -"the first principal in keytab is returned." +"Specify the SASL authorization id to use. When GSSAPI/GSS-SPNEGO are used, " +"this represents the Kerberos principal used for authentication to the " +"directory. This option can either contain the full principal (for example " +"host/myhost@EXAMPLE.COM) or just the principal name (for example host/" +"myhost). By default, the value is not set and the following principals are " +"used: <placeholder type=\"programlisting\" id=\"0\"/> If none of them are " +"found, the first principal in keytab is returned." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1736 +#: sssd-ldap.5.xml:1792 msgid "Default: host/hostname@REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1742 +#: sssd-ldap.5.xml:1798 msgid "ldap_sasl_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1745 +#: sssd-ldap.5.xml:1801 msgid "" "Specify the SASL realm to use. When not specified, this option defaults to " "the value of krb5_realm. If the ldap_sasl_authid contains the realm as " @@ -6039,77 +6286,78 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1751 +#: sssd-ldap.5.xml:1807 msgid "Default: the value of krb5_realm." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1757 +#: sssd-ldap.5.xml:1813 msgid "ldap_sasl_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1760 +#: sssd-ldap.5.xml:1816 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1765 +#: sssd-ldap.5.xml:1821 msgid "Default: false;" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1771 +#: sssd-ldap.5.xml:1827 msgid "ldap_krb5_keytab (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1774 -msgid "Specify the keytab to use when using SASL/GSSAPI." +#: sssd-ldap.5.xml:1830 +msgid "Specify the keytab to use when using SASL/GSSAPI/GSS-SPNEGO." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1777 +#: sssd-ldap.5.xml:1834 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1783 +#: sssd-ldap.5.xml:1840 msgid "ldap_krb5_init_creds (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1786 +#: sssd-ldap.5.xml:1843 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " -"GSSAPI." +"GSSAPI or GSS-SPNEGO." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1798 +#: sssd-ldap.5.xml:1855 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1801 -msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." +#: sssd-ldap.5.xml:1858 +msgid "" +"Specifies the lifetime in seconds of the TGT if GSSAPI or GSS-SPNEGO is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1805 sssd-ad.5.xml:959 +#: sssd-ldap.5.xml:1862 sssd-ad.5.xml:978 msgid "Default: 86400 (24 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1811 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:1868 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1814 +#: sssd-ldap.5.xml:1871 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of preference. " @@ -6121,7 +6369,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1826 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:1883 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -6129,7 +6377,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1831 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1888 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " @@ -6137,39 +6385,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1840 sssd-ipa.5.xml:443 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1897 sssd-ipa.5.xml:443 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1843 -msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." +#: sssd-ldap.5.xml:1900 +msgid "Specify the Kerberos REALM (for SASL/GSSAPI/GSS-SPNEGO auth)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1846 +#: sssd-ldap.5.xml:1904 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1852 sssd-krb5.5.xml:462 +#: sssd-ldap.5.xml:1910 sssd-krb5.5.xml:462 msgid "krb5_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1855 +#: sssd-ldap.5.xml:1913 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1867 sssd-krb5.5.xml:477 +#: sssd-ldap.5.xml:1925 sssd-krb5.5.xml:477 msgid "krb5_use_kdcinfo (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1870 sssd-krb5.5.xml:480 +#: sssd-ldap.5.xml:1928 sssd-krb5.5.xml:480 msgid "" "Specifies if the SSSD should instruct the Kerberos libraries what realm and " "which KDCs to use. This option is on by default, if you disable it, you need " @@ -6179,7 +6427,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1881 sssd-krb5.5.xml:491 +#: sssd-ldap.5.xml:1939 sssd-krb5.5.xml:491 msgid "" "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more " @@ -6187,26 +6435,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1895 +#: sssd-ldap.5.xml:1953 msgid "ldap_pwd_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1898 +#: sssd-ldap.5.xml:1956 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1903 +#: sssd-ldap.5.xml:1961 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1908 +#: sssd-ldap.5.xml:1966 msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " @@ -6214,7 +6462,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1914 +#: sssd-ldap.5.xml:1972 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " @@ -6222,31 +6470,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1923 +#: sssd-ldap.5.xml:1981 msgid "" "<emphasis>Note</emphasis>: if a password policy is configured on server " "side, it always takes precedence over policy set with this option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1931 +#: sssd-ldap.5.xml:1989 msgid "ldap_referrals (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1934 +#: sssd-ldap.5.xml:1992 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1938 +#: sssd-ldap.5.xml:1996 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1943 +#: sssd-ldap.5.xml:2001 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " @@ -6255,56 +6503,56 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1957 +#: sssd-ldap.5.xml:2015 msgid "ldap_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1960 +#: sssd-ldap.5.xml:2018 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1964 +#: sssd-ldap.5.xml:2022 msgid "Default: ldap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1970 +#: sssd-ldap.5.xml:2028 msgid "ldap_chpass_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1973 +#: sssd-ldap.5.xml:2031 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1978 +#: sssd-ldap.5.xml:2036 msgid "Default: not set, i.e. service discovery is disabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1984 +#: sssd-ldap.5.xml:2042 msgid "ldap_chpass_update_last_change (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1987 +#: sssd-ldap.5.xml:2045 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1999 +#: sssd-ldap.5.xml:2057 msgid "ldap_access_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2002 +#: sssd-ldap.5.xml:2060 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -6320,12 +6568,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2022 +#: sssd-ldap.5.xml:2080 msgid "Example:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:2025 +#: sssd-ldap.5.xml:2083 #, no-wrap msgid "" "access_provider = ldap\n" @@ -6334,14 +6582,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2029 +#: sssd-ldap.5.xml:2087 msgid "" "This example means that access to this host is restricted to users whose " "employeeType attribute is set to \"admin\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2034 +#: sssd-ldap.5.xml:2092 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -6350,24 +6598,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2042 sssd-ldap.5.xml:2099 +#: sssd-ldap.5.xml:2100 sssd-ldap.5.xml:2157 msgid "Default: Empty" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2048 +#: sssd-ldap.5.xml:2106 msgid "ldap_account_expire_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2051 +#: sssd-ldap.5.xml:2109 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2055 +#: sssd-ldap.5.xml:2113 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -6375,19 +6623,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2062 +#: sssd-ldap.5.xml:2120 msgid "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2065 +#: sssd-ldap.5.xml:2123 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2070 +#: sssd-ldap.5.xml:2128 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -6396,7 +6644,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2077 +#: sssd-ldap.5.xml:2135 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " @@ -6404,7 +6652,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2083 +#: sssd-ldap.5.xml:2141 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -6413,7 +6661,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2092 +#: sssd-ldap.5.xml:2150 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>expire</quote> in order for the " @@ -6421,22 +6669,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2105 +#: sssd-ldap.5.xml:2163 msgid "ldap_access_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2108 +#: sssd-ldap.5.xml:2166 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2112 +#: sssd-ldap.5.xml:2170 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2115 +#: sssd-ldap.5.xml:2173 msgid "" "<emphasis>lockout</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -6446,14 +6694,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2125 +#: sssd-ldap.5.xml:2183 msgid "" "<emphasis> Please note that this option is superseded by the <quote>ppolicy</" "quote> option and might be removed in a future release. </emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2132 +#: sssd-ldap.5.xml:2190 msgid "" "<emphasis>ppolicy</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -6466,12 +6714,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2149 +#: sssd-ldap.5.xml:2207 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2153 +#: sssd-ldap.5.xml:2211 msgid "" "<emphasis>pwd_expire_policy_reject, pwd_expire_policy_warn, " "pwd_expire_policy_renew: </emphasis> These options are useful if users are " @@ -6481,7 +6729,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2163 +#: sssd-ldap.5.xml:2221 msgid "" "The difference between these options is the action taken if user password is " "expired: pwd_expire_policy_reject - user is denied to log in, " @@ -6491,63 +6739,63 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2171 +#: sssd-ldap.5.xml:2229 msgid "" "Note If user password is expired no explicit message is prompted by SSSD." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2175 +#: sssd-ldap.5.xml:2233 msgid "" "Please note that 'access_provider = ldap' must be set for this feature to " "work. Also 'ldap_pwd_policy' must be set to an appropriate password policy." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2180 +#: sssd-ldap.5.xml:2238 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2185 +#: sssd-ldap.5.xml:2243 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2189 +#: sssd-ldap.5.xml:2247 msgid "" "<emphasis>rhost</emphasis>: use the rhost attribute to determine whether " "remote host can access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2193 +#: sssd-ldap.5.xml:2251 msgid "" "Please note, rhost field in pam is set by application, it is better to check " "what the application sends to pam, before enabling this access control option" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2198 +#: sssd-ldap.5.xml:2256 msgid "Default: filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2201 +#: sssd-ldap.5.xml:2259 msgid "" "Please note that it is a configuration error if a value is used more than " "once." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2208 +#: sssd-ldap.5.xml:2266 msgid "ldap_pwdlockout_dn (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2211 +#: sssd-ldap.5.xml:2269 msgid "" "This option specifies the DN of password policy entry on LDAP server. Please " "note that absence of this option in sssd.conf in case of enabled account " @@ -6556,74 +6804,74 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2219 +#: sssd-ldap.5.xml:2277 msgid "Example: cn=ppolicy,ou=policies,dc=example,dc=com" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2222 +#: sssd-ldap.5.xml:2280 msgid "Default: cn=ppolicy,ou=policies,$ldap_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2228 +#: sssd-ldap.5.xml:2286 msgid "ldap_deref (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2231 +#: sssd-ldap.5.xml:2289 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2236 +#: sssd-ldap.5.xml:2294 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2240 +#: sssd-ldap.5.xml:2298 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2245 +#: sssd-ldap.5.xml:2303 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2250 +#: sssd-ldap.5.xml:2308 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2255 +#: sssd-ldap.5.xml:2313 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2263 +#: sssd-ldap.5.xml:2321 msgid "ldap_rfc2307_fallback_to_local_users (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2266 +#: sssd-ldap.5.xml:2324 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2270 +#: sssd-ldap.5.xml:2328 msgid "" "In some environments where the RFC2307 schema is used, local users are made " "members of LDAP groups by adding their names to the memberUid attribute. " @@ -6634,7 +6882,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2281 +#: sssd-ldap.5.xml:2339 msgid "" "This option falls back to checking if local users are referenced, and caches " "them so that later initgroups() calls will augment the local users with the " @@ -6642,24 +6890,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2293 sssd-ifp.5.xml:136 +#: sssd-ldap.5.xml:2351 sssd-ifp.5.xml:136 msgid "wildcard_limit (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2296 +#: sssd-ldap.5.xml:2354 msgid "" "Specifies an upper limit on the number of entries that are downloaded during " "a wildcard lookup." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2300 +#: sssd-ldap.5.xml:2358 msgid "At the moment, only the InfoPipe responder supports wildcard lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2304 +#: sssd-ldap.5.xml:2362 msgid "Default: 1000 (often the size of one page)" msgstr "" @@ -6674,12 +6922,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2314 +#: sssd-ldap.5.xml:2372 msgid "SUDO OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2316 +#: sssd-ldap.5.xml:2374 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -6687,317 +6935,327 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2327 +#: sssd-ldap.5.xml:2385 msgid "ldap_sudorule_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2330 +#: sssd-ldap.5.xml:2388 msgid "The object class of a sudo rule entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2333 +#: sssd-ldap.5.xml:2391 msgid "Default: sudoRole" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2339 +#: sssd-ldap.5.xml:2397 msgid "ldap_sudorule_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2342 +#: sssd-ldap.5.xml:2400 msgid "The LDAP attribute that corresponds to the sudo rule name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2352 +#: sssd-ldap.5.xml:2410 msgid "ldap_sudorule_command (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2355 +#: sssd-ldap.5.xml:2413 msgid "The LDAP attribute that corresponds to the command name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2359 +#: sssd-ldap.5.xml:2417 msgid "Default: sudoCommand" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2365 +#: sssd-ldap.5.xml:2423 msgid "ldap_sudorule_host (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2368 +#: sssd-ldap.5.xml:2426 msgid "" "The LDAP attribute that corresponds to the host name (or host IP address, " "host IP network, or host netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2373 +#: sssd-ldap.5.xml:2431 msgid "Default: sudoHost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2379 +#: sssd-ldap.5.xml:2437 msgid "ldap_sudorule_user (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2382 +#: sssd-ldap.5.xml:2440 msgid "" "The LDAP attribute that corresponds to the user name (or UID, group name or " "user's netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2386 +#: sssd-ldap.5.xml:2444 msgid "Default: sudoUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2392 +#: sssd-ldap.5.xml:2450 msgid "ldap_sudorule_option (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2395 +#: sssd-ldap.5.xml:2453 msgid "The LDAP attribute that corresponds to the sudo options." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2399 +#: sssd-ldap.5.xml:2457 msgid "Default: sudoOption" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2405 +#: sssd-ldap.5.xml:2463 msgid "ldap_sudorule_runasuser (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2408 +#: sssd-ldap.5.xml:2466 msgid "" "The LDAP attribute that corresponds to the user name that commands may be " "run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2412 +#: sssd-ldap.5.xml:2470 msgid "Default: sudoRunAsUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2418 +#: sssd-ldap.5.xml:2476 msgid "ldap_sudorule_runasgroup (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2421 +#: sssd-ldap.5.xml:2479 msgid "" "The LDAP attribute that corresponds to the group name or group GID that " "commands may be run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2425 +#: sssd-ldap.5.xml:2483 msgid "Default: sudoRunAsGroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2431 +#: sssd-ldap.5.xml:2489 msgid "ldap_sudorule_notbefore (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2434 +#: sssd-ldap.5.xml:2492 msgid "" "The LDAP attribute that corresponds to the start date/time for when the sudo " "rule is valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2438 +#: sssd-ldap.5.xml:2496 msgid "Default: sudoNotBefore" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2444 +#: sssd-ldap.5.xml:2502 msgid "ldap_sudorule_notafter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2447 +#: sssd-ldap.5.xml:2505 msgid "" "The LDAP attribute that corresponds to the expiration date/time, after which " "the sudo rule will no longer be valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2452 +#: sssd-ldap.5.xml:2510 msgid "Default: sudoNotAfter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2458 +#: sssd-ldap.5.xml:2516 msgid "ldap_sudorule_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2461 +#: sssd-ldap.5.xml:2519 msgid "The LDAP attribute that corresponds to the ordering index of the rule." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2465 +#: sssd-ldap.5.xml:2523 msgid "Default: sudoOrder" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2471 +#: sssd-ldap.5.xml:2529 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2474 +#: sssd-ldap.5.xml:2532 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2479 +#: sssd-ldap.5.xml:2537 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </" "emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2484 +#: sssd-ldap.5.xml:2542 msgid "Default: 21600 (6 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2490 +#: sssd-ldap.5.xml:2548 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2493 +#: sssd-ldap.5.xml:2551 msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " -"rules (which downloads all rules that have USN higher than the highest USN " -"of cached rules)." +"rules (which downloads all rules that have USN higher than the highest " +"server USN value that is currently known by SSSD)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2499 +#: sssd-ldap.5.xml:2557 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:2561 +msgid "" +"<emphasis>Note:</emphasis> the highest USN value can be updated by three " +"tasks: 1) By sudo full and smart refresh (if updated rules are found), 2) by " +"enumeration of users and groups (if enabled and updated users or groups are " +"found) and 3) by reconnecting to the server (by default every 15 minutes, " +"see <emphasis>ldap_connection_expire_timeout</emphasis>)." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2509 +#: sssd-ldap.5.xml:2578 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2512 +#: sssd-ldap.5.xml:2581 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2523 +#: sssd-ldap.5.xml:2592 msgid "ldap_sudo_hostnames (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2526 +#: sssd-ldap.5.xml:2595 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2531 +#: sssd-ldap.5.xml:2600 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2536 sssd-ldap.5.xml:2559 sssd-ldap.5.xml:2577 -#: sssd-ldap.5.xml:2595 +#: sssd-ldap.5.xml:2605 sssd-ldap.5.xml:2628 sssd-ldap.5.xml:2646 +#: sssd-ldap.5.xml:2664 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</" "emphasis> then this option has no effect." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2541 sssd-ldap.5.xml:2564 +#: sssd-ldap.5.xml:2610 sssd-ldap.5.xml:2633 msgid "Default: not specified" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2547 +#: sssd-ldap.5.xml:2616 msgid "ldap_sudo_ip (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2550 +#: sssd-ldap.5.xml:2619 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2555 +#: sssd-ldap.5.xml:2624 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2570 +#: sssd-ldap.5.xml:2639 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2573 +#: sssd-ldap.5.xml:2642 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2588 +#: sssd-ldap.5.xml:2657 msgid "ldap_sudo_include_regexp (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2591 +#: sssd-ldap.5.xml:2660 msgid "" "If true then SSSD will download every rule that contains a wildcard in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><note><para> -#: sssd-ldap.5.xml:2601 +#: sssd-ldap.5.xml:2670 msgid "" "Using wildcard is an operation that is very costly to evaluate on the LDAP " "server side!" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2613 +#: sssd-ldap.5.xml:2682 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -7006,111 +7264,111 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2623 +#: sssd-ldap.5.xml:2692 msgid "AUTOFS OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2625 +#: sssd-ldap.5.xml:2694 msgid "" "Some of the defaults for the parameters below are dependent on the LDAP " "schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2631 +#: sssd-ldap.5.xml:2700 msgid "ldap_autofs_map_master_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2634 +#: sssd-ldap.5.xml:2703 msgid "The name of the automount master map in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2637 +#: sssd-ldap.5.xml:2706 msgid "Default: auto.master" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2644 +#: sssd-ldap.5.xml:2713 msgid "ldap_autofs_map_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2647 +#: sssd-ldap.5.xml:2716 msgid "The object class of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2650 +#: sssd-ldap.5.xml:2719 msgid "Default: nisMap (rfc2307, autofs_provider=ad), otherwise automountMap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2658 +#: sssd-ldap.5.xml:2727 msgid "ldap_autofs_map_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2661 +#: sssd-ldap.5.xml:2730 msgid "The name of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2664 +#: sssd-ldap.5.xml:2733 msgid "" "Default: nisMapName (rfc2307, autofs_provider=ad), otherwise automountMapName" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2672 +#: sssd-ldap.5.xml:2741 msgid "ldap_autofs_entry_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2675 +#: sssd-ldap.5.xml:2744 msgid "" "The object class of an automount entry in LDAP. The entry usually " "corresponds to a mount point." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2680 +#: sssd-ldap.5.xml:2749 msgid "Default: nisObject (rfc2307, autofs_provider=ad), otherwise automount" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2688 +#: sssd-ldap.5.xml:2757 msgid "ldap_autofs_entry_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2691 sssd-ldap.5.xml:2706 +#: sssd-ldap.5.xml:2760 sssd-ldap.5.xml:2775 msgid "" "The key of an automount entry in LDAP. The entry usually corresponds to a " "mount point." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2695 +#: sssd-ldap.5.xml:2764 msgid "Default: cn (rfc2307, autofs_provider=ad), otherwise automountKey" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2703 +#: sssd-ldap.5.xml:2772 msgid "ldap_autofs_entry_value (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2710 +#: sssd-ldap.5.xml:2779 msgid "" "Default: nisMapEntry (rfc2307, autofs_provider=ad), otherwise " "automountInformation" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2629 +#: sssd-ldap.5.xml:2698 msgid "" "<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" "\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " @@ -7119,32 +7377,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2721 +#: sssd-ldap.5.xml:2790 msgid "ADVANCED OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2728 +#: sssd-ldap.5.xml:2797 msgid "ldap_netgroup_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2733 +#: sssd-ldap.5.xml:2802 msgid "ldap_user_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2738 +#: sssd-ldap.5.xml:2807 msgid "ldap_group_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note> -#: sssd-ldap.5.xml:2743 +#: sssd-ldap.5.xml:2812 msgid "<note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note><para> -#: sssd-ldap.5.xml:2745 +#: sssd-ldap.5.xml:2814 msgid "" "If the option <quote>ldap_use_tokengroups</quote> is enabled, the searches " "against Active Directory will not be restricted and return all groups " @@ -7153,22 +7411,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist> -#: sssd-ldap.5.xml:2752 +#: sssd-ldap.5.xml:2821 msgid "</note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2754 +#: sssd-ldap.5.xml:2823 msgid "ldap_sudo_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2759 +#: sssd-ldap.5.xml:2828 msgid "ldap_autofs_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2723 +#: sssd-ldap.5.xml:2792 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -7177,14 +7435,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2774 sssd-simple.5.xml:131 sssd-ipa.5.xml:843 -#: sssd-ad.5.xml:1078 sssd-krb5.5.xml:570 sss_rpcidmapd.5.xml:98 +#: sssd-ldap.5.xml:2843 sssd-simple.5.xml:131 sssd-ipa.5.xml:843 +#: sssd-ad.5.xml:1097 sssd-krb5.5.xml:604 sss_rpcidmapd.5.xml:98 #: sssd-files.5.xml:130 sssd-session-recording.5.xml:144 msgid "EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2776 +#: sssd-ldap.5.xml:2845 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -7192,7 +7450,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2782 +#: sssd-ldap.5.xml:2851 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -7205,27 +7463,27 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:2781 sssd-ldap.5.xml:2799 sssd-simple.5.xml:139 -#: sssd-ipa.5.xml:851 sssd-ad.5.xml:1086 sssd-sudo.5.xml:56 sssd-krb5.5.xml:579 +#: sssd-ldap.5.xml:2850 sssd-ldap.5.xml:2868 sssd-simple.5.xml:139 +#: sssd-ipa.5.xml:851 sssd-ad.5.xml:1105 sssd-sudo.5.xml:56 sssd-krb5.5.xml:613 #: sssd-files.5.xml:137 sssd-files.5.xml:148 sssd-session-recording.5.xml:150 #: include/ldap_id_mapping.xml:105 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2793 +#: sssd-ldap.5.xml:2862 msgid "LDAP ACCESS FILTER EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2795 +#: sssd-ldap.5.xml:2864 msgid "" "The following example assumes that SSSD is correctly configured and to use " "the ldap_access_order=lockout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2800 +#: sssd-ldap.5.xml:2869 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -7241,13 +7499,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2815 sssd_krb5_locator_plugin.8.xml:81 sssd-simple.5.xml:148 -#: sssd-ad.5.xml:1101 sssd.8.xml:257 sss_seed.8.xml:163 +#: sssd-ldap.5.xml:2884 sssd_krb5_locator_plugin.8.xml:83 sssd-simple.5.xml:148 +#: sssd-ad.5.xml:1120 sssd.8.xml:257 sss_seed.8.xml:163 msgid "NOTES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2817 +#: sssd-ldap.5.xml:2886 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -7460,7 +7718,7 @@ msgstr "" msgid "" "Try to use certificate based authentication, i.e. authentication with a " "Smartcard or similar devices. If a Smartcard is available and the service is " -"allowed for Smartcard authentication the use will be prompted for a PIN and " +"allowed for Smartcard authentication the user will be prompted for a PIN and " "the certificate based authentication will continue" msgstr "" @@ -7507,13 +7765,22 @@ msgid "" "<option>password</option> and <option>session</option>) are provided." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para> +#: pam_sss.8.xml:259 +msgid "" +"If SSSD's PAM responder is not running, e.g. if the PAM responder socket is " +"not available, pam_sss will return PAM_USER_UNKNOWN when called as " +"<option>account</option> module to avoid issues with users from other " +"sources during access control." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><title> -#: pam_sss.8.xml:262 +#: pam_sss.8.xml:266 msgid "FILES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:263 +#: pam_sss.8.xml:267 msgid "" "If a password reset by root fails, because the corresponding SSSD provider " "does not support password resets, an individual message can be displayed. " @@ -7521,7 +7788,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:268 +#: pam_sss.8.xml:272 msgid "" "The message is read from the file <filename>pam_sss_pw_reset_message.LOC</" "filename> where LOC stands for a locale string returned by <citerefentry> " @@ -7533,7 +7800,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:278 +#: pam_sss.8.xml:282 msgid "" "These files are searched in the directory <filename>/etc/sssd/customize/" "DOMAIN_NAME/</filename>. If no matching file is present a generic message is " @@ -7583,34 +7850,44 @@ msgstr "" msgid "" "The plugin reads the information about the KDCs of a given realm from a file " "called <filename>kdcinfo.REALM</filename>. The file should contain one or " -"more IP addresses either in dotted-decimal IPv4 notation or the hexadecimal " -"IPv6 notation. An optional port number can be added to the end separated " -"with a colon, the IPv6 address has to be enclosed in squared brackets in " -"this case as usual. Valid entries are:" +"more DNS names or IP addresses either in dotted-decimal IPv4 notation or the " +"hexadecimal IPv6 notation. An optional port number can be added to the end " +"separated with a colon, the IPv6 address has to be enclosed in squared " +"brackets in this case as usual. Valid entries are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> #: sssd_krb5_locator_plugin.8.xml:58 -msgid "1.2.3.4" +msgid "kdc.example.com" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> #: sssd_krb5_locator_plugin.8.xml:59 -msgid "5.6.7.8:99" +msgid "kdc.example.com:321" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> #: sssd_krb5_locator_plugin.8.xml:60 -msgid "2001:db8:85a3::8a2e:370:7334" +msgid "1.2.3.4" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> #: sssd_krb5_locator_plugin.8.xml:61 +msgid "5.6.7.8:99" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd_krb5_locator_plugin.8.xml:62 +msgid "2001:db8:85a3::8a2e:370:7334" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd_krb5_locator_plugin.8.xml:63 msgid "[2001:db8:85a3::8a2e:370:7334]:321" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:63 +#: sssd_krb5_locator_plugin.8.xml:65 msgid "" "SSSD's krb5 auth-provider which is used by the IPA and AD providers as well " "adds the address of the current KDC or domain controller SSSD is using to " @@ -7618,7 +7895,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:68 +#: sssd_krb5_locator_plugin.8.xml:70 msgid "" "In environments with read-only and read-write KDCs where clients are " "expected to use the read-only instances for the general operations and only " @@ -7631,7 +7908,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:83 +#: sssd_krb5_locator_plugin.8.xml:85 msgid "" "Not all Kerberos implementations support the use of plugins. If " "<command>sssd_krb5_locator_plugin</command> is not available on your system " @@ -7639,20 +7916,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:89 +#: sssd_krb5_locator_plugin.8.xml:91 msgid "" "If the environment variable SSSD_KRB5_LOCATOR_DEBUG is set to any value " "debug messages will be sent to stderr." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:93 +#: sssd_krb5_locator_plugin.8.xml:95 msgid "" "If the environment variable SSSD_KRB5_LOCATOR_DISABLE is set to any value " "the plugin is disabled and will just return KRB5_PLUGIN_NO_HANDLE to the " "caller." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:100 +msgid "" +"If the environment variable SSSD_KRB5_LOCATOR_IGNORE_DNS_FAILURES is set to " +"any value plugin will try to resolve all DNS names in kdcinfo file. By " +"default plugin returns KRB5_PLUGIN_NO_HANDLE to the caller immediately on " +"first DNS resolving failure." +msgstr "" + #. type: Content of: <reference><refentry><refnamediv><refname> #: sssd-simple.5.xml:10 sssd-simple.5.xml:16 msgid "sssd-simple" @@ -8749,7 +9035,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:128 sssd-ad.5.xml:888 +#: sssd-ipa.5.xml:128 sssd-ad.5.xml:907 msgid "dyndns_update (boolean)" msgstr "" @@ -8764,7 +9050,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:140 sssd-ad.5.xml:902 +#: sssd-ipa.5.xml:140 sssd-ad.5.xml:921 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" @@ -8779,12 +9065,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:157 sssd-ad.5.xml:913 +#: sssd-ipa.5.xml:157 sssd-ad.5.xml:932 msgid "dyndns_ttl (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:160 sssd-ad.5.xml:916 +#: sssd-ipa.5.xml:160 sssd-ad.5.xml:935 msgid "" "The TTL to apply to the client DNS record when updating it. If " "dyndns_update is false this has no effect. This will override the TTL " @@ -8805,12 +9091,12 @@ msgid "Default: 1200 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:177 sssd-ad.5.xml:927 +#: sssd-ipa.5.xml:177 sssd-ad.5.xml:946 msgid "dyndns_iface (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:180 sssd-ad.5.xml:930 +#: sssd-ipa.5.xml:180 sssd-ad.5.xml:949 msgid "" "Optional. Applicable only when dyndns_update is true. Choose the interface " "or a list of interfaces whose IP addresses should be used for dynamic DNS " @@ -8834,17 +9120,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:197 sssd-ad.5.xml:941 +#: sssd-ipa.5.xml:197 sssd-ad.5.xml:960 msgid "Example: dyndns_iface = em1, vnet1, vnet2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:203 sssd-ad.5.xml:992 +#: sssd-ipa.5.xml:203 sssd-ad.5.xml:1011 msgid "dyndns_auth (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:206 sssd-ad.5.xml:995 +#: sssd-ipa.5.xml:206 sssd-ad.5.xml:1014 msgid "" "Whether the nsupdate utility should use GSS-TSIG authentication for secure " "updates with the DNS server, insecure updates can be sent by setting this " @@ -8852,7 +9138,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:212 sssd-ad.5.xml:1001 +#: sssd-ipa.5.xml:212 sssd-ad.5.xml:1020 msgid "Default: GSS-TSIG" msgstr "" @@ -8879,7 +9165,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:244 sssd-ad.5.xml:947 +#: sssd-ipa.5.xml:244 sssd-ad.5.xml:966 msgid "dyndns_refresh_interval (integer)" msgstr "" @@ -8892,12 +9178,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:260 sssd-ad.5.xml:965 +#: sssd-ipa.5.xml:260 sssd-ad.5.xml:984 msgid "dyndns_update_ptr (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:263 sssd-ad.5.xml:968 +#: sssd-ipa.5.xml:263 sssd-ad.5.xml:987 msgid "" "Whether the PTR record should also be explicitly updated when updating the " "client's DNS records. Applicable only when dyndns_update is true." @@ -8916,60 +9202,60 @@ msgid "Default: False (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:280 sssd-ad.5.xml:979 +#: sssd-ipa.5.xml:280 sssd-ad.5.xml:998 msgid "dyndns_force_tcp (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:283 sssd-ad.5.xml:982 +#: sssd-ipa.5.xml:283 sssd-ad.5.xml:1001 msgid "" "Whether the nsupdate utility should default to using TCP for communicating " "with the DNS server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:287 sssd-ad.5.xml:986 +#: sssd-ipa.5.xml:287 sssd-ad.5.xml:1005 msgid "Default: False (let nsupdate choose the protocol)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:293 sssd-ad.5.xml:1007 +#: sssd-ipa.5.xml:293 sssd-ad.5.xml:1026 msgid "dyndns_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:296 sssd-ad.5.xml:1010 +#: sssd-ipa.5.xml:296 sssd-ad.5.xml:1029 msgid "" "The DNS server to use when performing a DNS update. In most setups, it's " "recommended to leave this option unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:301 sssd-ad.5.xml:1015 +#: sssd-ipa.5.xml:301 sssd-ad.5.xml:1034 msgid "" "Setting this option makes sense for environments where the DNS server is " "different from the identity server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:306 sssd-ad.5.xml:1020 +#: sssd-ipa.5.xml:306 sssd-ad.5.xml:1039 msgid "" "Please note that this option will be only used in fallback attempt when " "previous attempt using autodetected settings failed." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:311 sssd-ad.5.xml:1025 +#: sssd-ipa.5.xml:311 sssd-ad.5.xml:1044 msgid "Default: None (let nsupdate choose the server)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:317 sssd-ad.5.xml:1031 +#: sssd-ipa.5.xml:317 sssd-ad.5.xml:1050 msgid "dyndns_update_per_family (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:320 sssd-ad.5.xml:1034 +#: sssd-ipa.5.xml:320 sssd-ad.5.xml:1053 msgid "" "DNS update is by default performed in two steps - IPv4 update and then IPv6 " "update. In some cases it might be desirable to perform IPv4 and IPv6 update " @@ -9083,26 +9369,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:458 sssd-ad.5.xml:1049 +#: sssd-ipa.5.xml:458 sssd-ad.5.xml:1068 msgid "krb5_confd_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:461 sssd-ad.5.xml:1052 +#: sssd-ipa.5.xml:461 sssd-ad.5.xml:1071 msgid "" "Absolute path of a directory where SSSD should place Kerberos configuration " "snippets." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:465 sssd-ad.5.xml:1056 +#: sssd-ipa.5.xml:465 sssd-ad.5.xml:1075 msgid "" "To disable the creation of the configuration snippets set the parameter to " "'none'." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:469 sssd-ad.5.xml:1060 +#: sssd-ipa.5.xml:469 sssd-ad.5.xml:1079 msgid "" "Default: not set (krb5.include.d subdirectory of SSSD's pubconf directory)" msgstr "" @@ -9121,7 +9407,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:486 sssd-ipa.5.xml:516 sssd-ipa.5.xml:532 sssd-ad.5.xml:452 +#: sssd-ipa.5.xml:486 sssd-ipa.5.xml:516 sssd-ipa.5.xml:532 sssd-ad.5.xml:471 msgid "Default: 5 (seconds)" msgstr "" @@ -9997,12 +10283,27 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:442 +#: sssd-ad.5.xml:441 +msgid "ad_gpo_ignore_unreadable (boolean)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:444 +msgid "" +"Normally when some group policy containers (AD object) of applicable group " +"policy objects are not readable by SSSD then users are denied access. This " +"option allows to ignore group policy containers and with them associated " +"policies if their attributes in group policy containers are not readable for " +"SSSD." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:461 msgid "ad_gpo_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:445 +#: sssd-ad.5.xml:464 msgid "" "The amount of time between lookups of GPO policy files against the AD " "server. This will reduce the latency and load on the AD server if there are " @@ -10010,12 +10311,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:458 +#: sssd-ad.5.xml:477 msgid "ad_gpo_map_interactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:461 +#: sssd-ad.5.xml:480 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the InteractiveLogonRight and " @@ -10023,14 +10324,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:467 +#: sssd-ad.5.xml:486 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on locally\" and \"Deny log on locally\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:481 +#: sssd-ad.5.xml:500 #, no-wrap msgid "" "ad_gpo_map_interactive = +my_pam_service, -login\n" @@ -10038,7 +10339,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:472 +#: sssd-ad.5.xml:491 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -10050,42 +10351,42 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:504 +#: sssd-ad.5.xml:523 msgid "gdm-fingerprint" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:524 +#: sssd-ad.5.xml:543 msgid "lightdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:529 +#: sssd-ad.5.xml:548 msgid "lxdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:534 +#: sssd-ad.5.xml:553 msgid "sddm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:539 +#: sssd-ad.5.xml:558 msgid "unity" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:544 +#: sssd-ad.5.xml:563 msgid "xdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:553 +#: sssd-ad.5.xml:572 msgid "ad_gpo_map_remote_interactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:556 +#: sssd-ad.5.xml:575 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the RemoteInteractiveLogonRight and " @@ -10093,7 +10394,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:562 +#: sssd-ad.5.xml:581 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on through Remote Desktop Services\" and \"Deny log on through Remote " @@ -10101,7 +10402,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:577 +#: sssd-ad.5.xml:596 #, no-wrap msgid "" "ad_gpo_map_remote_interactive = +my_pam_service, -sshd\n" @@ -10109,7 +10410,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:568 +#: sssd-ad.5.xml:587 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -10121,22 +10422,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:585 +#: sssd-ad.5.xml:604 msgid "sshd" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:590 +#: sssd-ad.5.xml:609 msgid "cockpit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:599 +#: sssd-ad.5.xml:618 msgid "ad_gpo_map_network (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:602 +#: sssd-ad.5.xml:621 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the NetworkLogonRight and " @@ -10144,7 +10445,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:608 +#: sssd-ad.5.xml:627 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Access " "this computer from the network\" and \"Deny access to this computer from the " @@ -10152,7 +10453,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:623 +#: sssd-ad.5.xml:642 #, no-wrap msgid "" "ad_gpo_map_network = +my_pam_service, -ftp\n" @@ -10160,7 +10461,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:614 +#: sssd-ad.5.xml:633 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -10172,22 +10473,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:631 +#: sssd-ad.5.xml:650 msgid "ftp" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:636 +#: sssd-ad.5.xml:655 msgid "samba" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:645 +#: sssd-ad.5.xml:664 msgid "ad_gpo_map_batch (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:648 +#: sssd-ad.5.xml:667 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the BatchLogonRight and DenyBatchLogonRight " @@ -10195,14 +10496,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:654 +#: sssd-ad.5.xml:673 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a batch job\" and \"Deny log on as a batch job\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:668 +#: sssd-ad.5.xml:687 #, no-wrap msgid "" "ad_gpo_map_batch = +my_pam_service, -crond\n" @@ -10210,7 +10511,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:659 +#: sssd-ad.5.xml:678 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -10222,23 +10523,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:671 +#: sssd-ad.5.xml:690 msgid "" "Note: Cron service name may differ depending on Linux distribution used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:677 +#: sssd-ad.5.xml:696 msgid "crond" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:686 +#: sssd-ad.5.xml:705 msgid "ad_gpo_map_service (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:689 +#: sssd-ad.5.xml:708 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the ServiceLogonRight and " @@ -10246,14 +10547,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:695 +#: sssd-ad.5.xml:714 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a service\" and \"Deny log on as a service\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:708 +#: sssd-ad.5.xml:727 #, no-wrap msgid "" "ad_gpo_map_service = +my_pam_service\n" @@ -10261,7 +10562,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:700 sssd-ad.5.xml:775 +#: sssd-ad.5.xml:719 sssd-ad.5.xml:794 msgid "" "It is possible to add a PAM service name to the default set by using <quote>" "+service_name</quote>. Since the default set is empty, it is not possible " @@ -10272,19 +10573,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:718 +#: sssd-ad.5.xml:737 msgid "ad_gpo_map_permit (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:721 +#: sssd-ad.5.xml:740 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always granted, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:735 +#: sssd-ad.5.xml:754 #, no-wrap msgid "" "ad_gpo_map_permit = +my_pam_service, -sudo\n" @@ -10292,7 +10593,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:726 +#: sssd-ad.5.xml:745 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -10304,29 +10605,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:743 +#: sssd-ad.5.xml:762 msgid "polkit-1" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:758 +#: sssd-ad.5.xml:777 msgid "systemd-user" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:767 +#: sssd-ad.5.xml:786 msgid "ad_gpo_map_deny (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:770 +#: sssd-ad.5.xml:789 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always denied, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:783 +#: sssd-ad.5.xml:802 #, no-wrap msgid "" "ad_gpo_map_deny = +my_pam_service\n" @@ -10334,12 +10635,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:793 +#: sssd-ad.5.xml:812 msgid "ad_gpo_default_right (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:796 +#: sssd-ad.5.xml:815 msgid "" "This option defines how access control is evaluated for PAM service names " "that are not explicitly listed in one of the ad_gpo_map_* options. This " @@ -10352,57 +10653,57 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:809 +#: sssd-ad.5.xml:828 msgid "Supported values for this option include:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:813 +#: sssd-ad.5.xml:832 msgid "interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:818 +#: sssd-ad.5.xml:837 msgid "remote_interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:823 +#: sssd-ad.5.xml:842 msgid "network" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:828 +#: sssd-ad.5.xml:847 msgid "batch" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:833 +#: sssd-ad.5.xml:852 msgid "service" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:838 +#: sssd-ad.5.xml:857 msgid "permit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:843 +#: sssd-ad.5.xml:862 msgid "deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:849 +#: sssd-ad.5.xml:868 msgid "Default: deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:855 +#: sssd-ad.5.xml:874 msgid "ad_maximum_machine_account_password_age (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:858 +#: sssd-ad.5.xml:877 msgid "" "SSSD will check once a day if the machine account password is older than the " "given age in days and try to renew it. A value of 0 will disable the renewal " @@ -10410,17 +10711,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:864 +#: sssd-ad.5.xml:883 msgid "Default: 30 days" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:870 +#: sssd-ad.5.xml:889 msgid "ad_machine_account_password_renewal_opts (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:873 +#: sssd-ad.5.xml:892 msgid "" "This option should only be used to test the machine account renewal task. " "The option expects 2 integers separated by a colon (':'). The first integer " @@ -10430,12 +10731,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:882 +#: sssd-ad.5.xml:901 msgid "Default: 86400:750 (24h and 15m)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:891 +#: sssd-ad.5.xml:910 msgid "" "Optional. This option tells SSSD to automatically update the Active " "Directory DNS server with the IP address of this client. The update is " @@ -10446,19 +10747,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:921 +#: sssd-ad.5.xml:940 msgid "Default: 3600 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:937 +#: sssd-ad.5.xml:956 msgid "" "Default: Use the IP addresses of the interface which is used for AD LDAP " "connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:950 +#: sssd-ad.5.xml:969 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -10468,12 +10769,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:973 sss_rpcidmapd.5.xml:76 +#: sssd-ad.5.xml:992 sss_rpcidmapd.5.xml:76 msgid "Default: True" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1080 +#: sssd-ad.5.xml:1099 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -10481,7 +10782,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1087 +#: sssd-ad.5.xml:1106 #, no-wrap msgid "" "[domain/EXAMPLE]\n" @@ -10496,7 +10797,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1107 +#: sssd-ad.5.xml:1126 #, no-wrap msgid "" "access_provider = ldap\n" @@ -10505,7 +10806,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1103 +#: sssd-ad.5.xml:1122 msgid "" "The AD access control provider checks if the account is expired. It has the " "same effect as the following configuration of the LDAP provider: " @@ -10513,7 +10814,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1113 +#: sssd-ad.5.xml:1132 msgid "" "However, unless the <quote>ad</quote> access control provider is explicitly " "configured, the default access provider is <quote>permit</quote>. Please " @@ -10523,7 +10824,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1121 +#: sssd-ad.5.xml:1140 msgid "" "When the autofs provider is set to <quote>ad</quote>, the RFC2307 schema " "attribute mapping (nisMap, nisObject, ...) is used, because these attributes " @@ -12007,23 +12308,59 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-krb5.5.xml:505 -msgid "krb5_use_enterprise_principal (boolean)" +msgid "krb5_kdcinfo_lookahead (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:508 msgid "" +"When krb5_use_kdcinfo is set to true, you can limit the amount of servers " +"handed to <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" +"refentrytitle> <manvolnum>8</manvolnum> </citerefentry>. This might be " +"helpful when there are too many servers discovered using SRV record." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:518 +msgid "" +"The krb5_kdcinfo_lookahead option contains two numbers seperated by a colon. " +"The first number represents number of primary servers used and the second " +"number specifies the number of backup servers." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:524 +msgid "" +"For example <emphasis>10:0</emphasis> means that up to 10 primary servers " +"will be handed to <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" +"refentrytitle> <manvolnum>8</manvolnum> </citerefentry>. but no backup " +"servers." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:533 +msgid "Default: 3:1" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-krb5.5.xml:539 +msgid "krb5_use_enterprise_principal (boolean)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:542 +msgid "" "Specifies if the user principal should be treated as enterprise principal. " "See section 5 of RFC 6806 for more details about enterprise principals." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:514 +#: sssd-krb5.5.xml:548 msgid "Default: false (AD provider: true)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:517 +#: sssd-krb5.5.xml:551 msgid "" "The IPA provider will set to option to 'true' if it detects that the server " "is capable of handling enterprise principals and the option is not set " @@ -12031,12 +12368,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:526 +#: sssd-krb5.5.xml:560 msgid "krb5_map_user (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:529 +#: sssd-krb5.5.xml:563 msgid "" "The list of mappings is given as a comma-separated list of pairs " "<quote>username:primary</quote> where <quote>username</quote> is a UNIX user " @@ -12046,7 +12383,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-krb5.5.xml:541 +#: sssd-krb5.5.xml:575 #, no-wrap msgid "" "krb5_realm = REALM\n" @@ -12054,7 +12391,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:546 +#: sssd-krb5.5.xml:580 msgid "" "<quote>joe</quote> and <quote>dick</quote> are UNIX user names and " "<quote>juser</quote> and <quote>richard</quote> are primaries of kerberos " @@ -12074,7 +12411,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:572 +#: sssd-krb5.5.xml:606 msgid "" "The following example assumes that SSSD is correctly configured and FOO is " "one of the domains in the <replaceable>[sssd]</replaceable> section. This " @@ -12083,7 +12420,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-krb5.5.xml:580 +#: sssd-krb5.5.xml:614 #, no-wrap msgid "" "[domain/FOO]\n" diff --git a/src/man/po/ru.po b/src/man/po/ru.po index 02e810be64a..5dc2e222d2b 100644 --- a/src/man/po/ru.po +++ b/src/man/po/ru.po @@ -6,9 +6,9 @@ # Artyom Kunyov <artkun@guitarplayer.ru>, 2012 msgid "" msgstr "" -"Project-Id-Version: sssd-docs 1.16.2\n" +"Project-Id-Version: sssd-docs 2.0.99\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2019-02-27 19:54+0100\n" +"POT-Creation-Date: 2019-06-13 20:34+0200\n" "PO-Revision-Date: 2014-12-15 12:07+0000\n" "Last-Translator: Copied by Zanata <copied-by-zanata@zanata.org>\n" "Language-Team: Russian (http://www.transifex.com/projects/p/sssd/language/" @@ -294,11 +294,11 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:133 sssd.conf.5.xml:579 sssd.conf.5.xml:875 -#: sssd.conf.5.xml:1648 sssd.conf.5.xml:1678 sssd-ldap.5.xml:1792 -#: sssd-ldap.5.xml:1889 sssd-ldap.5.xml:1951 sssd-ldap.5.xml:2517 -#: sssd-ldap.5.xml:2582 sssd-ipa.5.xml:326 sssd-ad.5.xml:227 sssd-ad.5.xml:341 -#: sssd-ad.5.xml:907 sssd-ad.5.xml:1040 sssd-krb5.5.xml:499 +#: sssd.conf.5.xml:133 sssd.conf.5.xml:579 sssd.conf.5.xml:876 +#: sssd.conf.5.xml:1649 sssd.conf.5.xml:1679 sssd-ldap.5.xml:1849 +#: sssd-ldap.5.xml:1947 sssd-ldap.5.xml:2009 sssd-ldap.5.xml:2586 +#: sssd-ldap.5.xml:2651 sssd-ipa.5.xml:326 sssd-ad.5.xml:227 sssd-ad.5.xml:341 +#: sssd-ad.5.xml:926 sssd-ad.5.xml:1059 sssd-krb5.5.xml:499 #: sssd-secrets.5.xml:351 sssd-secrets.5.xml:364 msgid "Default: true" msgstr "" @@ -317,16 +317,16 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:146 sssd.conf.5.xml:576 sssd.conf.5.xml:758 -#: sssd.conf.5.xml:1581 sssd.conf.5.xml:3140 sssd-ldap.5.xml:708 -#: sssd-ldap.5.xml:1655 sssd-ldap.5.xml:1674 sssd-ldap.5.xml:1861 -#: sssd-ldap.5.xml:2287 sssd-ldap.5.xml:2606 sssd-ipa.5.xml:151 +#: sssd.conf.5.xml:1582 sssd.conf.5.xml:3207 sssd-ldap.5.xml:746 +#: sssd-ldap.5.xml:1700 sssd-ldap.5.xml:1719 sssd-ldap.5.xml:1919 +#: sssd-ldap.5.xml:2345 sssd-ldap.5.xml:2675 sssd-ipa.5.xml:151 #: sssd-ipa.5.xml:238 sssd-ipa.5.xml:574 sssd-krb5.5.xml:266 #: sssd-krb5.5.xml:300 sssd-krb5.5.xml:471 msgid "Default: false" msgstr "По умолчанию: false" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:2325 +#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:2383 #: sssd-systemtap.5.xml:82 sssd-systemtap.5.xml:143 sssd-systemtap.5.xml:210 #: sssd-systemtap.5.xml:248 sssd-systemtap.5.xml:304 msgid "<placeholder type=\"variablelist\" id=\"0\"/>" @@ -351,8 +351,8 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:169 sssd.conf.5.xml:1412 sssd.conf.5.xml:3156 -#: sssd-ldap.5.xml:1526 include/ldap_id_mapping.xml:264 +#: sssd.conf.5.xml:169 sssd.conf.5.xml:1413 sssd.conf.5.xml:3223 +#: sssd-ldap.5.xml:1571 include/ldap_id_mapping.xml:264 msgid "Default: 10" msgstr "По умолчанию: 10" @@ -367,7 +367,7 @@ msgid "The [sssd] section" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:191 sssd.conf.5.xml:3245 +#: sssd.conf.5.xml:191 sssd.conf.5.xml:3312 msgid "Section parameters" msgstr "" @@ -447,7 +447,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:259 sssd.conf.5.xml:2754 +#: sssd.conf.5.xml:259 sssd.conf.5.xml:2755 msgid "re_expression (string)" msgstr "" @@ -467,12 +467,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:276 sssd.conf.5.xml:2802 +#: sssd.conf.5.xml:276 sssd.conf.5.xml:2803 msgid "full_name_format (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:279 sssd.conf.5.xml:2805 +#: sssd.conf.5.xml:279 sssd.conf.5.xml:2806 msgid "" "A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" "manvolnum> </citerefentry>-compatible format that describes how to compose a " @@ -480,39 +480,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:290 sssd.conf.5.xml:2816 +#: sssd.conf.5.xml:290 sssd.conf.5.xml:2817 msgid "%1$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:291 sssd.conf.5.xml:2817 +#: sssd.conf.5.xml:291 sssd.conf.5.xml:2818 msgid "user name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:294 sssd.conf.5.xml:2820 +#: sssd.conf.5.xml:294 sssd.conf.5.xml:2821 msgid "%2$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:297 sssd.conf.5.xml:2823 +#: sssd.conf.5.xml:297 sssd.conf.5.xml:2824 msgid "domain name as specified in the SSSD config file." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:303 sssd.conf.5.xml:2829 +#: sssd.conf.5.xml:303 sssd.conf.5.xml:2830 msgid "%3$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:306 sssd.conf.5.xml:2832 +#: sssd.conf.5.xml:306 sssd.conf.5.xml:2833 msgid "" "domain flat name. Mostly usable for Active Directory domains, both directly " "configured or discovered via IPA trusts." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:287 sssd.conf.5.xml:2813 +#: sssd.conf.5.xml:287 sssd.conf.5.xml:2814 msgid "" "The following expansions are supported: <placeholder type=\"variablelist\" " "id=\"0\"/>" @@ -636,10 +636,10 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:418 sssd.conf.5.xml:1201 sssd-ldap.5.xml:679 -#: sssd-ldap.5.xml:1260 sssd-ldap.5.xml:1614 sssd-ldap.5.xml:1626 -#: sssd-ldap.5.xml:1708 sssd-ad.5.xml:712 sssd-ad.5.xml:787 sssd.8.xml:126 -#: sssd-krb5.5.xml:410 sssd-krb5.5.xml:556 sssd-secrets.5.xml:339 +#: sssd.conf.5.xml:418 sssd.conf.5.xml:1202 sssd-ldap.5.xml:717 +#: sssd-ldap.5.xml:1298 sssd-ldap.5.xml:1659 sssd-ldap.5.xml:1671 +#: sssd-ldap.5.xml:1763 sssd-ad.5.xml:731 sssd-ad.5.xml:806 sssd.8.xml:126 +#: sssd-krb5.5.xml:410 sssd-krb5.5.xml:590 sssd-secrets.5.xml:339 #: sssd-secrets.5.xml:377 sssd-secrets.5.xml:390 sssd-secrets.5.xml:404 #: sssd-secrets.5.xml:415 include/ldap_id_mapping.xml:205 #: include/ldap_id_mapping.xml:216 @@ -782,12 +782,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:533 sssd.conf.5.xml:1397 sssd.conf.5.xml:1703 +#: sssd.conf.5.xml:533 sssd.conf.5.xml:1398 sssd.conf.5.xml:1704 msgid "This man page was generated for the NSS version." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:536 sssd.conf.5.xml:1400 sssd.conf.5.xml:1706 +#: sssd.conf.5.xml:536 sssd.conf.5.xml:1401 sssd.conf.5.xml:1707 msgid "This man page was generated for the OpenSSL version." msgstr "" @@ -871,7 +871,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:624 sssd.conf.5.xml:1424 sssd.conf.5.xml:3206 +#: sssd.conf.5.xml:624 sssd.conf.5.xml:1425 sssd.conf.5.xml:3273 #: sssd-ad.5.xml:164 sssd-ad.5.xml:302 sssd-ad.5.xml:316 msgid "Default: Not set" msgstr "" @@ -947,8 +947,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:692 sssd.conf.5.xml:724 sssd.conf.5.xml:1006 -#: sssd.conf.5.xml:1267 sssd.conf.5.xml:1513 sssd-ldap.5.xml:1353 +#: sssd.conf.5.xml:692 sssd.conf.5.xml:724 sssd.conf.5.xml:1007 +#: sssd.conf.5.xml:1268 sssd.conf.5.xml:1514 sssd-ldap.5.xml:1391 msgid "Default: 60" msgstr "" @@ -1008,8 +1008,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:746 sssd.conf.5.xml:1019 sssd.conf.5.xml:1773 -#: sssd-ldap.5.xml:722 +#: sssd.conf.5.xml:746 sssd.conf.5.xml:1020 sssd.conf.5.xml:1774 +#: sssd-ldap.5.xml:760 msgid "Default: 300" msgstr "" @@ -1086,7 +1086,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:812 sssd.conf.5.xml:1602 +#: sssd.conf.5.xml:812 sssd.conf.5.xml:1603 msgid "Default: 50" msgstr "" @@ -1104,7 +1104,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:826 sssd.conf.5.xml:1626 +#: sssd.conf.5.xml:826 sssd.conf.5.xml:1627 msgid "Default: 15" msgstr "По умолчанию: 15" @@ -1137,11 +1137,11 @@ msgid "" "Exclude certain users or groups from being fetched from the sss NSS " "database. This is particularly useful for system accounts. This option can " "also be set per-domain or include fully-qualified names to filter only users " -"from the particular domain." +"from the particular domain or by a user principal name (UPN)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:855 +#: sssd.conf.5.xml:856 msgid "" "NOTE: The filter_groups option doesn't affect inheritance of nested group " "members, since filtering happens after they are propagated for returning via " @@ -1150,41 +1150,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:863 +#: sssd.conf.5.xml:864 msgid "Default: root" msgstr "По умолчанию: root" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:868 +#: sssd.conf.5.xml:869 msgid "filter_users_in_groups (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:871 +#: sssd.conf.5.xml:872 msgid "" "If you want filtered user still be group members set this option to false." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:882 +#: sssd.conf.5.xml:883 msgid "fallback_homedir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:885 +#: sssd.conf.5.xml:886 msgid "" "Set a default template for a user's home directory if one is not specified " "explicitly by the domain's data provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:890 +#: sssd.conf.5.xml:891 msgid "" "The available values for this option are the same as for override_homedir." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:896 +#: sssd.conf.5.xml:897 #, no-wrap msgid "" "fallback_homedir = /home/%u\n" @@ -1192,23 +1192,23 @@ msgid "" msgstr "" #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:894 sssd.conf.5.xml:1334 sssd.conf.5.xml:1353 -#: sssd-krb5.5.xml:539 include/override_homedir.xml:59 +#: sssd.conf.5.xml:895 sssd.conf.5.xml:1335 sssd.conf.5.xml:1354 +#: sssd-krb5.5.xml:573 include/override_homedir.xml:59 msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:900 +#: sssd.conf.5.xml:901 msgid "Default: not set (no substitution for unset home directories)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:906 +#: sssd.conf.5.xml:907 msgid "override_shell (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:909 +#: sssd.conf.5.xml:910 msgid "" "Override the login shell for all users. This option supersedes any other " "shell options if it takes effect and can be set either in the [nss] section " @@ -1216,47 +1216,47 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:915 +#: sssd.conf.5.xml:916 msgid "Default: not set (SSSD will use the value retrieved from LDAP)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:921 +#: sssd.conf.5.xml:922 msgid "allowed_shells (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:924 +#: sssd.conf.5.xml:925 msgid "" "Restrict user shell to one of the listed values. The order of evaluation is:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:927 +#: sssd.conf.5.xml:928 msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:931 +#: sssd.conf.5.xml:932 msgid "" "2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</" "quote>, use the value of the shell_fallback parameter." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:936 +#: sssd.conf.5.xml:937 msgid "" "3. If the shell is not in the allowed_shells list and not in <quote>/etc/" "shells</quote>, a nologin shell is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:941 +#: sssd.conf.5.xml:942 msgid "The wildcard (*) can be used to allow any shell." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:944 +#: sssd.conf.5.xml:945 msgid "" "The (*) is useful if you want to use shell_fallback in case that user's " "shell is not in <quote>/etc/shells</quote> and maintaining list of all " @@ -1264,112 +1264,112 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:951 +#: sssd.conf.5.xml:952 msgid "An empty string for shell is passed as-is to libc." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:954 +#: sssd.conf.5.xml:955 msgid "" "The <quote>/etc/shells</quote> is only read on SSSD start up, which means " "that a restart of the SSSD is required in case a new shell is installed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:958 +#: sssd.conf.5.xml:959 msgid "Default: Not set. The user shell is automatically used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:963 +#: sssd.conf.5.xml:964 msgid "vetoed_shells (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:966 +#: sssd.conf.5.xml:967 msgid "Replace any instance of these shells with the shell_fallback" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:971 +#: sssd.conf.5.xml:972 msgid "shell_fallback (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:974 +#: sssd.conf.5.xml:975 msgid "" "The default shell to use if an allowed shell is not installed on the machine." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:978 +#: sssd.conf.5.xml:979 msgid "Default: /bin/sh" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:983 +#: sssd.conf.5.xml:984 msgid "default_shell" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:986 +#: sssd.conf.5.xml:987 msgid "" "The default shell to use if the provider does not return one during lookup. " "This option can be specified globally in the [nss] section or per-domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:992 +#: sssd.conf.5.xml:993 msgid "" "Default: not set (Return NULL if no shell is specified and rely on libc to " "substitute something sensible when necessary, usually /bin/sh)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:999 sssd.conf.5.xml:1260 +#: sssd.conf.5.xml:1000 sssd.conf.5.xml:1261 msgid "get_domains_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1002 sssd.conf.5.xml:1263 +#: sssd.conf.5.xml:1003 sssd.conf.5.xml:1264 msgid "" "Specifies time in seconds for which the list of subdomains will be " "considered valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1011 +#: sssd.conf.5.xml:1012 msgid "memcache_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1014 +#: sssd.conf.5.xml:1015 msgid "" "Specifies time in seconds for which records in the in-memory cache will be " "valid. Setting this option to zero will disable the in-memory cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1022 +#: sssd.conf.5.xml:1023 msgid "" "WARNING: Disabling the in-memory cache will have significant negative impact " "on SSSD's performance and should only be used for testing." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1028 +#: sssd.conf.5.xml:1029 msgid "" "NOTE: If the environment variable SSS_NSS_USE_MEMCACHE is set to \"NO\", " "client applications will not use the fast in-memory cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1036 sssd-ifp.5.xml:74 +#: sssd.conf.5.xml:1037 sssd-ifp.5.xml:74 msgid "user_attributes (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1039 +#: sssd.conf.5.xml:1040 msgid "" "Some of the additional NSS responder requests can return more attributes " "than just the POSIX ones defined by the NSS interface. The list of " @@ -1380,96 +1380,96 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1052 +#: sssd.conf.5.xml:1053 msgid "" "To make configuration more easy the NSS responder will check the InfoPipe " "option if it is not set for the NSS responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1057 +#: sssd.conf.5.xml:1058 msgid "Default: not set, fallback to InfoPipe option" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1062 +#: sssd.conf.5.xml:1063 msgid "pwfield (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1065 +#: sssd.conf.5.xml:1066 msgid "" "The value that NSS operations that return users or groups will return for " "the <quote>password</quote> field." msgstr "" #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:1070 include/override_homedir.xml:56 +#: sssd.conf.5.xml:1071 include/override_homedir.xml:56 msgid "This option can also be set per-domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1073 +#: sssd.conf.5.xml:1074 msgid "" "Default: <quote>*</quote> (remote domains) or <quote>x</quote> (the files " "domain)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1081 +#: sssd.conf.5.xml:1082 msgid "PAM configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1083 +#: sssd.conf.5.xml:1084 msgid "" "These options can be used to configure the Pluggable Authentication Module " "(PAM) service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1088 +#: sssd.conf.5.xml:1089 msgid "offline_credentials_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1091 +#: sssd.conf.5.xml:1092 msgid "" "If the authentication provider is offline, how long should we allow cached " "logins (in days since the last successful online login)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1096 sssd.conf.5.xml:1109 +#: sssd.conf.5.xml:1097 sssd.conf.5.xml:1110 msgid "Default: 0 (No limit)" msgstr "По умолчанию: 0 (неограничено)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1102 +#: sssd.conf.5.xml:1103 msgid "offline_failed_login_attempts (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1105 +#: sssd.conf.5.xml:1106 msgid "" "If the authentication provider is offline, how many failed login attempts " "are allowed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1115 +#: sssd.conf.5.xml:1116 msgid "offline_failed_login_delay (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1118 +#: sssd.conf.5.xml:1119 msgid "" "The time in minutes which has to pass after offline_failed_login_attempts " "has been reached before a new login attempt is possible." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1123 +#: sssd.conf.5.xml:1124 msgid "" "If set to 0 the user cannot authenticate offline if " "offline_failed_login_attempts has been reached. Only a successful online " @@ -1477,59 +1477,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1129 sssd.conf.5.xml:1227 +#: sssd.conf.5.xml:1130 sssd.conf.5.xml:1228 msgid "Default: 5" msgstr "По умолчанию: 5" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1135 +#: sssd.conf.5.xml:1136 msgid "pam_verbosity (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1138 +#: sssd.conf.5.xml:1139 msgid "" "Controls what kind of messages are shown to the user during authentication. " "The higher the number to more messages are displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1143 +#: sssd.conf.5.xml:1144 msgid "Currently sssd supports the following values:" msgstr "В настоящее время sssd поддерживает следующие значения:" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1146 +#: sssd.conf.5.xml:1147 msgid "<emphasis>0</emphasis>: do not show any message" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1149 +#: sssd.conf.5.xml:1150 msgid "<emphasis>1</emphasis>: show only important messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1153 +#: sssd.conf.5.xml:1154 msgid "<emphasis>2</emphasis>: show informational messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1156 +#: sssd.conf.5.xml:1157 msgid "<emphasis>3</emphasis>: show all messages and debug information" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1160 sssd.8.xml:63 +#: sssd.conf.5.xml:1161 sssd.8.xml:63 msgid "Default: 1" msgstr "По умолчанию: 1" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1166 +#: sssd.conf.5.xml:1167 msgid "pam_response_filter (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1169 +#: sssd.conf.5.xml:1170 msgid "" "A comma separated list of strings which allows to remove (filter) data sent " "by the PAM responder to pam_sss PAM module. There are different kind of " @@ -1538,61 +1538,61 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1177 +#: sssd.conf.5.xml:1178 msgid "" "While messages already can be controlled with the help of the pam_verbosity " "option this option allows to filter out other kind of responses as well." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1184 +#: sssd.conf.5.xml:1185 msgid "ENV" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1185 +#: sssd.conf.5.xml:1186 msgid "Do not send any environment variables to any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1188 +#: sssd.conf.5.xml:1189 msgid "ENV:var_name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1189 +#: sssd.conf.5.xml:1190 msgid "Do not send environment variable var_name to any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1193 +#: sssd.conf.5.xml:1194 msgid "ENV:var_name:service" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1194 +#: sssd.conf.5.xml:1195 msgid "Do not send environment variable var_name to service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1182 +#: sssd.conf.5.xml:1183 msgid "" "Currently the following filters are supported: <placeholder type=" "\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1204 +#: sssd.conf.5.xml:1205 msgid "Example: ENV:KRB5CCNAME:sudo-i" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1210 +#: sssd.conf.5.xml:1211 msgid "pam_id_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1213 +#: sssd.conf.5.xml:1214 msgid "" "For any PAM request while SSSD is online, the SSSD will attempt to " "immediately update the cached identity information for the user in order to " @@ -1600,7 +1600,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1219 +#: sssd.conf.5.xml:1220 msgid "" "A complete PAM conversation may perform multiple PAM requests, such as " "account management and session opening. This option controls (on a per-" @@ -1609,17 +1609,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1233 +#: sssd.conf.5.xml:1234 msgid "pam_pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1236 sssd.conf.5.xml:2235 +#: sssd.conf.5.xml:1237 sssd.conf.5.xml:2236 msgid "Display a warning N days before the password expires." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1239 +#: sssd.conf.5.xml:1240 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -1627,31 +1627,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1245 sssd.conf.5.xml:2238 +#: sssd.conf.5.xml:1246 sssd.conf.5.xml:2239 msgid "" "If zero is set, then this filter is not applied, i.e. if the expiration " "warning was received from backend server, it will automatically be displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1250 +#: sssd.conf.5.xml:1251 msgid "" "This setting can be overridden by setting <emphasis>pwd_expiration_warning</" "emphasis> for a particular domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1255 sssd.conf.5.xml:3061 sssd.8.xml:79 +#: sssd.conf.5.xml:1256 sssd.conf.5.xml:3069 sssd.8.xml:79 msgid "Default: 0" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1272 +#: sssd.conf.5.xml:1273 msgid "pam_trusted_users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1275 +#: sssd.conf.5.xml:1276 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to run PAM conversations against trusted domains. Users not " @@ -1661,75 +1661,75 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1285 +#: sssd.conf.5.xml:1286 msgid "Default: All users are considered trusted by default" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1289 +#: sssd.conf.5.xml:1290 msgid "" "Please note that UID 0 is always allowed to access the PAM responder even in " "case it is not in the pam_trusted_users list." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1296 +#: sssd.conf.5.xml:1297 msgid "pam_public_domains (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1299 +#: sssd.conf.5.xml:1300 msgid "" "Specifies the comma-separated list of domain names that are accessible even " "to untrusted users." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1303 +#: sssd.conf.5.xml:1304 msgid "Two special values for pam_public_domains option are defined:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1307 +#: sssd.conf.5.xml:1308 msgid "" "all (Untrusted users are allowed to access all domains in PAM responder.)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1311 +#: sssd.conf.5.xml:1312 msgid "" "none (Untrusted users are not allowed to access any domains PAM in " "responder.)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1315 sssd.conf.5.xml:1340 sssd.conf.5.xml:1359 -#: sssd.conf.5.xml:1546 sssd.conf.5.xml:2032 sssd.conf.5.xml:2997 -#: sssd-ldap.5.xml:1920 +#: sssd.conf.5.xml:1316 sssd.conf.5.xml:1341 sssd.conf.5.xml:1360 +#: sssd.conf.5.xml:1547 sssd.conf.5.xml:2033 sssd.conf.5.xml:2998 +#: sssd-ldap.5.xml:1978 msgid "Default: none" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1320 +#: sssd.conf.5.xml:1321 msgid "pam_account_expired_message (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1323 +#: sssd.conf.5.xml:1324 msgid "" "Allows a custom expiration message to be set, replacing the default " "'Permission denied' message." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1328 +#: sssd.conf.5.xml:1329 msgid "" "Note: Please be aware that message is only printed for the SSH service " "unless pam_verbosity is set to 3 (show all messages and debug information)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1336 +#: sssd.conf.5.xml:1337 #, no-wrap msgid "" "pam_account_expired_message = Account expired, please contact help desk.\n" @@ -1737,19 +1737,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1345 +#: sssd.conf.5.xml:1346 msgid "pam_account_locked_message (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1348 +#: sssd.conf.5.xml:1349 msgid "" "Allows a custom lockout message to be set, replacing the default 'Permission " "denied' message." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1355 +#: sssd.conf.5.xml:1356 #, no-wrap msgid "" "pam_account_locked_message = Account locked, please contact help desk.\n" @@ -1757,12 +1757,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1364 +#: sssd.conf.5.xml:1365 msgid "pam_cert_auth (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1367 +#: sssd.conf.5.xml:1368 msgid "" "Enable certificate based Smartcard authentication. Since this requires " "additional communication with the Smartcard which will delay the " @@ -1770,77 +1770,77 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1373 sssd.conf.5.xml:3090 sssd-ldap.5.xml:1455 -#: sssd-ldap.5.xml:1476 sssd-ldap.5.xml:1993 sssd-ad.5.xml:435 +#: sssd.conf.5.xml:1374 sssd-ldap.5.xml:1493 sssd-ldap.5.xml:1514 +#: sssd-ldap.5.xml:2051 sssd-ad.5.xml:435 sssd-ad.5.xml:453 #: include/ldap_id_mapping.xml:244 msgid "Default: False" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1378 +#: sssd.conf.5.xml:1379 msgid "pam_cert_db_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1381 +#: sssd.conf.5.xml:1382 msgid "" "The path to the certificate database which contain the PKCS#11 modules to " "access the Smartcard." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1385 sssd.conf.5.xml:1691 sssd.conf.5.xml:3441 +#: sssd.conf.5.xml:1386 sssd.conf.5.xml:1692 sssd.conf.5.xml:3509 msgid "Default:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1387 sssd.conf.5.xml:1693 +#: sssd.conf.5.xml:1388 sssd.conf.5.xml:1694 msgid "/etc/pki/nssdb (NSS version, path to a NSS database)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1390 sssd.conf.5.xml:1696 +#: sssd.conf.5.xml:1391 sssd.conf.5.xml:1697 msgid "" "/etc/sssd/pki/sssd_auth_ca_db.pem (OpenSSL version, path to a file with " "trusted CA certificates in PEM format)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1405 +#: sssd.conf.5.xml:1406 msgid "p11_child_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1408 +#: sssd.conf.5.xml:1409 msgid "How many seconds will pam_sss wait for p11_child to finish." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1417 +#: sssd.conf.5.xml:1418 msgid "pam_app_services (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1420 +#: sssd.conf.5.xml:1421 msgid "" "Which PAM services are permitted to contact domains of type " "<quote>application</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1429 +#: sssd.conf.5.xml:1430 msgid "pam_p11_allowed_services (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1432 +#: sssd.conf.5.xml:1433 msgid "" "A comma-separated list of PAM service names for which it will be allowed to " "use Smartcards." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1447 +#: sssd.conf.5.xml:1448 #, no-wrap msgid "" "pam_p11_allowed_services = +my_pam_service, -login\n" @@ -1848,7 +1848,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1436 +#: sssd.conf.5.xml:1437 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -1860,63 +1860,63 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1451 sssd-ad.5.xml:485 sssd-ad.5.xml:581 sssd-ad.5.xml:627 -#: sssd-ad.5.xml:673 sssd-ad.5.xml:739 +#: sssd.conf.5.xml:1452 sssd-ad.5.xml:504 sssd-ad.5.xml:600 sssd-ad.5.xml:646 +#: sssd-ad.5.xml:692 sssd-ad.5.xml:758 msgid "Default: the default set of PAM service names includes:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1456 sssd-ad.5.xml:489 +#: sssd.conf.5.xml:1457 sssd-ad.5.xml:508 msgid "login" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1461 sssd-ad.5.xml:494 +#: sssd.conf.5.xml:1462 sssd-ad.5.xml:513 msgid "su" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1466 sssd-ad.5.xml:499 +#: sssd.conf.5.xml:1467 sssd-ad.5.xml:518 msgid "su-l" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1471 sssd-ad.5.xml:514 +#: sssd.conf.5.xml:1472 sssd-ad.5.xml:533 msgid "gdm-smartcard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1476 sssd-ad.5.xml:509 +#: sssd.conf.5.xml:1477 sssd-ad.5.xml:528 msgid "gdm-password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1481 sssd-ad.5.xml:519 +#: sssd.conf.5.xml:1482 sssd-ad.5.xml:538 msgid "kdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1486 sssd-ad.5.xml:748 +#: sssd.conf.5.xml:1487 sssd-ad.5.xml:767 msgid "sudo" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1491 sssd-ad.5.xml:753 +#: sssd.conf.5.xml:1492 sssd-ad.5.xml:772 msgid "sudo-i" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1496 +#: sssd.conf.5.xml:1497 msgid "gnome-screensaver" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1504 +#: sssd.conf.5.xml:1505 msgid "p11_wait_for_card_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1507 +#: sssd.conf.5.xml:1508 msgid "" "If Smartcard authentication is required how many extra seconds in addition " "to p11_child_timeout should the PAM responder wait until a Smartcard is " @@ -1924,23 +1924,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1518 +#: sssd.conf.5.xml:1519 msgid "p11_uri (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1521 +#: sssd.conf.5.xml:1522 msgid "" "PKCS#11 URI (see RFC-7512 for details) which can be used to restrict the " "selection of devices used for Smartcard authentication. By default SSSD's " "p11_child will search for a PKCS#11 slot (reader) where the 'removable' " "flags is set and read the certificates from the inserted token from the " -"first slot found. If multiple readers are connected p11_uri can be use to " +"first slot found. If multiple readers are connected p11_uri can be used to " "tell p11_child to use a specific reader." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1534 +#: sssd.conf.5.xml:1535 #, no-wrap msgid "" "p11_uri = slot-description=My%20Smartcar%20Reader\n" @@ -1948,7 +1948,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1538 +#: sssd.conf.5.xml:1539 #, no-wrap msgid "" "p11_uri = library-description=OpenSC%20smartcard%20framework;slot-id=2\n" @@ -1956,7 +1956,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1532 +#: sssd.conf.5.xml:1533 msgid "" "Example: <placeholder type=\"programlisting\" id=\"0\"/> or <placeholder " "type=\"programlisting\" id=\"1\"/> To find suitable URI please check the " @@ -1965,12 +1965,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1554 +#: sssd.conf.5.xml:1555 msgid "SUDO configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1556 +#: sssd.conf.5.xml:1557 msgid "" "These options can be used to configure the sudo service. The detailed " "instructions for configuration of <citerefentry> <refentrytitle>sudo</" @@ -1981,24 +1981,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1573 +#: sssd.conf.5.xml:1574 msgid "sudo_timed (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1576 +#: sssd.conf.5.xml:1577 msgid "" "Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " "that implement time-dependent sudoers entries." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1588 +#: sssd.conf.5.xml:1589 msgid "sudo_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1591 +#: sssd.conf.5.xml:1592 msgid "" "Maximum number of expired rules that can be refreshed at once. If number of " "expired rules is below threshold, those rules are refreshed with " @@ -2008,22 +2008,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1610 +#: sssd.conf.5.xml:1611 msgid "AUTOFS configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1612 +#: sssd.conf.5.xml:1613 msgid "These options can be used to configure the autofs service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1616 +#: sssd.conf.5.xml:1617 msgid "autofs_negative_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1619 +#: sssd.conf.5.xml:1620 msgid "" "Specifies for how many seconds should the autofs responder negative cache " "hits (that is, queries for invalid map entries, like nonexistent ones) " @@ -2031,51 +2031,51 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1635 +#: sssd.conf.5.xml:1636 msgid "SSH configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1637 +#: sssd.conf.5.xml:1638 msgid "These options can be used to configure the SSH service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1641 +#: sssd.conf.5.xml:1642 msgid "ssh_hash_known_hosts (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1644 +#: sssd.conf.5.xml:1645 msgid "" "Whether or not to hash host names and addresses in the managed known_hosts " "file." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1653 +#: sssd.conf.5.xml:1654 msgid "ssh_known_hosts_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1656 +#: sssd.conf.5.xml:1657 msgid "" "How many seconds to keep a host in the managed known_hosts file after its " "host keys were requested." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1660 +#: sssd.conf.5.xml:1661 msgid "Default: 180" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1665 +#: sssd.conf.5.xml:1666 msgid "ssh_use_certificate_keys (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1668 +#: sssd.conf.5.xml:1669 msgid "" "If set to true the <command>sss_ssh_authorizedkeys</command> will return ssh " "keys derived from the public key of X.509 certificates stored in the user " @@ -2084,24 +2084,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1683 +#: sssd.conf.5.xml:1684 msgid "ca_db (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1686 +#: sssd.conf.5.xml:1687 msgid "" "Path to a storage of trusted CA certificates. The option is used to validate " "user certificates before deriving public ssh keys from them." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1714 +#: sssd.conf.5.xml:1715 msgid "PAC responder configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1716 +#: sssd.conf.5.xml:1717 msgid "" "The PAC responder works together with the authorization data plugin for MIT " "Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the " @@ -2112,7 +2112,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1725 +#: sssd.conf.5.xml:1726 msgid "" "If the remote user does not exist in the cache, it is created. The UID is " "determined with the help of the SID, trusted domains will have UPGs and the " @@ -2123,24 +2123,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1733 +#: sssd.conf.5.xml:1734 msgid "" "If there are SIDs of groups from domains sssd knows about, the user will be " "added to those groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1739 +#: sssd.conf.5.xml:1740 msgid "These options can be used to configure the PAC responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1743 sssd-ifp.5.xml:50 +#: sssd.conf.5.xml:1744 sssd-ifp.5.xml:50 msgid "allowed_uids (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1746 +#: sssd.conf.5.xml:1747 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to access the PAC responder. User names are resolved to UIDs at " @@ -2148,12 +2148,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1752 +#: sssd.conf.5.xml:1753 msgid "Default: 0 (only the root user is allowed to access the PAC responder)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1756 +#: sssd.conf.5.xml:1757 msgid "" "Please note that although the UID 0 is used as the default it will be " "overwritten with this option. If you still want to allow the root user to " @@ -2162,24 +2162,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1765 +#: sssd.conf.5.xml:1766 msgid "pac_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1768 +#: sssd.conf.5.xml:1769 msgid "" "Lifetime of the PAC entry in seconds. As long as the PAC is valid the PAC " "data can be used to determine the group memberships of a user." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1781 +#: sssd.conf.5.xml:1782 msgid "Session recording configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1783 +#: sssd.conf.5.xml:1784 msgid "" "Session recording works in conjunction with <citerefentry> " "<refentrytitle>tlog-rec-session</refentrytitle> <manvolnum>8</manvolnum> </" @@ -2189,66 +2189,66 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1796 +#: sssd.conf.5.xml:1797 msgid "These options can be used to configure session recording." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1800 sssd-session-recording.5.xml:64 +#: sssd.conf.5.xml:1801 sssd-session-recording.5.xml:64 msgid "scope (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1807 sssd-session-recording.5.xml:71 +#: sssd.conf.5.xml:1808 sssd-session-recording.5.xml:71 msgid "\"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1810 sssd-session-recording.5.xml:74 +#: sssd.conf.5.xml:1811 sssd-session-recording.5.xml:74 msgid "No users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1815 sssd-session-recording.5.xml:79 +#: sssd.conf.5.xml:1816 sssd-session-recording.5.xml:79 msgid "\"some\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1818 sssd-session-recording.5.xml:82 +#: sssd.conf.5.xml:1819 sssd-session-recording.5.xml:82 msgid "" "Users/groups specified by <replaceable>users</replaceable> and " "<replaceable>groups</replaceable> options are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1827 sssd-session-recording.5.xml:91 +#: sssd.conf.5.xml:1828 sssd-session-recording.5.xml:91 msgid "\"all\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1830 sssd-session-recording.5.xml:94 +#: sssd.conf.5.xml:1831 sssd-session-recording.5.xml:94 msgid "All users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1803 sssd-session-recording.5.xml:67 +#: sssd.conf.5.xml:1804 sssd-session-recording.5.xml:67 msgid "" "One of the following strings specifying the scope of session recording: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1837 sssd-session-recording.5.xml:101 +#: sssd.conf.5.xml:1838 sssd-session-recording.5.xml:101 msgid "Default: \"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1842 sssd-session-recording.5.xml:106 +#: sssd.conf.5.xml:1843 sssd-session-recording.5.xml:106 msgid "users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1845 sssd-session-recording.5.xml:109 +#: sssd.conf.5.xml:1846 sssd-session-recording.5.xml:109 msgid "" "A comma-separated list of users which should have session recording enabled. " "Matches user names as returned by NSS. I.e. after the possible space " @@ -2256,17 +2256,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1851 sssd-session-recording.5.xml:115 +#: sssd.conf.5.xml:1852 sssd-session-recording.5.xml:115 msgid "Default: Empty. Matches no users." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1856 sssd-session-recording.5.xml:120 +#: sssd.conf.5.xml:1857 sssd-session-recording.5.xml:120 msgid "groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1859 sssd-session-recording.5.xml:123 +#: sssd.conf.5.xml:1860 sssd-session-recording.5.xml:123 msgid "" "A comma-separated list of groups, members of which should have session " "recording enabled. Matches group names as returned by NSS. I.e. after the " @@ -2274,7 +2274,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1865 sssd-session-recording.5.xml:129 +#: sssd.conf.5.xml:1866 sssd-session-recording.5.xml:129 msgid "" "NOTE: using this option (having it set to anything) has a considerable " "performance cost, because each uncached request for a user requires " @@ -2282,22 +2282,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1872 sssd-session-recording.5.xml:136 +#: sssd.conf.5.xml:1873 sssd-session-recording.5.xml:136 msgid "Default: Empty. Matches no groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1882 +#: sssd.conf.5.xml:1883 msgid "DOMAIN SECTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1889 +#: sssd.conf.5.xml:1890 msgid "domain_type (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1892 +#: sssd.conf.5.xml:1893 msgid "" "Specifies whether the domain is meant to be used by POSIX-aware clients such " "as the Name Service Switch or by applications that do not need POSIX data to " @@ -2306,14 +2306,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1900 +#: sssd.conf.5.xml:1901 msgid "" "Allowed values for this option are <quote>posix</quote> and " "<quote>application</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1904 +#: sssd.conf.5.xml:1905 msgid "" "POSIX domains are reachable by all services. Application domains are only " "reachable from the InfoPipe responder (see <citerefentry> " @@ -2322,38 +2322,38 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1912 +#: sssd.conf.5.xml:1913 msgid "" "NOTE: The application domains are currently well tested with " "<quote>id_provider=ldap</quote> only." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1916 +#: sssd.conf.5.xml:1917 msgid "" "For an easy way to configure a non-POSIX domains, please see the " "<quote>Application domains</quote> section." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1920 +#: sssd.conf.5.xml:1921 msgid "Default: posix" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1926 +#: sssd.conf.5.xml:1927 msgid "min_id,max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1929 +#: sssd.conf.5.xml:1930 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1934 +#: sssd.conf.5.xml:1935 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For non-" @@ -2362,24 +2362,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1941 +#: sssd.conf.5.xml:1942 msgid "" "These ID limits affect even saving entries to cache, not only returning them " "by name or ID." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1945 +#: sssd.conf.5.xml:1946 msgid "Default: 1 for min_id, 0 (no limit) for max_id" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1951 +#: sssd.conf.5.xml:1952 msgid "enumerate (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1954 +#: sssd.conf.5.xml:1955 msgid "" "Determines if a domain can be enumerated, that is, whether the domain can " "list all the users and group it contains. Note that it is not required to " @@ -2388,29 +2388,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1962 +#: sssd.conf.5.xml:1963 msgid "TRUE = Users and groups are enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1965 +#: sssd.conf.5.xml:1966 msgid "FALSE = No enumerations for this domain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1968 sssd.conf.5.xml:2190 sssd.conf.5.xml:2365 +#: sssd.conf.5.xml:1969 sssd.conf.5.xml:2191 sssd.conf.5.xml:2366 msgid "Default: FALSE" msgstr "По умолчанию: FALSE" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1971 +#: sssd.conf.5.xml:1972 msgid "" "Enumerating a domain requires SSSD to download and store ALL user and group " "entries from the remote server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1976 +#: sssd.conf.5.xml:1977 msgid "" "Note: Enabling enumeration has a moderate performance impact on SSSD while " "enumeration is running. It may take up to several minutes after SSSD startup " @@ -2424,14 +2424,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1991 +#: sssd.conf.5.xml:1992 msgid "" "While the first enumeration is running, requests for the complete user or " "group lists may return no results until it completes." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1996 +#: sssd.conf.5.xml:1997 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " @@ -2440,39 +2440,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2004 +#: sssd.conf.5.xml:2005 msgid "" "For the reasons cited above, enabling enumeration is not recommended, " "especially in large environments." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2012 +#: sssd.conf.5.xml:2013 msgid "subdomain_enumerate (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2019 +#: sssd.conf.5.xml:2020 msgid "all" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2020 +#: sssd.conf.5.xml:2021 msgid "All discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2023 +#: sssd.conf.5.xml:2024 msgid "none" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2024 +#: sssd.conf.5.xml:2025 msgid "No discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2015 +#: sssd.conf.5.xml:2016 msgid "" "Whether any of autodetected trusted domains should be enumerated. The " "supported values are: <placeholder type=\"variablelist\" id=\"0\"/> " @@ -2481,19 +2481,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2038 +#: sssd.conf.5.xml:2039 msgid "entry_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2041 +#: sssd.conf.5.xml:2042 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2045 +#: sssd.conf.5.xml:2046 msgid "" "The cache expiration timestamps are stored as attributes of individual " "objects in the cache. Therefore, changing the cache timeout only has effect " @@ -2504,151 +2504,151 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2058 +#: sssd.conf.5.xml:2059 msgid "Default: 5400" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2064 +#: sssd.conf.5.xml:2065 msgid "entry_cache_user_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2067 +#: sssd.conf.5.xml:2068 msgid "" "How many seconds should nss_sss consider user entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2071 sssd.conf.5.xml:2084 sssd.conf.5.xml:2097 -#: sssd.conf.5.xml:2110 sssd.conf.5.xml:2123 sssd.conf.5.xml:2137 -#: sssd.conf.5.xml:2151 +#: sssd.conf.5.xml:2072 sssd.conf.5.xml:2085 sssd.conf.5.xml:2098 +#: sssd.conf.5.xml:2111 sssd.conf.5.xml:2124 sssd.conf.5.xml:2138 +#: sssd.conf.5.xml:2152 msgid "Default: entry_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2077 +#: sssd.conf.5.xml:2078 msgid "entry_cache_group_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2080 +#: sssd.conf.5.xml:2081 msgid "" "How many seconds should nss_sss consider group entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2090 +#: sssd.conf.5.xml:2091 msgid "entry_cache_netgroup_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2093 +#: sssd.conf.5.xml:2094 msgid "" "How many seconds should nss_sss consider netgroup entries valid before " "asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2103 +#: sssd.conf.5.xml:2104 msgid "entry_cache_service_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2106 +#: sssd.conf.5.xml:2107 msgid "" "How many seconds should nss_sss consider service entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2116 +#: sssd.conf.5.xml:2117 msgid "entry_cache_sudo_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2119 +#: sssd.conf.5.xml:2120 msgid "" "How many seconds should sudo consider rules valid before asking the backend " "again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2129 +#: sssd.conf.5.xml:2130 msgid "entry_cache_autofs_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2132 +#: sssd.conf.5.xml:2133 msgid "" "How many seconds should the autofs service consider automounter maps valid " "before asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2143 +#: sssd.conf.5.xml:2144 msgid "entry_cache_ssh_host_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2146 +#: sssd.conf.5.xml:2147 msgid "" "How many seconds to keep a host ssh key after refresh. IE how long to cache " "the host key for." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2157 +#: sssd.conf.5.xml:2158 msgid "refresh_expired_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2160 +#: sssd.conf.5.xml:2161 msgid "" "Specifies how many seconds SSSD has to wait before triggering a background " "refresh task which will refresh all expired or nearly expired records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2165 +#: sssd.conf.5.xml:2166 msgid "" "The background refresh will process users, groups and netgroups in the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2169 +#: sssd.conf.5.xml:2170 msgid "You can consider setting this value to 3/4 * entry_cache_timeout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2173 sssd-ldap.5.xml:746 sssd-ipa.5.xml:254 +#: sssd.conf.5.xml:2174 sssd-ldap.5.xml:784 sssd-ipa.5.xml:254 msgid "Default: 0 (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2179 +#: sssd.conf.5.xml:2180 msgid "cache_credentials (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2182 +#: sssd.conf.5.xml:2183 msgid "Determines if user credentials are also cached in the local LDB cache" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2186 +#: sssd.conf.5.xml:2187 msgid "User credentials are stored in a SHA512 hash, not in plaintext" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2196 +#: sssd.conf.5.xml:2197 msgid "cache_credentials_minimal_first_factor_length (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2199 +#: sssd.conf.5.xml:2200 msgid "" "If 2-Factor-Authentication (2FA) is used and credentials should be saved " "this value determines the minimal length the first authentication factor " @@ -2656,24 +2656,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2206 +#: sssd.conf.5.xml:2207 msgid "" "This should avoid that the short PINs of a PIN based 2FA scheme are saved in " "the cache which would make them easy targets for brute-force attacks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2211 +#: sssd.conf.5.xml:2212 msgid "Default: 8" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2217 +#: sssd.conf.5.xml:2218 msgid "account_cache_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2220 +#: sssd.conf.5.xml:2221 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " @@ -2682,17 +2682,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2227 +#: sssd.conf.5.xml:2228 msgid "Default: 0 (unlimited)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2232 +#: sssd.conf.5.xml:2233 msgid "pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2243 +#: sssd.conf.5.xml:2244 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -2701,34 +2701,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2250 +#: sssd.conf.5.xml:2251 msgid "Default: 7 (Kerberos), 0 (LDAP)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2256 +#: sssd.conf.5.xml:2257 msgid "id_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2259 +#: sssd.conf.5.xml:2260 msgid "" "The identification provider used for the domain. Supported ID providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2263 +#: sssd.conf.5.xml:2264 msgid "<quote>proxy</quote>: Support a legacy NSS provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2266 +#: sssd.conf.5.xml:2267 msgid "" "<quote>local</quote>: SSSD internal provider for local users (DEPRECATED)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2270 +#: sssd.conf.5.xml:2271 msgid "" "<quote>files</quote>: FILES provider. See <citerefentry> <refentrytitle>sssd-" "files</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -2736,7 +2736,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2278 +#: sssd.conf.5.xml:2279 msgid "" "<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -2744,8 +2744,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2286 sssd.conf.5.xml:2391 sssd.conf.5.xml:2446 -#: sssd.conf.5.xml:2509 +#: sssd.conf.5.xml:2287 sssd.conf.5.xml:2392 sssd.conf.5.xml:2447 +#: sssd.conf.5.xml:2510 msgid "" "<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management " "provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " @@ -2754,8 +2754,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2295 sssd.conf.5.xml:2400 sssd.conf.5.xml:2455 -#: sssd.conf.5.xml:2518 +#: sssd.conf.5.xml:2296 sssd.conf.5.xml:2401 sssd.conf.5.xml:2456 +#: sssd.conf.5.xml:2519 msgid "" "<quote>ad</quote>: Active Directory provider. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2763,19 +2763,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2306 +#: sssd.conf.5.xml:2307 msgid "use_fully_qualified_names (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2309 +#: sssd.conf.5.xml:2310 msgid "" "Use the full name and domain (as formatted by the domain's full_name_format) " "as the user's login name reported to NSS." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2314 +#: sssd.conf.5.xml:2315 msgid "" "If set to TRUE, all requests to this domain must use fully qualified names. " "For example, if used in LOCAL domain that contains a \"test\" user, " @@ -2784,7 +2784,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2322 +#: sssd.conf.5.xml:2323 msgid "" "NOTE: This option has no effect on netgroup lookups due to their tendency to " "include nested netgroups without qualified names. For netgroups, all domains " @@ -2792,22 +2792,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2329 +#: sssd.conf.5.xml:2330 msgid "Default: FALSE (TRUE if default_domain_suffix is used)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2335 +#: sssd.conf.5.xml:2336 msgid "ignore_group_members (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2338 +#: sssd.conf.5.xml:2339 msgid "Do not return group members for group lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2341 +#: sssd.conf.5.xml:2342 msgid "" "If set to TRUE, the group membership attribute is not requested from the " "ldap server, and group members are not returned when processing group lookup " @@ -2819,7 +2819,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2359 +#: sssd.conf.5.xml:2360 msgid "" "Enabling this option can also make access provider checks for group " "membership significantly faster, especially for groups containing many " @@ -2827,19 +2827,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2370 +#: sssd.conf.5.xml:2371 msgid "auth_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2373 +#: sssd.conf.5.xml:2374 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2377 sssd.conf.5.xml:2439 +#: sssd.conf.5.xml:2378 sssd.conf.5.xml:2440 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2847,7 +2847,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2384 +#: sssd.conf.5.xml:2385 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2855,35 +2855,35 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2408 +#: sssd.conf.5.xml:2409 msgid "" "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2411 +#: sssd.conf.5.xml:2412 msgid "<quote>local</quote>: SSSD internal provider for local users" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2415 +#: sssd.conf.5.xml:2416 msgid "<quote>none</quote> disables authentication explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2418 +#: sssd.conf.5.xml:2419 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2424 +#: sssd.conf.5.xml:2425 msgid "access_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2427 +#: sssd.conf.5.xml:2428 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " @@ -2891,19 +2891,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2433 +#: sssd.conf.5.xml:2434 msgid "" "<quote>permit</quote> always allow access. It's the only permitted access " "provider for a local domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2436 +#: sssd.conf.5.xml:2437 msgid "<quote>deny</quote> always deny access." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2463 +#: sssd.conf.5.xml:2464 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" @@ -2912,7 +2912,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2470 +#: sssd.conf.5.xml:2471 msgid "" "<quote>krb5</quote>: .k5login based access control. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum></" @@ -2920,29 +2920,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2477 +#: sssd.conf.5.xml:2478 msgid "<quote>proxy</quote> for relaying access control to another PAM module." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2480 +#: sssd.conf.5.xml:2481 msgid "Default: <quote>permit</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2485 +#: sssd.conf.5.xml:2486 msgid "chpass_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2488 +#: sssd.conf.5.xml:2489 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2493 +#: sssd.conf.5.xml:2494 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -2950,7 +2950,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2501 +#: sssd.conf.5.xml:2502 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2958,35 +2958,35 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2526 +#: sssd.conf.5.xml:2527 msgid "" "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2530 +#: sssd.conf.5.xml:2531 msgid "<quote>none</quote> disallows password changes explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2533 +#: sssd.conf.5.xml:2534 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2540 +#: sssd.conf.5.xml:2541 msgid "sudo_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2543 +#: sssd.conf.5.xml:2544 msgid "The SUDO provider used for the domain. Supported SUDO providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2547 +#: sssd.conf.5.xml:2548 msgid "" "<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2994,32 +2994,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2555 +#: sssd.conf.5.xml:2556 msgid "" "<quote>ipa</quote> the same as <quote>ldap</quote> but with IPA default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2559 +#: sssd.conf.5.xml:2560 msgid "" "<quote>ad</quote> the same as <quote>ldap</quote> but with AD default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2563 +#: sssd.conf.5.xml:2564 msgid "<quote>none</quote> disables SUDO explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2566 sssd.conf.5.xml:2652 sssd.conf.5.xml:2722 -#: sssd.conf.5.xml:2747 +#: sssd.conf.5.xml:2567 sssd.conf.5.xml:2653 sssd.conf.5.xml:2723 +#: sssd.conf.5.xml:2748 msgid "Default: The value of <quote>id_provider</quote> is used if it is set." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2570 +#: sssd.conf.5.xml:2571 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -3030,7 +3030,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2585 +#: sssd.conf.5.xml:2586 msgid "" "<emphasis>NOTE:</emphasis> Sudo rules are periodically downloaded in the " "background unless the sudo provider is explicitly disabled. Set " @@ -3039,12 +3039,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2595 +#: sssd.conf.5.xml:2596 msgid "selinux_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2598 +#: sssd.conf.5.xml:2599 msgid "" "The provider which should handle loading of selinux settings. Note that this " "provider will be called right after access provider ends. Supported selinux " @@ -3052,7 +3052,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2604 +#: sssd.conf.5.xml:2605 msgid "" "<quote>ipa</quote> to load selinux settings from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3060,31 +3060,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2612 +#: sssd.conf.5.xml:2613 msgid "<quote>none</quote> disallows fetching selinux settings explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2615 +#: sssd.conf.5.xml:2616 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "selinux loading requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2621 +#: sssd.conf.5.xml:2622 msgid "subdomains_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2624 +#: sssd.conf.5.xml:2625 msgid "" "The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider. Supported subdomain providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2630 +#: sssd.conf.5.xml:2631 msgid "" "<quote>ipa</quote> to load a list of subdomains from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3092,7 +3092,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2639 +#: sssd.conf.5.xml:2640 msgid "" "<quote>ad</quote> to load a list of subdomains from an Active Directory " "server. See <citerefentry> <refentrytitle>sssd-ad</refentrytitle> " @@ -3101,17 +3101,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2648 +#: sssd.conf.5.xml:2649 msgid "<quote>none</quote> disallows fetching subdomains explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2658 +#: sssd.conf.5.xml:2659 msgid "session_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2661 +#: sssd.conf.5.xml:2662 msgid "" "The provider which configures and manages user session related tasks. The " "only user session task currently provided is the integration with Fleet " @@ -3119,43 +3119,43 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2668 +#: sssd.conf.5.xml:2669 msgid "<quote>ipa</quote> to allow performing user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2672 +#: sssd.conf.5.xml:2673 msgid "" "<quote>none</quote> does not perform any kind of user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2676 +#: sssd.conf.5.xml:2677 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can perform " "session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2680 +#: sssd.conf.5.xml:2681 msgid "" "<emphasis>NOTE:</emphasis> In order to have this feature working as expected " "SSSD must be running as \"root\" and not as the unprivileged user." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2688 +#: sssd.conf.5.xml:2689 msgid "autofs_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2691 +#: sssd.conf.5.xml:2692 msgid "" "The autofs provider used for the domain. Supported autofs providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2695 +#: sssd.conf.5.xml:2696 msgid "" "<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3163,7 +3163,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2702 +#: sssd.conf.5.xml:2703 msgid "" "<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> " "<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3171,7 +3171,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2710 +#: sssd.conf.5.xml:2711 msgid "" "<quote>ad</quote> to load maps stored in an AD server. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3179,24 +3179,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2719 +#: sssd.conf.5.xml:2720 msgid "<quote>none</quote> disables autofs explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2729 +#: sssd.conf.5.xml:2730 msgid "hostid_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2732 +#: sssd.conf.5.xml:2733 msgid "" "The provider used for retrieving host identity information. Supported " "hostid providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2736 +#: sssd.conf.5.xml:2737 msgid "" "<quote>ipa</quote> to load host identity stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3204,12 +3204,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2744 +#: sssd.conf.5.xml:2745 msgid "<quote>none</quote> disables hostid explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2757 +#: sssd.conf.5.xml:2758 msgid "" "Regular expression for this domain that describes how to parse the string " "containing user name and domain into these components. The \"domain\" can " @@ -3219,7 +3219,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2766 +#: sssd.conf.5.xml:2767 msgid "" "Default for the AD and IPA provider: <quote>(((?P<domain>[^\\\\]+)\\" "\\(?P<name>.+$))|((?P<name>[^@]+)@(?P<domain>.+$))|(^(?" @@ -3228,29 +3228,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2771 +#: sssd.conf.5.xml:2772 msgid "username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2774 +#: sssd.conf.5.xml:2775 msgid "username@domain.name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2777 +#: sssd.conf.5.xml:2778 msgid "domain\\username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2780 +#: sssd.conf.5.xml:2781 msgid "" "While the first two correspond to the general default the third one is " "introduced to allow easy integration of users from Windows domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2785 +#: sssd.conf.5.xml:2786 msgid "" "Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " "which translates to \"the name is everything up to the <quote>@</quote> " @@ -3258,7 +3258,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2791 +#: sssd.conf.5.xml:2792 msgid "" "NOTE: Some Active Directory groups, typically those used for MS Exchange " "contain an <quote>@</quote> sign in the name, which clashes with the default " @@ -3268,59 +3268,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2842 +#: sssd.conf.5.xml:2843 msgid "Default: <quote>%1$s@%2$s</quote>." msgstr "По умолчанию: <quote>%1$s@%2$s</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2848 +#: sssd.conf.5.xml:2849 msgid "lookup_family_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2851 +#: sssd.conf.5.xml:2852 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2855 +#: sssd.conf.5.xml:2856 msgid "Supported values:" msgstr "Поддерживаемые значения:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2858 +#: sssd.conf.5.xml:2859 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2861 +#: sssd.conf.5.xml:2862 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2864 +#: sssd.conf.5.xml:2865 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2867 +#: sssd.conf.5.xml:2868 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2870 +#: sssd.conf.5.xml:2871 msgid "Default: ipv4_first" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2876 +#: sssd.conf.5.xml:2877 msgid "dns_resolver_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2879 +#: sssd.conf.5.xml:2880 msgid "" "Defines the amount of time (in seconds) to wait for a reply from the " "internal fail over service before assuming that the service is unreachable. " @@ -3329,77 +3329,77 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2886 +#: sssd.conf.5.xml:2887 msgid "" "Please see the section <quote>FAILOVER</quote> for more information about " "the service resolution." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2891 sssd-ldap.5.xml:1337 sssd-ldap.5.xml:1379 -#: sssd-ldap.5.xml:1397 sssd-krb5.5.xml:248 +#: sssd.conf.5.xml:2892 sssd-ldap.5.xml:1375 sssd-ldap.5.xml:1417 +#: sssd-ldap.5.xml:1435 sssd-krb5.5.xml:248 msgid "Default: 6" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2897 +#: sssd.conf.5.xml:2898 msgid "dns_discovery_domain (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2900 +#: sssd.conf.5.xml:2901 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2904 +#: sssd.conf.5.xml:2905 msgid "Default: Use the domain part of machine's hostname" msgstr "По умолчанию: использовать доменное имя из hostname" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2910 +#: sssd.conf.5.xml:2911 msgid "override_gid (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2913 +#: sssd.conf.5.xml:2914 msgid "Override the primary GID value with the one specified." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2919 +#: sssd.conf.5.xml:2920 msgid "case_sensitive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2930 +#: sssd.conf.5.xml:2931 msgid "True" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2933 +#: sssd.conf.5.xml:2934 msgid "Case sensitive. This value is invalid for AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2939 +#: sssd.conf.5.xml:2940 msgid "False" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2941 +#: sssd.conf.5.xml:2942 msgid "Case insensitive." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2945 +#: sssd.conf.5.xml:2946 msgid "Preserving" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2948 +#: sssd.conf.5.xml:2949 msgid "" "Same as False (case insensitive), but does not lowercase names in the result " "of NSS operations. Note that name aliases (and in case of services also " @@ -3407,7 +3407,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2922 +#: sssd.conf.5.xml:2923 msgid "" "Treat user and group names as case sensitive. <phrase condition=" "\"enable_local_provider\"> At the moment, this option is not supported in " @@ -3416,17 +3416,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2960 +#: sssd.conf.5.xml:2961 msgid "Default: True (False for AD provider)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2966 +#: sssd.conf.5.xml:2967 msgid "subdomain_inherit (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2969 +#: sssd.conf.5.xml:2970 msgid "" "Specifies a list of configuration parameters that should be inherited by a " "subdomain. Please note that only selected parameters can be inherited. " @@ -3434,34 +3434,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2975 +#: sssd.conf.5.xml:2976 msgid "ignore_group_members" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2978 +#: sssd.conf.5.xml:2979 msgid "ldap_purge_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2981 sssd-ldap.5.xml:1061 +#: sssd.conf.5.xml:2982 sssd-ldap.5.xml:1099 msgid "ldap_use_tokengroups" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2984 +#: sssd.conf.5.xml:2985 msgid "ldap_user_principal" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2987 +#: sssd.conf.5.xml:2988 msgid "" "ldap_krb5_keytab (the value of krb5_keytab will be used if ldap_krb5_keytab " "is not set explicitly)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:2993 +#: sssd.conf.5.xml:2994 #, no-wrap msgid "" "subdomain_inherit = ldap_purge_cache_timeout\n" @@ -3469,32 +3469,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2991 sssd-secrets.5.xml:448 +#: sssd.conf.5.xml:2992 sssd-secrets.5.xml:448 msgid "Example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3000 +#: sssd.conf.5.xml:3001 msgid "Note: This option only works with the IPA and AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3007 +#: sssd.conf.5.xml:3008 msgid "subdomain_homedir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3018 +#: sssd.conf.5.xml:3019 msgid "%F" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3019 +#: sssd.conf.5.xml:3020 msgid "flat (NetBIOS) name of a subdomain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3010 +#: sssd.conf.5.xml:3011 msgid "" "Use this homedir as default value for all subdomains within this domain in " "IPA AD trust. See <emphasis>override_homedir</emphasis> for info about " @@ -3504,47 +3504,55 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3024 +#: sssd.conf.5.xml:3025 msgid "" "The value can be overridden by <emphasis>override_homedir</emphasis> option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3028 +#: sssd.conf.5.xml:3029 msgid "Default: <filename>/home/%d/%u</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3033 +#: sssd.conf.5.xml:3034 msgid "realmd_tags (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3036 +#: sssd.conf.5.xml:3037 msgid "" "Various tags stored by the realmd configuration service for this domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3042 +#: sssd.conf.5.xml:3043 msgid "cached_auth_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3045 +#: sssd.conf.5.xml:3046 msgid "" "Specifies time in seconds since last successful online authentication for " "which user will be authenticated using cached credentials while SSSD is in " -"the online mode." +"the online mode. If the credentials are incorrect, SSSD falls back to online " +"authentication." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3051 +#: sssd.conf.5.xml:3054 +msgid "" +"This option's value is inherited by all trusted domains. At the moment it is " +"not possible to set a different value per trusted domain." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3059 msgid "Special value 0 implies that this feature is disabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3055 +#: sssd.conf.5.xml:3063 msgid "" "Please note that if <quote>cached_auth_timeout</quote> is longer than " "<quote>pam_id_timeout</quote> then the back end could be called to handle " @@ -3552,43 +3560,115 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3066 +#: sssd.conf.5.xml:3074 msgid "auto_private_groups (string)" msgstr "" -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3069 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3080 +msgid "true" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3083 +msgid "" +"Create user's private group unconditionally from user's UID number. The GID " +"number is ignored in this case." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3087 +msgid "" +"NOTE: Because the GID number and the user private group are inferred from " +"the UID number, it is not supported to have multiple entries with the same " +"UID or GID number with this option. In other words, enabling this option " +"enforces uniqueness across the ID space." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3096 +msgid "false" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3099 +msgid "" +"Always use the user's primary GID number. The GID number must refer to a " +"group object in the LDAP database." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3105 +msgid "hybrid" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3108 +msgid "" +"A primary group is autogenerated for user entries whose UID and GID numbers " +"have the same value and at the same time the GID number does not correspond " +"to a real group object in LDAP If the values are the same, but the primary " +"GID in the user entry is also used by a group object, the primary GID of the " +"user resolves to that group object." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3121 msgid "" -"If this option is enabled, SSSD will automatically create user private " -"groups based on user's UID number. The GID number is ignored in this case." +"If the UID and GID of a user are different, then the GID must correspond to " +"a group entry, otherwise the GID is simply not resolvable." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3128 +msgid "" +"This feature is useful for environments that wish to stop maintaining a " +"separate group objects for the user private groups, but also wish to retain " +"the existing user private groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3074 +#: sssd.conf.5.xml:3077 msgid "" -"For POSIX subdomains, setting the option in the main domain is inherited in " -"the subdomain." +"This option takes any of three available values: <placeholder type=" +"\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3078 +#: sssd.conf.5.xml:3140 +msgid "" +"For subdomains, the default value is False for subdomains that use assigned " +"POSIX IDs and True for subdomains that use automatic ID-mapping." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd.conf.5.xml:3148 +#, no-wrap +msgid "" +"[domain/forest.domain/sub.domain]\n" +"auto_private_groups = false\n" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd.conf.5.xml:3154 +#, no-wrap msgid "" -"For ID-mapping subdomains, auto_private_groups is already enabled for the " -"subdomains and setting it to false will not have any effect for the " -"subdomain." +"[domain/forest.domain]\n" +"subdomain_inherit = auto_private_groups\n" +"auto_private_groups = false\n" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3083 +#: sssd.conf.5.xml:3145 msgid "" -"NOTE: Because the GID number and the user private group are inferred from " -"the UID number, it is not supported to have multiple entries with the same " -"UID or GID number with this option. In other words, enabling this option " -"enforces uniqueness across the ID space." +"The value of auto_private_groups can either be set per subdomains in a " +"subsection, for example: <placeholder type=\"programlisting\" id=\"0\"/> or " +"globally for all subdomains in the main domain section using the " +"subdomain_inherit option: <placeholder type=\"programlisting\" id=\"1\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1884 +#: sssd.conf.5.xml:1885 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called <quote>[domain/<replaceable>NAME</" @@ -3596,29 +3676,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3102 +#: sssd.conf.5.xml:3169 msgid "proxy_pam_target (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3105 +#: sssd.conf.5.xml:3172 msgid "The proxy target PAM proxies to." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3108 +#: sssd.conf.5.xml:3175 msgid "" "Default: not set by default, you have to take an existing pam configuration " "or create a new one and add the service name here." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3116 +#: sssd.conf.5.xml:3183 msgid "proxy_lib_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3119 +#: sssd.conf.5.xml:3186 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " @@ -3626,12 +3706,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3129 +#: sssd.conf.5.xml:3196 msgid "proxy_fast_alias (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3132 +#: sssd.conf.5.xml:3199 msgid "" "When a user or group is looked up by name in the proxy provider, a second " "lookup by ID is performed to \"canonicalize\" the name in case the requested " @@ -3640,12 +3720,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3146 +#: sssd.conf.5.xml:3213 msgid "proxy_max_children (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3149 +#: sssd.conf.5.xml:3216 msgid "" "This option specifies the number of pre-forked proxy children. It is useful " "for high-load SSSD environments where sssd may run out of available child " @@ -3653,19 +3733,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3098 +#: sssd.conf.5.xml:3165 msgid "" "Options valid for proxy domains. <placeholder type=\"variablelist\" id=" "\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:3165 +#: sssd.conf.5.xml:3232 msgid "Application domains" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3167 +#: sssd.conf.5.xml:3234 msgid "" "SSSD, with its D-Bus interface (see <citerefentry> <refentrytitle>sssd-ifp</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry>) is appealing to " @@ -3682,7 +3762,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3187 +#: sssd.conf.5.xml:3254 msgid "" "Please note that the application domain must still be explicitly enabled in " "the <quote>domains</quote> parameter so that the lookup order between the " @@ -3690,17 +3770,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:3193 +#: sssd.conf.5.xml:3260 msgid "Application domain parameters" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3195 +#: sssd.conf.5.xml:3262 msgid "inherit_from (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3198 +#: sssd.conf.5.xml:3265 msgid "" "The SSSD POSIX-type domain the application domain inherits all settings " "from. The application domain can moreover add its own settings to the " @@ -3709,7 +3789,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3212 +#: sssd.conf.5.xml:3279 msgid "" "The following example illustrates the use of an application domain. In this " "setup, the POSIX domain is connected to an LDAP server and is used by the OS " @@ -3719,7 +3799,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><programlisting> -#: sssd.conf.5.xml:3220 +#: sssd.conf.5.xml:3287 #, no-wrap msgid "" "[sssd]\n" @@ -3739,12 +3819,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:3238 +#: sssd.conf.5.xml:3305 msgid "The local domain section" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3240 +#: sssd.conf.5.xml:3307 msgid "" "This section contains settings for domain that stores users and groups in " "SSSD native database, that is, a domain that uses " @@ -3752,73 +3832,73 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3247 +#: sssd.conf.5.xml:3314 msgid "default_shell (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3250 +#: sssd.conf.5.xml:3317 msgid "The default shell for users created with SSSD userspace tools." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3254 +#: sssd.conf.5.xml:3321 msgid "Default: <filename>/bin/bash</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3259 +#: sssd.conf.5.xml:3326 msgid "base_directory (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3262 +#: sssd.conf.5.xml:3329 msgid "" "The tools append the login name to <replaceable>base_directory</replaceable> " "and use that as the home directory." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3267 +#: sssd.conf.5.xml:3334 msgid "Default: <filename>/home</filename>" msgstr "По умолчанию: <filename>/home</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3272 +#: sssd.conf.5.xml:3339 msgid "create_homedir (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3275 +#: sssd.conf.5.xml:3342 msgid "" "Indicate if a home directory should be created by default for new users. " "Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3279 sssd.conf.5.xml:3291 +#: sssd.conf.5.xml:3346 sssd.conf.5.xml:3358 msgid "Default: TRUE" msgstr "По умолчанию: TRUE" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3284 +#: sssd.conf.5.xml:3351 msgid "remove_homedir (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3287 +#: sssd.conf.5.xml:3354 msgid "" "Indicate if a home directory should be removed by default for deleted " "users. Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3296 +#: sssd.conf.5.xml:3363 msgid "homedir_umask (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3299 +#: sssd.conf.5.xml:3366 msgid "" "Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " @@ -3826,17 +3906,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3307 +#: sssd.conf.5.xml:3374 msgid "Default: 077" msgstr "По умолчанию: 077" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3312 +#: sssd.conf.5.xml:3379 msgid "skel_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3315 +#: sssd.conf.5.xml:3382 msgid "" "The skeleton directory, which contains files and directories to be copied in " "the user's home directory, when the home directory is created by " @@ -3845,17 +3925,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3325 +#: sssd.conf.5.xml:3392 msgid "Default: <filename>/etc/skel</filename>" msgstr "По умолчанию: <filename>/etc/skel</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3330 +#: sssd.conf.5.xml:3397 msgid "mail_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3333 +#: sssd.conf.5.xml:3400 msgid "" "The mail spool directory. This is needed to manipulate the mailbox when its " "corresponding user account is modified or deleted. If not specified, a " @@ -3863,17 +3943,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3340 +#: sssd.conf.5.xml:3407 msgid "Default: <filename>/var/mail</filename>" msgstr "По умолчанию: <filename>/var/mail</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3345 +#: sssd.conf.5.xml:3412 msgid "userdel_cmd (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3348 +#: sssd.conf.5.xml:3415 msgid "" "The command that is run after a user is removed. The command us passed the " "username of the user being removed as the first and only parameter. The " @@ -3881,17 +3961,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3354 +#: sssd.conf.5.xml:3421 msgid "Default: None, no command is run" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3364 +#: sssd.conf.5.xml:3431 msgid "TRUSTED DOMAIN SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3366 +#: sssd.conf.5.xml:3433 msgid "" "Some options used in the domain section can also be used in the trusted " "domain section, that is, in a section called <quote>[domain/" @@ -3902,64 +3982,69 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3373 +#: sssd.conf.5.xml:3440 msgid "ldap_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3374 +#: sssd.conf.5.xml:3441 msgid "ldap_user_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3375 +#: sssd.conf.5.xml:3442 msgid "ldap_group_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3376 +#: sssd.conf.5.xml:3443 msgid "ldap_netgroup_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3377 +#: sssd.conf.5.xml:3444 msgid "ldap_service_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3378 +#: sssd.conf.5.xml:3445 +msgid "ldap_sasl_mech," +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:3446 msgid "ad_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3379 +#: sssd.conf.5.xml:3447 msgid "ad_backup_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3380 +#: sssd.conf.5.xml:3448 msgid "ad_site," msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3381 sssd-ipa.5.xml:797 +#: sssd.conf.5.xml:3449 sssd-ipa.5.xml:797 msgid "use_fully_qualified_names" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3383 +#: sssd.conf.5.xml:3451 msgid "" "For more details about these options see their individual description in the " "manual page." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3389 +#: sssd.conf.5.xml:3457 msgid "CERTIFICATE MAPPING SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3391 +#: sssd.conf.5.xml:3459 msgid "" "To allow authentication with Smartcards and certificates SSSD must be able " "to map certificates to users. This can be done by adding the full " @@ -3972,7 +4057,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3405 +#: sssd.conf.5.xml:3473 msgid "" "To make the mapping more flexible mapping and matching rules were added to " "SSSD (see <citerefentry> <refentrytitle>sss-certmap</refentrytitle> " @@ -3980,7 +4065,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3414 +#: sssd.conf.5.xml:3482 msgid "" "A mapping and matching rule can be added to the SSSD configuration in a " "section on its own with a name like <quote>[certmap/" @@ -3989,57 +4074,55 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3421 +#: sssd.conf.5.xml:3489 msgid "matchrule (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3424 +#: sssd.conf.5.xml:3492 msgid "" "Only certificates from the Smartcard which matches this rule will be " "processed, all others are ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3428 +#: sssd.conf.5.xml:3496 msgid "" "Default: KRB5:<EKU>clientAuth, i.e. only certificates which have the " "Extended Key Usage <quote>clientAuth</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3435 +#: sssd.conf.5.xml:3503 msgid "maprule (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3438 +#: sssd.conf.5.xml:3506 msgid "Defines how the user is found for a given certificate." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3444 +#: sssd.conf.5.xml:3512 msgid "" "LDAP:(userCertificate;binary={cert!bin}) for LDAP based providers like " "<quote>ldap</quote>, <quote>AD</quote> or <quote>ipa</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3450 +#: sssd.conf.5.xml:3518 msgid "" "The RULE_NAME for the <quote>files</quote> provider which tries to find a " "user with the same name." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3459 -#, fuzzy -#| msgid "domains" +#: sssd.conf.5.xml:3527 msgid "domains (string)" -msgstr "домены" +msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3462 +#: sssd.conf.5.xml:3530 msgid "" "Comma separated list of domain names the rule should be applied. By default " "a rule is only valid in the domain configured in sssd.conf. If the provider " @@ -4048,19 +4131,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3469 +#: sssd.conf.5.xml:3537 msgid "Default: the configured domain in sssd.conf" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3474 -#, fuzzy -#| msgid "reconnection_retries (integer)" +#: sssd.conf.5.xml:3542 msgid "priority (integer)" -msgstr "попыток_соединения (целое число)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3477 +#: sssd.conf.5.xml:3545 msgid "" "Unsigned integer value defining the priority of the rule. The higher the " "number the lower the priority. <quote>0</quote> stands for the highest " @@ -4068,28 +4149,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3483 -#, fuzzy -#| msgid "Default: homeDirectory" +#: sssd.conf.5.xml:3551 msgid "Default: the lowest priority" -msgstr "По умолчанию: homeDirectory" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3489 +#: sssd.conf.5.xml:3557 msgid "" "To make the configuration simple and reduce the amount of configuration " "options the <quote>files</quote> provider has some special properties:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3495 +#: sssd.conf.5.xml:3563 msgid "" "if maprule is not set the RULE_NAME name is assumed to be the name of the " "matching user" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3501 +#: sssd.conf.5.xml:3569 msgid "" "if a maprule is used both a single user name or a template like " "<quote>{subject_rfc822_name.short_name}</quote> must be in braces like e.g. " @@ -4098,17 +4177,128 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3510 +#: sssd.conf.5.xml:3578 msgid "the <quote>domains</quote> option is ignored" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3518 idmap_sss.8.xml:43 +#: sssd.conf.5.xml:3586 +#, fuzzy +#| msgid "CONFIGURATION OPTIONS" +msgid "PROMPTING CONFIGURATION SECTION" +msgstr "ПАРАМЕТРЫ КОНФИГУРАЦИИ" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:3588 +msgid "" +"If a special file (<filename>/var/lib/sss/pubconf/pam_preauth_available</" +"filename>) exists SSSD's PAM module pam_sss will ask SSSD to figure out " +"which authentication methods are available for the user trying to log in. " +"Based on the results pam_sss will prompt the user for appropriate " +"credentials." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:3596 +msgid "" +"With the growing number of authentication methods and the possibility that " +"there are multiple ones for a single user the heuristic used by pam_sss to " +"select the prompting might not be suitable for all use cases. To following " +"options should provide a better flexibility here." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3608 +msgid "[prompting/password]" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3611 +#, fuzzy +#| msgid "password" +msgid "password_prompt" +msgstr "пароль" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3612 +msgid "to change the string of the password prompt" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3610 +msgid "" +"to configure password prompting, allowed options are: <placeholder type=" +"\"variablelist\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3620 +msgid "[prompting/2fa]" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3624 +msgid "first_prompt" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3625 +msgid "to change the string of the prompt for the first factor" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3628 +msgid "second_prompt" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3629 +msgid "to change the string of the prompt for the second factor" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3632 +msgid "single_prompt" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3633 +msgid "" +"boolean value, if True there will be only a single prompt using the value of " +"first_prompt where it is expected that both factor are entered as a single " +"string" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3622 +msgid "" +"to configure two-factor authentication prompting, allowed options are: " +"<placeholder type=\"variablelist\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:3603 +msgid "" +"Each supported authentication method has it's own configuration sub-section " +"under <quote>[prompting/...]</quote>. Currently there are: <placeholder type=" +"\"variablelist\" id=\"0\"/> <placeholder type=\"variablelist\" id=\"1\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:3645 +msgid "" +"It is possible to add a sub-section for specific PAM services like e.g. " +"<quote>[prompting/password/sshd]</quote> to individual change the prompting " +"for this service." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sssd.conf.5.xml:3652 idmap_sss.8.xml:43 msgid "EXAMPLES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3524 +#: sssd.conf.5.xml:3658 #, no-wrap msgid "" "[sssd]\n" @@ -4138,7 +4328,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3520 +#: sssd.conf.5.xml:3654 msgid "" "1. The following example shows a typical SSSD config. It does not describe " "configuration of the domains themselves - refer to documentation on " @@ -4147,7 +4337,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3557 +#: sssd.conf.5.xml:3691 #, no-wrap msgid "" "[domain/ipa.com/child.ad.com]\n" @@ -4155,7 +4345,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3551 +#: sssd.conf.5.xml:3685 msgid "" "2. The following example shows configuration of IPA AD trust where the AD " "forest consists of two domains in a parent-child structure. Suppose IPA " @@ -4166,7 +4356,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3571 +#: sssd.conf.5.xml:3705 #, no-wrap msgid "" "[certmap/my.domain/rule_name]\n" @@ -4180,7 +4370,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3562 +#: sssd.conf.5.xml:3696 msgid "" "3. The following example shows the configuration for two certificate mapping " "rules. The first is valid for the configured domain <quote>my.domain</quote> " @@ -4330,7 +4520,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:662 sssd-ad.5.xml:286 +#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:700 sssd-ad.5.xml:286 #: sss_override.8.xml:137 sss_override.8.xml:234 msgid "Examples:" msgstr "" @@ -4425,123 +4615,164 @@ msgstr "По умолчанию: rfc2307" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:209 -msgid "ldap_default_bind_dn (string)" +msgid "ldap_pwmodify_mode (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:212 +msgid "Specify the operation that is used to modify user password." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:216 +msgid "Two modes are currently supported:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ldap.5.xml:220 +msgid "exop - Password Modify Extended Operation (RFC 3062)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ldap.5.xml:226 +msgid "ldap_modify - Direct modification of userPassword (not recommended)." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:233 +msgid "" +"Note: First, a new connection is established to verify current password by " +"binding as the user that requested password change. If successful, this " +"connection is used to change the password therefore the user must have write " +"access to userPassword attribute." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:241 +#, fuzzy +#| msgid "Default: gecos" +msgid "Default: exop" +msgstr "По умолчанию: gecos" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:247 +msgid "ldap_default_bind_dn (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:250 msgid "The default bind DN to use for performing LDAP operations." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:219 +#: sssd-ldap.5.xml:257 msgid "ldap_default_authtok_type (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:222 +#: sssd-ldap.5.xml:260 msgid "The type of the authentication token of the default bind DN." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:226 +#: sssd-ldap.5.xml:264 msgid "The two mechanisms currently supported are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:229 +#: sssd-ldap.5.xml:267 msgid "password" msgstr "пароль" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:232 +#: sssd-ldap.5.xml:270 msgid "obfuscated_password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:235 +#: sssd-ldap.5.xml:273 msgid "Default: password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:241 +#: sssd-ldap.5.xml:279 msgid "ldap_default_authtok (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:244 +#: sssd-ldap.5.xml:282 msgid "" "The authentication token of the default bind DN. Only clear text passwords " "are currently supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:251 +#: sssd-ldap.5.xml:289 msgid "ldap_user_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:254 +#: sssd-ldap.5.xml:292 msgid "The object class of a user entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:257 +#: sssd-ldap.5.xml:295 msgid "Default: posixAccount" msgstr "По умолчанию: posixAccount" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:263 +#: sssd-ldap.5.xml:301 msgid "ldap_user_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:266 +#: sssd-ldap.5.xml:304 msgid "The LDAP attribute that corresponds to the user's login name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:270 +#: sssd-ldap.5.xml:308 msgid "Default: uid (rfc2307, rfc2307bis and IPA), sAMAccountName (AD)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:277 +#: sssd-ldap.5.xml:315 msgid "ldap_user_uid_number (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:280 +#: sssd-ldap.5.xml:318 msgid "The LDAP attribute that corresponds to the user's id." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:284 +#: sssd-ldap.5.xml:322 msgid "Default: uidNumber" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:290 +#: sssd-ldap.5.xml:328 msgid "ldap_user_gid_number (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:293 +#: sssd-ldap.5.xml:331 msgid "The LDAP attribute that corresponds to the user's primary group id." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:297 sssd-ldap.5.xml:929 +#: sssd-ldap.5.xml:335 sssd-ldap.5.xml:967 msgid "Default: gidNumber" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:303 +#: sssd-ldap.5.xml:341 msgid "ldap_user_primary_group (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:306 +#: sssd-ldap.5.xml:344 msgid "" "Active Directory primary group attribute for ID-mapping. Note that this " "attribute should only be set manually if you are running the <quote>ldap</" @@ -4549,113 +4780,113 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:312 +#: sssd-ldap.5.xml:350 msgid "Default: unset (LDAP), primaryGroupID (AD)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:318 +#: sssd-ldap.5.xml:356 msgid "ldap_user_gecos (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:321 +#: sssd-ldap.5.xml:359 msgid "The LDAP attribute that corresponds to the user's gecos field." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:325 +#: sssd-ldap.5.xml:363 msgid "Default: gecos" msgstr "По умолчанию: gecos" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:331 +#: sssd-ldap.5.xml:369 msgid "ldap_user_home_directory (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:334 +#: sssd-ldap.5.xml:372 msgid "The LDAP attribute that contains the name of the user's home directory." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:338 +#: sssd-ldap.5.xml:376 msgid "Default: homeDirectory" msgstr "По умолчанию: homeDirectory" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:344 +#: sssd-ldap.5.xml:382 msgid "ldap_user_shell (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:347 +#: sssd-ldap.5.xml:385 msgid "The LDAP attribute that contains the path to the user's default shell." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:351 +#: sssd-ldap.5.xml:389 msgid "Default: loginShell" msgstr "По умолчанию: loginShell" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:357 +#: sssd-ldap.5.xml:395 msgid "ldap_user_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:360 +#: sssd-ldap.5.xml:398 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:364 sssd-ldap.5.xml:955 +#: sssd-ldap.5.xml:402 sssd-ldap.5.xml:993 msgid "" "Default: not set in the general case, objectGUID for AD and ipaUniqueID for " "IPA" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:371 +#: sssd-ldap.5.xml:409 msgid "ldap_user_objectsid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:374 +#: sssd-ldap.5.xml:412 msgid "" "The LDAP attribute that contains the objectSID of an LDAP user object. This " "is usually only necessary for ActiveDirectory servers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:379 sssd-ldap.5.xml:970 +#: sssd-ldap.5.xml:417 sssd-ldap.5.xml:1008 msgid "Default: objectSid for ActiveDirectory, not set for other servers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:386 +#: sssd-ldap.5.xml:424 msgid "ldap_user_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:389 sssd-ldap.5.xml:980 sssd-ldap.5.xml:1144 +#: sssd-ldap.5.xml:427 sssd-ldap.5.xml:1018 sssd-ldap.5.xml:1182 msgid "" "The LDAP attribute that contains timestamp of the last modification of the " "parent object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:393 sssd-ldap.5.xml:984 sssd-ldap.5.xml:1151 +#: sssd-ldap.5.xml:431 sssd-ldap.5.xml:1022 sssd-ldap.5.xml:1189 msgid "Default: modifyTimestamp" msgstr "По умолчанию: modifyTimestamp" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:399 +#: sssd-ldap.5.xml:437 msgid "ldap_user_shadow_last_change (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:402 +#: sssd-ldap.5.xml:440 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -4664,17 +4895,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:412 +#: sssd-ldap.5.xml:450 msgid "Default: shadowLastChange" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:418 +#: sssd-ldap.5.xml:456 msgid "ldap_user_shadow_min (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:421 +#: sssd-ldap.5.xml:459 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -4683,17 +4914,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:430 +#: sssd-ldap.5.xml:468 msgid "Default: shadowMin" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:436 +#: sssd-ldap.5.xml:474 msgid "ldap_user_shadow_max (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:439 +#: sssd-ldap.5.xml:477 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -4702,17 +4933,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:448 +#: sssd-ldap.5.xml:486 msgid "Default: shadowMax" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:454 +#: sssd-ldap.5.xml:492 msgid "ldap_user_shadow_warning (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:457 +#: sssd-ldap.5.xml:495 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -4721,17 +4952,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:467 +#: sssd-ldap.5.xml:505 msgid "Default: shadowWarning" msgstr "По умолчанию: shadowWarning" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:473 +#: sssd-ldap.5.xml:511 msgid "ldap_user_shadow_inactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:476 +#: sssd-ldap.5.xml:514 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -4740,17 +4971,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:486 +#: sssd-ldap.5.xml:524 msgid "Default: shadowInactive" msgstr "По умолчанию: shadowInactive" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:492 +#: sssd-ldap.5.xml:530 msgid "ldap_user_shadow_expire (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:495 +#: sssd-ldap.5.xml:533 msgid "" "When using ldap_pwd_policy=shadow or ldap_account_expire_policy=shadow, this " "parameter contains the name of an LDAP attribute corresponding to its " @@ -4759,17 +4990,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:505 +#: sssd-ldap.5.xml:543 msgid "Default: shadowExpire" msgstr "По умолчанию: shadowExpire" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:511 +#: sssd-ldap.5.xml:549 msgid "ldap_user_krb_last_pwd_change (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:514 +#: sssd-ldap.5.xml:552 msgid "" "When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " "an LDAP attribute storing the date and time of last password change in " @@ -4777,155 +5008,155 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:520 +#: sssd-ldap.5.xml:558 msgid "Default: krbLastPwdChange" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:526 +#: sssd-ldap.5.xml:564 msgid "ldap_user_krb_password_expiration (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:529 +#: sssd-ldap.5.xml:567 msgid "" "When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " "an LDAP attribute storing the date and time when current password expires." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:535 +#: sssd-ldap.5.xml:573 msgid "Default: krbPasswordExpiration" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:541 +#: sssd-ldap.5.xml:579 msgid "ldap_user_ad_account_expires (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:544 +#: sssd-ldap.5.xml:582 msgid "" "When using ldap_account_expire_policy=ad, this parameter contains the name " "of an LDAP attribute storing the expiration time of the account." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:549 +#: sssd-ldap.5.xml:587 msgid "Default: accountExpires" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:555 +#: sssd-ldap.5.xml:593 msgid "ldap_user_ad_user_account_control (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:558 +#: sssd-ldap.5.xml:596 msgid "" "When using ldap_account_expire_policy=ad, this parameter contains the name " "of an LDAP attribute storing the user account control bit field." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:563 +#: sssd-ldap.5.xml:601 msgid "Default: userAccountControl" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:569 +#: sssd-ldap.5.xml:607 msgid "ldap_ns_account_lock (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:572 +#: sssd-ldap.5.xml:610 msgid "" "When using ldap_account_expire_policy=rhds or equivalent, this parameter " "determines if access is allowed or not." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:577 +#: sssd-ldap.5.xml:615 msgid "Default: nsAccountLock" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:583 +#: sssd-ldap.5.xml:621 msgid "ldap_user_nds_login_disabled (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:586 +#: sssd-ldap.5.xml:624 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines if " "access is allowed or not." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:590 sssd-ldap.5.xml:604 +#: sssd-ldap.5.xml:628 sssd-ldap.5.xml:642 msgid "Default: loginDisabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:596 +#: sssd-ldap.5.xml:634 msgid "ldap_user_nds_login_expiration_time (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:599 +#: sssd-ldap.5.xml:637 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines until " "which date access is granted." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:610 +#: sssd-ldap.5.xml:648 msgid "ldap_user_nds_login_allowed_time_map (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:613 +#: sssd-ldap.5.xml:651 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines the " "hours of a day in a week when access is granted." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:618 +#: sssd-ldap.5.xml:656 msgid "Default: loginAllowedTimeMap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:624 +#: sssd-ldap.5.xml:662 msgid "ldap_user_principal (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:627 +#: sssd-ldap.5.xml:665 msgid "" "The LDAP attribute that contains the user's Kerberos User Principal Name " "(UPN)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:631 +#: sssd-ldap.5.xml:669 msgid "Default: krbPrincipalName" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:637 +#: sssd-ldap.5.xml:675 msgid "ldap_user_extra_attrs (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:640 +#: sssd-ldap.5.xml:678 msgid "" "Comma-separated list of LDAP attributes that SSSD would fetch along with the " "usual set of user attributes." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:645 +#: sssd-ldap.5.xml:683 msgid "" "The list can either contain LDAP attribute names only, or colon-separated " "tuples of SSSD cache attribute name and LDAP attribute name. In case only " @@ -4935,7 +5166,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:655 +#: sssd-ldap.5.xml:693 msgid "" "Please note that several attribute names are reserved by SSSD, notably the " "<quote>name</quote> attribute. SSSD would report an error if any of the " @@ -4943,51 +5174,51 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:665 +#: sssd-ldap.5.xml:703 msgid "ldap_user_extra_attrs = telephoneNumber" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:668 +#: sssd-ldap.5.xml:706 msgid "" "Save the <quote>telephoneNumber</quote> attribute from LDAP as " "<quote>telephoneNumber</quote> to the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:672 +#: sssd-ldap.5.xml:710 msgid "ldap_user_extra_attrs = phone:telephoneNumber" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:675 +#: sssd-ldap.5.xml:713 msgid "" "Save the <quote>telephoneNumber</quote> attribute from LDAP as <quote>phone</" "quote> to the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:685 +#: sssd-ldap.5.xml:723 msgid "ldap_user_ssh_public_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:688 +#: sssd-ldap.5.xml:726 msgid "The LDAP attribute that contains the user's SSH public keys." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:692 sssd-ldap.5.xml:1247 +#: sssd-ldap.5.xml:730 sssd-ldap.5.xml:1285 msgid "Default: sshPublicKey" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:698 +#: sssd-ldap.5.xml:736 msgid "ldap_force_upper_case_realm (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:701 +#: sssd-ldap.5.xml:739 msgid "" "Some directory servers, for example Active Directory, might deliver the " "realm part of the UPN in lower case, which might cause the authentication to " @@ -4996,24 +5227,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:714 +#: sssd-ldap.5.xml:752 msgid "ldap_enumeration_refresh_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:717 +#: sssd-ldap.5.xml:755 msgid "" "Specifies how many seconds SSSD has to wait before refreshing its cache of " "enumerated records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:728 +#: sssd-ldap.5.xml:766 msgid "ldap_purge_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:731 +#: sssd-ldap.5.xml:769 msgid "" "Determine how often to check the cache for inactive entries (such as groups " "with no members and users who have never logged in) and remove them to save " @@ -5021,7 +5252,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:737 +#: sssd-ldap.5.xml:775 msgid "" "Setting this option to zero will disable the cache cleanup operation. Please " "note that if enumeration is enabled, the cleanup task is required in order " @@ -5030,43 +5261,43 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:752 +#: sssd-ldap.5.xml:790 msgid "ldap_user_fullname (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:755 +#: sssd-ldap.5.xml:793 msgid "The LDAP attribute that corresponds to the user's full name." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:759 sssd-ldap.5.xml:1102 sssd-ldap.5.xml:1176 -#: sssd-ldap.5.xml:1285 sssd-ldap.5.xml:2346 sssd-ipa.5.xml:622 +#: sssd-ldap.5.xml:797 sssd-ldap.5.xml:1140 sssd-ldap.5.xml:1214 +#: sssd-ldap.5.xml:1323 sssd-ldap.5.xml:2404 sssd-ipa.5.xml:622 msgid "Default: cn" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:765 +#: sssd-ldap.5.xml:803 msgid "ldap_user_member_of (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:768 +#: sssd-ldap.5.xml:806 msgid "The LDAP attribute that lists the user's group memberships." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:772 sssd-ldap.5.xml:1215 +#: sssd-ldap.5.xml:810 sssd-ldap.5.xml:1253 msgid "Default: memberOf" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:778 +#: sssd-ldap.5.xml:816 msgid "ldap_user_authorized_service (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:781 +#: sssd-ldap.5.xml:819 msgid "" "If access_provider=ldap and ldap_access_order=authorized_service, SSSD will " "use the presence of the authorizedService attribute in the user's LDAP entry " @@ -5074,14 +5305,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:788 +#: sssd-ldap.5.xml:826 msgid "" "An explicit deny (!svc) is resolved first. Second, SSSD searches for " "explicit allow (svc) and finally for allow_all (*)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:793 +#: sssd-ldap.5.xml:831 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>authorized_service</quote> in order for the " @@ -5089,17 +5320,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:800 +#: sssd-ldap.5.xml:838 msgid "Default: authorizedService" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:806 +#: sssd-ldap.5.xml:844 msgid "ldap_user_authorized_host (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:809 +#: sssd-ldap.5.xml:847 msgid "" "If access_provider=ldap and ldap_access_order=host, SSSD will use the " "presence of the host attribute in the user's LDAP entry to determine access " @@ -5107,14 +5338,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:815 +#: sssd-ldap.5.xml:853 msgid "" "An explicit deny (!host) is resolved first. Second, SSSD searches for " "explicit allow (host) and finally for allow_all (*)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:820 +#: sssd-ldap.5.xml:858 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>host</quote> in order for the " @@ -5122,17 +5353,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:827 +#: sssd-ldap.5.xml:865 msgid "Default: host" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:833 +#: sssd-ldap.5.xml:871 msgid "ldap_user_authorized_rhost (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:836 +#: sssd-ldap.5.xml:874 msgid "" "If access_provider=ldap and ldap_access_order=rhost, SSSD will use the " "presence of the rhost attribute in the user's LDAP entry to determine access " @@ -5140,14 +5371,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:843 +#: sssd-ldap.5.xml:881 msgid "" "An explicit deny (!rhost) is resolved first. Second, SSSD searches for " "explicit allow (rhost) and finally for allow_all (*)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:848 +#: sssd-ldap.5.xml:886 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>rhost</quote> in order for the " @@ -5155,37 +5386,37 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:855 +#: sssd-ldap.5.xml:893 msgid "Default: rhost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:861 +#: sssd-ldap.5.xml:899 msgid "ldap_user_certificate (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:864 +#: sssd-ldap.5.xml:902 msgid "Name of the LDAP attribute containing the X509 certificate of the user." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:868 +#: sssd-ldap.5.xml:906 msgid "Default: userCertificate;binary" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:874 +#: sssd-ldap.5.xml:912 msgid "ldap_user_email (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:877 +#: sssd-ldap.5.xml:915 msgid "Name of the LDAP attribute containing the email address of the user." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:881 +#: sssd-ldap.5.xml:919 msgid "" "Note: If an email address of a user conflicts with an email address or fully " "qualified name of another user, then SSSD will not be able to serve those " @@ -5195,106 +5426,106 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:890 +#: sssd-ldap.5.xml:928 msgid "Default: mail" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:896 +#: sssd-ldap.5.xml:934 msgid "ldap_group_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:899 +#: sssd-ldap.5.xml:937 msgid "The object class of a group entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:902 +#: sssd-ldap.5.xml:940 msgid "Default: posixGroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:908 +#: sssd-ldap.5.xml:946 msgid "ldap_group_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:911 +#: sssd-ldap.5.xml:949 msgid "The LDAP attribute that corresponds to the group name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:915 +#: sssd-ldap.5.xml:953 msgid "Default: cn (rfc2307, rfc2307bis and IPA), sAMAccountName (AD)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:922 +#: sssd-ldap.5.xml:960 msgid "ldap_group_gid_number (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:925 +#: sssd-ldap.5.xml:963 msgid "The LDAP attribute that corresponds to the group's id." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:935 +#: sssd-ldap.5.xml:973 msgid "ldap_group_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:938 +#: sssd-ldap.5.xml:976 msgid "The LDAP attribute that contains the names of the group's members." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:942 +#: sssd-ldap.5.xml:980 msgid "Default: memberuid (rfc2307) / member (rfc2307bis)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:948 +#: sssd-ldap.5.xml:986 msgid "ldap_group_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:951 +#: sssd-ldap.5.xml:989 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:962 +#: sssd-ldap.5.xml:1000 msgid "ldap_group_objectsid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:965 +#: sssd-ldap.5.xml:1003 msgid "" "The LDAP attribute that contains the objectSID of an LDAP group object. This " "is usually only necessary for ActiveDirectory servers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:977 +#: sssd-ldap.5.xml:1015 msgid "ldap_group_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:990 +#: sssd-ldap.5.xml:1028 msgid "ldap_group_type (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:993 +#: sssd-ldap.5.xml:1031 msgid "" "The LDAP attribute that contains an integer value indicating the type of the " "group and maybe other flags." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:998 +#: sssd-ldap.5.xml:1036 msgid "" "This attribute is currently only used by the AD provider to determine if a " "group is a domain local groups and has to be filtered out for trusted " @@ -5302,34 +5533,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1004 +#: sssd-ldap.5.xml:1042 msgid "Default: groupType in the AD provider, otherwise not set" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1011 +#: sssd-ldap.5.xml:1049 msgid "ldap_group_external_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1014 +#: sssd-ldap.5.xml:1052 msgid "" "The LDAP attribute that references group members that are defined in an " "external domain. At the moment, only IPA's external members are supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1020 +#: sssd-ldap.5.xml:1058 msgid "Default: ipaExternalMember in the IPA provider, otherwise unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1027 +#: sssd-ldap.5.xml:1065 msgid "ldap_group_nesting_level (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1030 +#: sssd-ldap.5.xml:1068 msgid "" "If ldap_schema is set to a schema format that supports nested groups (e.g. " "RFC2307bis), then this option controls how many levels of nesting SSSD will " @@ -5337,7 +5568,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1037 +#: sssd-ldap.5.xml:1075 msgid "" "Note: This option specifies the guaranteed level of nested groups to be " "processed for any lookup. However, nested groups beyond this limit " @@ -5347,7 +5578,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1046 +#: sssd-ldap.5.xml:1084 msgid "" "If ldap_group_nesting_level is set to 0 then no nested groups are processed " "at all. However, when connected to Active-Directory Server 2008 and later " @@ -5357,177 +5588,177 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1055 +#: sssd-ldap.5.xml:1093 msgid "Default: 2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1064 +#: sssd-ldap.5.xml:1102 msgid "" "This options enables or disables use of Token-Groups attribute when " "performing initgroup for users from Active Directory Server 2008 and later." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1069 +#: sssd-ldap.5.xml:1107 msgid "Default: True for AD and IPA otherwise False." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1075 +#: sssd-ldap.5.xml:1113 msgid "ldap_netgroup_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1078 +#: sssd-ldap.5.xml:1116 msgid "The object class of a netgroup entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1081 +#: sssd-ldap.5.xml:1119 msgid "In IPA provider, ipa_netgroup_object_class should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1085 +#: sssd-ldap.5.xml:1123 msgid "Default: nisNetgroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1091 +#: sssd-ldap.5.xml:1129 msgid "ldap_netgroup_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1094 +#: sssd-ldap.5.xml:1132 msgid "The LDAP attribute that corresponds to the netgroup name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1098 +#: sssd-ldap.5.xml:1136 msgid "In IPA provider, ipa_netgroup_name should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1108 +#: sssd-ldap.5.xml:1146 msgid "ldap_netgroup_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1111 +#: sssd-ldap.5.xml:1149 msgid "The LDAP attribute that contains the names of the netgroup's members." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1115 +#: sssd-ldap.5.xml:1153 msgid "In IPA provider, ipa_netgroup_member should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1119 +#: sssd-ldap.5.xml:1157 msgid "Default: memberNisNetgroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1125 +#: sssd-ldap.5.xml:1163 msgid "ldap_netgroup_triple (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1128 +#: sssd-ldap.5.xml:1166 msgid "" "The LDAP attribute that contains the (host, user, domain) netgroup triples." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1132 sssd-ldap.5.xml:1148 +#: sssd-ldap.5.xml:1170 sssd-ldap.5.xml:1186 msgid "This option is not available in IPA provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1135 +#: sssd-ldap.5.xml:1173 msgid "Default: nisNetgroupTriple" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1141 +#: sssd-ldap.5.xml:1179 msgid "ldap_netgroup_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1157 +#: sssd-ldap.5.xml:1195 msgid "ldap_host_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1160 +#: sssd-ldap.5.xml:1198 msgid "The object class of a host entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1163 sssd-ldap.5.xml:1272 +#: sssd-ldap.5.xml:1201 sssd-ldap.5.xml:1310 msgid "Default: ipService" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1169 +#: sssd-ldap.5.xml:1207 msgid "ldap_host_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1172 sssd-ldap.5.xml:1198 +#: sssd-ldap.5.xml:1210 sssd-ldap.5.xml:1236 msgid "The LDAP attribute that corresponds to the host's name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1182 +#: sssd-ldap.5.xml:1220 msgid "ldap_host_fqdn (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1185 +#: sssd-ldap.5.xml:1223 msgid "" "The LDAP attribute that corresponds to the host's fully-qualified domain " "name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1189 +#: sssd-ldap.5.xml:1227 msgid "Default: fqdn" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1195 +#: sssd-ldap.5.xml:1233 msgid "ldap_host_serverhostname (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1202 +#: sssd-ldap.5.xml:1240 msgid "Default: serverHostname" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1208 +#: sssd-ldap.5.xml:1246 msgid "ldap_host_member_of (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1211 +#: sssd-ldap.5.xml:1249 msgid "The LDAP attribute that lists the host's group memberships." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1221 +#: sssd-ldap.5.xml:1259 msgid "ldap_host_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1224 +#: sssd-ldap.5.xml:1262 msgid "Optional. Use the given string as search base for host objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1228 sssd-ipa.5.xml:374 sssd-ipa.5.xml:393 +#: sssd-ldap.5.xml:1266 sssd-ipa.5.xml:374 sssd-ipa.5.xml:393 #: sssd-ipa.5.xml:412 sssd-ipa.5.xml:431 msgid "" "See <quote>ldap_search_base</quote> for information about configuring " @@ -5535,95 +5766,95 @@ msgid "" msgstr "" #. type: Content of: <listitem><para> -#: sssd-ldap.5.xml:1233 sssd-ipa.5.xml:379 include/ldap_search_bases.xml:27 +#: sssd-ldap.5.xml:1271 sssd-ipa.5.xml:379 include/ldap_search_bases.xml:27 msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1240 +#: sssd-ldap.5.xml:1278 msgid "ldap_host_ssh_public_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1243 +#: sssd-ldap.5.xml:1281 msgid "The LDAP attribute that contains the host's SSH public keys." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1253 +#: sssd-ldap.5.xml:1291 msgid "ldap_host_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1256 +#: sssd-ldap.5.xml:1294 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP host object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1266 +#: sssd-ldap.5.xml:1304 msgid "ldap_service_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1269 +#: sssd-ldap.5.xml:1307 msgid "The object class of a service entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1278 +#: sssd-ldap.5.xml:1316 msgid "ldap_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1281 +#: sssd-ldap.5.xml:1319 msgid "" "The LDAP attribute that contains the name of service attributes and their " "aliases." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1291 +#: sssd-ldap.5.xml:1329 msgid "ldap_service_port (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1294 +#: sssd-ldap.5.xml:1332 msgid "The LDAP attribute that contains the port managed by this service." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1298 +#: sssd-ldap.5.xml:1336 msgid "Default: ipServicePort" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1304 +#: sssd-ldap.5.xml:1342 msgid "ldap_service_proto (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1307 +#: sssd-ldap.5.xml:1345 msgid "" "The LDAP attribute that contains the protocols understood by this service." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1311 +#: sssd-ldap.5.xml:1349 msgid "Default: ipServiceProtocol" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1317 +#: sssd-ldap.5.xml:1355 msgid "ldap_service_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1322 +#: sssd-ldap.5.xml:1360 msgid "ldap_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1325 +#: sssd-ldap.5.xml:1363 msgid "" "Specifies the timeout (in seconds) that ldap searches are allowed to run " "before they are cancelled and cached results are returned (and offline mode " @@ -5631,7 +5862,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1331 +#: sssd-ldap.5.xml:1369 msgid "" "Note: this option is subject to change in future versions of the SSSD. It " "will likely be replaced at some point by a series of timeouts for specific " @@ -5639,12 +5870,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1343 +#: sssd-ldap.5.xml:1381 msgid "ldap_enumeration_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1346 +#: sssd-ldap.5.xml:1384 msgid "" "Specifies the timeout (in seconds) that ldap searches for user and group " "enumerations are allowed to run before they are cancelled and cached results " @@ -5652,12 +5883,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1359 +#: sssd-ldap.5.xml:1397 msgid "ldap_network_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1362 +#: sssd-ldap.5.xml:1400 msgid "" "Specifies the timeout (in seconds) after which the <citerefentry> " "<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" @@ -5668,12 +5899,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1385 +#: sssd-ldap.5.xml:1423 msgid "ldap_opt_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1388 +#: sssd-ldap.5.xml:1426 msgid "" "Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " "will abort if no response is received. Also controls the timeout when " @@ -5682,12 +5913,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1403 +#: sssd-ldap.5.xml:1441 msgid "ldap_connection_expire_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1406 +#: sssd-ldap.5.xml:1444 msgid "" "Specifies a timeout (in seconds) that a connection to an LDAP server will be " "maintained. After this time, the connection will be re-established. If used " @@ -5696,34 +5927,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1414 sssd-ldap.5.xml:2503 +#: sssd-ldap.5.xml:1452 sssd-ldap.5.xml:2572 msgid "Default: 900 (15 minutes)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1420 +#: sssd-ldap.5.xml:1458 msgid "ldap_page_size (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1423 +#: sssd-ldap.5.xml:1461 msgid "" "Specify the number of records to retrieve from LDAP in a single request. " "Some LDAP servers enforce a maximum limit per-request." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1428 +#: sssd-ldap.5.xml:1466 msgid "Default: 1000" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1434 +#: sssd-ldap.5.xml:1472 msgid "ldap_disable_paging (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1437 +#: sssd-ldap.5.xml:1475 msgid "" "Disable the LDAP paging control. This option should be used if the LDAP " "server reports that it supports the LDAP paging control in its RootDSE but " @@ -5731,14 +5962,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1443 +#: sssd-ldap.5.xml:1481 msgid "" "Example: OpenLDAP servers with the paging control module installed on the " "server but not enabled will report it in the RootDSE but be unable to use it." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1449 +#: sssd-ldap.5.xml:1487 msgid "" "Example: 389 DS has a bug where it can only support a one paging control at " "a time on a single connection. On busy clients, this can result in some " @@ -5746,17 +5977,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1461 +#: sssd-ldap.5.xml:1499 msgid "ldap_disable_range_retrieval (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1464 +#: sssd-ldap.5.xml:1502 msgid "Disable Active Directory range retrieval." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1467 +#: sssd-ldap.5.xml:1505 msgid "" "Active Directory limits the number of members to be retrieved in a single " "lookup using the MaxValRange policy (which defaults to 1500 members). If a " @@ -5766,12 +5997,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1482 +#: sssd-ldap.5.xml:1520 msgid "ldap_sasl_minssf (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1485 +#: sssd-ldap.5.xml:1523 msgid "" "When communicating with an LDAP server using SASL, specify the minimum " "security level necessary to establish the connection. The values of this " @@ -5779,17 +6010,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1491 +#: sssd-ldap.5.xml:1529 msgid "Default: Use the system default (usually specified by ldap.conf)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1498 +#: sssd-ldap.5.xml:1536 msgid "ldap_deref_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1501 +#: sssd-ldap.5.xml:1539 msgid "" "Specify the number of group members that must be missing from the internal " "cache in order to trigger a dereference lookup. If less members are missing, " @@ -5797,13 +6028,18 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1507 +#: sssd-ldap.5.xml:1545 msgid "" -"You can turn off dereference lookups completely by setting the value to 0." +"You can turn off dereference lookups completely by setting the value to 0. " +"Please note that there are some codepaths in SSSD, like the IPA HBAC " +"provider, that are only implemented using the dereference call, so even with " +"dereference explicitly disabled, those parts will still use dereference if " +"the server supports it and advertises the dereference control in the rootDSE " +"object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1511 +#: sssd-ldap.5.xml:1556 msgid "" "A dereference lookup is a means of fetching all group members in a single " "LDAP call. Different LDAP servers may implement different dereference " @@ -5812,7 +6048,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1519 +#: sssd-ldap.5.xml:1564 msgid "" "<emphasis>Note:</emphasis> If any of the search bases specifies a search " "filter, then the dereference lookup performance enhancement will be disabled " @@ -5820,26 +6056,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1532 +#: sssd-ldap.5.xml:1577 msgid "ldap_tls_reqcert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1535 +#: sssd-ldap.5.xml:1580 msgid "" "Specifies what checks to perform on server certificates in a TLS session, if " "any. It can be specified as one of the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1541 +#: sssd-ldap.5.xml:1586 msgid "" "<emphasis>never</emphasis> = The client will not request or check any server " "certificate." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1545 +#: sssd-ldap.5.xml:1590 msgid "" "<emphasis>allow</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -5847,7 +6083,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1552 +#: sssd-ldap.5.xml:1597 msgid "" "<emphasis>try</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -5855,7 +6091,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1558 +#: sssd-ldap.5.xml:1603 msgid "" "<emphasis>demand</emphasis> = The server certificate is requested. If no " "certificate is provided, or a bad certificate is provided, the session is " @@ -5863,41 +6099,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1564 +#: sssd-ldap.5.xml:1609 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1568 +#: sssd-ldap.5.xml:1613 msgid "Default: hard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1574 +#: sssd-ldap.5.xml:1619 msgid "ldap_tls_cacert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1577 +#: sssd-ldap.5.xml:1622 msgid "" "Specifies the file that contains certificates for all of the Certificate " "Authorities that <command>sssd</command> will recognize." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1582 sssd-ldap.5.xml:1600 sssd-ldap.5.xml:1641 +#: sssd-ldap.5.xml:1627 sssd-ldap.5.xml:1645 sssd-ldap.5.xml:1686 msgid "" "Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." "conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1589 +#: sssd-ldap.5.xml:1634 msgid "ldap_tls_cacertdir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1592 +#: sssd-ldap.5.xml:1637 msgid "" "Specifies the path of a directory that contains Certificate Authority " "certificates in separate individual files. Typically the file names need to " @@ -5906,32 +6142,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1607 +#: sssd-ldap.5.xml:1652 msgid "ldap_tls_cert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1610 +#: sssd-ldap.5.xml:1655 msgid "Specifies the file that contains the certificate for the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1620 +#: sssd-ldap.5.xml:1665 msgid "ldap_tls_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1623 +#: sssd-ldap.5.xml:1668 msgid "Specifies the file that contains the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1632 +#: sssd-ldap.5.xml:1677 msgid "ldap_tls_cipher_suite (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1635 +#: sssd-ldap.5.xml:1680 msgid "" "Specifies acceptable cipher suites. Typically this is a colon separated " "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " @@ -5939,24 +6175,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1648 +#: sssd-ldap.5.xml:1693 msgid "ldap_id_use_start_tls (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1651 +#: sssd-ldap.5.xml:1696 msgid "" "Specifies that the id_provider connection must also use <systemitem class=" "\"protocol\">tls</systemitem> to protect the channel." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1661 +#: sssd-ldap.5.xml:1706 msgid "ldap_id_mapping (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1664 +#: sssd-ldap.5.xml:1709 msgid "" "Specifies that SSSD should attempt to map user and group IDs from the " "ldap_user_objectsid and ldap_group_objectsid attributes instead of relying " @@ -5964,17 +6200,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1670 +#: sssd-ldap.5.xml:1715 msgid "Currently this feature supports only ActiveDirectory objectSID mapping." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1680 +#: sssd-ldap.5.xml:1725 msgid "ldap_min_id, ldap_max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1683 +#: sssd-ldap.5.xml:1728 msgid "" "In contrast to the SID based ID mapping which is used if ldap_id_mapping is " "set to true the allowed ID range for ldap_user_uid_number and " @@ -5985,29 +6221,40 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1695 +#: sssd-ldap.5.xml:1740 msgid "Default: not set (both options are set to 0)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1701 +#: sssd-ldap.5.xml:1746 msgid "ldap_sasl_mech (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1704 +#: sssd-ldap.5.xml:1749 +msgid "" +"Specify the SASL mechanism to use. Currently only GSSAPI and GSS-SPNEGO are " +"tested and supported." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1753 msgid "" -"Specify the SASL mechanism to use. Currently only GSSAPI is tested and " -"supported." +"If the backend supports sub-domains the value of ldap_sasl_mech is " +"automatically inherited to the sub-domains. If a different value is needed " +"for a sub-domain it can be overwritten by setting ldap_sasl_mech for this " +"sub-domain explicitly. Please see TRUSTED DOMAIN SECTION in " +"<citerefentry><refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" +"manvolnum></citerefentry> for details." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1714 +#: sssd-ldap.5.xml:1769 msgid "ldap_sasl_authid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ldap.5.xml:1725 +#: sssd-ldap.5.xml:1781 #, no-wrap msgid "" "hostname@REALM\n" @@ -6020,29 +6267,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1717 +#: sssd-ldap.5.xml:1772 msgid "" -"Specify the SASL authorization id to use. When GSSAPI is used, this " -"represents the Kerberos principal used for authentication to the directory. " -"This option can either contain the full principal (for example host/" -"myhost@EXAMPLE.COM) or just the principal name (for example host/myhost). By " -"default, the value is not set and the following principals are used: " -"<placeholder type=\"programlisting\" id=\"0\"/> If none of them are found, " -"the first principal in keytab is returned." +"Specify the SASL authorization id to use. When GSSAPI/GSS-SPNEGO are used, " +"this represents the Kerberos principal used for authentication to the " +"directory. This option can either contain the full principal (for example " +"host/myhost@EXAMPLE.COM) or just the principal name (for example host/" +"myhost). By default, the value is not set and the following principals are " +"used: <placeholder type=\"programlisting\" id=\"0\"/> If none of them are " +"found, the first principal in keytab is returned." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1736 +#: sssd-ldap.5.xml:1792 msgid "Default: host/hostname@REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1742 +#: sssd-ldap.5.xml:1798 msgid "ldap_sasl_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1745 +#: sssd-ldap.5.xml:1801 msgid "" "Specify the SASL realm to use. When not specified, this option defaults to " "the value of krb5_realm. If the ldap_sasl_authid contains the realm as " @@ -6050,77 +6297,78 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1751 +#: sssd-ldap.5.xml:1807 msgid "Default: the value of krb5_realm." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1757 +#: sssd-ldap.5.xml:1813 msgid "ldap_sasl_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1760 +#: sssd-ldap.5.xml:1816 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1765 +#: sssd-ldap.5.xml:1821 msgid "Default: false;" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1771 +#: sssd-ldap.5.xml:1827 msgid "ldap_krb5_keytab (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1774 -msgid "Specify the keytab to use when using SASL/GSSAPI." +#: sssd-ldap.5.xml:1830 +msgid "Specify the keytab to use when using SASL/GSSAPI/GSS-SPNEGO." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1777 +#: sssd-ldap.5.xml:1834 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1783 +#: sssd-ldap.5.xml:1840 msgid "ldap_krb5_init_creds (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1786 +#: sssd-ldap.5.xml:1843 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " -"GSSAPI." +"GSSAPI or GSS-SPNEGO." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1798 +#: sssd-ldap.5.xml:1855 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1801 -msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." +#: sssd-ldap.5.xml:1858 +msgid "" +"Specifies the lifetime in seconds of the TGT if GSSAPI or GSS-SPNEGO is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1805 sssd-ad.5.xml:959 +#: sssd-ldap.5.xml:1862 sssd-ad.5.xml:978 msgid "Default: 86400 (24 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1811 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:1868 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1814 +#: sssd-ldap.5.xml:1871 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of preference. " @@ -6132,7 +6380,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1826 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:1883 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -6140,7 +6388,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1831 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1888 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " @@ -6148,39 +6396,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1840 sssd-ipa.5.xml:443 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1897 sssd-ipa.5.xml:443 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1843 -msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." +#: sssd-ldap.5.xml:1900 +msgid "Specify the Kerberos REALM (for SASL/GSSAPI/GSS-SPNEGO auth)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1846 +#: sssd-ldap.5.xml:1904 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1852 sssd-krb5.5.xml:462 +#: sssd-ldap.5.xml:1910 sssd-krb5.5.xml:462 msgid "krb5_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1855 +#: sssd-ldap.5.xml:1913 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1867 sssd-krb5.5.xml:477 +#: sssd-ldap.5.xml:1925 sssd-krb5.5.xml:477 msgid "krb5_use_kdcinfo (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1870 sssd-krb5.5.xml:480 +#: sssd-ldap.5.xml:1928 sssd-krb5.5.xml:480 msgid "" "Specifies if the SSSD should instruct the Kerberos libraries what realm and " "which KDCs to use. This option is on by default, if you disable it, you need " @@ -6190,7 +6438,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1881 sssd-krb5.5.xml:491 +#: sssd-ldap.5.xml:1939 sssd-krb5.5.xml:491 msgid "" "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more " @@ -6198,26 +6446,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1895 +#: sssd-ldap.5.xml:1953 msgid "ldap_pwd_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1898 +#: sssd-ldap.5.xml:1956 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1903 +#: sssd-ldap.5.xml:1961 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1908 +#: sssd-ldap.5.xml:1966 msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " @@ -6225,7 +6473,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1914 +#: sssd-ldap.5.xml:1972 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " @@ -6233,31 +6481,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1923 +#: sssd-ldap.5.xml:1981 msgid "" "<emphasis>Note</emphasis>: if a password policy is configured on server " "side, it always takes precedence over policy set with this option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1931 +#: sssd-ldap.5.xml:1989 msgid "ldap_referrals (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1934 +#: sssd-ldap.5.xml:1992 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1938 +#: sssd-ldap.5.xml:1996 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1943 +#: sssd-ldap.5.xml:2001 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " @@ -6266,56 +6514,56 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1957 +#: sssd-ldap.5.xml:2015 msgid "ldap_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1960 +#: sssd-ldap.5.xml:2018 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1964 +#: sssd-ldap.5.xml:2022 msgid "Default: ldap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1970 +#: sssd-ldap.5.xml:2028 msgid "ldap_chpass_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1973 +#: sssd-ldap.5.xml:2031 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1978 +#: sssd-ldap.5.xml:2036 msgid "Default: not set, i.e. service discovery is disabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1984 +#: sssd-ldap.5.xml:2042 msgid "ldap_chpass_update_last_change (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1987 +#: sssd-ldap.5.xml:2045 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1999 +#: sssd-ldap.5.xml:2057 msgid "ldap_access_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2002 +#: sssd-ldap.5.xml:2060 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -6331,12 +6579,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2022 +#: sssd-ldap.5.xml:2080 msgid "Example:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:2025 +#: sssd-ldap.5.xml:2083 #, no-wrap msgid "" "access_provider = ldap\n" @@ -6345,14 +6593,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2029 +#: sssd-ldap.5.xml:2087 msgid "" "This example means that access to this host is restricted to users whose " "employeeType attribute is set to \"admin\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2034 +#: sssd-ldap.5.xml:2092 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -6361,24 +6609,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2042 sssd-ldap.5.xml:2099 +#: sssd-ldap.5.xml:2100 sssd-ldap.5.xml:2157 msgid "Default: Empty" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2048 +#: sssd-ldap.5.xml:2106 msgid "ldap_account_expire_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2051 +#: sssd-ldap.5.xml:2109 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2055 +#: sssd-ldap.5.xml:2113 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -6386,19 +6634,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2062 +#: sssd-ldap.5.xml:2120 msgid "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2065 +#: sssd-ldap.5.xml:2123 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2070 +#: sssd-ldap.5.xml:2128 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -6407,7 +6655,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2077 +#: sssd-ldap.5.xml:2135 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " @@ -6415,7 +6663,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2083 +#: sssd-ldap.5.xml:2141 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -6424,7 +6672,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2092 +#: sssd-ldap.5.xml:2150 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>expire</quote> in order for the " @@ -6432,22 +6680,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2105 +#: sssd-ldap.5.xml:2163 msgid "ldap_access_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2108 +#: sssd-ldap.5.xml:2166 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2112 +#: sssd-ldap.5.xml:2170 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2115 +#: sssd-ldap.5.xml:2173 msgid "" "<emphasis>lockout</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -6457,14 +6705,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2125 +#: sssd-ldap.5.xml:2183 msgid "" "<emphasis> Please note that this option is superseded by the <quote>ppolicy</" "quote> option and might be removed in a future release. </emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2132 +#: sssd-ldap.5.xml:2190 msgid "" "<emphasis>ppolicy</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -6477,12 +6725,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2149 +#: sssd-ldap.5.xml:2207 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2153 +#: sssd-ldap.5.xml:2211 msgid "" "<emphasis>pwd_expire_policy_reject, pwd_expire_policy_warn, " "pwd_expire_policy_renew: </emphasis> These options are useful if users are " @@ -6492,7 +6740,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2163 +#: sssd-ldap.5.xml:2221 msgid "" "The difference between these options is the action taken if user password is " "expired: pwd_expire_policy_reject - user is denied to log in, " @@ -6502,63 +6750,63 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2171 +#: sssd-ldap.5.xml:2229 msgid "" "Note If user password is expired no explicit message is prompted by SSSD." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2175 +#: sssd-ldap.5.xml:2233 msgid "" "Please note that 'access_provider = ldap' must be set for this feature to " "work. Also 'ldap_pwd_policy' must be set to an appropriate password policy." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2180 +#: sssd-ldap.5.xml:2238 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2185 +#: sssd-ldap.5.xml:2243 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2189 +#: sssd-ldap.5.xml:2247 msgid "" "<emphasis>rhost</emphasis>: use the rhost attribute to determine whether " "remote host can access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2193 +#: sssd-ldap.5.xml:2251 msgid "" "Please note, rhost field in pam is set by application, it is better to check " "what the application sends to pam, before enabling this access control option" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2198 +#: sssd-ldap.5.xml:2256 msgid "Default: filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2201 +#: sssd-ldap.5.xml:2259 msgid "" "Please note that it is a configuration error if a value is used more than " "once." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2208 +#: sssd-ldap.5.xml:2266 msgid "ldap_pwdlockout_dn (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2211 +#: sssd-ldap.5.xml:2269 msgid "" "This option specifies the DN of password policy entry on LDAP server. Please " "note that absence of this option in sssd.conf in case of enabled account " @@ -6567,74 +6815,74 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2219 +#: sssd-ldap.5.xml:2277 msgid "Example: cn=ppolicy,ou=policies,dc=example,dc=com" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2222 +#: sssd-ldap.5.xml:2280 msgid "Default: cn=ppolicy,ou=policies,$ldap_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2228 +#: sssd-ldap.5.xml:2286 msgid "ldap_deref (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2231 +#: sssd-ldap.5.xml:2289 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2236 +#: sssd-ldap.5.xml:2294 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2240 +#: sssd-ldap.5.xml:2298 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2245 +#: sssd-ldap.5.xml:2303 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2250 +#: sssd-ldap.5.xml:2308 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2255 +#: sssd-ldap.5.xml:2313 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2263 +#: sssd-ldap.5.xml:2321 msgid "ldap_rfc2307_fallback_to_local_users (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2266 +#: sssd-ldap.5.xml:2324 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2270 +#: sssd-ldap.5.xml:2328 msgid "" "In some environments where the RFC2307 schema is used, local users are made " "members of LDAP groups by adding their names to the memberUid attribute. " @@ -6645,7 +6893,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2281 +#: sssd-ldap.5.xml:2339 msgid "" "This option falls back to checking if local users are referenced, and caches " "them so that later initgroups() calls will augment the local users with the " @@ -6653,24 +6901,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2293 sssd-ifp.5.xml:136 +#: sssd-ldap.5.xml:2351 sssd-ifp.5.xml:136 msgid "wildcard_limit (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2296 +#: sssd-ldap.5.xml:2354 msgid "" "Specifies an upper limit on the number of entries that are downloaded during " "a wildcard lookup." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2300 +#: sssd-ldap.5.xml:2358 msgid "At the moment, only the InfoPipe responder supports wildcard lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2304 +#: sssd-ldap.5.xml:2362 msgid "Default: 1000 (often the size of one page)" msgstr "" @@ -6685,12 +6933,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2314 +#: sssd-ldap.5.xml:2372 msgid "SUDO OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2316 +#: sssd-ldap.5.xml:2374 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -6698,317 +6946,327 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2327 +#: sssd-ldap.5.xml:2385 msgid "ldap_sudorule_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2330 +#: sssd-ldap.5.xml:2388 msgid "The object class of a sudo rule entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2333 +#: sssd-ldap.5.xml:2391 msgid "Default: sudoRole" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2339 +#: sssd-ldap.5.xml:2397 msgid "ldap_sudorule_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2342 +#: sssd-ldap.5.xml:2400 msgid "The LDAP attribute that corresponds to the sudo rule name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2352 +#: sssd-ldap.5.xml:2410 msgid "ldap_sudorule_command (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2355 +#: sssd-ldap.5.xml:2413 msgid "The LDAP attribute that corresponds to the command name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2359 +#: sssd-ldap.5.xml:2417 msgid "Default: sudoCommand" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2365 +#: sssd-ldap.5.xml:2423 msgid "ldap_sudorule_host (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2368 +#: sssd-ldap.5.xml:2426 msgid "" "The LDAP attribute that corresponds to the host name (or host IP address, " "host IP network, or host netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2373 +#: sssd-ldap.5.xml:2431 msgid "Default: sudoHost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2379 +#: sssd-ldap.5.xml:2437 msgid "ldap_sudorule_user (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2382 +#: sssd-ldap.5.xml:2440 msgid "" "The LDAP attribute that corresponds to the user name (or UID, group name or " "user's netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2386 +#: sssd-ldap.5.xml:2444 msgid "Default: sudoUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2392 +#: sssd-ldap.5.xml:2450 msgid "ldap_sudorule_option (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2395 +#: sssd-ldap.5.xml:2453 msgid "The LDAP attribute that corresponds to the sudo options." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2399 +#: sssd-ldap.5.xml:2457 msgid "Default: sudoOption" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2405 +#: sssd-ldap.5.xml:2463 msgid "ldap_sudorule_runasuser (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2408 +#: sssd-ldap.5.xml:2466 msgid "" "The LDAP attribute that corresponds to the user name that commands may be " "run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2412 +#: sssd-ldap.5.xml:2470 msgid "Default: sudoRunAsUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2418 +#: sssd-ldap.5.xml:2476 msgid "ldap_sudorule_runasgroup (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2421 +#: sssd-ldap.5.xml:2479 msgid "" "The LDAP attribute that corresponds to the group name or group GID that " "commands may be run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2425 +#: sssd-ldap.5.xml:2483 msgid "Default: sudoRunAsGroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2431 +#: sssd-ldap.5.xml:2489 msgid "ldap_sudorule_notbefore (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2434 +#: sssd-ldap.5.xml:2492 msgid "" "The LDAP attribute that corresponds to the start date/time for when the sudo " "rule is valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2438 +#: sssd-ldap.5.xml:2496 msgid "Default: sudoNotBefore" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2444 +#: sssd-ldap.5.xml:2502 msgid "ldap_sudorule_notafter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2447 +#: sssd-ldap.5.xml:2505 msgid "" "The LDAP attribute that corresponds to the expiration date/time, after which " "the sudo rule will no longer be valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2452 +#: sssd-ldap.5.xml:2510 msgid "Default: sudoNotAfter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2458 +#: sssd-ldap.5.xml:2516 msgid "ldap_sudorule_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2461 +#: sssd-ldap.5.xml:2519 msgid "The LDAP attribute that corresponds to the ordering index of the rule." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2465 +#: sssd-ldap.5.xml:2523 msgid "Default: sudoOrder" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2471 +#: sssd-ldap.5.xml:2529 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2474 +#: sssd-ldap.5.xml:2532 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2479 +#: sssd-ldap.5.xml:2537 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </" "emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2484 +#: sssd-ldap.5.xml:2542 msgid "Default: 21600 (6 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2490 +#: sssd-ldap.5.xml:2548 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2493 +#: sssd-ldap.5.xml:2551 msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " -"rules (which downloads all rules that have USN higher than the highest USN " -"of cached rules)." +"rules (which downloads all rules that have USN higher than the highest " +"server USN value that is currently known by SSSD)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2499 +#: sssd-ldap.5.xml:2557 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:2561 +msgid "" +"<emphasis>Note:</emphasis> the highest USN value can be updated by three " +"tasks: 1) By sudo full and smart refresh (if updated rules are found), 2) by " +"enumeration of users and groups (if enabled and updated users or groups are " +"found) and 3) by reconnecting to the server (by default every 15 minutes, " +"see <emphasis>ldap_connection_expire_timeout</emphasis>)." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2509 +#: sssd-ldap.5.xml:2578 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2512 +#: sssd-ldap.5.xml:2581 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2523 +#: sssd-ldap.5.xml:2592 msgid "ldap_sudo_hostnames (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2526 +#: sssd-ldap.5.xml:2595 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2531 +#: sssd-ldap.5.xml:2600 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2536 sssd-ldap.5.xml:2559 sssd-ldap.5.xml:2577 -#: sssd-ldap.5.xml:2595 +#: sssd-ldap.5.xml:2605 sssd-ldap.5.xml:2628 sssd-ldap.5.xml:2646 +#: sssd-ldap.5.xml:2664 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</" "emphasis> then this option has no effect." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2541 sssd-ldap.5.xml:2564 +#: sssd-ldap.5.xml:2610 sssd-ldap.5.xml:2633 msgid "Default: not specified" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2547 +#: sssd-ldap.5.xml:2616 msgid "ldap_sudo_ip (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2550 +#: sssd-ldap.5.xml:2619 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2555 +#: sssd-ldap.5.xml:2624 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2570 +#: sssd-ldap.5.xml:2639 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2573 +#: sssd-ldap.5.xml:2642 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2588 +#: sssd-ldap.5.xml:2657 msgid "ldap_sudo_include_regexp (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2591 +#: sssd-ldap.5.xml:2660 msgid "" "If true then SSSD will download every rule that contains a wildcard in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><note><para> -#: sssd-ldap.5.xml:2601 +#: sssd-ldap.5.xml:2670 msgid "" "Using wildcard is an operation that is very costly to evaluate on the LDAP " "server side!" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2613 +#: sssd-ldap.5.xml:2682 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -7017,111 +7275,111 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2623 +#: sssd-ldap.5.xml:2692 msgid "AUTOFS OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2625 +#: sssd-ldap.5.xml:2694 msgid "" "Some of the defaults for the parameters below are dependent on the LDAP " "schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2631 +#: sssd-ldap.5.xml:2700 msgid "ldap_autofs_map_master_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2634 +#: sssd-ldap.5.xml:2703 msgid "The name of the automount master map in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2637 +#: sssd-ldap.5.xml:2706 msgid "Default: auto.master" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2644 +#: sssd-ldap.5.xml:2713 msgid "ldap_autofs_map_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2647 +#: sssd-ldap.5.xml:2716 msgid "The object class of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2650 +#: sssd-ldap.5.xml:2719 msgid "Default: nisMap (rfc2307, autofs_provider=ad), otherwise automountMap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2658 +#: sssd-ldap.5.xml:2727 msgid "ldap_autofs_map_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2661 +#: sssd-ldap.5.xml:2730 msgid "The name of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2664 +#: sssd-ldap.5.xml:2733 msgid "" "Default: nisMapName (rfc2307, autofs_provider=ad), otherwise automountMapName" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2672 +#: sssd-ldap.5.xml:2741 msgid "ldap_autofs_entry_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2675 +#: sssd-ldap.5.xml:2744 msgid "" "The object class of an automount entry in LDAP. The entry usually " "corresponds to a mount point." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2680 +#: sssd-ldap.5.xml:2749 msgid "Default: nisObject (rfc2307, autofs_provider=ad), otherwise automount" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2688 +#: sssd-ldap.5.xml:2757 msgid "ldap_autofs_entry_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2691 sssd-ldap.5.xml:2706 +#: sssd-ldap.5.xml:2760 sssd-ldap.5.xml:2775 msgid "" "The key of an automount entry in LDAP. The entry usually corresponds to a " "mount point." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2695 +#: sssd-ldap.5.xml:2764 msgid "Default: cn (rfc2307, autofs_provider=ad), otherwise automountKey" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2703 +#: sssd-ldap.5.xml:2772 msgid "ldap_autofs_entry_value (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2710 +#: sssd-ldap.5.xml:2779 msgid "" "Default: nisMapEntry (rfc2307, autofs_provider=ad), otherwise " "automountInformation" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2629 +#: sssd-ldap.5.xml:2698 msgid "" "<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" "\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " @@ -7130,32 +7388,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2721 +#: sssd-ldap.5.xml:2790 msgid "ADVANCED OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2728 +#: sssd-ldap.5.xml:2797 msgid "ldap_netgroup_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2733 +#: sssd-ldap.5.xml:2802 msgid "ldap_user_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2738 +#: sssd-ldap.5.xml:2807 msgid "ldap_group_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note> -#: sssd-ldap.5.xml:2743 +#: sssd-ldap.5.xml:2812 msgid "<note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note><para> -#: sssd-ldap.5.xml:2745 +#: sssd-ldap.5.xml:2814 msgid "" "If the option <quote>ldap_use_tokengroups</quote> is enabled, the searches " "against Active Directory will not be restricted and return all groups " @@ -7164,22 +7422,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist> -#: sssd-ldap.5.xml:2752 +#: sssd-ldap.5.xml:2821 msgid "</note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2754 +#: sssd-ldap.5.xml:2823 msgid "ldap_sudo_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2759 +#: sssd-ldap.5.xml:2828 msgid "ldap_autofs_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2723 +#: sssd-ldap.5.xml:2792 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -7188,14 +7446,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2774 sssd-simple.5.xml:131 sssd-ipa.5.xml:843 -#: sssd-ad.5.xml:1078 sssd-krb5.5.xml:570 sss_rpcidmapd.5.xml:98 +#: sssd-ldap.5.xml:2843 sssd-simple.5.xml:131 sssd-ipa.5.xml:843 +#: sssd-ad.5.xml:1097 sssd-krb5.5.xml:604 sss_rpcidmapd.5.xml:98 #: sssd-files.5.xml:130 sssd-session-recording.5.xml:144 msgid "EXAMPLE" msgstr "ПРИМЕР" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2776 +#: sssd-ldap.5.xml:2845 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -7203,7 +7461,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2782 +#: sssd-ldap.5.xml:2851 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -7216,27 +7474,27 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:2781 sssd-ldap.5.xml:2799 sssd-simple.5.xml:139 -#: sssd-ipa.5.xml:851 sssd-ad.5.xml:1086 sssd-sudo.5.xml:56 sssd-krb5.5.xml:579 +#: sssd-ldap.5.xml:2850 sssd-ldap.5.xml:2868 sssd-simple.5.xml:139 +#: sssd-ipa.5.xml:851 sssd-ad.5.xml:1105 sssd-sudo.5.xml:56 sssd-krb5.5.xml:613 #: sssd-files.5.xml:137 sssd-files.5.xml:148 sssd-session-recording.5.xml:150 #: include/ldap_id_mapping.xml:105 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2793 +#: sssd-ldap.5.xml:2862 msgid "LDAP ACCESS FILTER EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2795 +#: sssd-ldap.5.xml:2864 msgid "" "The following example assumes that SSSD is correctly configured and to use " "the ldap_access_order=lockout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2800 +#: sssd-ldap.5.xml:2869 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -7252,13 +7510,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2815 sssd_krb5_locator_plugin.8.xml:81 sssd-simple.5.xml:148 -#: sssd-ad.5.xml:1101 sssd.8.xml:257 sss_seed.8.xml:163 +#: sssd-ldap.5.xml:2884 sssd_krb5_locator_plugin.8.xml:83 sssd-simple.5.xml:148 +#: sssd-ad.5.xml:1120 sssd.8.xml:257 sss_seed.8.xml:163 msgid "NOTES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2817 +#: sssd-ldap.5.xml:2886 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -7471,7 +7729,7 @@ msgstr "" msgid "" "Try to use certificate based authentication, i.e. authentication with a " "Smartcard or similar devices. If a Smartcard is available and the service is " -"allowed for Smartcard authentication the use will be prompted for a PIN and " +"allowed for Smartcard authentication the user will be prompted for a PIN and " "the certificate based authentication will continue" msgstr "" @@ -7518,13 +7776,22 @@ msgid "" "<option>password</option> and <option>session</option>) are provided." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para> +#: pam_sss.8.xml:259 +msgid "" +"If SSSD's PAM responder is not running, e.g. if the PAM responder socket is " +"not available, pam_sss will return PAM_USER_UNKNOWN when called as " +"<option>account</option> module to avoid issues with users from other " +"sources during access control." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><title> -#: pam_sss.8.xml:262 +#: pam_sss.8.xml:266 msgid "FILES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:263 +#: pam_sss.8.xml:267 msgid "" "If a password reset by root fails, because the corresponding SSSD provider " "does not support password resets, an individual message can be displayed. " @@ -7532,7 +7799,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:268 +#: pam_sss.8.xml:272 msgid "" "The message is read from the file <filename>pam_sss_pw_reset_message.LOC</" "filename> where LOC stands for a locale string returned by <citerefentry> " @@ -7544,7 +7811,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:278 +#: pam_sss.8.xml:282 msgid "" "These files are searched in the directory <filename>/etc/sssd/customize/" "DOMAIN_NAME/</filename>. If no matching file is present a generic message is " @@ -7594,34 +7861,44 @@ msgstr "" msgid "" "The plugin reads the information about the KDCs of a given realm from a file " "called <filename>kdcinfo.REALM</filename>. The file should contain one or " -"more IP addresses either in dotted-decimal IPv4 notation or the hexadecimal " -"IPv6 notation. An optional port number can be added to the end separated " -"with a colon, the IPv6 address has to be enclosed in squared brackets in " -"this case as usual. Valid entries are:" +"more DNS names or IP addresses either in dotted-decimal IPv4 notation or the " +"hexadecimal IPv6 notation. An optional port number can be added to the end " +"separated with a colon, the IPv6 address has to be enclosed in squared " +"brackets in this case as usual. Valid entries are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> #: sssd_krb5_locator_plugin.8.xml:58 -msgid "1.2.3.4" +msgid "kdc.example.com" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> #: sssd_krb5_locator_plugin.8.xml:59 -msgid "5.6.7.8:99" +msgid "kdc.example.com:321" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> #: sssd_krb5_locator_plugin.8.xml:60 -msgid "2001:db8:85a3::8a2e:370:7334" +msgid "1.2.3.4" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> #: sssd_krb5_locator_plugin.8.xml:61 +msgid "5.6.7.8:99" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd_krb5_locator_plugin.8.xml:62 +msgid "2001:db8:85a3::8a2e:370:7334" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd_krb5_locator_plugin.8.xml:63 msgid "[2001:db8:85a3::8a2e:370:7334]:321" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:63 +#: sssd_krb5_locator_plugin.8.xml:65 msgid "" "SSSD's krb5 auth-provider which is used by the IPA and AD providers as well " "adds the address of the current KDC or domain controller SSSD is using to " @@ -7629,7 +7906,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:68 +#: sssd_krb5_locator_plugin.8.xml:70 msgid "" "In environments with read-only and read-write KDCs where clients are " "expected to use the read-only instances for the general operations and only " @@ -7642,7 +7919,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:83 +#: sssd_krb5_locator_plugin.8.xml:85 msgid "" "Not all Kerberos implementations support the use of plugins. If " "<command>sssd_krb5_locator_plugin</command> is not available on your system " @@ -7650,20 +7927,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:89 +#: sssd_krb5_locator_plugin.8.xml:91 msgid "" "If the environment variable SSSD_KRB5_LOCATOR_DEBUG is set to any value " "debug messages will be sent to stderr." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:93 +#: sssd_krb5_locator_plugin.8.xml:95 msgid "" "If the environment variable SSSD_KRB5_LOCATOR_DISABLE is set to any value " "the plugin is disabled and will just return KRB5_PLUGIN_NO_HANDLE to the " "caller." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:100 +msgid "" +"If the environment variable SSSD_KRB5_LOCATOR_IGNORE_DNS_FAILURES is set to " +"any value plugin will try to resolve all DNS names in kdcinfo file. By " +"default plugin returns KRB5_PLUGIN_NO_HANDLE to the caller immediately on " +"first DNS resolving failure." +msgstr "" + #. type: Content of: <reference><refentry><refnamediv><refname> #: sssd-simple.5.xml:10 sssd-simple.5.xml:16 msgid "sssd-simple" @@ -8760,7 +9046,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:128 sssd-ad.5.xml:888 +#: sssd-ipa.5.xml:128 sssd-ad.5.xml:907 msgid "dyndns_update (boolean)" msgstr "" @@ -8775,7 +9061,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:140 sssd-ad.5.xml:902 +#: sssd-ipa.5.xml:140 sssd-ad.5.xml:921 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" @@ -8790,12 +9076,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:157 sssd-ad.5.xml:913 +#: sssd-ipa.5.xml:157 sssd-ad.5.xml:932 msgid "dyndns_ttl (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:160 sssd-ad.5.xml:916 +#: sssd-ipa.5.xml:160 sssd-ad.5.xml:935 msgid "" "The TTL to apply to the client DNS record when updating it. If " "dyndns_update is false this has no effect. This will override the TTL " @@ -8816,12 +9102,12 @@ msgid "Default: 1200 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:177 sssd-ad.5.xml:927 +#: sssd-ipa.5.xml:177 sssd-ad.5.xml:946 msgid "dyndns_iface (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:180 sssd-ad.5.xml:930 +#: sssd-ipa.5.xml:180 sssd-ad.5.xml:949 msgid "" "Optional. Applicable only when dyndns_update is true. Choose the interface " "or a list of interfaces whose IP addresses should be used for dynamic DNS " @@ -8845,17 +9131,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:197 sssd-ad.5.xml:941 +#: sssd-ipa.5.xml:197 sssd-ad.5.xml:960 msgid "Example: dyndns_iface = em1, vnet1, vnet2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:203 sssd-ad.5.xml:992 +#: sssd-ipa.5.xml:203 sssd-ad.5.xml:1011 msgid "dyndns_auth (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:206 sssd-ad.5.xml:995 +#: sssd-ipa.5.xml:206 sssd-ad.5.xml:1014 msgid "" "Whether the nsupdate utility should use GSS-TSIG authentication for secure " "updates with the DNS server, insecure updates can be sent by setting this " @@ -8863,7 +9149,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:212 sssd-ad.5.xml:1001 +#: sssd-ipa.5.xml:212 sssd-ad.5.xml:1020 msgid "Default: GSS-TSIG" msgstr "" @@ -8890,7 +9176,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:244 sssd-ad.5.xml:947 +#: sssd-ipa.5.xml:244 sssd-ad.5.xml:966 msgid "dyndns_refresh_interval (integer)" msgstr "" @@ -8903,12 +9189,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:260 sssd-ad.5.xml:965 +#: sssd-ipa.5.xml:260 sssd-ad.5.xml:984 msgid "dyndns_update_ptr (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:263 sssd-ad.5.xml:968 +#: sssd-ipa.5.xml:263 sssd-ad.5.xml:987 msgid "" "Whether the PTR record should also be explicitly updated when updating the " "client's DNS records. Applicable only when dyndns_update is true." @@ -8927,60 +9213,60 @@ msgid "Default: False (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:280 sssd-ad.5.xml:979 +#: sssd-ipa.5.xml:280 sssd-ad.5.xml:998 msgid "dyndns_force_tcp (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:283 sssd-ad.5.xml:982 +#: sssd-ipa.5.xml:283 sssd-ad.5.xml:1001 msgid "" "Whether the nsupdate utility should default to using TCP for communicating " "with the DNS server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:287 sssd-ad.5.xml:986 +#: sssd-ipa.5.xml:287 sssd-ad.5.xml:1005 msgid "Default: False (let nsupdate choose the protocol)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:293 sssd-ad.5.xml:1007 +#: sssd-ipa.5.xml:293 sssd-ad.5.xml:1026 msgid "dyndns_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:296 sssd-ad.5.xml:1010 +#: sssd-ipa.5.xml:296 sssd-ad.5.xml:1029 msgid "" "The DNS server to use when performing a DNS update. In most setups, it's " "recommended to leave this option unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:301 sssd-ad.5.xml:1015 +#: sssd-ipa.5.xml:301 sssd-ad.5.xml:1034 msgid "" "Setting this option makes sense for environments where the DNS server is " "different from the identity server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:306 sssd-ad.5.xml:1020 +#: sssd-ipa.5.xml:306 sssd-ad.5.xml:1039 msgid "" "Please note that this option will be only used in fallback attempt when " "previous attempt using autodetected settings failed." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:311 sssd-ad.5.xml:1025 +#: sssd-ipa.5.xml:311 sssd-ad.5.xml:1044 msgid "Default: None (let nsupdate choose the server)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:317 sssd-ad.5.xml:1031 +#: sssd-ipa.5.xml:317 sssd-ad.5.xml:1050 msgid "dyndns_update_per_family (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:320 sssd-ad.5.xml:1034 +#: sssd-ipa.5.xml:320 sssd-ad.5.xml:1053 msgid "" "DNS update is by default performed in two steps - IPv4 update and then IPv6 " "update. In some cases it might be desirable to perform IPv4 and IPv6 update " @@ -9094,26 +9380,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:458 sssd-ad.5.xml:1049 +#: sssd-ipa.5.xml:458 sssd-ad.5.xml:1068 msgid "krb5_confd_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:461 sssd-ad.5.xml:1052 +#: sssd-ipa.5.xml:461 sssd-ad.5.xml:1071 msgid "" "Absolute path of a directory where SSSD should place Kerberos configuration " "snippets." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:465 sssd-ad.5.xml:1056 +#: sssd-ipa.5.xml:465 sssd-ad.5.xml:1075 msgid "" "To disable the creation of the configuration snippets set the parameter to " "'none'." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:469 sssd-ad.5.xml:1060 +#: sssd-ipa.5.xml:469 sssd-ad.5.xml:1079 msgid "" "Default: not set (krb5.include.d subdirectory of SSSD's pubconf directory)" msgstr "" @@ -9132,7 +9418,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:486 sssd-ipa.5.xml:516 sssd-ipa.5.xml:532 sssd-ad.5.xml:452 +#: sssd-ipa.5.xml:486 sssd-ipa.5.xml:516 sssd-ipa.5.xml:532 sssd-ad.5.xml:471 msgid "Default: 5 (seconds)" msgstr "" @@ -10008,12 +10294,27 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:442 +#: sssd-ad.5.xml:441 +msgid "ad_gpo_ignore_unreadable (boolean)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:444 +msgid "" +"Normally when some group policy containers (AD object) of applicable group " +"policy objects are not readable by SSSD then users are denied access. This " +"option allows to ignore group policy containers and with them associated " +"policies if their attributes in group policy containers are not readable for " +"SSSD." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:461 msgid "ad_gpo_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:445 +#: sssd-ad.5.xml:464 msgid "" "The amount of time between lookups of GPO policy files against the AD " "server. This will reduce the latency and load on the AD server if there are " @@ -10021,12 +10322,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:458 +#: sssd-ad.5.xml:477 msgid "ad_gpo_map_interactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:461 +#: sssd-ad.5.xml:480 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the InteractiveLogonRight and " @@ -10034,14 +10335,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:467 +#: sssd-ad.5.xml:486 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on locally\" and \"Deny log on locally\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:481 +#: sssd-ad.5.xml:500 #, no-wrap msgid "" "ad_gpo_map_interactive = +my_pam_service, -login\n" @@ -10049,7 +10350,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:472 +#: sssd-ad.5.xml:491 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -10061,42 +10362,42 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:504 +#: sssd-ad.5.xml:523 msgid "gdm-fingerprint" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:524 +#: sssd-ad.5.xml:543 msgid "lightdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:529 +#: sssd-ad.5.xml:548 msgid "lxdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:534 +#: sssd-ad.5.xml:553 msgid "sddm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:539 +#: sssd-ad.5.xml:558 msgid "unity" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:544 +#: sssd-ad.5.xml:563 msgid "xdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:553 +#: sssd-ad.5.xml:572 msgid "ad_gpo_map_remote_interactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:556 +#: sssd-ad.5.xml:575 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the RemoteInteractiveLogonRight and " @@ -10104,7 +10405,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:562 +#: sssd-ad.5.xml:581 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on through Remote Desktop Services\" and \"Deny log on through Remote " @@ -10112,7 +10413,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:577 +#: sssd-ad.5.xml:596 #, no-wrap msgid "" "ad_gpo_map_remote_interactive = +my_pam_service, -sshd\n" @@ -10120,7 +10421,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:568 +#: sssd-ad.5.xml:587 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -10132,22 +10433,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:585 +#: sssd-ad.5.xml:604 msgid "sshd" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:590 +#: sssd-ad.5.xml:609 msgid "cockpit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:599 +#: sssd-ad.5.xml:618 msgid "ad_gpo_map_network (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:602 +#: sssd-ad.5.xml:621 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the NetworkLogonRight and " @@ -10155,7 +10456,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:608 +#: sssd-ad.5.xml:627 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Access " "this computer from the network\" and \"Deny access to this computer from the " @@ -10163,7 +10464,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:623 +#: sssd-ad.5.xml:642 #, no-wrap msgid "" "ad_gpo_map_network = +my_pam_service, -ftp\n" @@ -10171,7 +10472,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:614 +#: sssd-ad.5.xml:633 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -10183,22 +10484,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:631 +#: sssd-ad.5.xml:650 msgid "ftp" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:636 +#: sssd-ad.5.xml:655 msgid "samba" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:645 +#: sssd-ad.5.xml:664 msgid "ad_gpo_map_batch (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:648 +#: sssd-ad.5.xml:667 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the BatchLogonRight and DenyBatchLogonRight " @@ -10206,14 +10507,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:654 +#: sssd-ad.5.xml:673 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a batch job\" and \"Deny log on as a batch job\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:668 +#: sssd-ad.5.xml:687 #, no-wrap msgid "" "ad_gpo_map_batch = +my_pam_service, -crond\n" @@ -10221,7 +10522,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:659 +#: sssd-ad.5.xml:678 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -10233,23 +10534,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:671 +#: sssd-ad.5.xml:690 msgid "" "Note: Cron service name may differ depending on Linux distribution used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:677 +#: sssd-ad.5.xml:696 msgid "crond" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:686 +#: sssd-ad.5.xml:705 msgid "ad_gpo_map_service (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:689 +#: sssd-ad.5.xml:708 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the ServiceLogonRight and " @@ -10257,14 +10558,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:695 +#: sssd-ad.5.xml:714 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a service\" and \"Deny log on as a service\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:708 +#: sssd-ad.5.xml:727 #, no-wrap msgid "" "ad_gpo_map_service = +my_pam_service\n" @@ -10272,7 +10573,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:700 sssd-ad.5.xml:775 +#: sssd-ad.5.xml:719 sssd-ad.5.xml:794 msgid "" "It is possible to add a PAM service name to the default set by using <quote>" "+service_name</quote>. Since the default set is empty, it is not possible " @@ -10283,19 +10584,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:718 +#: sssd-ad.5.xml:737 msgid "ad_gpo_map_permit (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:721 +#: sssd-ad.5.xml:740 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always granted, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:735 +#: sssd-ad.5.xml:754 #, no-wrap msgid "" "ad_gpo_map_permit = +my_pam_service, -sudo\n" @@ -10303,7 +10604,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:726 +#: sssd-ad.5.xml:745 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -10315,29 +10616,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:743 +#: sssd-ad.5.xml:762 msgid "polkit-1" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:758 +#: sssd-ad.5.xml:777 msgid "systemd-user" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:767 +#: sssd-ad.5.xml:786 msgid "ad_gpo_map_deny (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:770 +#: sssd-ad.5.xml:789 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always denied, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:783 +#: sssd-ad.5.xml:802 #, no-wrap msgid "" "ad_gpo_map_deny = +my_pam_service\n" @@ -10345,12 +10646,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:793 +#: sssd-ad.5.xml:812 msgid "ad_gpo_default_right (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:796 +#: sssd-ad.5.xml:815 msgid "" "This option defines how access control is evaluated for PAM service names " "that are not explicitly listed in one of the ad_gpo_map_* options. This " @@ -10363,57 +10664,57 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:809 +#: sssd-ad.5.xml:828 msgid "Supported values for this option include:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:813 +#: sssd-ad.5.xml:832 msgid "interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:818 +#: sssd-ad.5.xml:837 msgid "remote_interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:823 +#: sssd-ad.5.xml:842 msgid "network" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:828 +#: sssd-ad.5.xml:847 msgid "batch" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:833 +#: sssd-ad.5.xml:852 msgid "service" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:838 +#: sssd-ad.5.xml:857 msgid "permit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:843 +#: sssd-ad.5.xml:862 msgid "deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:849 +#: sssd-ad.5.xml:868 msgid "Default: deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:855 +#: sssd-ad.5.xml:874 msgid "ad_maximum_machine_account_password_age (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:858 +#: sssd-ad.5.xml:877 msgid "" "SSSD will check once a day if the machine account password is older than the " "given age in days and try to renew it. A value of 0 will disable the renewal " @@ -10421,17 +10722,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:864 +#: sssd-ad.5.xml:883 msgid "Default: 30 days" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:870 +#: sssd-ad.5.xml:889 msgid "ad_machine_account_password_renewal_opts (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:873 +#: sssd-ad.5.xml:892 msgid "" "This option should only be used to test the machine account renewal task. " "The option expects 2 integers separated by a colon (':'). The first integer " @@ -10441,12 +10742,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:882 +#: sssd-ad.5.xml:901 msgid "Default: 86400:750 (24h and 15m)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:891 +#: sssd-ad.5.xml:910 msgid "" "Optional. This option tells SSSD to automatically update the Active " "Directory DNS server with the IP address of this client. The update is " @@ -10457,19 +10758,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:921 +#: sssd-ad.5.xml:940 msgid "Default: 3600 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:937 +#: sssd-ad.5.xml:956 msgid "" "Default: Use the IP addresses of the interface which is used for AD LDAP " "connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:950 +#: sssd-ad.5.xml:969 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -10479,12 +10780,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:973 sss_rpcidmapd.5.xml:76 +#: sssd-ad.5.xml:992 sss_rpcidmapd.5.xml:76 msgid "Default: True" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1080 +#: sssd-ad.5.xml:1099 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -10492,7 +10793,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1087 +#: sssd-ad.5.xml:1106 #, no-wrap msgid "" "[domain/EXAMPLE]\n" @@ -10507,7 +10808,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1107 +#: sssd-ad.5.xml:1126 #, no-wrap msgid "" "access_provider = ldap\n" @@ -10516,7 +10817,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1103 +#: sssd-ad.5.xml:1122 msgid "" "The AD access control provider checks if the account is expired. It has the " "same effect as the following configuration of the LDAP provider: " @@ -10524,7 +10825,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1113 +#: sssd-ad.5.xml:1132 msgid "" "However, unless the <quote>ad</quote> access control provider is explicitly " "configured, the default access provider is <quote>permit</quote>. Please " @@ -10534,7 +10835,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1121 +#: sssd-ad.5.xml:1140 msgid "" "When the autofs provider is set to <quote>ad</quote>, the RFC2307 schema " "attribute mapping (nisMap, nisObject, ...) is used, because these attributes " @@ -12018,23 +12319,61 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-krb5.5.xml:505 -msgid "krb5_use_enterprise_principal (boolean)" +msgid "krb5_kdcinfo_lookahead (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:508 msgid "" +"When krb5_use_kdcinfo is set to true, you can limit the amount of servers " +"handed to <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" +"refentrytitle> <manvolnum>8</manvolnum> </citerefentry>. This might be " +"helpful when there are too many servers discovered using SRV record." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:518 +msgid "" +"The krb5_kdcinfo_lookahead option contains two numbers seperated by a colon. " +"The first number represents number of primary servers used and the second " +"number specifies the number of backup servers." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:524 +msgid "" +"For example <emphasis>10:0</emphasis> means that up to 10 primary servers " +"will be handed to <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" +"refentrytitle> <manvolnum>8</manvolnum> </citerefentry>. but no backup " +"servers." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:533 +#, fuzzy +#| msgid "Default: 3" +msgid "Default: 3:1" +msgstr "По умолчанию: 3" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-krb5.5.xml:539 +msgid "krb5_use_enterprise_principal (boolean)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:542 +msgid "" "Specifies if the user principal should be treated as enterprise principal. " "See section 5 of RFC 6806 for more details about enterprise principals." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:514 +#: sssd-krb5.5.xml:548 msgid "Default: false (AD provider: true)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:517 +#: sssd-krb5.5.xml:551 msgid "" "The IPA provider will set to option to 'true' if it detects that the server " "is capable of handling enterprise principals and the option is not set " @@ -12042,12 +12381,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:526 +#: sssd-krb5.5.xml:560 msgid "krb5_map_user (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:529 +#: sssd-krb5.5.xml:563 msgid "" "The list of mappings is given as a comma-separated list of pairs " "<quote>username:primary</quote> where <quote>username</quote> is a UNIX user " @@ -12057,7 +12396,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-krb5.5.xml:541 +#: sssd-krb5.5.xml:575 #, no-wrap msgid "" "krb5_realm = REALM\n" @@ -12065,7 +12404,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:546 +#: sssd-krb5.5.xml:580 msgid "" "<quote>joe</quote> and <quote>dick</quote> are UNIX user names and " "<quote>juser</quote> and <quote>richard</quote> are primaries of kerberos " @@ -12085,7 +12424,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:572 +#: sssd-krb5.5.xml:606 msgid "" "The following example assumes that SSSD is correctly configured and FOO is " "one of the domains in the <replaceable>[sssd]</replaceable> section. This " @@ -12094,7 +12433,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-krb5.5.xml:580 +#: sssd-krb5.5.xml:614 #, no-wrap msgid "" "[domain/FOO]\n" diff --git a/src/man/po/sssd-docs.pot b/src/man/po/sssd-docs.pot index 428d0405a71..cdcadbb5823 100644 --- a/src/man/po/sssd-docs.pot +++ b/src/man/po/sssd-docs.pot @@ -6,9 +6,9 @@ #, fuzzy msgid "" msgstr "" -"Project-Id-Version: sssd-docs 2.0.99\n" +"Project-Id-Version: sssd-docs 2.1.1\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2019-02-27 19:54+0100\n" +"POT-Creation-Date: 2019-06-13 20:37+0200\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n" "Language-Team: LANGUAGE <LL@li.org>\n" @@ -254,7 +254,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:133 sssd.conf.5.xml:579 sssd.conf.5.xml:875 sssd.conf.5.xml:1648 sssd.conf.5.xml:1678 sssd-ldap.5.xml:1792 sssd-ldap.5.xml:1889 sssd-ldap.5.xml:1951 sssd-ldap.5.xml:2517 sssd-ldap.5.xml:2582 sssd-ipa.5.xml:326 sssd-ad.5.xml:227 sssd-ad.5.xml:341 sssd-ad.5.xml:907 sssd-ad.5.xml:1040 sssd-krb5.5.xml:499 sssd-secrets.5.xml:351 sssd-secrets.5.xml:364 +#: sssd.conf.5.xml:133 sssd.conf.5.xml:579 sssd.conf.5.xml:876 sssd.conf.5.xml:1649 sssd.conf.5.xml:1679 sssd-ldap.5.xml:1849 sssd-ldap.5.xml:1947 sssd-ldap.5.xml:2009 sssd-ldap.5.xml:2586 sssd-ldap.5.xml:2651 sssd-ipa.5.xml:326 sssd-ad.5.xml:227 sssd-ad.5.xml:341 sssd-ad.5.xml:926 sssd-ad.5.xml:1059 sssd-krb5.5.xml:499 sssd-secrets.5.xml:351 sssd-secrets.5.xml:364 msgid "Default: true" msgstr "" @@ -271,12 +271,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:146 sssd.conf.5.xml:576 sssd.conf.5.xml:758 sssd.conf.5.xml:1581 sssd.conf.5.xml:3140 sssd-ldap.5.xml:708 sssd-ldap.5.xml:1655 sssd-ldap.5.xml:1674 sssd-ldap.5.xml:1861 sssd-ldap.5.xml:2287 sssd-ldap.5.xml:2606 sssd-ipa.5.xml:151 sssd-ipa.5.xml:238 sssd-ipa.5.xml:574 sssd-krb5.5.xml:266 sssd-krb5.5.xml:300 sssd-krb5.5.xml:471 +#: sssd.conf.5.xml:146 sssd.conf.5.xml:576 sssd.conf.5.xml:758 sssd.conf.5.xml:1582 sssd.conf.5.xml:3207 sssd-ldap.5.xml:746 sssd-ldap.5.xml:1700 sssd-ldap.5.xml:1719 sssd-ldap.5.xml:1919 sssd-ldap.5.xml:2345 sssd-ldap.5.xml:2675 sssd-ipa.5.xml:151 sssd-ipa.5.xml:238 sssd-ipa.5.xml:574 sssd-krb5.5.xml:266 sssd-krb5.5.xml:300 sssd-krb5.5.xml:471 msgid "Default: false" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:2325 sssd-systemtap.5.xml:82 sssd-systemtap.5.xml:143 sssd-systemtap.5.xml:210 sssd-systemtap.5.xml:248 sssd-systemtap.5.xml:304 +#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:2383 sssd-systemtap.5.xml:82 sssd-systemtap.5.xml:143 sssd-systemtap.5.xml:210 sssd-systemtap.5.xml:248 sssd-systemtap.5.xml:304 msgid "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" @@ -299,7 +299,7 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:169 sssd.conf.5.xml:1412 sssd.conf.5.xml:3156 sssd-ldap.5.xml:1526 include/ldap_id_mapping.xml:264 +#: sssd.conf.5.xml:169 sssd.conf.5.xml:1413 sssd.conf.5.xml:3223 sssd-ldap.5.xml:1571 include/ldap_id_mapping.xml:264 msgid "Default: 10" msgstr "" @@ -314,7 +314,7 @@ msgid "The [sssd] section" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:191 sssd.conf.5.xml:3245 +#: sssd.conf.5.xml:191 sssd.conf.5.xml:3312 msgid "Section parameters" msgstr "" @@ -395,7 +395,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:259 sssd.conf.5.xml:2754 +#: sssd.conf.5.xml:259 sssd.conf.5.xml:2755 msgid "re_expression (string)" msgstr "" @@ -415,12 +415,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:276 sssd.conf.5.xml:2802 +#: sssd.conf.5.xml:276 sssd.conf.5.xml:2803 msgid "full_name_format (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:279 sssd.conf.5.xml:2805 +#: sssd.conf.5.xml:279 sssd.conf.5.xml:2806 msgid "" "A <citerefentry> <refentrytitle>printf</refentrytitle> " "<manvolnum>3</manvolnum> </citerefentry>-compatible format that describes " @@ -429,39 +429,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:290 sssd.conf.5.xml:2816 +#: sssd.conf.5.xml:290 sssd.conf.5.xml:2817 msgid "%1$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:291 sssd.conf.5.xml:2817 +#: sssd.conf.5.xml:291 sssd.conf.5.xml:2818 msgid "user name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:294 sssd.conf.5.xml:2820 +#: sssd.conf.5.xml:294 sssd.conf.5.xml:2821 msgid "%2$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:297 sssd.conf.5.xml:2823 +#: sssd.conf.5.xml:297 sssd.conf.5.xml:2824 msgid "domain name as specified in the SSSD config file." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:303 sssd.conf.5.xml:2829 +#: sssd.conf.5.xml:303 sssd.conf.5.xml:2830 msgid "%3$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:306 sssd.conf.5.xml:2832 +#: sssd.conf.5.xml:306 sssd.conf.5.xml:2833 msgid "" "domain flat name. Mostly usable for Active Directory domains, both directly " "configured or discovered via IPA trusts." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:287 sssd.conf.5.xml:2813 +#: sssd.conf.5.xml:287 sssd.conf.5.xml:2814 msgid "" "The following expansions are supported: <placeholder type=\"variablelist\" " "id=\"0\"/>" @@ -585,7 +585,7 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:418 sssd.conf.5.xml:1201 sssd-ldap.5.xml:679 sssd-ldap.5.xml:1260 sssd-ldap.5.xml:1614 sssd-ldap.5.xml:1626 sssd-ldap.5.xml:1708 sssd-ad.5.xml:712 sssd-ad.5.xml:787 sssd.8.xml:126 sssd-krb5.5.xml:410 sssd-krb5.5.xml:556 sssd-secrets.5.xml:339 sssd-secrets.5.xml:377 sssd-secrets.5.xml:390 sssd-secrets.5.xml:404 sssd-secrets.5.xml:415 include/ldap_id_mapping.xml:205 include/ldap_id_mapping.xml:216 +#: sssd.conf.5.xml:418 sssd.conf.5.xml:1202 sssd-ldap.5.xml:717 sssd-ldap.5.xml:1298 sssd-ldap.5.xml:1659 sssd-ldap.5.xml:1671 sssd-ldap.5.xml:1763 sssd-ad.5.xml:731 sssd-ad.5.xml:806 sssd.8.xml:126 sssd-krb5.5.xml:410 sssd-krb5.5.xml:590 sssd-secrets.5.xml:339 sssd-secrets.5.xml:377 sssd-secrets.5.xml:390 sssd-secrets.5.xml:404 sssd-secrets.5.xml:415 include/ldap_id_mapping.xml:205 include/ldap_id_mapping.xml:216 msgid "Default: not set" msgstr "" @@ -725,12 +725,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:533 sssd.conf.5.xml:1397 sssd.conf.5.xml:1703 +#: sssd.conf.5.xml:533 sssd.conf.5.xml:1398 sssd.conf.5.xml:1704 msgid "This man page was generated for the NSS version." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:536 sssd.conf.5.xml:1400 sssd.conf.5.xml:1706 +#: sssd.conf.5.xml:536 sssd.conf.5.xml:1401 sssd.conf.5.xml:1707 msgid "This man page was generated for the OpenSSL version." msgstr "" @@ -814,7 +814,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:624 sssd.conf.5.xml:1424 sssd.conf.5.xml:3206 sssd-ad.5.xml:164 sssd-ad.5.xml:302 sssd-ad.5.xml:316 +#: sssd.conf.5.xml:624 sssd.conf.5.xml:1425 sssd.conf.5.xml:3273 sssd-ad.5.xml:164 sssd-ad.5.xml:302 sssd-ad.5.xml:316 msgid "Default: Not set" msgstr "" @@ -889,7 +889,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:692 sssd.conf.5.xml:724 sssd.conf.5.xml:1006 sssd.conf.5.xml:1267 sssd.conf.5.xml:1513 sssd-ldap.5.xml:1353 +#: sssd.conf.5.xml:692 sssd.conf.5.xml:724 sssd.conf.5.xml:1007 sssd.conf.5.xml:1268 sssd.conf.5.xml:1514 sssd-ldap.5.xml:1391 msgid "Default: 60" msgstr "" @@ -949,7 +949,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:746 sssd.conf.5.xml:1019 sssd.conf.5.xml:1773 sssd-ldap.5.xml:722 +#: sssd.conf.5.xml:746 sssd.conf.5.xml:1020 sssd.conf.5.xml:1774 sssd-ldap.5.xml:760 msgid "Default: 300" msgstr "" @@ -1027,7 +1027,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:812 sssd.conf.5.xml:1602 +#: sssd.conf.5.xml:812 sssd.conf.5.xml:1603 msgid "Default: 50" msgstr "" @@ -1045,7 +1045,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:826 sssd.conf.5.xml:1626 +#: sssd.conf.5.xml:826 sssd.conf.5.xml:1627 msgid "Default: 15" msgstr "" @@ -1078,11 +1078,11 @@ msgid "" "Exclude certain users or groups from being fetched from the sss NSS " "database. This is particularly useful for system accounts. This option can " "also be set per-domain or include fully-qualified names to filter only users " -"from the particular domain." +"from the particular domain or by a user principal name (UPN)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:855 +#: sssd.conf.5.xml:856 msgid "" "NOTE: The filter_groups option doesn't affect inheritance of nested group " "members, since filtering happens after they are propagated for returning via " @@ -1091,39 +1091,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:863 +#: sssd.conf.5.xml:864 msgid "Default: root" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:868 +#: sssd.conf.5.xml:869 msgid "filter_users_in_groups (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:871 +#: sssd.conf.5.xml:872 msgid "If you want filtered user still be group members set this option to false." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:882 +#: sssd.conf.5.xml:883 msgid "fallback_homedir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:885 +#: sssd.conf.5.xml:886 msgid "" "Set a default template for a user's home directory if one is not specified " "explicitly by the domain's data provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:890 +#: sssd.conf.5.xml:891 msgid "The available values for this option are the same as for override_homedir." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:896 +#: sssd.conf.5.xml:897 #, no-wrap msgid "" "fallback_homedir = /home/%u\n" @@ -1131,22 +1131,22 @@ msgid "" msgstr "" #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:894 sssd.conf.5.xml:1334 sssd.conf.5.xml:1353 sssd-krb5.5.xml:539 include/override_homedir.xml:59 +#: sssd.conf.5.xml:895 sssd.conf.5.xml:1335 sssd.conf.5.xml:1354 sssd-krb5.5.xml:573 include/override_homedir.xml:59 msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:900 +#: sssd.conf.5.xml:901 msgid "Default: not set (no substitution for unset home directories)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:906 +#: sssd.conf.5.xml:907 msgid "override_shell (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:909 +#: sssd.conf.5.xml:910 msgid "" "Override the login shell for all users. This option supersedes any other " "shell options if it takes effect and can be set either in the [nss] section " @@ -1154,46 +1154,46 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:915 +#: sssd.conf.5.xml:916 msgid "Default: not set (SSSD will use the value retrieved from LDAP)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:921 +#: sssd.conf.5.xml:922 msgid "allowed_shells (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:924 +#: sssd.conf.5.xml:925 msgid "Restrict user shell to one of the listed values. The order of evaluation is:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:927 +#: sssd.conf.5.xml:928 msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:931 +#: sssd.conf.5.xml:932 msgid "" "2. If the shell is in the allowed_shells list but not in " "<quote>/etc/shells</quote>, use the value of the shell_fallback parameter." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:936 +#: sssd.conf.5.xml:937 msgid "" "3. If the shell is not in the allowed_shells list and not in " "<quote>/etc/shells</quote>, a nologin shell is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:941 +#: sssd.conf.5.xml:942 msgid "The wildcard (*) can be used to allow any shell." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:944 +#: sssd.conf.5.xml:945 msgid "" "The (*) is useful if you want to use shell_fallback in case that user's " "shell is not in <quote>/etc/shells</quote> and maintaining list of all " @@ -1201,56 +1201,56 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:951 +#: sssd.conf.5.xml:952 msgid "An empty string for shell is passed as-is to libc." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:954 +#: sssd.conf.5.xml:955 msgid "" "The <quote>/etc/shells</quote> is only read on SSSD start up, which means " "that a restart of the SSSD is required in case a new shell is installed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:958 +#: sssd.conf.5.xml:959 msgid "Default: Not set. The user shell is automatically used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:963 +#: sssd.conf.5.xml:964 msgid "vetoed_shells (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:966 +#: sssd.conf.5.xml:967 msgid "Replace any instance of these shells with the shell_fallback" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:971 +#: sssd.conf.5.xml:972 msgid "shell_fallback (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:974 +#: sssd.conf.5.xml:975 msgid "" "The default shell to use if an allowed shell is not installed on the " "machine." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:978 +#: sssd.conf.5.xml:979 msgid "Default: /bin/sh" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:983 +#: sssd.conf.5.xml:984 msgid "default_shell" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:986 +#: sssd.conf.5.xml:987 msgid "" "The default shell to use if the provider does not return one during " "lookup. This option can be specified globally in the [nss] section or " @@ -1258,57 +1258,57 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:992 +#: sssd.conf.5.xml:993 msgid "" "Default: not set (Return NULL if no shell is specified and rely on libc to " "substitute something sensible when necessary, usually /bin/sh)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:999 sssd.conf.5.xml:1260 +#: sssd.conf.5.xml:1000 sssd.conf.5.xml:1261 msgid "get_domains_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1002 sssd.conf.5.xml:1263 +#: sssd.conf.5.xml:1003 sssd.conf.5.xml:1264 msgid "" "Specifies time in seconds for which the list of subdomains will be " "considered valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1011 +#: sssd.conf.5.xml:1012 msgid "memcache_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1014 +#: sssd.conf.5.xml:1015 msgid "" "Specifies time in seconds for which records in the in-memory cache will be " "valid. Setting this option to zero will disable the in-memory cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1022 +#: sssd.conf.5.xml:1023 msgid "" "WARNING: Disabling the in-memory cache will have significant negative impact " "on SSSD's performance and should only be used for testing." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1028 +#: sssd.conf.5.xml:1029 msgid "" "NOTE: If the environment variable SSS_NSS_USE_MEMCACHE is set to \"NO\", " "client applications will not use the fast in-memory cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1036 sssd-ifp.5.xml:74 +#: sssd.conf.5.xml:1037 sssd-ifp.5.xml:74 msgid "user_attributes (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1039 +#: sssd.conf.5.xml:1040 msgid "" "Some of the additional NSS responder requests can return more attributes " "than just the POSIX ones defined by the NSS interface. The list of " @@ -1320,96 +1320,96 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1052 +#: sssd.conf.5.xml:1053 msgid "" "To make configuration more easy the NSS responder will check the InfoPipe " "option if it is not set for the NSS responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1057 +#: sssd.conf.5.xml:1058 msgid "Default: not set, fallback to InfoPipe option" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1062 +#: sssd.conf.5.xml:1063 msgid "pwfield (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1065 +#: sssd.conf.5.xml:1066 msgid "" "The value that NSS operations that return users or groups will return for " "the <quote>password</quote> field." msgstr "" #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:1070 include/override_homedir.xml:56 +#: sssd.conf.5.xml:1071 include/override_homedir.xml:56 msgid "This option can also be set per-domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1073 +#: sssd.conf.5.xml:1074 msgid "" "Default: <quote>*</quote> (remote domains) or <quote>x</quote> (the files " "domain)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1081 +#: sssd.conf.5.xml:1082 msgid "PAM configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1083 +#: sssd.conf.5.xml:1084 msgid "" "These options can be used to configure the Pluggable Authentication Module " "(PAM) service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1088 +#: sssd.conf.5.xml:1089 msgid "offline_credentials_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1091 +#: sssd.conf.5.xml:1092 msgid "" "If the authentication provider is offline, how long should we allow cached " "logins (in days since the last successful online login)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1096 sssd.conf.5.xml:1109 +#: sssd.conf.5.xml:1097 sssd.conf.5.xml:1110 msgid "Default: 0 (No limit)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1102 +#: sssd.conf.5.xml:1103 msgid "offline_failed_login_attempts (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1105 +#: sssd.conf.5.xml:1106 msgid "" "If the authentication provider is offline, how many failed login attempts " "are allowed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1115 +#: sssd.conf.5.xml:1116 msgid "offline_failed_login_delay (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1118 +#: sssd.conf.5.xml:1119 msgid "" "The time in minutes which has to pass after offline_failed_login_attempts " "has been reached before a new login attempt is possible." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1123 +#: sssd.conf.5.xml:1124 msgid "" "If set to 0 the user cannot authenticate offline if " "offline_failed_login_attempts has been reached. Only a successful online " @@ -1417,59 +1417,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1129 sssd.conf.5.xml:1227 +#: sssd.conf.5.xml:1130 sssd.conf.5.xml:1228 msgid "Default: 5" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1135 +#: sssd.conf.5.xml:1136 msgid "pam_verbosity (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1138 +#: sssd.conf.5.xml:1139 msgid "" "Controls what kind of messages are shown to the user during " "authentication. The higher the number to more messages are displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1143 +#: sssd.conf.5.xml:1144 msgid "Currently sssd supports the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1146 +#: sssd.conf.5.xml:1147 msgid "<emphasis>0</emphasis>: do not show any message" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1149 +#: sssd.conf.5.xml:1150 msgid "<emphasis>1</emphasis>: show only important messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1153 +#: sssd.conf.5.xml:1154 msgid "<emphasis>2</emphasis>: show informational messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1156 +#: sssd.conf.5.xml:1157 msgid "<emphasis>3</emphasis>: show all messages and debug information" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1160 sssd.8.xml:63 +#: sssd.conf.5.xml:1161 sssd.8.xml:63 msgid "Default: 1" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1166 +#: sssd.conf.5.xml:1167 msgid "pam_response_filter (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1169 +#: sssd.conf.5.xml:1170 msgid "" "A comma separated list of strings which allows to remove (filter) data sent " "by the PAM responder to pam_sss PAM module. There are different kind of " @@ -1478,61 +1478,61 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1177 +#: sssd.conf.5.xml:1178 msgid "" "While messages already can be controlled with the help of the pam_verbosity " "option this option allows to filter out other kind of responses as well." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1184 +#: sssd.conf.5.xml:1185 msgid "ENV" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1185 +#: sssd.conf.5.xml:1186 msgid "Do not send any environment variables to any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1188 +#: sssd.conf.5.xml:1189 msgid "ENV:var_name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1189 +#: sssd.conf.5.xml:1190 msgid "Do not send environment variable var_name to any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1193 +#: sssd.conf.5.xml:1194 msgid "ENV:var_name:service" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1194 +#: sssd.conf.5.xml:1195 msgid "Do not send environment variable var_name to service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1182 +#: sssd.conf.5.xml:1183 msgid "" "Currently the following filters are supported: <placeholder " "type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1204 +#: sssd.conf.5.xml:1205 msgid "Example: ENV:KRB5CCNAME:sudo-i" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1210 +#: sssd.conf.5.xml:1211 msgid "pam_id_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1213 +#: sssd.conf.5.xml:1214 msgid "" "For any PAM request while SSSD is online, the SSSD will attempt to " "immediately update the cached identity information for the user in order to " @@ -1540,7 +1540,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1219 +#: sssd.conf.5.xml:1220 msgid "" "A complete PAM conversation may perform multiple PAM requests, such as " "account management and session opening. This option controls (on a " @@ -1550,17 +1550,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1233 +#: sssd.conf.5.xml:1234 msgid "pam_pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1236 sssd.conf.5.xml:2235 +#: sssd.conf.5.xml:1237 sssd.conf.5.xml:2236 msgid "Display a warning N days before the password expires." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1239 +#: sssd.conf.5.xml:1240 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -1568,7 +1568,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1245 sssd.conf.5.xml:2238 +#: sssd.conf.5.xml:1246 sssd.conf.5.xml:2239 msgid "" "If zero is set, then this filter is not applied, i.e. if the expiration " "warning was received from backend server, it will automatically be " @@ -1576,24 +1576,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1250 +#: sssd.conf.5.xml:1251 msgid "" "This setting can be overridden by setting " "<emphasis>pwd_expiration_warning</emphasis> for a particular domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1255 sssd.conf.5.xml:3061 sssd.8.xml:79 +#: sssd.conf.5.xml:1256 sssd.conf.5.xml:3069 sssd.8.xml:79 msgid "Default: 0" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1272 +#: sssd.conf.5.xml:1273 msgid "pam_trusted_users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1275 +#: sssd.conf.5.xml:1276 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to run PAM conversations against trusted domains. Users not " @@ -1603,72 +1603,72 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1285 +#: sssd.conf.5.xml:1286 msgid "Default: All users are considered trusted by default" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1289 +#: sssd.conf.5.xml:1290 msgid "" "Please note that UID 0 is always allowed to access the PAM responder even in " "case it is not in the pam_trusted_users list." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1296 +#: sssd.conf.5.xml:1297 msgid "pam_public_domains (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1299 +#: sssd.conf.5.xml:1300 msgid "" "Specifies the comma-separated list of domain names that are accessible even " "to untrusted users." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1303 +#: sssd.conf.5.xml:1304 msgid "Two special values for pam_public_domains option are defined:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1307 +#: sssd.conf.5.xml:1308 msgid "all (Untrusted users are allowed to access all domains in PAM responder.)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1311 +#: sssd.conf.5.xml:1312 msgid "" "none (Untrusted users are not allowed to access any domains PAM in " "responder.)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1315 sssd.conf.5.xml:1340 sssd.conf.5.xml:1359 sssd.conf.5.xml:1546 sssd.conf.5.xml:2032 sssd.conf.5.xml:2997 sssd-ldap.5.xml:1920 +#: sssd.conf.5.xml:1316 sssd.conf.5.xml:1341 sssd.conf.5.xml:1360 sssd.conf.5.xml:1547 sssd.conf.5.xml:2033 sssd.conf.5.xml:2998 sssd-ldap.5.xml:1978 msgid "Default: none" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1320 +#: sssd.conf.5.xml:1321 msgid "pam_account_expired_message (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1323 +#: sssd.conf.5.xml:1324 msgid "" "Allows a custom expiration message to be set, replacing the default " "'Permission denied' message." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1328 +#: sssd.conf.5.xml:1329 msgid "" "Note: Please be aware that message is only printed for the SSH service " "unless pam_verbosity is set to 3 (show all messages and debug information)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1336 +#: sssd.conf.5.xml:1337 #, no-wrap msgid "" "pam_account_expired_message = Account expired, please contact help desk.\n" @@ -1676,19 +1676,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1345 +#: sssd.conf.5.xml:1346 msgid "pam_account_locked_message (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1348 +#: sssd.conf.5.xml:1349 msgid "" "Allows a custom lockout message to be set, replacing the default 'Permission " "denied' message." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1355 +#: sssd.conf.5.xml:1356 #, no-wrap msgid "" "pam_account_locked_message = Account locked, please contact help desk.\n" @@ -1696,12 +1696,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1364 +#: sssd.conf.5.xml:1365 msgid "pam_cert_auth (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1367 +#: sssd.conf.5.xml:1368 msgid "" "Enable certificate based Smartcard authentication. Since this requires " "additional communication with the Smartcard which will delay the " @@ -1709,75 +1709,75 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1373 sssd.conf.5.xml:3090 sssd-ldap.5.xml:1455 sssd-ldap.5.xml:1476 sssd-ldap.5.xml:1993 sssd-ad.5.xml:435 include/ldap_id_mapping.xml:244 +#: sssd.conf.5.xml:1374 sssd-ldap.5.xml:1493 sssd-ldap.5.xml:1514 sssd-ldap.5.xml:2051 sssd-ad.5.xml:435 sssd-ad.5.xml:453 include/ldap_id_mapping.xml:244 msgid "Default: False" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1378 +#: sssd.conf.5.xml:1379 msgid "pam_cert_db_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1381 +#: sssd.conf.5.xml:1382 msgid "" "The path to the certificate database which contain the PKCS#11 modules to " "access the Smartcard." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1385 sssd.conf.5.xml:1691 sssd.conf.5.xml:3441 +#: sssd.conf.5.xml:1386 sssd.conf.5.xml:1692 sssd.conf.5.xml:3509 msgid "Default:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1387 sssd.conf.5.xml:1693 +#: sssd.conf.5.xml:1388 sssd.conf.5.xml:1694 msgid "/etc/pki/nssdb (NSS version, path to a NSS database)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1390 sssd.conf.5.xml:1696 +#: sssd.conf.5.xml:1391 sssd.conf.5.xml:1697 msgid "" "/etc/sssd/pki/sssd_auth_ca_db.pem (OpenSSL version, path to a file with " "trusted CA certificates in PEM format)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1405 +#: sssd.conf.5.xml:1406 msgid "p11_child_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1408 +#: sssd.conf.5.xml:1409 msgid "How many seconds will pam_sss wait for p11_child to finish." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1417 +#: sssd.conf.5.xml:1418 msgid "pam_app_services (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1420 +#: sssd.conf.5.xml:1421 msgid "" "Which PAM services are permitted to contact domains of type " "<quote>application</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1429 +#: sssd.conf.5.xml:1430 msgid "pam_p11_allowed_services (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1432 +#: sssd.conf.5.xml:1433 msgid "" "A comma-separated list of PAM service names for which it will be allowed to " "use Smartcards." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1447 +#: sssd.conf.5.xml:1448 #, no-wrap msgid "" "pam_p11_allowed_services = +my_pam_service, -login\n" @@ -1785,7 +1785,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1436 +#: sssd.conf.5.xml:1437 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -1797,62 +1797,62 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1451 sssd-ad.5.xml:485 sssd-ad.5.xml:581 sssd-ad.5.xml:627 sssd-ad.5.xml:673 sssd-ad.5.xml:739 +#: sssd.conf.5.xml:1452 sssd-ad.5.xml:504 sssd-ad.5.xml:600 sssd-ad.5.xml:646 sssd-ad.5.xml:692 sssd-ad.5.xml:758 msgid "Default: the default set of PAM service names includes:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1456 sssd-ad.5.xml:489 +#: sssd.conf.5.xml:1457 sssd-ad.5.xml:508 msgid "login" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1461 sssd-ad.5.xml:494 +#: sssd.conf.5.xml:1462 sssd-ad.5.xml:513 msgid "su" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1466 sssd-ad.5.xml:499 +#: sssd.conf.5.xml:1467 sssd-ad.5.xml:518 msgid "su-l" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1471 sssd-ad.5.xml:514 +#: sssd.conf.5.xml:1472 sssd-ad.5.xml:533 msgid "gdm-smartcard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1476 sssd-ad.5.xml:509 +#: sssd.conf.5.xml:1477 sssd-ad.5.xml:528 msgid "gdm-password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1481 sssd-ad.5.xml:519 +#: sssd.conf.5.xml:1482 sssd-ad.5.xml:538 msgid "kdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1486 sssd-ad.5.xml:748 +#: sssd.conf.5.xml:1487 sssd-ad.5.xml:767 msgid "sudo" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1491 sssd-ad.5.xml:753 +#: sssd.conf.5.xml:1492 sssd-ad.5.xml:772 msgid "sudo-i" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1496 +#: sssd.conf.5.xml:1497 msgid "gnome-screensaver" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1504 +#: sssd.conf.5.xml:1505 msgid "p11_wait_for_card_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1507 +#: sssd.conf.5.xml:1508 msgid "" "If Smartcard authentication is required how many extra seconds in addition " "to p11_child_timeout should the PAM responder wait until a Smartcard is " @@ -1860,23 +1860,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1518 +#: sssd.conf.5.xml:1519 msgid "p11_uri (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1521 +#: sssd.conf.5.xml:1522 msgid "" "PKCS#11 URI (see RFC-7512 for details) which can be used to restrict the " "selection of devices used for Smartcard authentication. By default SSSD's " "p11_child will search for a PKCS#11 slot (reader) where the 'removable' " "flags is set and read the certificates from the inserted token from the " -"first slot found. If multiple readers are connected p11_uri can be use to " +"first slot found. If multiple readers are connected p11_uri can be used to " "tell p11_child to use a specific reader." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1534 +#: sssd.conf.5.xml:1535 #, no-wrap msgid "" "p11_uri = slot-description=My%20Smartcar%20Reader\n" @@ -1884,7 +1884,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1538 +#: sssd.conf.5.xml:1539 #, no-wrap msgid "" "p11_uri = library-description=OpenSC%20smartcard%20framework;slot-id=2\n" @@ -1892,7 +1892,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1532 +#: sssd.conf.5.xml:1533 msgid "" "Example: <placeholder type=\"programlisting\" id=\"0\"/> or <placeholder " "type=\"programlisting\" id=\"1\"/> To find suitable URI please check the " @@ -1901,12 +1901,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1554 +#: sssd.conf.5.xml:1555 msgid "SUDO configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1556 +#: sssd.conf.5.xml:1557 msgid "" "These options can be used to configure the sudo service. The detailed " "instructions for configuration of <citerefentry> " @@ -1918,24 +1918,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1573 +#: sssd.conf.5.xml:1574 msgid "sudo_timed (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1576 +#: sssd.conf.5.xml:1577 msgid "" "Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " "that implement time-dependent sudoers entries." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1588 +#: sssd.conf.5.xml:1589 msgid "sudo_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1591 +#: sssd.conf.5.xml:1592 msgid "" "Maximum number of expired rules that can be refreshed at once. If number of " "expired rules is below threshold, those rules are refreshed with " @@ -1946,22 +1946,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1610 +#: sssd.conf.5.xml:1611 msgid "AUTOFS configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1612 +#: sssd.conf.5.xml:1613 msgid "These options can be used to configure the autofs service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1616 +#: sssd.conf.5.xml:1617 msgid "autofs_negative_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1619 +#: sssd.conf.5.xml:1620 msgid "" "Specifies for how many seconds should the autofs responder negative cache " "hits (that is, queries for invalid map entries, like nonexistent ones) " @@ -1969,51 +1969,51 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1635 +#: sssd.conf.5.xml:1636 msgid "SSH configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1637 +#: sssd.conf.5.xml:1638 msgid "These options can be used to configure the SSH service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1641 +#: sssd.conf.5.xml:1642 msgid "ssh_hash_known_hosts (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1644 +#: sssd.conf.5.xml:1645 msgid "" "Whether or not to hash host names and addresses in the managed known_hosts " "file." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1653 +#: sssd.conf.5.xml:1654 msgid "ssh_known_hosts_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1656 +#: sssd.conf.5.xml:1657 msgid "" "How many seconds to keep a host in the managed known_hosts file after its " "host keys were requested." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1660 +#: sssd.conf.5.xml:1661 msgid "Default: 180" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1665 +#: sssd.conf.5.xml:1666 msgid "ssh_use_certificate_keys (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1668 +#: sssd.conf.5.xml:1669 msgid "" "If set to true the <command>sss_ssh_authorizedkeys</command> will return ssh " "keys derived from the public key of X.509 certificates stored in the user " @@ -2023,24 +2023,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1683 +#: sssd.conf.5.xml:1684 msgid "ca_db (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1686 +#: sssd.conf.5.xml:1687 msgid "" "Path to a storage of trusted CA certificates. The option is used to validate " "user certificates before deriving public ssh keys from them." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1714 +#: sssd.conf.5.xml:1715 msgid "PAC responder configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1716 +#: sssd.conf.5.xml:1717 msgid "" "The PAC responder works together with the authorization data plugin for MIT " "Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the " @@ -2051,7 +2051,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1725 +#: sssd.conf.5.xml:1726 msgid "" "If the remote user does not exist in the cache, it is created. The UID is " "determined with the help of the SID, trusted domains will have UPGs and the " @@ -2062,24 +2062,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1733 +#: sssd.conf.5.xml:1734 msgid "" "If there are SIDs of groups from domains sssd knows about, the user will be " "added to those groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1739 +#: sssd.conf.5.xml:1740 msgid "These options can be used to configure the PAC responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1743 sssd-ifp.5.xml:50 +#: sssd.conf.5.xml:1744 sssd-ifp.5.xml:50 msgid "allowed_uids (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1746 +#: sssd.conf.5.xml:1747 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to access the PAC responder. User names are resolved to UIDs at " @@ -2087,12 +2087,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1752 +#: sssd.conf.5.xml:1753 msgid "Default: 0 (only the root user is allowed to access the PAC responder)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1756 +#: sssd.conf.5.xml:1757 msgid "" "Please note that although the UID 0 is used as the default it will be " "overwritten with this option. If you still want to allow the root user to " @@ -2101,24 +2101,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1765 +#: sssd.conf.5.xml:1766 msgid "pac_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1768 +#: sssd.conf.5.xml:1769 msgid "" "Lifetime of the PAC entry in seconds. As long as the PAC is valid the PAC " "data can be used to determine the group memberships of a user." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1781 +#: sssd.conf.5.xml:1782 msgid "Session recording configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1783 +#: sssd.conf.5.xml:1784 msgid "" "Session recording works in conjunction with <citerefentry> " "<refentrytitle>tlog-rec-session</refentrytitle> <manvolnum>8</manvolnum> " @@ -2129,66 +2129,66 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1796 +#: sssd.conf.5.xml:1797 msgid "These options can be used to configure session recording." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1800 sssd-session-recording.5.xml:64 +#: sssd.conf.5.xml:1801 sssd-session-recording.5.xml:64 msgid "scope (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1807 sssd-session-recording.5.xml:71 +#: sssd.conf.5.xml:1808 sssd-session-recording.5.xml:71 msgid "\"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1810 sssd-session-recording.5.xml:74 +#: sssd.conf.5.xml:1811 sssd-session-recording.5.xml:74 msgid "No users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1815 sssd-session-recording.5.xml:79 +#: sssd.conf.5.xml:1816 sssd-session-recording.5.xml:79 msgid "\"some\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1818 sssd-session-recording.5.xml:82 +#: sssd.conf.5.xml:1819 sssd-session-recording.5.xml:82 msgid "" "Users/groups specified by <replaceable>users</replaceable> and " "<replaceable>groups</replaceable> options are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1827 sssd-session-recording.5.xml:91 +#: sssd.conf.5.xml:1828 sssd-session-recording.5.xml:91 msgid "\"all\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1830 sssd-session-recording.5.xml:94 +#: sssd.conf.5.xml:1831 sssd-session-recording.5.xml:94 msgid "All users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1803 sssd-session-recording.5.xml:67 +#: sssd.conf.5.xml:1804 sssd-session-recording.5.xml:67 msgid "" "One of the following strings specifying the scope of session recording: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1837 sssd-session-recording.5.xml:101 +#: sssd.conf.5.xml:1838 sssd-session-recording.5.xml:101 msgid "Default: \"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1842 sssd-session-recording.5.xml:106 +#: sssd.conf.5.xml:1843 sssd-session-recording.5.xml:106 msgid "users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1845 sssd-session-recording.5.xml:109 +#: sssd.conf.5.xml:1846 sssd-session-recording.5.xml:109 msgid "" "A comma-separated list of users which should have session recording " "enabled. Matches user names as returned by NSS. I.e. after the possible " @@ -2196,17 +2196,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1851 sssd-session-recording.5.xml:115 +#: sssd.conf.5.xml:1852 sssd-session-recording.5.xml:115 msgid "Default: Empty. Matches no users." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1856 sssd-session-recording.5.xml:120 +#: sssd.conf.5.xml:1857 sssd-session-recording.5.xml:120 msgid "groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1859 sssd-session-recording.5.xml:123 +#: sssd.conf.5.xml:1860 sssd-session-recording.5.xml:123 msgid "" "A comma-separated list of groups, members of which should have session " "recording enabled. Matches group names as returned by NSS. I.e. after the " @@ -2214,7 +2214,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1865 sssd-session-recording.5.xml:129 +#: sssd.conf.5.xml:1866 sssd-session-recording.5.xml:129 msgid "" "NOTE: using this option (having it set to anything) has a considerable " "performance cost, because each uncached request for a user requires " @@ -2222,22 +2222,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1872 sssd-session-recording.5.xml:136 +#: sssd.conf.5.xml:1873 sssd-session-recording.5.xml:136 msgid "Default: Empty. Matches no groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1882 +#: sssd.conf.5.xml:1883 msgid "DOMAIN SECTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1889 +#: sssd.conf.5.xml:1890 msgid "domain_type (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1892 +#: sssd.conf.5.xml:1893 msgid "" "Specifies whether the domain is meant to be used by POSIX-aware clients such " "as the Name Service Switch or by applications that do not need POSIX data to " @@ -2246,14 +2246,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1900 +#: sssd.conf.5.xml:1901 msgid "" "Allowed values for this option are <quote>posix</quote> and " "<quote>application</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1904 +#: sssd.conf.5.xml:1905 msgid "" "POSIX domains are reachable by all services. Application domains are only " "reachable from the InfoPipe responder (see <citerefentry> " @@ -2262,38 +2262,38 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1912 +#: sssd.conf.5.xml:1913 msgid "" "NOTE: The application domains are currently well tested with " "<quote>id_provider=ldap</quote> only." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1916 +#: sssd.conf.5.xml:1917 msgid "" "For an easy way to configure a non-POSIX domains, please see the " "<quote>Application domains</quote> section." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1920 +#: sssd.conf.5.xml:1921 msgid "Default: posix" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1926 +#: sssd.conf.5.xml:1927 msgid "min_id,max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1929 +#: sssd.conf.5.xml:1930 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1934 +#: sssd.conf.5.xml:1935 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For " @@ -2302,24 +2302,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1941 +#: sssd.conf.5.xml:1942 msgid "" "These ID limits affect even saving entries to cache, not only returning them " "by name or ID." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1945 +#: sssd.conf.5.xml:1946 msgid "Default: 1 for min_id, 0 (no limit) for max_id" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1951 +#: sssd.conf.5.xml:1952 msgid "enumerate (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1954 +#: sssd.conf.5.xml:1955 msgid "" "Determines if a domain can be enumerated, that is, whether the domain can " "list all the users and group it contains. Note that it is not required to " @@ -2328,29 +2328,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1962 +#: sssd.conf.5.xml:1963 msgid "TRUE = Users and groups are enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1965 +#: sssd.conf.5.xml:1966 msgid "FALSE = No enumerations for this domain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1968 sssd.conf.5.xml:2190 sssd.conf.5.xml:2365 +#: sssd.conf.5.xml:1969 sssd.conf.5.xml:2191 sssd.conf.5.xml:2366 msgid "Default: FALSE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1971 +#: sssd.conf.5.xml:1972 msgid "" "Enumerating a domain requires SSSD to download and store ALL user and group " "entries from the remote server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1976 +#: sssd.conf.5.xml:1977 msgid "" "Note: Enabling enumeration has a moderate performance impact on SSSD while " "enumeration is running. It may take up to several minutes after SSSD startup " @@ -2364,14 +2364,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1991 +#: sssd.conf.5.xml:1992 msgid "" "While the first enumeration is running, requests for the complete user or " "group lists may return no results until it completes." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1996 +#: sssd.conf.5.xml:1997 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " @@ -2380,39 +2380,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2004 +#: sssd.conf.5.xml:2005 msgid "" "For the reasons cited above, enabling enumeration is not recommended, " "especially in large environments." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2012 +#: sssd.conf.5.xml:2013 msgid "subdomain_enumerate (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2019 +#: sssd.conf.5.xml:2020 msgid "all" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2020 +#: sssd.conf.5.xml:2021 msgid "All discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2023 +#: sssd.conf.5.xml:2024 msgid "none" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2024 +#: sssd.conf.5.xml:2025 msgid "No discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2015 +#: sssd.conf.5.xml:2016 msgid "" "Whether any of autodetected trusted domains should be enumerated. The " "supported values are: <placeholder type=\"variablelist\" id=\"0\"/> " @@ -2421,19 +2421,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2038 +#: sssd.conf.5.xml:2039 msgid "entry_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2041 +#: sssd.conf.5.xml:2042 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2045 +#: sssd.conf.5.xml:2046 msgid "" "The cache expiration timestamps are stored as attributes of individual " "objects in the cache. Therefore, changing the cache timeout only has effect " @@ -2444,150 +2444,150 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2058 +#: sssd.conf.5.xml:2059 msgid "Default: 5400" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2064 +#: sssd.conf.5.xml:2065 msgid "entry_cache_user_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2067 +#: sssd.conf.5.xml:2068 msgid "" "How many seconds should nss_sss consider user entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2071 sssd.conf.5.xml:2084 sssd.conf.5.xml:2097 sssd.conf.5.xml:2110 sssd.conf.5.xml:2123 sssd.conf.5.xml:2137 sssd.conf.5.xml:2151 +#: sssd.conf.5.xml:2072 sssd.conf.5.xml:2085 sssd.conf.5.xml:2098 sssd.conf.5.xml:2111 sssd.conf.5.xml:2124 sssd.conf.5.xml:2138 sssd.conf.5.xml:2152 msgid "Default: entry_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2077 +#: sssd.conf.5.xml:2078 msgid "entry_cache_group_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2080 +#: sssd.conf.5.xml:2081 msgid "" "How many seconds should nss_sss consider group entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2090 +#: sssd.conf.5.xml:2091 msgid "entry_cache_netgroup_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2093 +#: sssd.conf.5.xml:2094 msgid "" "How many seconds should nss_sss consider netgroup entries valid before " "asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2103 +#: sssd.conf.5.xml:2104 msgid "entry_cache_service_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2106 +#: sssd.conf.5.xml:2107 msgid "" "How many seconds should nss_sss consider service entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2116 +#: sssd.conf.5.xml:2117 msgid "entry_cache_sudo_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2119 +#: sssd.conf.5.xml:2120 msgid "" "How many seconds should sudo consider rules valid before asking the backend " "again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2129 +#: sssd.conf.5.xml:2130 msgid "entry_cache_autofs_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2132 +#: sssd.conf.5.xml:2133 msgid "" "How many seconds should the autofs service consider automounter maps valid " "before asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2143 +#: sssd.conf.5.xml:2144 msgid "entry_cache_ssh_host_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2146 +#: sssd.conf.5.xml:2147 msgid "" "How many seconds to keep a host ssh key after refresh. IE how long to cache " "the host key for." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2157 +#: sssd.conf.5.xml:2158 msgid "refresh_expired_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2160 +#: sssd.conf.5.xml:2161 msgid "" "Specifies how many seconds SSSD has to wait before triggering a background " "refresh task which will refresh all expired or nearly expired records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2165 +#: sssd.conf.5.xml:2166 msgid "" "The background refresh will process users, groups and netgroups in the " "cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2169 +#: sssd.conf.5.xml:2170 msgid "You can consider setting this value to 3/4 * entry_cache_timeout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2173 sssd-ldap.5.xml:746 sssd-ipa.5.xml:254 +#: sssd.conf.5.xml:2174 sssd-ldap.5.xml:784 sssd-ipa.5.xml:254 msgid "Default: 0 (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2179 +#: sssd.conf.5.xml:2180 msgid "cache_credentials (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2182 +#: sssd.conf.5.xml:2183 msgid "Determines if user credentials are also cached in the local LDB cache" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2186 +#: sssd.conf.5.xml:2187 msgid "User credentials are stored in a SHA512 hash, not in plaintext" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2196 +#: sssd.conf.5.xml:2197 msgid "cache_credentials_minimal_first_factor_length (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2199 +#: sssd.conf.5.xml:2200 msgid "" "If 2-Factor-Authentication (2FA) is used and credentials should be saved " "this value determines the minimal length the first authentication factor " @@ -2595,24 +2595,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2206 +#: sssd.conf.5.xml:2207 msgid "" "This should avoid that the short PINs of a PIN based 2FA scheme are saved in " "the cache which would make them easy targets for brute-force attacks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2211 +#: sssd.conf.5.xml:2212 msgid "Default: 8" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2217 +#: sssd.conf.5.xml:2218 msgid "account_cache_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2220 +#: sssd.conf.5.xml:2221 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " @@ -2621,17 +2621,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2227 +#: sssd.conf.5.xml:2228 msgid "Default: 0 (unlimited)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2232 +#: sssd.conf.5.xml:2233 msgid "pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2243 +#: sssd.conf.5.xml:2244 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -2640,34 +2640,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2250 +#: sssd.conf.5.xml:2251 msgid "Default: 7 (Kerberos), 0 (LDAP)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2256 +#: sssd.conf.5.xml:2257 msgid "id_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2259 +#: sssd.conf.5.xml:2260 msgid "" "The identification provider used for the domain. Supported ID providers " "are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2263 +#: sssd.conf.5.xml:2264 msgid "<quote>proxy</quote>: Support a legacy NSS provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2266 +#: sssd.conf.5.xml:2267 msgid "<quote>local</quote>: SSSD internal provider for local users (DEPRECATED)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2270 +#: sssd.conf.5.xml:2271 msgid "" "<quote>files</quote>: FILES provider. See <citerefentry> " "<refentrytitle>sssd-files</refentrytitle> <manvolnum>5</manvolnum> " @@ -2676,7 +2676,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2278 +#: sssd.conf.5.xml:2279 msgid "" "<quote>ldap</quote>: LDAP provider. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> " @@ -2684,7 +2684,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2286 sssd.conf.5.xml:2391 sssd.conf.5.xml:2446 sssd.conf.5.xml:2509 +#: sssd.conf.5.xml:2287 sssd.conf.5.xml:2392 sssd.conf.5.xml:2447 sssd.conf.5.xml:2510 msgid "" "<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management " "provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " @@ -2693,7 +2693,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2295 sssd.conf.5.xml:2400 sssd.conf.5.xml:2455 sssd.conf.5.xml:2518 +#: sssd.conf.5.xml:2296 sssd.conf.5.xml:2401 sssd.conf.5.xml:2456 sssd.conf.5.xml:2519 msgid "" "<quote>ad</quote>: Active Directory provider. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> " @@ -2701,19 +2701,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2306 +#: sssd.conf.5.xml:2307 msgid "use_fully_qualified_names (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2309 +#: sssd.conf.5.xml:2310 msgid "" "Use the full name and domain (as formatted by the domain's full_name_format) " "as the user's login name reported to NSS." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2314 +#: sssd.conf.5.xml:2315 msgid "" "If set to TRUE, all requests to this domain must use fully qualified " "names. For example, if used in LOCAL domain that contains a \"test\" user, " @@ -2722,7 +2722,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2322 +#: sssd.conf.5.xml:2323 msgid "" "NOTE: This option has no effect on netgroup lookups due to their tendency to " "include nested netgroups without qualified names. For netgroups, all domains " @@ -2730,22 +2730,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2329 +#: sssd.conf.5.xml:2330 msgid "Default: FALSE (TRUE if default_domain_suffix is used)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2335 +#: sssd.conf.5.xml:2336 msgid "ignore_group_members (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2338 +#: sssd.conf.5.xml:2339 msgid "Do not return group members for group lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2341 +#: sssd.conf.5.xml:2342 msgid "" "If set to TRUE, the group membership attribute is not requested from the " "ldap server, and group members are not returned when processing group lookup " @@ -2757,7 +2757,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2359 +#: sssd.conf.5.xml:2360 msgid "" "Enabling this option can also make access provider checks for group " "membership significantly faster, especially for groups containing many " @@ -2765,19 +2765,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2370 +#: sssd.conf.5.xml:2371 msgid "auth_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2373 +#: sssd.conf.5.xml:2374 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2377 sssd.conf.5.xml:2439 +#: sssd.conf.5.xml:2378 sssd.conf.5.xml:2440 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> " @@ -2785,7 +2785,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2384 +#: sssd.conf.5.xml:2385 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> " @@ -2793,34 +2793,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2408 +#: sssd.conf.5.xml:2409 msgid "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2411 +#: sssd.conf.5.xml:2412 msgid "<quote>local</quote>: SSSD internal provider for local users" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2415 +#: sssd.conf.5.xml:2416 msgid "<quote>none</quote> disables authentication explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2418 +#: sssd.conf.5.xml:2419 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2424 +#: sssd.conf.5.xml:2425 msgid "access_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2427 +#: sssd.conf.5.xml:2428 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " @@ -2828,19 +2828,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2433 +#: sssd.conf.5.xml:2434 msgid "" "<quote>permit</quote> always allow access. It's the only permitted access " "provider for a local domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2436 +#: sssd.conf.5.xml:2437 msgid "<quote>deny</quote> always deny access." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2463 +#: sssd.conf.5.xml:2464 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> " @@ -2849,7 +2849,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2470 +#: sssd.conf.5.xml:2471 msgid "" "<quote>krb5</quote>: .k5login based access control. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> " @@ -2858,29 +2858,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2477 +#: sssd.conf.5.xml:2478 msgid "<quote>proxy</quote> for relaying access control to another PAM module." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2480 +#: sssd.conf.5.xml:2481 msgid "Default: <quote>permit</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2485 +#: sssd.conf.5.xml:2486 msgid "chpass_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2488 +#: sssd.conf.5.xml:2489 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2493 +#: sssd.conf.5.xml:2494 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> " @@ -2889,7 +2889,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2501 +#: sssd.conf.5.xml:2502 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> " @@ -2897,34 +2897,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2526 +#: sssd.conf.5.xml:2527 msgid "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2530 +#: sssd.conf.5.xml:2531 msgid "<quote>none</quote> disallows password changes explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2533 +#: sssd.conf.5.xml:2534 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2540 +#: sssd.conf.5.xml:2541 msgid "sudo_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2543 +#: sssd.conf.5.xml:2544 msgid "The SUDO provider used for the domain. Supported SUDO providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2547 +#: sssd.conf.5.xml:2548 msgid "" "<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> " @@ -2932,31 +2932,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2555 +#: sssd.conf.5.xml:2556 msgid "" "<quote>ipa</quote> the same as <quote>ldap</quote> but with IPA default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2559 +#: sssd.conf.5.xml:2560 msgid "" "<quote>ad</quote> the same as <quote>ldap</quote> but with AD default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2563 +#: sssd.conf.5.xml:2564 msgid "<quote>none</quote> disables SUDO explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2566 sssd.conf.5.xml:2652 sssd.conf.5.xml:2722 sssd.conf.5.xml:2747 +#: sssd.conf.5.xml:2567 sssd.conf.5.xml:2653 sssd.conf.5.xml:2723 sssd.conf.5.xml:2748 msgid "Default: The value of <quote>id_provider</quote> is used if it is set." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2570 +#: sssd.conf.5.xml:2571 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -2967,7 +2967,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2585 +#: sssd.conf.5.xml:2586 msgid "" "<emphasis>NOTE:</emphasis> Sudo rules are periodically downloaded in the " "background unless the sudo provider is explicitly disabled. Set " @@ -2976,12 +2976,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2595 +#: sssd.conf.5.xml:2596 msgid "selinux_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2598 +#: sssd.conf.5.xml:2599 msgid "" "The provider which should handle loading of selinux settings. Note that this " "provider will be called right after access provider ends. Supported selinux " @@ -2989,7 +2989,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2604 +#: sssd.conf.5.xml:2605 msgid "" "<quote>ipa</quote> to load selinux settings from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " @@ -2998,31 +2998,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2612 +#: sssd.conf.5.xml:2613 msgid "<quote>none</quote> disallows fetching selinux settings explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2615 +#: sssd.conf.5.xml:2616 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "selinux loading requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2621 +#: sssd.conf.5.xml:2622 msgid "subdomains_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2624 +#: sssd.conf.5.xml:2625 msgid "" "The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider. Supported subdomain providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2630 +#: sssd.conf.5.xml:2631 msgid "" "<quote>ipa</quote> to load a list of subdomains from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " @@ -3031,7 +3031,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2639 +#: sssd.conf.5.xml:2640 msgid "" "<quote>ad</quote> to load a list of subdomains from an Active Directory " "server. See <citerefentry> <refentrytitle>sssd-ad</refentrytitle> " @@ -3040,17 +3040,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2648 +#: sssd.conf.5.xml:2649 msgid "<quote>none</quote> disallows fetching subdomains explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2658 +#: sssd.conf.5.xml:2659 msgid "session_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2661 +#: sssd.conf.5.xml:2662 msgid "" "The provider which configures and manages user session related tasks. The " "only user session task currently provided is the integration with Fleet " @@ -3058,41 +3058,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2668 +#: sssd.conf.5.xml:2669 msgid "<quote>ipa</quote> to allow performing user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2672 +#: sssd.conf.5.xml:2673 msgid "<quote>none</quote> does not perform any kind of user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2676 +#: sssd.conf.5.xml:2677 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can perform " "session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2680 +#: sssd.conf.5.xml:2681 msgid "" "<emphasis>NOTE:</emphasis> In order to have this feature working as expected " "SSSD must be running as \"root\" and not as the unprivileged user." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2688 +#: sssd.conf.5.xml:2689 msgid "autofs_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2691 +#: sssd.conf.5.xml:2692 msgid "The autofs provider used for the domain. Supported autofs providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2695 +#: sssd.conf.5.xml:2696 msgid "" "<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> " @@ -3100,7 +3100,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2702 +#: sssd.conf.5.xml:2703 msgid "" "<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> " "<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> " @@ -3108,7 +3108,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2710 +#: sssd.conf.5.xml:2711 msgid "" "<quote>ad</quote> to load maps stored in an AD server. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> " @@ -3116,24 +3116,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2719 +#: sssd.conf.5.xml:2720 msgid "<quote>none</quote> disables autofs explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2729 +#: sssd.conf.5.xml:2730 msgid "hostid_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2732 +#: sssd.conf.5.xml:2733 msgid "" "The provider used for retrieving host identity information. Supported " "hostid providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2736 +#: sssd.conf.5.xml:2737 msgid "" "<quote>ipa</quote> to load host identity stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " @@ -3142,12 +3142,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2744 +#: sssd.conf.5.xml:2745 msgid "<quote>none</quote> disables hostid explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2757 +#: sssd.conf.5.xml:2758 msgid "" "Regular expression for this domain that describes how to parse the string " "containing user name and domain into these components. The \"domain\" can " @@ -3157,7 +3157,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2766 +#: sssd.conf.5.xml:2767 msgid "" "Default for the AD and IPA provider: " "<quote>(((?P<domain>[^\\\\]+)\\\\(?P<name>.+$))|((?P<name>[^@]+)@(?P<domain>.+$))|(^(?P<name>[^@\\\\]+)$))</quote> " @@ -3165,29 +3165,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2771 +#: sssd.conf.5.xml:2772 msgid "username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2774 +#: sssd.conf.5.xml:2775 msgid "username@domain.name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2777 +#: sssd.conf.5.xml:2778 msgid "domain\\username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2780 +#: sssd.conf.5.xml:2781 msgid "" "While the first two correspond to the general default the third one is " "introduced to allow easy integration of users from Windows domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2785 +#: sssd.conf.5.xml:2786 msgid "" "Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " "which translates to \"the name is everything up to the <quote>@</quote> " @@ -3195,7 +3195,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2791 +#: sssd.conf.5.xml:2792 msgid "" "NOTE: Some Active Directory groups, typically those used for MS Exchange " "contain an <quote>@</quote> sign in the name, which clashes with the default " @@ -3205,59 +3205,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2842 +#: sssd.conf.5.xml:2843 msgid "Default: <quote>%1$s@%2$s</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2848 +#: sssd.conf.5.xml:2849 msgid "lookup_family_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2851 +#: sssd.conf.5.xml:2852 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2855 +#: sssd.conf.5.xml:2856 msgid "Supported values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2858 +#: sssd.conf.5.xml:2859 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2861 +#: sssd.conf.5.xml:2862 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2864 +#: sssd.conf.5.xml:2865 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2867 +#: sssd.conf.5.xml:2868 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2870 +#: sssd.conf.5.xml:2871 msgid "Default: ipv4_first" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2876 +#: sssd.conf.5.xml:2877 msgid "dns_resolver_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2879 +#: sssd.conf.5.xml:2880 msgid "" "Defines the amount of time (in seconds) to wait for a reply from the " "internal fail over service before assuming that the service is " @@ -3266,76 +3266,76 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2886 +#: sssd.conf.5.xml:2887 msgid "" "Please see the section <quote>FAILOVER</quote> for more information about " "the service resolution." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2891 sssd-ldap.5.xml:1337 sssd-ldap.5.xml:1379 sssd-ldap.5.xml:1397 sssd-krb5.5.xml:248 +#: sssd.conf.5.xml:2892 sssd-ldap.5.xml:1375 sssd-ldap.5.xml:1417 sssd-ldap.5.xml:1435 sssd-krb5.5.xml:248 msgid "Default: 6" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2897 +#: sssd.conf.5.xml:2898 msgid "dns_discovery_domain (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2900 +#: sssd.conf.5.xml:2901 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2904 +#: sssd.conf.5.xml:2905 msgid "Default: Use the domain part of machine's hostname" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2910 +#: sssd.conf.5.xml:2911 msgid "override_gid (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2913 +#: sssd.conf.5.xml:2914 msgid "Override the primary GID value with the one specified." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2919 +#: sssd.conf.5.xml:2920 msgid "case_sensitive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2930 +#: sssd.conf.5.xml:2931 msgid "True" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2933 +#: sssd.conf.5.xml:2934 msgid "Case sensitive. This value is invalid for AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2939 +#: sssd.conf.5.xml:2940 msgid "False" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2941 +#: sssd.conf.5.xml:2942 msgid "Case insensitive." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2945 +#: sssd.conf.5.xml:2946 msgid "Preserving" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2948 +#: sssd.conf.5.xml:2949 msgid "" "Same as False (case insensitive), but does not lowercase names in the result " "of NSS operations. Note that name aliases (and in case of services also " @@ -3343,7 +3343,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2922 +#: sssd.conf.5.xml:2923 msgid "" "Treat user and group names as case sensitive. <phrase " "condition=\"enable_local_provider\"> At the moment, this option is not " @@ -3352,17 +3352,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2960 +#: sssd.conf.5.xml:2961 msgid "Default: True (False for AD provider)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2966 +#: sssd.conf.5.xml:2967 msgid "subdomain_inherit (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2969 +#: sssd.conf.5.xml:2970 msgid "" "Specifies a list of configuration parameters that should be inherited by a " "subdomain. Please note that only selected parameters can be inherited. " @@ -3370,34 +3370,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2975 +#: sssd.conf.5.xml:2976 msgid "ignore_group_members" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2978 +#: sssd.conf.5.xml:2979 msgid "ldap_purge_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2981 sssd-ldap.5.xml:1061 +#: sssd.conf.5.xml:2982 sssd-ldap.5.xml:1099 msgid "ldap_use_tokengroups" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2984 +#: sssd.conf.5.xml:2985 msgid "ldap_user_principal" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2987 +#: sssd.conf.5.xml:2988 msgid "" "ldap_krb5_keytab (the value of krb5_keytab will be used if ldap_krb5_keytab " "is not set explicitly)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:2993 +#: sssd.conf.5.xml:2994 #, no-wrap msgid "" "subdomain_inherit = ldap_purge_cache_timeout\n" @@ -3405,32 +3405,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2991 sssd-secrets.5.xml:448 +#: sssd.conf.5.xml:2992 sssd-secrets.5.xml:448 msgid "Example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3000 +#: sssd.conf.5.xml:3001 msgid "Note: This option only works with the IPA and AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3007 +#: sssd.conf.5.xml:3008 msgid "subdomain_homedir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3018 +#: sssd.conf.5.xml:3019 msgid "%F" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3019 +#: sssd.conf.5.xml:3020 msgid "flat (NetBIOS) name of a subdomain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3010 +#: sssd.conf.5.xml:3011 msgid "" "Use this homedir as default value for all subdomains within this domain in " "IPA AD trust. See <emphasis>override_homedir</emphasis> for info about " @@ -3440,45 +3440,53 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3024 +#: sssd.conf.5.xml:3025 msgid "The value can be overridden by <emphasis>override_homedir</emphasis> option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3028 +#: sssd.conf.5.xml:3029 msgid "Default: <filename>/home/%d/%u</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3033 +#: sssd.conf.5.xml:3034 msgid "realmd_tags (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3036 +#: sssd.conf.5.xml:3037 msgid "Various tags stored by the realmd configuration service for this domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3042 +#: sssd.conf.5.xml:3043 msgid "cached_auth_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3045 +#: sssd.conf.5.xml:3046 msgid "" "Specifies time in seconds since last successful online authentication for " "which user will be authenticated using cached credentials while SSSD is in " -"the online mode." +"the online mode. If the credentials are incorrect, SSSD falls back to online " +"authentication." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3051 +#: sssd.conf.5.xml:3054 +msgid "" +"This option's value is inherited by all trusted domains. At the moment it is " +"not possible to set a different value per trusted domain." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3059 msgid "Special value 0 implies that this feature is disabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3055 +#: sssd.conf.5.xml:3063 msgid "" "Please note that if <quote>cached_auth_timeout</quote> is longer than " "<quote>pam_id_timeout</quote> then the back end could be called to handle " @@ -3486,43 +3494,115 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3066 +#: sssd.conf.5.xml:3074 msgid "auto_private_groups (string)" msgstr "" -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3069 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3080 +msgid "true" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3083 +msgid "" +"Create user's private group unconditionally from user's UID number. The GID " +"number is ignored in this case." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3087 +msgid "" +"NOTE: Because the GID number and the user private group are inferred from " +"the UID number, it is not supported to have multiple entries with the same " +"UID or GID number with this option. In other words, enabling this option " +"enforces uniqueness across the ID space." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3096 +msgid "false" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3099 +msgid "" +"Always use the user's primary GID number. The GID number must refer to a " +"group object in the LDAP database." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3105 +msgid "hybrid" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3108 +msgid "" +"A primary group is autogenerated for user entries whose UID and GID numbers " +"have the same value and at the same time the GID number does not correspond " +"to a real group object in LDAP If the values are the same, but the primary " +"GID in the user entry is also used by a group object, the primary GID of the " +"user resolves to that group object." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3121 msgid "" -"If this option is enabled, SSSD will automatically create user private " -"groups based on user's UID number. The GID number is ignored in this case." +"If the UID and GID of a user are different, then the GID must correspond to " +"a group entry, otherwise the GID is simply not resolvable." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3128 +msgid "" +"This feature is useful for environments that wish to stop maintaining a " +"separate group objects for the user private groups, but also wish to retain " +"the existing user private groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3074 +#: sssd.conf.5.xml:3077 msgid "" -"For POSIX subdomains, setting the option in the main domain is inherited in " -"the subdomain." +"This option takes any of three available values: <placeholder " +"type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3078 +#: sssd.conf.5.xml:3140 msgid "" -"For ID-mapping subdomains, auto_private_groups is already enabled for the " -"subdomains and setting it to false will not have any effect for the " -"subdomain." +"For subdomains, the default value is False for subdomains that use assigned " +"POSIX IDs and True for subdomains that use automatic ID-mapping." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd.conf.5.xml:3148 +#, no-wrap +msgid "" +"[domain/forest.domain/sub.domain]\n" +"auto_private_groups = false\n" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd.conf.5.xml:3154 +#, no-wrap +msgid "" +"[domain/forest.domain]\n" +"subdomain_inherit = auto_private_groups\n" +"auto_private_groups = false\n" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3083 +#: sssd.conf.5.xml:3145 msgid "" -"NOTE: Because the GID number and the user private group are inferred from " -"the UID number, it is not supported to have multiple entries with the same " -"UID or GID number with this option. In other words, enabling this option " -"enforces uniqueness across the ID space." +"The value of auto_private_groups can either be set per subdomains in a " +"subsection, for example: <placeholder type=\"programlisting\" id=\"0\"/> or " +"globally for all subdomains in the main domain section using the " +"subdomain_inherit option: <placeholder type=\"programlisting\" id=\"1\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1884 +#: sssd.conf.5.xml:1885 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called " @@ -3531,29 +3611,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3102 +#: sssd.conf.5.xml:3169 msgid "proxy_pam_target (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3105 +#: sssd.conf.5.xml:3172 msgid "The proxy target PAM proxies to." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3108 +#: sssd.conf.5.xml:3175 msgid "" "Default: not set by default, you have to take an existing pam configuration " "or create a new one and add the service name here." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3116 +#: sssd.conf.5.xml:3183 msgid "proxy_lib_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3119 +#: sssd.conf.5.xml:3186 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " @@ -3561,12 +3641,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3129 +#: sssd.conf.5.xml:3196 msgid "proxy_fast_alias (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3132 +#: sssd.conf.5.xml:3199 msgid "" "When a user or group is looked up by name in the proxy provider, a second " "lookup by ID is performed to \"canonicalize\" the name in case the requested " @@ -3575,12 +3655,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3146 +#: sssd.conf.5.xml:3213 msgid "proxy_max_children (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3149 +#: sssd.conf.5.xml:3216 msgid "" "This option specifies the number of pre-forked proxy children. It is useful " "for high-load SSSD environments where sssd may run out of available child " @@ -3588,19 +3668,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3098 +#: sssd.conf.5.xml:3165 msgid "" "Options valid for proxy domains. <placeholder type=\"variablelist\" " "id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:3165 +#: sssd.conf.5.xml:3232 msgid "Application domains" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3167 +#: sssd.conf.5.xml:3234 msgid "" "SSSD, with its D-Bus interface (see <citerefentry> " "<refentrytitle>sssd-ifp</refentrytitle> <manvolnum>5</manvolnum> " @@ -3618,7 +3698,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3187 +#: sssd.conf.5.xml:3254 msgid "" "Please note that the application domain must still be explicitly enabled in " "the <quote>domains</quote> parameter so that the lookup order between the " @@ -3626,17 +3706,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:3193 +#: sssd.conf.5.xml:3260 msgid "Application domain parameters" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3195 +#: sssd.conf.5.xml:3262 msgid "inherit_from (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3198 +#: sssd.conf.5.xml:3265 msgid "" "The SSSD POSIX-type domain the application domain inherits all settings " "from. The application domain can moreover add its own settings to the " @@ -3645,7 +3725,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3212 +#: sssd.conf.5.xml:3279 msgid "" "The following example illustrates the use of an application domain. In this " "setup, the POSIX domain is connected to an LDAP server and is used by the OS " @@ -3655,7 +3735,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><programlisting> -#: sssd.conf.5.xml:3220 +#: sssd.conf.5.xml:3287 #, no-wrap msgid "" "[sssd]\n" @@ -3675,12 +3755,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:3238 +#: sssd.conf.5.xml:3305 msgid "The local domain section" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3240 +#: sssd.conf.5.xml:3307 msgid "" "This section contains settings for domain that stores users and groups in " "SSSD native database, that is, a domain that uses " @@ -3688,73 +3768,73 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3247 +#: sssd.conf.5.xml:3314 msgid "default_shell (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3250 +#: sssd.conf.5.xml:3317 msgid "The default shell for users created with SSSD userspace tools." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3254 +#: sssd.conf.5.xml:3321 msgid "Default: <filename>/bin/bash</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3259 +#: sssd.conf.5.xml:3326 msgid "base_directory (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3262 +#: sssd.conf.5.xml:3329 msgid "" "The tools append the login name to <replaceable>base_directory</replaceable> " "and use that as the home directory." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3267 +#: sssd.conf.5.xml:3334 msgid "Default: <filename>/home</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3272 +#: sssd.conf.5.xml:3339 msgid "create_homedir (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3275 +#: sssd.conf.5.xml:3342 msgid "" "Indicate if a home directory should be created by default for new users. " "Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3279 sssd.conf.5.xml:3291 +#: sssd.conf.5.xml:3346 sssd.conf.5.xml:3358 msgid "Default: TRUE" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3284 +#: sssd.conf.5.xml:3351 msgid "remove_homedir (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3287 +#: sssd.conf.5.xml:3354 msgid "" "Indicate if a home directory should be removed by default for deleted " "users. Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3296 +#: sssd.conf.5.xml:3363 msgid "homedir_umask (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3299 +#: sssd.conf.5.xml:3366 msgid "" "Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " @@ -3762,17 +3842,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3307 +#: sssd.conf.5.xml:3374 msgid "Default: 077" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3312 +#: sssd.conf.5.xml:3379 msgid "skel_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3315 +#: sssd.conf.5.xml:3382 msgid "" "The skeleton directory, which contains files and directories to be copied in " "the user's home directory, when the home directory is created by " @@ -3781,17 +3861,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3325 +#: sssd.conf.5.xml:3392 msgid "Default: <filename>/etc/skel</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3330 +#: sssd.conf.5.xml:3397 msgid "mail_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3333 +#: sssd.conf.5.xml:3400 msgid "" "The mail spool directory. This is needed to manipulate the mailbox when its " "corresponding user account is modified or deleted. If not specified, a " @@ -3799,17 +3879,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3340 +#: sssd.conf.5.xml:3407 msgid "Default: <filename>/var/mail</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3345 +#: sssd.conf.5.xml:3412 msgid "userdel_cmd (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3348 +#: sssd.conf.5.xml:3415 msgid "" "The command that is run after a user is removed. The command us passed the " "username of the user being removed as the first and only parameter. The " @@ -3817,17 +3897,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3354 +#: sssd.conf.5.xml:3421 msgid "Default: None, no command is run" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3364 +#: sssd.conf.5.xml:3431 msgid "TRUSTED DOMAIN SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3366 +#: sssd.conf.5.xml:3433 msgid "" "Some options used in the domain section can also be used in the trusted " "domain section, that is, in a section called " @@ -3838,64 +3918,69 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3373 +#: sssd.conf.5.xml:3440 msgid "ldap_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3374 +#: sssd.conf.5.xml:3441 msgid "ldap_user_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3375 +#: sssd.conf.5.xml:3442 msgid "ldap_group_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3376 +#: sssd.conf.5.xml:3443 msgid "ldap_netgroup_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3377 +#: sssd.conf.5.xml:3444 msgid "ldap_service_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3378 +#: sssd.conf.5.xml:3445 +msgid "ldap_sasl_mech," +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:3446 msgid "ad_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3379 +#: sssd.conf.5.xml:3447 msgid "ad_backup_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3380 +#: sssd.conf.5.xml:3448 msgid "ad_site," msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3381 sssd-ipa.5.xml:797 +#: sssd.conf.5.xml:3449 sssd-ipa.5.xml:797 msgid "use_fully_qualified_names" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3383 +#: sssd.conf.5.xml:3451 msgid "" "For more details about these options see their individual description in the " "manual page." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3389 +#: sssd.conf.5.xml:3457 msgid "CERTIFICATE MAPPING SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3391 +#: sssd.conf.5.xml:3459 msgid "" "To allow authentication with Smartcards and certificates SSSD must be able " "to map certificates to users. This can be done by adding the full " @@ -3909,7 +3994,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3405 +#: sssd.conf.5.xml:3473 msgid "" "To make the mapping more flexible mapping and matching rules were added to " "SSSD (see <citerefentry> <refentrytitle>sss-certmap</refentrytitle> " @@ -3917,7 +4002,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3414 +#: sssd.conf.5.xml:3482 msgid "" "A mapping and matching rule can be added to the SSSD configuration in a " "section on its own with a name like " @@ -3926,55 +4011,55 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3421 +#: sssd.conf.5.xml:3489 msgid "matchrule (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3424 +#: sssd.conf.5.xml:3492 msgid "" "Only certificates from the Smartcard which matches this rule will be " "processed, all others are ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3428 +#: sssd.conf.5.xml:3496 msgid "" "Default: KRB5:<EKU>clientAuth, i.e. only certificates which have the " "Extended Key Usage <quote>clientAuth</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3435 +#: sssd.conf.5.xml:3503 msgid "maprule (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3438 +#: sssd.conf.5.xml:3506 msgid "Defines how the user is found for a given certificate." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3444 +#: sssd.conf.5.xml:3512 msgid "" "LDAP:(userCertificate;binary={cert!bin}) for LDAP based providers like " "<quote>ldap</quote>, <quote>AD</quote> or <quote>ipa</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3450 +#: sssd.conf.5.xml:3518 msgid "" "The RULE_NAME for the <quote>files</quote> provider which tries to find a " "user with the same name." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3459 +#: sssd.conf.5.xml:3527 msgid "domains (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3462 +#: sssd.conf.5.xml:3530 msgid "" "Comma separated list of domain names the rule should be applied. By default " "a rule is only valid in the domain configured in sssd.conf. If the provider " @@ -3983,17 +4068,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3469 +#: sssd.conf.5.xml:3537 msgid "Default: the configured domain in sssd.conf" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3474 +#: sssd.conf.5.xml:3542 msgid "priority (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3477 +#: sssd.conf.5.xml:3545 msgid "" "Unsigned integer value defining the priority of the rule. The higher the " "number the lower the priority. <quote>0</quote> stands for the highest " @@ -4001,26 +4086,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3483 +#: sssd.conf.5.xml:3551 msgid "Default: the lowest priority" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3489 +#: sssd.conf.5.xml:3557 msgid "" "To make the configuration simple and reduce the amount of configuration " "options the <quote>files</quote> provider has some special properties:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3495 +#: sssd.conf.5.xml:3563 msgid "" "if maprule is not set the RULE_NAME name is assumed to be the name of the " "matching user" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3501 +#: sssd.conf.5.xml:3569 msgid "" "if a maprule is used both a single user name or a template like " "<quote>{subject_rfc822_name.short_name}</quote> must be in braces like " @@ -4029,17 +4114,125 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3510 +#: sssd.conf.5.xml:3578 msgid "the <quote>domains</quote> option is ignored" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3518 idmap_sss.8.xml:43 +#: sssd.conf.5.xml:3586 +msgid "PROMPTING CONFIGURATION SECTION" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:3588 +msgid "" +"If a special file " +"(<filename>/var/lib/sss/pubconf/pam_preauth_available</filename>) exists " +"SSSD's PAM module pam_sss will ask SSSD to figure out which authentication " +"methods are available for the user trying to log in. Based on the results " +"pam_sss will prompt the user for appropriate credentials." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:3596 +msgid "" +"With the growing number of authentication methods and the possibility that " +"there are multiple ones for a single user the heuristic used by pam_sss to " +"select the prompting might not be suitable for all use cases. To following " +"options should provide a better flexibility here." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3608 +msgid "[prompting/password]" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3611 +msgid "password_prompt" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3612 +msgid "to change the string of the password prompt" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3610 +msgid "" +"to configure password prompting, allowed options are: <placeholder " +"type=\"variablelist\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3620 +msgid "[prompting/2fa]" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3624 +msgid "first_prompt" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3625 +msgid "to change the string of the prompt for the first factor" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3628 +msgid "second_prompt" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3629 +msgid "to change the string of the prompt for the second factor" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3632 +msgid "single_prompt" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3633 +msgid "" +"boolean value, if True there will be only a single prompt using the value of " +"first_prompt where it is expected that both factor are entered as a single " +"string" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3622 +msgid "" +"to configure two-factor authentication prompting, allowed options are: " +"<placeholder type=\"variablelist\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:3603 +msgid "" +"Each supported authentication method has it's own configuration sub-section " +"under <quote>[prompting/...]</quote>. Currently there are: <placeholder " +"type=\"variablelist\" id=\"0\"/> <placeholder type=\"variablelist\" " +"id=\"1\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:3645 +msgid "" +"It is possible to add a sub-section for specific PAM services like " +"e.g. <quote>[prompting/password/sshd]</quote> to individual change the " +"prompting for this service." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sssd.conf.5.xml:3652 idmap_sss.8.xml:43 msgid "EXAMPLES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3524 +#: sssd.conf.5.xml:3658 #, no-wrap msgid "" "[sssd]\n" @@ -4069,7 +4262,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3520 +#: sssd.conf.5.xml:3654 msgid "" "1. The following example shows a typical SSSD config. It does not describe " "configuration of the domains themselves - refer to documentation on " @@ -4078,7 +4271,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3557 +#: sssd.conf.5.xml:3691 #, no-wrap msgid "" "[domain/ipa.com/child.ad.com]\n" @@ -4086,7 +4279,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3551 +#: sssd.conf.5.xml:3685 msgid "" "2. The following example shows configuration of IPA AD trust where the AD " "forest consists of two domains in a parent-child structure. Suppose IPA " @@ -4097,7 +4290,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3571 +#: sssd.conf.5.xml:3705 #, no-wrap msgid "" "[certmap/my.domain/rule_name]\n" @@ -4112,7 +4305,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3562 +#: sssd.conf.5.xml:3696 msgid "" "3. The following example shows the configuration for two certificate mapping " "rules. The first is valid for the configured domain <quote>my.domain</quote> " @@ -4261,7 +4454,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:662 sssd-ad.5.xml:286 sss_override.8.xml:137 sss_override.8.xml:234 +#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:700 sssd-ad.5.xml:286 sss_override.8.xml:137 sss_override.8.xml:234 msgid "Examples:" msgstr "" @@ -4355,123 +4548,162 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:209 -msgid "ldap_default_bind_dn (string)" +msgid "ldap_pwmodify_mode (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:212 +msgid "Specify the operation that is used to modify user password." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:216 +msgid "Two modes are currently supported:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ldap.5.xml:220 +msgid "exop - Password Modify Extended Operation (RFC 3062)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ldap.5.xml:226 +msgid "ldap_modify - Direct modification of userPassword (not recommended)." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:233 +msgid "" +"Note: First, a new connection is established to verify current password by " +"binding as the user that requested password change. If successful, this " +"connection is used to change the password therefore the user must have write " +"access to userPassword attribute." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:241 +msgid "Default: exop" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:247 +msgid "ldap_default_bind_dn (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:250 msgid "The default bind DN to use for performing LDAP operations." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:219 +#: sssd-ldap.5.xml:257 msgid "ldap_default_authtok_type (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:222 +#: sssd-ldap.5.xml:260 msgid "The type of the authentication token of the default bind DN." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:226 +#: sssd-ldap.5.xml:264 msgid "The two mechanisms currently supported are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:229 +#: sssd-ldap.5.xml:267 msgid "password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:232 +#: sssd-ldap.5.xml:270 msgid "obfuscated_password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:235 +#: sssd-ldap.5.xml:273 msgid "Default: password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:241 +#: sssd-ldap.5.xml:279 msgid "ldap_default_authtok (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:244 +#: sssd-ldap.5.xml:282 msgid "" "The authentication token of the default bind DN. Only clear text passwords " "are currently supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:251 +#: sssd-ldap.5.xml:289 msgid "ldap_user_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:254 +#: sssd-ldap.5.xml:292 msgid "The object class of a user entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:257 +#: sssd-ldap.5.xml:295 msgid "Default: posixAccount" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:263 +#: sssd-ldap.5.xml:301 msgid "ldap_user_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:266 +#: sssd-ldap.5.xml:304 msgid "The LDAP attribute that corresponds to the user's login name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:270 +#: sssd-ldap.5.xml:308 msgid "Default: uid (rfc2307, rfc2307bis and IPA), sAMAccountName (AD)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:277 +#: sssd-ldap.5.xml:315 msgid "ldap_user_uid_number (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:280 +#: sssd-ldap.5.xml:318 msgid "The LDAP attribute that corresponds to the user's id." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:284 +#: sssd-ldap.5.xml:322 msgid "Default: uidNumber" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:290 +#: sssd-ldap.5.xml:328 msgid "ldap_user_gid_number (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:293 +#: sssd-ldap.5.xml:331 msgid "The LDAP attribute that corresponds to the user's primary group id." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:297 sssd-ldap.5.xml:929 +#: sssd-ldap.5.xml:335 sssd-ldap.5.xml:967 msgid "Default: gidNumber" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:303 +#: sssd-ldap.5.xml:341 msgid "ldap_user_primary_group (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:306 +#: sssd-ldap.5.xml:344 msgid "" "Active Directory primary group attribute for ID-mapping. Note that this " "attribute should only be set manually if you are running the " @@ -4479,113 +4711,113 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:312 +#: sssd-ldap.5.xml:350 msgid "Default: unset (LDAP), primaryGroupID (AD)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:318 +#: sssd-ldap.5.xml:356 msgid "ldap_user_gecos (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:321 +#: sssd-ldap.5.xml:359 msgid "The LDAP attribute that corresponds to the user's gecos field." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:325 +#: sssd-ldap.5.xml:363 msgid "Default: gecos" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:331 +#: sssd-ldap.5.xml:369 msgid "ldap_user_home_directory (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:334 +#: sssd-ldap.5.xml:372 msgid "The LDAP attribute that contains the name of the user's home directory." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:338 +#: sssd-ldap.5.xml:376 msgid "Default: homeDirectory" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:344 +#: sssd-ldap.5.xml:382 msgid "ldap_user_shell (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:347 +#: sssd-ldap.5.xml:385 msgid "The LDAP attribute that contains the path to the user's default shell." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:351 +#: sssd-ldap.5.xml:389 msgid "Default: loginShell" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:357 +#: sssd-ldap.5.xml:395 msgid "ldap_user_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:360 +#: sssd-ldap.5.xml:398 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:364 sssd-ldap.5.xml:955 +#: sssd-ldap.5.xml:402 sssd-ldap.5.xml:993 msgid "" "Default: not set in the general case, objectGUID for AD and ipaUniqueID for " "IPA" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:371 +#: sssd-ldap.5.xml:409 msgid "ldap_user_objectsid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:374 +#: sssd-ldap.5.xml:412 msgid "" "The LDAP attribute that contains the objectSID of an LDAP user object. This " "is usually only necessary for ActiveDirectory servers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:379 sssd-ldap.5.xml:970 +#: sssd-ldap.5.xml:417 sssd-ldap.5.xml:1008 msgid "Default: objectSid for ActiveDirectory, not set for other servers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:386 +#: sssd-ldap.5.xml:424 msgid "ldap_user_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:389 sssd-ldap.5.xml:980 sssd-ldap.5.xml:1144 +#: sssd-ldap.5.xml:427 sssd-ldap.5.xml:1018 sssd-ldap.5.xml:1182 msgid "" "The LDAP attribute that contains timestamp of the last modification of the " "parent object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:393 sssd-ldap.5.xml:984 sssd-ldap.5.xml:1151 +#: sssd-ldap.5.xml:431 sssd-ldap.5.xml:1022 sssd-ldap.5.xml:1189 msgid "Default: modifyTimestamp" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:399 +#: sssd-ldap.5.xml:437 msgid "ldap_user_shadow_last_change (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:402 +#: sssd-ldap.5.xml:440 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> " @@ -4594,17 +4826,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:412 +#: sssd-ldap.5.xml:450 msgid "Default: shadowLastChange" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:418 +#: sssd-ldap.5.xml:456 msgid "ldap_user_shadow_min (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:421 +#: sssd-ldap.5.xml:459 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> " @@ -4613,17 +4845,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:430 +#: sssd-ldap.5.xml:468 msgid "Default: shadowMin" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:436 +#: sssd-ldap.5.xml:474 msgid "ldap_user_shadow_max (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:439 +#: sssd-ldap.5.xml:477 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> " @@ -4632,17 +4864,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:448 +#: sssd-ldap.5.xml:486 msgid "Default: shadowMax" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:454 +#: sssd-ldap.5.xml:492 msgid "ldap_user_shadow_warning (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:457 +#: sssd-ldap.5.xml:495 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> " @@ -4651,17 +4883,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:467 +#: sssd-ldap.5.xml:505 msgid "Default: shadowWarning" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:473 +#: sssd-ldap.5.xml:511 msgid "ldap_user_shadow_inactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:476 +#: sssd-ldap.5.xml:514 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> " @@ -4670,17 +4902,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:486 +#: sssd-ldap.5.xml:524 msgid "Default: shadowInactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:492 +#: sssd-ldap.5.xml:530 msgid "ldap_user_shadow_expire (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:495 +#: sssd-ldap.5.xml:533 msgid "" "When using ldap_pwd_policy=shadow or ldap_account_expire_policy=shadow, this " "parameter contains the name of an LDAP attribute corresponding to its " @@ -4690,17 +4922,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:505 +#: sssd-ldap.5.xml:543 msgid "Default: shadowExpire" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:511 +#: sssd-ldap.5.xml:549 msgid "ldap_user_krb_last_pwd_change (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:514 +#: sssd-ldap.5.xml:552 msgid "" "When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " "an LDAP attribute storing the date and time of last password change in " @@ -4708,155 +4940,155 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:520 +#: sssd-ldap.5.xml:558 msgid "Default: krbLastPwdChange" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:526 +#: sssd-ldap.5.xml:564 msgid "ldap_user_krb_password_expiration (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:529 +#: sssd-ldap.5.xml:567 msgid "" "When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " "an LDAP attribute storing the date and time when current password expires." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:535 +#: sssd-ldap.5.xml:573 msgid "Default: krbPasswordExpiration" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:541 +#: sssd-ldap.5.xml:579 msgid "ldap_user_ad_account_expires (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:544 +#: sssd-ldap.5.xml:582 msgid "" "When using ldap_account_expire_policy=ad, this parameter contains the name " "of an LDAP attribute storing the expiration time of the account." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:549 +#: sssd-ldap.5.xml:587 msgid "Default: accountExpires" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:555 +#: sssd-ldap.5.xml:593 msgid "ldap_user_ad_user_account_control (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:558 +#: sssd-ldap.5.xml:596 msgid "" "When using ldap_account_expire_policy=ad, this parameter contains the name " "of an LDAP attribute storing the user account control bit field." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:563 +#: sssd-ldap.5.xml:601 msgid "Default: userAccountControl" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:569 +#: sssd-ldap.5.xml:607 msgid "ldap_ns_account_lock (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:572 +#: sssd-ldap.5.xml:610 msgid "" "When using ldap_account_expire_policy=rhds or equivalent, this parameter " "determines if access is allowed or not." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:577 +#: sssd-ldap.5.xml:615 msgid "Default: nsAccountLock" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:583 +#: sssd-ldap.5.xml:621 msgid "ldap_user_nds_login_disabled (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:586 +#: sssd-ldap.5.xml:624 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines if " "access is allowed or not." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:590 sssd-ldap.5.xml:604 +#: sssd-ldap.5.xml:628 sssd-ldap.5.xml:642 msgid "Default: loginDisabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:596 +#: sssd-ldap.5.xml:634 msgid "ldap_user_nds_login_expiration_time (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:599 +#: sssd-ldap.5.xml:637 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines until " "which date access is granted." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:610 +#: sssd-ldap.5.xml:648 msgid "ldap_user_nds_login_allowed_time_map (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:613 +#: sssd-ldap.5.xml:651 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines the " "hours of a day in a week when access is granted." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:618 +#: sssd-ldap.5.xml:656 msgid "Default: loginAllowedTimeMap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:624 +#: sssd-ldap.5.xml:662 msgid "ldap_user_principal (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:627 +#: sssd-ldap.5.xml:665 msgid "" "The LDAP attribute that contains the user's Kerberos User Principal Name " "(UPN)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:631 +#: sssd-ldap.5.xml:669 msgid "Default: krbPrincipalName" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:637 +#: sssd-ldap.5.xml:675 msgid "ldap_user_extra_attrs (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:640 +#: sssd-ldap.5.xml:678 msgid "" "Comma-separated list of LDAP attributes that SSSD would fetch along with the " "usual set of user attributes." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:645 +#: sssd-ldap.5.xml:683 msgid "" "The list can either contain LDAP attribute names only, or colon-separated " "tuples of SSSD cache attribute name and LDAP attribute name. In case only " @@ -4867,7 +5099,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:655 +#: sssd-ldap.5.xml:693 msgid "" "Please note that several attribute names are reserved by SSSD, notably the " "<quote>name</quote> attribute. SSSD would report an error if any of the " @@ -4875,51 +5107,51 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:665 +#: sssd-ldap.5.xml:703 msgid "ldap_user_extra_attrs = telephoneNumber" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:668 +#: sssd-ldap.5.xml:706 msgid "" "Save the <quote>telephoneNumber</quote> attribute from LDAP as " "<quote>telephoneNumber</quote> to the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:672 +#: sssd-ldap.5.xml:710 msgid "ldap_user_extra_attrs = phone:telephoneNumber" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:675 +#: sssd-ldap.5.xml:713 msgid "" "Save the <quote>telephoneNumber</quote> attribute from LDAP as " "<quote>phone</quote> to the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:685 +#: sssd-ldap.5.xml:723 msgid "ldap_user_ssh_public_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:688 +#: sssd-ldap.5.xml:726 msgid "The LDAP attribute that contains the user's SSH public keys." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:692 sssd-ldap.5.xml:1247 +#: sssd-ldap.5.xml:730 sssd-ldap.5.xml:1285 msgid "Default: sshPublicKey" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:698 +#: sssd-ldap.5.xml:736 msgid "ldap_force_upper_case_realm (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:701 +#: sssd-ldap.5.xml:739 msgid "" "Some directory servers, for example Active Directory, might deliver the " "realm part of the UPN in lower case, which might cause the authentication to " @@ -4928,24 +5160,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:714 +#: sssd-ldap.5.xml:752 msgid "ldap_enumeration_refresh_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:717 +#: sssd-ldap.5.xml:755 msgid "" "Specifies how many seconds SSSD has to wait before refreshing its cache of " "enumerated records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:728 +#: sssd-ldap.5.xml:766 msgid "ldap_purge_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:731 +#: sssd-ldap.5.xml:769 msgid "" "Determine how often to check the cache for inactive entries (such as groups " "with no members and users who have never logged in) and remove them to save " @@ -4953,7 +5185,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:737 +#: sssd-ldap.5.xml:775 msgid "" "Setting this option to zero will disable the cache cleanup operation. Please " "note that if enumeration is enabled, the cleanup task is required in order " @@ -4962,42 +5194,42 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:752 +#: sssd-ldap.5.xml:790 msgid "ldap_user_fullname (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:755 +#: sssd-ldap.5.xml:793 msgid "The LDAP attribute that corresponds to the user's full name." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:759 sssd-ldap.5.xml:1102 sssd-ldap.5.xml:1176 sssd-ldap.5.xml:1285 sssd-ldap.5.xml:2346 sssd-ipa.5.xml:622 +#: sssd-ldap.5.xml:797 sssd-ldap.5.xml:1140 sssd-ldap.5.xml:1214 sssd-ldap.5.xml:1323 sssd-ldap.5.xml:2404 sssd-ipa.5.xml:622 msgid "Default: cn" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:765 +#: sssd-ldap.5.xml:803 msgid "ldap_user_member_of (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:768 +#: sssd-ldap.5.xml:806 msgid "The LDAP attribute that lists the user's group memberships." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:772 sssd-ldap.5.xml:1215 +#: sssd-ldap.5.xml:810 sssd-ldap.5.xml:1253 msgid "Default: memberOf" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:778 +#: sssd-ldap.5.xml:816 msgid "ldap_user_authorized_service (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:781 +#: sssd-ldap.5.xml:819 msgid "" "If access_provider=ldap and ldap_access_order=authorized_service, SSSD will " "use the presence of the authorizedService attribute in the user's LDAP entry " @@ -5005,14 +5237,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:788 +#: sssd-ldap.5.xml:826 msgid "" "An explicit deny (!svc) is resolved first. Second, SSSD searches for " "explicit allow (svc) and finally for allow_all (*)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:793 +#: sssd-ldap.5.xml:831 msgid "" "Please note that the ldap_access_order configuration option " "<emphasis>must</emphasis> include <quote>authorized_service</quote> in order " @@ -5020,17 +5252,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:800 +#: sssd-ldap.5.xml:838 msgid "Default: authorizedService" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:806 +#: sssd-ldap.5.xml:844 msgid "ldap_user_authorized_host (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:809 +#: sssd-ldap.5.xml:847 msgid "" "If access_provider=ldap and ldap_access_order=host, SSSD will use the " "presence of the host attribute in the user's LDAP entry to determine access " @@ -5038,14 +5270,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:815 +#: sssd-ldap.5.xml:853 msgid "" "An explicit deny (!host) is resolved first. Second, SSSD searches for " "explicit allow (host) and finally for allow_all (*)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:820 +#: sssd-ldap.5.xml:858 msgid "" "Please note that the ldap_access_order configuration option " "<emphasis>must</emphasis> include <quote>host</quote> in order for the " @@ -5053,17 +5285,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:827 +#: sssd-ldap.5.xml:865 msgid "Default: host" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:833 +#: sssd-ldap.5.xml:871 msgid "ldap_user_authorized_rhost (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:836 +#: sssd-ldap.5.xml:874 msgid "" "If access_provider=ldap and ldap_access_order=rhost, SSSD will use the " "presence of the rhost attribute in the user's LDAP entry to determine access " @@ -5071,14 +5303,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:843 +#: sssd-ldap.5.xml:881 msgid "" "An explicit deny (!rhost) is resolved first. Second, SSSD searches for " "explicit allow (rhost) and finally for allow_all (*)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:848 +#: sssd-ldap.5.xml:886 msgid "" "Please note that the ldap_access_order configuration option " "<emphasis>must</emphasis> include <quote>rhost</quote> in order for the " @@ -5086,37 +5318,37 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:855 +#: sssd-ldap.5.xml:893 msgid "Default: rhost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:861 +#: sssd-ldap.5.xml:899 msgid "ldap_user_certificate (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:864 +#: sssd-ldap.5.xml:902 msgid "Name of the LDAP attribute containing the X509 certificate of the user." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:868 +#: sssd-ldap.5.xml:906 msgid "Default: userCertificate;binary" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:874 +#: sssd-ldap.5.xml:912 msgid "ldap_user_email (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:877 +#: sssd-ldap.5.xml:915 msgid "Name of the LDAP attribute containing the email address of the user." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:881 +#: sssd-ldap.5.xml:919 msgid "" "Note: If an email address of a user conflicts with an email address or fully " "qualified name of another user, then SSSD will not be able to serve those " @@ -5126,106 +5358,106 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:890 +#: sssd-ldap.5.xml:928 msgid "Default: mail" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:896 +#: sssd-ldap.5.xml:934 msgid "ldap_group_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:899 +#: sssd-ldap.5.xml:937 msgid "The object class of a group entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:902 +#: sssd-ldap.5.xml:940 msgid "Default: posixGroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:908 +#: sssd-ldap.5.xml:946 msgid "ldap_group_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:911 +#: sssd-ldap.5.xml:949 msgid "The LDAP attribute that corresponds to the group name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:915 +#: sssd-ldap.5.xml:953 msgid "Default: cn (rfc2307, rfc2307bis and IPA), sAMAccountName (AD)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:922 +#: sssd-ldap.5.xml:960 msgid "ldap_group_gid_number (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:925 +#: sssd-ldap.5.xml:963 msgid "The LDAP attribute that corresponds to the group's id." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:935 +#: sssd-ldap.5.xml:973 msgid "ldap_group_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:938 +#: sssd-ldap.5.xml:976 msgid "The LDAP attribute that contains the names of the group's members." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:942 +#: sssd-ldap.5.xml:980 msgid "Default: memberuid (rfc2307) / member (rfc2307bis)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:948 +#: sssd-ldap.5.xml:986 msgid "ldap_group_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:951 +#: sssd-ldap.5.xml:989 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:962 +#: sssd-ldap.5.xml:1000 msgid "ldap_group_objectsid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:965 +#: sssd-ldap.5.xml:1003 msgid "" "The LDAP attribute that contains the objectSID of an LDAP group object. This " "is usually only necessary for ActiveDirectory servers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:977 +#: sssd-ldap.5.xml:1015 msgid "ldap_group_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:990 +#: sssd-ldap.5.xml:1028 msgid "ldap_group_type (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:993 +#: sssd-ldap.5.xml:1031 msgid "" "The LDAP attribute that contains an integer value indicating the type of the " "group and maybe other flags." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:998 +#: sssd-ldap.5.xml:1036 msgid "" "This attribute is currently only used by the AD provider to determine if a " "group is a domain local groups and has to be filtered out for trusted " @@ -5233,34 +5465,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1004 +#: sssd-ldap.5.xml:1042 msgid "Default: groupType in the AD provider, otherwise not set" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1011 +#: sssd-ldap.5.xml:1049 msgid "ldap_group_external_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1014 +#: sssd-ldap.5.xml:1052 msgid "" "The LDAP attribute that references group members that are defined in an " "external domain. At the moment, only IPA's external members are supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1020 +#: sssd-ldap.5.xml:1058 msgid "Default: ipaExternalMember in the IPA provider, otherwise unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1027 +#: sssd-ldap.5.xml:1065 msgid "ldap_group_nesting_level (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1030 +#: sssd-ldap.5.xml:1068 msgid "" "If ldap_schema is set to a schema format that supports nested groups " "(e.g. RFC2307bis), then this option controls how many levels of nesting SSSD " @@ -5268,7 +5500,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1037 +#: sssd-ldap.5.xml:1075 msgid "" "Note: This option specifies the guaranteed level of nested groups to be " "processed for any lookup. However, nested groups beyond this limit " @@ -5278,7 +5510,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1046 +#: sssd-ldap.5.xml:1084 msgid "" "If ldap_group_nesting_level is set to 0 then no nested groups are processed " "at all. However, when connected to Active-Directory Server 2008 and later " @@ -5288,270 +5520,270 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1055 +#: sssd-ldap.5.xml:1093 msgid "Default: 2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1064 +#: sssd-ldap.5.xml:1102 msgid "" "This options enables or disables use of Token-Groups attribute when " "performing initgroup for users from Active Directory Server 2008 and later." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1069 +#: sssd-ldap.5.xml:1107 msgid "Default: True for AD and IPA otherwise False." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1075 +#: sssd-ldap.5.xml:1113 msgid "ldap_netgroup_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1078 +#: sssd-ldap.5.xml:1116 msgid "The object class of a netgroup entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1081 +#: sssd-ldap.5.xml:1119 msgid "In IPA provider, ipa_netgroup_object_class should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1085 +#: sssd-ldap.5.xml:1123 msgid "Default: nisNetgroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1091 +#: sssd-ldap.5.xml:1129 msgid "ldap_netgroup_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1094 +#: sssd-ldap.5.xml:1132 msgid "The LDAP attribute that corresponds to the netgroup name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1098 +#: sssd-ldap.5.xml:1136 msgid "In IPA provider, ipa_netgroup_name should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1108 +#: sssd-ldap.5.xml:1146 msgid "ldap_netgroup_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1111 +#: sssd-ldap.5.xml:1149 msgid "The LDAP attribute that contains the names of the netgroup's members." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1115 +#: sssd-ldap.5.xml:1153 msgid "In IPA provider, ipa_netgroup_member should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1119 +#: sssd-ldap.5.xml:1157 msgid "Default: memberNisNetgroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1125 +#: sssd-ldap.5.xml:1163 msgid "ldap_netgroup_triple (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1128 +#: sssd-ldap.5.xml:1166 msgid "The LDAP attribute that contains the (host, user, domain) netgroup triples." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1132 sssd-ldap.5.xml:1148 +#: sssd-ldap.5.xml:1170 sssd-ldap.5.xml:1186 msgid "This option is not available in IPA provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1135 +#: sssd-ldap.5.xml:1173 msgid "Default: nisNetgroupTriple" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1141 +#: sssd-ldap.5.xml:1179 msgid "ldap_netgroup_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1157 +#: sssd-ldap.5.xml:1195 msgid "ldap_host_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1160 +#: sssd-ldap.5.xml:1198 msgid "The object class of a host entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1163 sssd-ldap.5.xml:1272 +#: sssd-ldap.5.xml:1201 sssd-ldap.5.xml:1310 msgid "Default: ipService" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1169 +#: sssd-ldap.5.xml:1207 msgid "ldap_host_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1172 sssd-ldap.5.xml:1198 +#: sssd-ldap.5.xml:1210 sssd-ldap.5.xml:1236 msgid "The LDAP attribute that corresponds to the host's name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1182 +#: sssd-ldap.5.xml:1220 msgid "ldap_host_fqdn (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1185 +#: sssd-ldap.5.xml:1223 msgid "" "The LDAP attribute that corresponds to the host's fully-qualified domain " "name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1189 +#: sssd-ldap.5.xml:1227 msgid "Default: fqdn" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1195 +#: sssd-ldap.5.xml:1233 msgid "ldap_host_serverhostname (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1202 +#: sssd-ldap.5.xml:1240 msgid "Default: serverHostname" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1208 +#: sssd-ldap.5.xml:1246 msgid "ldap_host_member_of (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1211 +#: sssd-ldap.5.xml:1249 msgid "The LDAP attribute that lists the host's group memberships." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1221 +#: sssd-ldap.5.xml:1259 msgid "ldap_host_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1224 +#: sssd-ldap.5.xml:1262 msgid "Optional. Use the given string as search base for host objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1228 sssd-ipa.5.xml:374 sssd-ipa.5.xml:393 sssd-ipa.5.xml:412 sssd-ipa.5.xml:431 +#: sssd-ldap.5.xml:1266 sssd-ipa.5.xml:374 sssd-ipa.5.xml:393 sssd-ipa.5.xml:412 sssd-ipa.5.xml:431 msgid "" "See <quote>ldap_search_base</quote> for information about configuring " "multiple search bases." msgstr "" #. type: Content of: <listitem><para> -#: sssd-ldap.5.xml:1233 sssd-ipa.5.xml:379 include/ldap_search_bases.xml:27 +#: sssd-ldap.5.xml:1271 sssd-ipa.5.xml:379 include/ldap_search_bases.xml:27 msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1240 +#: sssd-ldap.5.xml:1278 msgid "ldap_host_ssh_public_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1243 +#: sssd-ldap.5.xml:1281 msgid "The LDAP attribute that contains the host's SSH public keys." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1253 +#: sssd-ldap.5.xml:1291 msgid "ldap_host_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1256 +#: sssd-ldap.5.xml:1294 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP host object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1266 +#: sssd-ldap.5.xml:1304 msgid "ldap_service_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1269 +#: sssd-ldap.5.xml:1307 msgid "The object class of a service entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1278 +#: sssd-ldap.5.xml:1316 msgid "ldap_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1281 +#: sssd-ldap.5.xml:1319 msgid "" "The LDAP attribute that contains the name of service attributes and their " "aliases." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1291 +#: sssd-ldap.5.xml:1329 msgid "ldap_service_port (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1294 +#: sssd-ldap.5.xml:1332 msgid "The LDAP attribute that contains the port managed by this service." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1298 +#: sssd-ldap.5.xml:1336 msgid "Default: ipServicePort" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1304 +#: sssd-ldap.5.xml:1342 msgid "ldap_service_proto (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1307 +#: sssd-ldap.5.xml:1345 msgid "The LDAP attribute that contains the protocols understood by this service." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1311 +#: sssd-ldap.5.xml:1349 msgid "Default: ipServiceProtocol" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1317 +#: sssd-ldap.5.xml:1355 msgid "ldap_service_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1322 +#: sssd-ldap.5.xml:1360 msgid "ldap_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1325 +#: sssd-ldap.5.xml:1363 msgid "" "Specifies the timeout (in seconds) that ldap searches are allowed to run " "before they are cancelled and cached results are returned (and offline mode " @@ -5559,7 +5791,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1331 +#: sssd-ldap.5.xml:1369 msgid "" "Note: this option is subject to change in future versions of the SSSD. It " "will likely be replaced at some point by a series of timeouts for specific " @@ -5567,12 +5799,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1343 +#: sssd-ldap.5.xml:1381 msgid "ldap_enumeration_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1346 +#: sssd-ldap.5.xml:1384 msgid "" "Specifies the timeout (in seconds) that ldap searches for user and group " "enumerations are allowed to run before they are cancelled and cached results " @@ -5580,12 +5812,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1359 +#: sssd-ldap.5.xml:1397 msgid "ldap_network_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1362 +#: sssd-ldap.5.xml:1400 msgid "" "Specifies the timeout (in seconds) after which the <citerefentry> " "<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> " @@ -5596,12 +5828,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1385 +#: sssd-ldap.5.xml:1423 msgid "ldap_opt_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1388 +#: sssd-ldap.5.xml:1426 msgid "" "Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " "will abort if no response is received. Also controls the timeout when " @@ -5610,12 +5842,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1403 +#: sssd-ldap.5.xml:1441 msgid "ldap_connection_expire_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1406 +#: sssd-ldap.5.xml:1444 msgid "" "Specifies a timeout (in seconds) that a connection to an LDAP server will be " "maintained. After this time, the connection will be re-established. If used " @@ -5624,34 +5856,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1414 sssd-ldap.5.xml:2503 +#: sssd-ldap.5.xml:1452 sssd-ldap.5.xml:2572 msgid "Default: 900 (15 minutes)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1420 +#: sssd-ldap.5.xml:1458 msgid "ldap_page_size (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1423 +#: sssd-ldap.5.xml:1461 msgid "" "Specify the number of records to retrieve from LDAP in a single " "request. Some LDAP servers enforce a maximum limit per-request." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1428 +#: sssd-ldap.5.xml:1466 msgid "Default: 1000" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1434 +#: sssd-ldap.5.xml:1472 msgid "ldap_disable_paging (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1437 +#: sssd-ldap.5.xml:1475 msgid "" "Disable the LDAP paging control. This option should be used if the LDAP " "server reports that it supports the LDAP paging control in its RootDSE but " @@ -5659,7 +5891,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1443 +#: sssd-ldap.5.xml:1481 msgid "" "Example: OpenLDAP servers with the paging control module installed on the " "server but not enabled will report it in the RootDSE but be unable to use " @@ -5667,7 +5899,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1449 +#: sssd-ldap.5.xml:1487 msgid "" "Example: 389 DS has a bug where it can only support a one paging control at " "a time on a single connection. On busy clients, this can result in some " @@ -5675,17 +5907,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1461 +#: sssd-ldap.5.xml:1499 msgid "ldap_disable_range_retrieval (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1464 +#: sssd-ldap.5.xml:1502 msgid "Disable Active Directory range retrieval." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1467 +#: sssd-ldap.5.xml:1505 msgid "" "Active Directory limits the number of members to be retrieved in a single " "lookup using the MaxValRange policy (which defaults to 1500 members). If a " @@ -5695,12 +5927,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1482 +#: sssd-ldap.5.xml:1520 msgid "ldap_sasl_minssf (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1485 +#: sssd-ldap.5.xml:1523 msgid "" "When communicating with an LDAP server using SASL, specify the minimum " "security level necessary to establish the connection. The values of this " @@ -5708,17 +5940,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1491 +#: sssd-ldap.5.xml:1529 msgid "Default: Use the system default (usually specified by ldap.conf)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1498 +#: sssd-ldap.5.xml:1536 msgid "ldap_deref_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1501 +#: sssd-ldap.5.xml:1539 msgid "" "Specify the number of group members that must be missing from the internal " "cache in order to trigger a dereference lookup. If less members are missing, " @@ -5726,12 +5958,18 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1507 -msgid "You can turn off dereference lookups completely by setting the value to 0." +#: sssd-ldap.5.xml:1545 +msgid "" +"You can turn off dereference lookups completely by setting the value to " +"0. Please note that there are some codepaths in SSSD, like the IPA HBAC " +"provider, that are only implemented using the dereference call, so even with " +"dereference explicitly disabled, those parts will still use dereference if " +"the server supports it and advertises the dereference control in the rootDSE " +"object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1511 +#: sssd-ldap.5.xml:1556 msgid "" "A dereference lookup is a means of fetching all group members in a single " "LDAP call. Different LDAP servers may implement different dereference " @@ -5740,7 +5978,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1519 +#: sssd-ldap.5.xml:1564 msgid "" "<emphasis>Note:</emphasis> If any of the search bases specifies a search " "filter, then the dereference lookup performance enhancement will be disabled " @@ -5748,26 +5986,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1532 +#: sssd-ldap.5.xml:1577 msgid "ldap_tls_reqcert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1535 +#: sssd-ldap.5.xml:1580 msgid "" "Specifies what checks to perform on server certificates in a TLS session, if " "any. It can be specified as one of the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1541 +#: sssd-ldap.5.xml:1586 msgid "" "<emphasis>never</emphasis> = The client will not request or check any server " "certificate." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1545 +#: sssd-ldap.5.xml:1590 msgid "" "<emphasis>allow</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -5775,7 +6013,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1552 +#: sssd-ldap.5.xml:1597 msgid "" "<emphasis>try</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -5783,7 +6021,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1558 +#: sssd-ldap.5.xml:1603 msgid "" "<emphasis>demand</emphasis> = The server certificate is requested. If no " "certificate is provided, or a bad certificate is provided, the session is " @@ -5791,41 +6029,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1564 +#: sssd-ldap.5.xml:1609 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1568 +#: sssd-ldap.5.xml:1613 msgid "Default: hard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1574 +#: sssd-ldap.5.xml:1619 msgid "ldap_tls_cacert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1577 +#: sssd-ldap.5.xml:1622 msgid "" "Specifies the file that contains certificates for all of the Certificate " "Authorities that <command>sssd</command> will recognize." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1582 sssd-ldap.5.xml:1600 sssd-ldap.5.xml:1641 +#: sssd-ldap.5.xml:1627 sssd-ldap.5.xml:1645 sssd-ldap.5.xml:1686 msgid "" "Default: use OpenLDAP defaults, typically in " "<filename>/etc/openldap/ldap.conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1589 +#: sssd-ldap.5.xml:1634 msgid "ldap_tls_cacertdir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1592 +#: sssd-ldap.5.xml:1637 msgid "" "Specifies the path of a directory that contains Certificate Authority " "certificates in separate individual files. Typically the file names need to " @@ -5834,32 +6072,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1607 +#: sssd-ldap.5.xml:1652 msgid "ldap_tls_cert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1610 +#: sssd-ldap.5.xml:1655 msgid "Specifies the file that contains the certificate for the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1620 +#: sssd-ldap.5.xml:1665 msgid "ldap_tls_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1623 +#: sssd-ldap.5.xml:1668 msgid "Specifies the file that contains the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1632 +#: sssd-ldap.5.xml:1677 msgid "ldap_tls_cipher_suite (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1635 +#: sssd-ldap.5.xml:1680 msgid "" "Specifies acceptable cipher suites. Typically this is a colon separated " "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " @@ -5867,24 +6105,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1648 +#: sssd-ldap.5.xml:1693 msgid "ldap_id_use_start_tls (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1651 +#: sssd-ldap.5.xml:1696 msgid "" "Specifies that the id_provider connection must also use <systemitem " "class=\"protocol\">tls</systemitem> to protect the channel." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1661 +#: sssd-ldap.5.xml:1706 msgid "ldap_id_mapping (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1664 +#: sssd-ldap.5.xml:1709 msgid "" "Specifies that SSSD should attempt to map user and group IDs from the " "ldap_user_objectsid and ldap_group_objectsid attributes instead of relying " @@ -5892,17 +6130,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1670 +#: sssd-ldap.5.xml:1715 msgid "Currently this feature supports only ActiveDirectory objectSID mapping." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1680 +#: sssd-ldap.5.xml:1725 msgid "ldap_min_id, ldap_max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1683 +#: sssd-ldap.5.xml:1728 msgid "" "In contrast to the SID based ID mapping which is used if ldap_id_mapping is " "set to true the allowed ID range for ldap_user_uid_number and " @@ -5913,29 +6151,40 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1695 +#: sssd-ldap.5.xml:1740 msgid "Default: not set (both options are set to 0)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1701 +#: sssd-ldap.5.xml:1746 msgid "ldap_sasl_mech (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1704 +#: sssd-ldap.5.xml:1749 +msgid "" +"Specify the SASL mechanism to use. Currently only GSSAPI and GSS-SPNEGO are " +"tested and supported." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1753 msgid "" -"Specify the SASL mechanism to use. Currently only GSSAPI is tested and " -"supported." +"If the backend supports sub-domains the value of ldap_sasl_mech is " +"automatically inherited to the sub-domains. If a different value is needed " +"for a sub-domain it can be overwritten by setting ldap_sasl_mech for this " +"sub-domain explicitly. Please see TRUSTED DOMAIN SECTION in " +"<citerefentry><refentrytitle>sssd.conf</refentrytitle> " +"<manvolnum>5</manvolnum></citerefentry> for details." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1714 +#: sssd-ldap.5.xml:1769 msgid "ldap_sasl_authid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ldap.5.xml:1725 +#: sssd-ldap.5.xml:1781 #, no-wrap msgid "" "hostname@REALM\n" @@ -5948,29 +6197,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1717 +#: sssd-ldap.5.xml:1772 msgid "" -"Specify the SASL authorization id to use. When GSSAPI is used, this " -"represents the Kerberos principal used for authentication to the directory. " -"This option can either contain the full principal (for example " +"Specify the SASL authorization id to use. When GSSAPI/GSS-SPNEGO are used, " +"this represents the Kerberos principal used for authentication to the " +"directory. This option can either contain the full principal (for example " "host/myhost@EXAMPLE.COM) or just the principal name (for example " -"host/myhost). By default, the value is not set and the following principals " +"host/myhost). By default, the value is not set and the following principals " "are used: <placeholder type=\"programlisting\" id=\"0\"/> If none of them " "are found, the first principal in keytab is returned." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1736 +#: sssd-ldap.5.xml:1792 msgid "Default: host/hostname@REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1742 +#: sssd-ldap.5.xml:1798 msgid "ldap_sasl_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1745 +#: sssd-ldap.5.xml:1801 msgid "" "Specify the SASL realm to use. When not specified, this option defaults to " "the value of krb5_realm. If the ldap_sasl_authid contains the realm as " @@ -5978,77 +6227,79 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1751 +#: sssd-ldap.5.xml:1807 msgid "Default: the value of krb5_realm." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1757 +#: sssd-ldap.5.xml:1813 msgid "ldap_sasl_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1760 +#: sssd-ldap.5.xml:1816 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1765 +#: sssd-ldap.5.xml:1821 msgid "Default: false;" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1771 +#: sssd-ldap.5.xml:1827 msgid "ldap_krb5_keytab (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1774 -msgid "Specify the keytab to use when using SASL/GSSAPI." +#: sssd-ldap.5.xml:1830 +msgid "Specify the keytab to use when using SASL/GSSAPI/GSS-SPNEGO." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1777 +#: sssd-ldap.5.xml:1834 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1783 +#: sssd-ldap.5.xml:1840 msgid "ldap_krb5_init_creds (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1786 +#: sssd-ldap.5.xml:1843 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " -"GSSAPI." +"GSSAPI or GSS-SPNEGO." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1798 +#: sssd-ldap.5.xml:1855 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1801 -msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." +#: sssd-ldap.5.xml:1858 +msgid "" +"Specifies the lifetime in seconds of the TGT if GSSAPI or GSS-SPNEGO is " +"used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1805 sssd-ad.5.xml:959 +#: sssd-ldap.5.xml:1862 sssd-ad.5.xml:978 msgid "Default: 86400 (24 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1811 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:1868 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1814 +#: sssd-ldap.5.xml:1871 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of " @@ -6060,7 +6311,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1826 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:1883 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -6068,7 +6319,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1831 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1888 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of " "SSSD. While the legacy name is recognized for the time being, users are " @@ -6077,39 +6328,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1840 sssd-ipa.5.xml:443 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1897 sssd-ipa.5.xml:443 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1843 -msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." +#: sssd-ldap.5.xml:1900 +msgid "Specify the Kerberos REALM (for SASL/GSSAPI/GSS-SPNEGO auth)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1846 +#: sssd-ldap.5.xml:1904 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1852 sssd-krb5.5.xml:462 +#: sssd-ldap.5.xml:1910 sssd-krb5.5.xml:462 msgid "krb5_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1855 +#: sssd-ldap.5.xml:1913 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1867 sssd-krb5.5.xml:477 +#: sssd-ldap.5.xml:1925 sssd-krb5.5.xml:477 msgid "krb5_use_kdcinfo (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1870 sssd-krb5.5.xml:480 +#: sssd-ldap.5.xml:1928 sssd-krb5.5.xml:480 msgid "" "Specifies if the SSSD should instruct the Kerberos libraries what realm and " "which KDCs to use. This option is on by default, if you disable it, you need " @@ -6119,7 +6370,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1881 sssd-krb5.5.xml:491 +#: sssd-ldap.5.xml:1939 sssd-krb5.5.xml:491 msgid "" "See the <citerefentry> " "<refentrytitle>sssd_krb5_locator_plugin</refentrytitle> " @@ -6128,26 +6379,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1895 +#: sssd-ldap.5.xml:1953 msgid "ldap_pwd_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1898 +#: sssd-ldap.5.xml:1956 msgid "" "Select the policy to evaluate the password expiration on the client " "side. The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1903 +#: sssd-ldap.5.xml:1961 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1908 +#: sssd-ldap.5.xml:1966 msgid "" "<emphasis>shadow</emphasis> - Use " "<citerefentry><refentrytitle>shadow</refentrytitle> " @@ -6156,7 +6407,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1914 +#: sssd-ldap.5.xml:1972 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " @@ -6164,31 +6415,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1923 +#: sssd-ldap.5.xml:1981 msgid "" "<emphasis>Note</emphasis>: if a password policy is configured on server " "side, it always takes precedence over policy set with this option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1931 +#: sssd-ldap.5.xml:1989 msgid "ldap_referrals (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1934 +#: sssd-ldap.5.xml:1992 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1938 +#: sssd-ldap.5.xml:1996 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1943 +#: sssd-ldap.5.xml:2001 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " @@ -6197,56 +6448,56 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1957 +#: sssd-ldap.5.xml:2015 msgid "ldap_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1960 +#: sssd-ldap.5.xml:2018 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1964 +#: sssd-ldap.5.xml:2022 msgid "Default: ldap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1970 +#: sssd-ldap.5.xml:2028 msgid "ldap_chpass_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1973 +#: sssd-ldap.5.xml:2031 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1978 +#: sssd-ldap.5.xml:2036 msgid "Default: not set, i.e. service discovery is disabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1984 +#: sssd-ldap.5.xml:2042 msgid "ldap_chpass_update_last_change (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1987 +#: sssd-ldap.5.xml:2045 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1999 +#: sssd-ldap.5.xml:2057 msgid "ldap_access_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2002 +#: sssd-ldap.5.xml:2060 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -6263,12 +6514,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2022 +#: sssd-ldap.5.xml:2080 msgid "Example:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:2025 +#: sssd-ldap.5.xml:2083 #, no-wrap msgid "" "access_provider = ldap\n" @@ -6277,14 +6528,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2029 +#: sssd-ldap.5.xml:2087 msgid "" "This example means that access to this host is restricted to users whose " "employeeType attribute is set to \"admin\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2034 +#: sssd-ldap.5.xml:2092 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -6293,24 +6544,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2042 sssd-ldap.5.xml:2099 +#: sssd-ldap.5.xml:2100 sssd-ldap.5.xml:2157 msgid "Default: Empty" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2048 +#: sssd-ldap.5.xml:2106 msgid "ldap_account_expire_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2051 +#: sssd-ldap.5.xml:2109 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2055 +#: sssd-ldap.5.xml:2113 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -6318,19 +6569,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2062 +#: sssd-ldap.5.xml:2120 msgid "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2065 +#: sssd-ldap.5.xml:2123 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2070 +#: sssd-ldap.5.xml:2128 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -6339,7 +6590,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2077 +#: sssd-ldap.5.xml:2135 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, " "<emphasis>389ds</emphasis>: use the value of ldap_ns_account_lock to check " @@ -6347,7 +6598,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2083 +#: sssd-ldap.5.xml:2141 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -6356,7 +6607,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2092 +#: sssd-ldap.5.xml:2150 msgid "" "Please note that the ldap_access_order configuration option " "<emphasis>must</emphasis> include <quote>expire</quote> in order for the " @@ -6364,22 +6615,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2105 +#: sssd-ldap.5.xml:2163 msgid "ldap_access_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2108 +#: sssd-ldap.5.xml:2166 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2112 +#: sssd-ldap.5.xml:2170 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2115 +#: sssd-ldap.5.xml:2173 msgid "" "<emphasis>lockout</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -6389,7 +6640,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2125 +#: sssd-ldap.5.xml:2183 msgid "" "<emphasis> Please note that this option is superseded by the " "<quote>ppolicy</quote> option and might be removed in a future release. " @@ -6397,7 +6648,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2132 +#: sssd-ldap.5.xml:2190 msgid "" "<emphasis>ppolicy</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -6410,12 +6661,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2149 +#: sssd-ldap.5.xml:2207 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2153 +#: sssd-ldap.5.xml:2211 msgid "" "<emphasis>pwd_expire_policy_reject, pwd_expire_policy_warn, " "pwd_expire_policy_renew: </emphasis> These options are useful if users are " @@ -6425,7 +6676,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2163 +#: sssd-ldap.5.xml:2221 msgid "" "The difference between these options is the action taken if user password is " "expired: pwd_expire_policy_reject - user is denied to log in, " @@ -6435,38 +6686,38 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2171 +#: sssd-ldap.5.xml:2229 msgid "Note If user password is expired no explicit message is prompted by SSSD." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2175 +#: sssd-ldap.5.xml:2233 msgid "" "Please note that 'access_provider = ldap' must be set for this feature to " "work. Also 'ldap_pwd_policy' must be set to an appropriate password policy." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2180 +#: sssd-ldap.5.xml:2238 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2185 +#: sssd-ldap.5.xml:2243 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2189 +#: sssd-ldap.5.xml:2247 msgid "" "<emphasis>rhost</emphasis>: use the rhost attribute to determine whether " "remote host can access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2193 +#: sssd-ldap.5.xml:2251 msgid "" "Please note, rhost field in pam is set by application, it is better to check " "what the application sends to pam, before enabling this access control " @@ -6474,24 +6725,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2198 +#: sssd-ldap.5.xml:2256 msgid "Default: filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2201 +#: sssd-ldap.5.xml:2259 msgid "" "Please note that it is a configuration error if a value is used more than " "once." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2208 +#: sssd-ldap.5.xml:2266 msgid "ldap_pwdlockout_dn (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2211 +#: sssd-ldap.5.xml:2269 msgid "" "This option specifies the DN of password policy entry on LDAP server. Please " "note that absence of this option in sssd.conf in case of enabled account " @@ -6500,74 +6751,74 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2219 +#: sssd-ldap.5.xml:2277 msgid "Example: cn=ppolicy,ou=policies,dc=example,dc=com" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2222 +#: sssd-ldap.5.xml:2280 msgid "Default: cn=ppolicy,ou=policies,$ldap_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2228 +#: sssd-ldap.5.xml:2286 msgid "ldap_deref (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2231 +#: sssd-ldap.5.xml:2289 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2236 +#: sssd-ldap.5.xml:2294 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2240 +#: sssd-ldap.5.xml:2298 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2245 +#: sssd-ldap.5.xml:2303 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2250 +#: sssd-ldap.5.xml:2308 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2255 +#: sssd-ldap.5.xml:2313 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2263 +#: sssd-ldap.5.xml:2321 msgid "ldap_rfc2307_fallback_to_local_users (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2266 +#: sssd-ldap.5.xml:2324 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2270 +#: sssd-ldap.5.xml:2328 msgid "" "In some environments where the RFC2307 schema is used, local users are made " "members of LDAP groups by adding their names to the memberUid attribute. " @@ -6578,7 +6829,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2281 +#: sssd-ldap.5.xml:2339 msgid "" "This option falls back to checking if local users are referenced, and caches " "them so that later initgroups() calls will augment the local users with the " @@ -6586,24 +6837,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2293 sssd-ifp.5.xml:136 +#: sssd-ldap.5.xml:2351 sssd-ifp.5.xml:136 msgid "wildcard_limit (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2296 +#: sssd-ldap.5.xml:2354 msgid "" "Specifies an upper limit on the number of entries that are downloaded during " "a wildcard lookup." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2300 +#: sssd-ldap.5.xml:2358 msgid "At the moment, only the InfoPipe responder supports wildcard lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2304 +#: sssd-ldap.5.xml:2362 msgid "Default: 1000 (often the size of one page)" msgstr "" @@ -6618,12 +6869,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2314 +#: sssd-ldap.5.xml:2372 msgid "SUDO OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2316 +#: sssd-ldap.5.xml:2374 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -6631,316 +6882,326 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2327 +#: sssd-ldap.5.xml:2385 msgid "ldap_sudorule_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2330 +#: sssd-ldap.5.xml:2388 msgid "The object class of a sudo rule entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2333 +#: sssd-ldap.5.xml:2391 msgid "Default: sudoRole" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2339 +#: sssd-ldap.5.xml:2397 msgid "ldap_sudorule_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2342 +#: sssd-ldap.5.xml:2400 msgid "The LDAP attribute that corresponds to the sudo rule name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2352 +#: sssd-ldap.5.xml:2410 msgid "ldap_sudorule_command (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2355 +#: sssd-ldap.5.xml:2413 msgid "The LDAP attribute that corresponds to the command name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2359 +#: sssd-ldap.5.xml:2417 msgid "Default: sudoCommand" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2365 +#: sssd-ldap.5.xml:2423 msgid "ldap_sudorule_host (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2368 +#: sssd-ldap.5.xml:2426 msgid "" "The LDAP attribute that corresponds to the host name (or host IP address, " "host IP network, or host netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2373 +#: sssd-ldap.5.xml:2431 msgid "Default: sudoHost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2379 +#: sssd-ldap.5.xml:2437 msgid "ldap_sudorule_user (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2382 +#: sssd-ldap.5.xml:2440 msgid "" "The LDAP attribute that corresponds to the user name (or UID, group name or " "user's netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2386 +#: sssd-ldap.5.xml:2444 msgid "Default: sudoUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2392 +#: sssd-ldap.5.xml:2450 msgid "ldap_sudorule_option (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2395 +#: sssd-ldap.5.xml:2453 msgid "The LDAP attribute that corresponds to the sudo options." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2399 +#: sssd-ldap.5.xml:2457 msgid "Default: sudoOption" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2405 +#: sssd-ldap.5.xml:2463 msgid "ldap_sudorule_runasuser (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2408 +#: sssd-ldap.5.xml:2466 msgid "" "The LDAP attribute that corresponds to the user name that commands may be " "run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2412 +#: sssd-ldap.5.xml:2470 msgid "Default: sudoRunAsUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2418 +#: sssd-ldap.5.xml:2476 msgid "ldap_sudorule_runasgroup (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2421 +#: sssd-ldap.5.xml:2479 msgid "" "The LDAP attribute that corresponds to the group name or group GID that " "commands may be run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2425 +#: sssd-ldap.5.xml:2483 msgid "Default: sudoRunAsGroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2431 +#: sssd-ldap.5.xml:2489 msgid "ldap_sudorule_notbefore (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2434 +#: sssd-ldap.5.xml:2492 msgid "" "The LDAP attribute that corresponds to the start date/time for when the sudo " "rule is valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2438 +#: sssd-ldap.5.xml:2496 msgid "Default: sudoNotBefore" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2444 +#: sssd-ldap.5.xml:2502 msgid "ldap_sudorule_notafter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2447 +#: sssd-ldap.5.xml:2505 msgid "" "The LDAP attribute that corresponds to the expiration date/time, after which " "the sudo rule will no longer be valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2452 +#: sssd-ldap.5.xml:2510 msgid "Default: sudoNotAfter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2458 +#: sssd-ldap.5.xml:2516 msgid "ldap_sudorule_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2461 +#: sssd-ldap.5.xml:2519 msgid "The LDAP attribute that corresponds to the ordering index of the rule." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2465 +#: sssd-ldap.5.xml:2523 msgid "Default: sudoOrder" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2471 +#: sssd-ldap.5.xml:2529 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2474 +#: sssd-ldap.5.xml:2532 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2479 +#: sssd-ldap.5.xml:2537 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval " "</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2484 +#: sssd-ldap.5.xml:2542 msgid "Default: 21600 (6 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2490 +#: sssd-ldap.5.xml:2548 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2493 +#: sssd-ldap.5.xml:2551 msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " -"rules (which downloads all rules that have USN higher than the highest USN " -"of cached rules)." +"rules (which downloads all rules that have USN higher than the highest " +"server USN value that is currently known by SSSD)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2499 +#: sssd-ldap.5.xml:2557 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:2561 +msgid "" +"<emphasis>Note:</emphasis> the highest USN value can be updated by three " +"tasks: 1) By sudo full and smart refresh (if updated rules are found), 2) by " +"enumeration of users and groups (if enabled and updated users or groups are " +"found) and 3) by reconnecting to the server (by default every 15 minutes, " +"see <emphasis>ldap_connection_expire_timeout</emphasis>)." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2509 +#: sssd-ldap.5.xml:2578 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2512 +#: sssd-ldap.5.xml:2581 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2523 +#: sssd-ldap.5.xml:2592 msgid "ldap_sudo_hostnames (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2526 +#: sssd-ldap.5.xml:2595 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2531 +#: sssd-ldap.5.xml:2600 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2536 sssd-ldap.5.xml:2559 sssd-ldap.5.xml:2577 sssd-ldap.5.xml:2595 +#: sssd-ldap.5.xml:2605 sssd-ldap.5.xml:2628 sssd-ldap.5.xml:2646 sssd-ldap.5.xml:2664 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is " "<emphasis>false</emphasis> then this option has no effect." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2541 sssd-ldap.5.xml:2564 +#: sssd-ldap.5.xml:2610 sssd-ldap.5.xml:2633 msgid "Default: not specified" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2547 +#: sssd-ldap.5.xml:2616 msgid "ldap_sudo_ip (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2550 +#: sssd-ldap.5.xml:2619 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2555 +#: sssd-ldap.5.xml:2624 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2570 +#: sssd-ldap.5.xml:2639 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2573 +#: sssd-ldap.5.xml:2642 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2588 +#: sssd-ldap.5.xml:2657 msgid "ldap_sudo_include_regexp (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2591 +#: sssd-ldap.5.xml:2660 msgid "" "If true then SSSD will download every rule that contains a wildcard in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><note><para> -#: sssd-ldap.5.xml:2601 +#: sssd-ldap.5.xml:2670 msgid "" "Using wildcard is an operation that is very costly to evaluate on the LDAP " "server side!" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2613 +#: sssd-ldap.5.xml:2682 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -6949,112 +7210,112 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2623 +#: sssd-ldap.5.xml:2692 msgid "AUTOFS OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2625 +#: sssd-ldap.5.xml:2694 msgid "" "Some of the defaults for the parameters below are dependent on the LDAP " "schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2631 +#: sssd-ldap.5.xml:2700 msgid "ldap_autofs_map_master_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2634 +#: sssd-ldap.5.xml:2703 msgid "The name of the automount master map in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2637 +#: sssd-ldap.5.xml:2706 msgid "Default: auto.master" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2644 +#: sssd-ldap.5.xml:2713 msgid "ldap_autofs_map_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2647 +#: sssd-ldap.5.xml:2716 msgid "The object class of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2650 +#: sssd-ldap.5.xml:2719 msgid "Default: nisMap (rfc2307, autofs_provider=ad), otherwise automountMap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2658 +#: sssd-ldap.5.xml:2727 msgid "ldap_autofs_map_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2661 +#: sssd-ldap.5.xml:2730 msgid "The name of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2664 +#: sssd-ldap.5.xml:2733 msgid "" "Default: nisMapName (rfc2307, autofs_provider=ad), otherwise " "automountMapName" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2672 +#: sssd-ldap.5.xml:2741 msgid "ldap_autofs_entry_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2675 +#: sssd-ldap.5.xml:2744 msgid "" "The object class of an automount entry in LDAP. The entry usually " "corresponds to a mount point." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2680 +#: sssd-ldap.5.xml:2749 msgid "Default: nisObject (rfc2307, autofs_provider=ad), otherwise automount" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2688 +#: sssd-ldap.5.xml:2757 msgid "ldap_autofs_entry_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2691 sssd-ldap.5.xml:2706 +#: sssd-ldap.5.xml:2760 sssd-ldap.5.xml:2775 msgid "" "The key of an automount entry in LDAP. The entry usually corresponds to a " "mount point." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2695 +#: sssd-ldap.5.xml:2764 msgid "Default: cn (rfc2307, autofs_provider=ad), otherwise automountKey" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2703 +#: sssd-ldap.5.xml:2772 msgid "ldap_autofs_entry_value (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2710 +#: sssd-ldap.5.xml:2779 msgid "" "Default: nisMapEntry (rfc2307, autofs_provider=ad), otherwise " "automountInformation" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2629 +#: sssd-ldap.5.xml:2698 msgid "" "<placeholder type=\"variablelist\" id=\"0\"/> <placeholder " "type=\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" " @@ -7064,32 +7325,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2721 +#: sssd-ldap.5.xml:2790 msgid "ADVANCED OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2728 +#: sssd-ldap.5.xml:2797 msgid "ldap_netgroup_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2733 +#: sssd-ldap.5.xml:2802 msgid "ldap_user_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2738 +#: sssd-ldap.5.xml:2807 msgid "ldap_group_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note> -#: sssd-ldap.5.xml:2743 +#: sssd-ldap.5.xml:2812 msgid "<note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note><para> -#: sssd-ldap.5.xml:2745 +#: sssd-ldap.5.xml:2814 msgid "" "If the option <quote>ldap_use_tokengroups</quote> is enabled, the searches " "against Active Directory will not be restricted and return all groups " @@ -7098,22 +7359,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist> -#: sssd-ldap.5.xml:2752 +#: sssd-ldap.5.xml:2821 msgid "</note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2754 +#: sssd-ldap.5.xml:2823 msgid "ldap_sudo_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2759 +#: sssd-ldap.5.xml:2828 msgid "ldap_autofs_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2723 +#: sssd-ldap.5.xml:2792 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -7122,12 +7383,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2774 sssd-simple.5.xml:131 sssd-ipa.5.xml:843 sssd-ad.5.xml:1078 sssd-krb5.5.xml:570 sss_rpcidmapd.5.xml:98 sssd-files.5.xml:130 sssd-session-recording.5.xml:144 +#: sssd-ldap.5.xml:2843 sssd-simple.5.xml:131 sssd-ipa.5.xml:843 sssd-ad.5.xml:1097 sssd-krb5.5.xml:604 sss_rpcidmapd.5.xml:98 sssd-files.5.xml:130 sssd-session-recording.5.xml:144 msgid "EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2776 +#: sssd-ldap.5.xml:2845 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -7135,7 +7396,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2782 +#: sssd-ldap.5.xml:2851 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -7148,24 +7409,24 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:2781 sssd-ldap.5.xml:2799 sssd-simple.5.xml:139 sssd-ipa.5.xml:851 sssd-ad.5.xml:1086 sssd-sudo.5.xml:56 sssd-krb5.5.xml:579 sssd-files.5.xml:137 sssd-files.5.xml:148 sssd-session-recording.5.xml:150 include/ldap_id_mapping.xml:105 +#: sssd-ldap.5.xml:2850 sssd-ldap.5.xml:2868 sssd-simple.5.xml:139 sssd-ipa.5.xml:851 sssd-ad.5.xml:1105 sssd-sudo.5.xml:56 sssd-krb5.5.xml:613 sssd-files.5.xml:137 sssd-files.5.xml:148 sssd-session-recording.5.xml:150 include/ldap_id_mapping.xml:105 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2793 +#: sssd-ldap.5.xml:2862 msgid "LDAP ACCESS FILTER EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2795 +#: sssd-ldap.5.xml:2864 msgid "" "The following example assumes that SSSD is correctly configured and to use " "the ldap_access_order=lockout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2800 +#: sssd-ldap.5.xml:2869 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -7181,12 +7442,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2815 sssd_krb5_locator_plugin.8.xml:81 sssd-simple.5.xml:148 sssd-ad.5.xml:1101 sssd.8.xml:257 sss_seed.8.xml:163 +#: sssd-ldap.5.xml:2884 sssd_krb5_locator_plugin.8.xml:83 sssd-simple.5.xml:148 sssd-ad.5.xml:1120 sssd.8.xml:257 sss_seed.8.xml:163 msgid "NOTES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2817 +#: sssd-ldap.5.xml:2886 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -7401,7 +7662,7 @@ msgstr "" msgid "" "Try to use certificate based authentication, i.e. authentication with a " "Smartcard or similar devices. If a Smartcard is available and the service is " -"allowed for Smartcard authentication the use will be prompted for a PIN and " +"allowed for Smartcard authentication the user will be prompted for a PIN and " "the certificate based authentication will continue" msgstr "" @@ -7448,13 +7709,22 @@ msgid "" "<option>password</option> and <option>session</option>) are provided." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para> +#: pam_sss.8.xml:259 +msgid "" +"If SSSD's PAM responder is not running, e.g. if the PAM responder socket is " +"not available, pam_sss will return PAM_USER_UNKNOWN when called as " +"<option>account</option> module to avoid issues with users from other " +"sources during access control." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><title> -#: pam_sss.8.xml:262 +#: pam_sss.8.xml:266 msgid "FILES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:263 +#: pam_sss.8.xml:267 msgid "" "If a password reset by root fails, because the corresponding SSSD provider " "does not support password resets, an individual message can be " @@ -7463,7 +7733,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:268 +#: pam_sss.8.xml:272 msgid "" "The message is read from the file " "<filename>pam_sss_pw_reset_message.LOC</filename> where LOC stands for a " @@ -7476,7 +7746,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:278 +#: pam_sss.8.xml:282 msgid "" "These files are searched in the directory " "<filename>/etc/sssd/customize/DOMAIN_NAME/</filename>. If no matching file " @@ -7526,34 +7796,44 @@ msgstr "" msgid "" "The plugin reads the information about the KDCs of a given realm from a file " "called <filename>kdcinfo.REALM</filename>. The file should contain one or " -"more IP addresses either in dotted-decimal IPv4 notation or the hexadecimal " -"IPv6 notation. An optional port number can be added to the end separated " -"with a colon, the IPv6 address has to be enclosed in squared brackets in " -"this case as usual. Valid entries are:" +"more DNS names or IP addresses either in dotted-decimal IPv4 notation or the " +"hexadecimal IPv6 notation. An optional port number can be added to the end " +"separated with a colon, the IPv6 address has to be enclosed in squared " +"brackets in this case as usual. Valid entries are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> #: sssd_krb5_locator_plugin.8.xml:58 -msgid "1.2.3.4" +msgid "kdc.example.com" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> #: sssd_krb5_locator_plugin.8.xml:59 -msgid "5.6.7.8:99" +msgid "kdc.example.com:321" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> #: sssd_krb5_locator_plugin.8.xml:60 -msgid "2001:db8:85a3::8a2e:370:7334" +msgid "1.2.3.4" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> #: sssd_krb5_locator_plugin.8.xml:61 +msgid "5.6.7.8:99" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd_krb5_locator_plugin.8.xml:62 +msgid "2001:db8:85a3::8a2e:370:7334" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd_krb5_locator_plugin.8.xml:63 msgid "[2001:db8:85a3::8a2e:370:7334]:321" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:63 +#: sssd_krb5_locator_plugin.8.xml:65 msgid "" "SSSD's krb5 auth-provider which is used by the IPA and AD providers as well " "adds the address of the current KDC or domain controller SSSD is using to " @@ -7561,7 +7841,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:68 +#: sssd_krb5_locator_plugin.8.xml:70 msgid "" "In environments with read-only and read-write KDCs where clients are " "expected to use the read-only instances for the general operations and only " @@ -7574,7 +7854,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:83 +#: sssd_krb5_locator_plugin.8.xml:85 msgid "" "Not all Kerberos implementations support the use of plugins. If " "<command>sssd_krb5_locator_plugin</command> is not available on your system " @@ -7582,20 +7862,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:89 +#: sssd_krb5_locator_plugin.8.xml:91 msgid "" "If the environment variable SSSD_KRB5_LOCATOR_DEBUG is set to any value " "debug messages will be sent to stderr." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:93 +#: sssd_krb5_locator_plugin.8.xml:95 msgid "" "If the environment variable SSSD_KRB5_LOCATOR_DISABLE is set to any value " "the plugin is disabled and will just return KRB5_PLUGIN_NO_HANDLE to the " "caller." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:100 +msgid "" +"If the environment variable SSSD_KRB5_LOCATOR_IGNORE_DNS_FAILURES is set to " +"any value plugin will try to resolve all DNS names in kdcinfo file. By " +"default plugin returns KRB5_PLUGIN_NO_HANDLE to the caller immediately on " +"first DNS resolving failure." +msgstr "" + #. type: Content of: <reference><refentry><refnamediv><refname> #: sssd-simple.5.xml:10 sssd-simple.5.xml:16 msgid "sssd-simple" @@ -8692,7 +8981,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:128 sssd-ad.5.xml:888 +#: sssd-ipa.5.xml:128 sssd-ad.5.xml:907 msgid "dyndns_update (boolean)" msgstr "" @@ -8707,7 +8996,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:140 sssd-ad.5.xml:902 +#: sssd-ipa.5.xml:140 sssd-ad.5.xml:921 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" @@ -8722,12 +9011,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:157 sssd-ad.5.xml:913 +#: sssd-ipa.5.xml:157 sssd-ad.5.xml:932 msgid "dyndns_ttl (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:160 sssd-ad.5.xml:916 +#: sssd-ipa.5.xml:160 sssd-ad.5.xml:935 msgid "" "The TTL to apply to the client DNS record when updating it. If " "dyndns_update is false this has no effect. This will override the TTL " @@ -8748,12 +9037,12 @@ msgid "Default: 1200 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:177 sssd-ad.5.xml:927 +#: sssd-ipa.5.xml:177 sssd-ad.5.xml:946 msgid "dyndns_iface (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:180 sssd-ad.5.xml:930 +#: sssd-ipa.5.xml:180 sssd-ad.5.xml:949 msgid "" "Optional. Applicable only when dyndns_update is true. Choose the interface " "or a list of interfaces whose IP addresses should be used for dynamic DNS " @@ -8777,17 +9066,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:197 sssd-ad.5.xml:941 +#: sssd-ipa.5.xml:197 sssd-ad.5.xml:960 msgid "Example: dyndns_iface = em1, vnet1, vnet2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:203 sssd-ad.5.xml:992 +#: sssd-ipa.5.xml:203 sssd-ad.5.xml:1011 msgid "dyndns_auth (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:206 sssd-ad.5.xml:995 +#: sssd-ipa.5.xml:206 sssd-ad.5.xml:1014 msgid "" "Whether the nsupdate utility should use GSS-TSIG authentication for secure " "updates with the DNS server, insecure updates can be sent by setting this " @@ -8795,7 +9084,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:212 sssd-ad.5.xml:1001 +#: sssd-ipa.5.xml:212 sssd-ad.5.xml:1020 msgid "Default: GSS-TSIG" msgstr "" @@ -8823,7 +9112,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:244 sssd-ad.5.xml:947 +#: sssd-ipa.5.xml:244 sssd-ad.5.xml:966 msgid "dyndns_refresh_interval (integer)" msgstr "" @@ -8836,12 +9125,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:260 sssd-ad.5.xml:965 +#: sssd-ipa.5.xml:260 sssd-ad.5.xml:984 msgid "dyndns_update_ptr (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:263 sssd-ad.5.xml:968 +#: sssd-ipa.5.xml:263 sssd-ad.5.xml:987 msgid "" "Whether the PTR record should also be explicitly updated when updating the " "client's DNS records. Applicable only when dyndns_update is true." @@ -8860,60 +9149,60 @@ msgid "Default: False (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:280 sssd-ad.5.xml:979 +#: sssd-ipa.5.xml:280 sssd-ad.5.xml:998 msgid "dyndns_force_tcp (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:283 sssd-ad.5.xml:982 +#: sssd-ipa.5.xml:283 sssd-ad.5.xml:1001 msgid "" "Whether the nsupdate utility should default to using TCP for communicating " "with the DNS server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:287 sssd-ad.5.xml:986 +#: sssd-ipa.5.xml:287 sssd-ad.5.xml:1005 msgid "Default: False (let nsupdate choose the protocol)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:293 sssd-ad.5.xml:1007 +#: sssd-ipa.5.xml:293 sssd-ad.5.xml:1026 msgid "dyndns_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:296 sssd-ad.5.xml:1010 +#: sssd-ipa.5.xml:296 sssd-ad.5.xml:1029 msgid "" "The DNS server to use when performing a DNS update. In most setups, it's " "recommended to leave this option unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:301 sssd-ad.5.xml:1015 +#: sssd-ipa.5.xml:301 sssd-ad.5.xml:1034 msgid "" "Setting this option makes sense for environments where the DNS server is " "different from the identity server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:306 sssd-ad.5.xml:1020 +#: sssd-ipa.5.xml:306 sssd-ad.5.xml:1039 msgid "" "Please note that this option will be only used in fallback attempt when " "previous attempt using autodetected settings failed." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:311 sssd-ad.5.xml:1025 +#: sssd-ipa.5.xml:311 sssd-ad.5.xml:1044 msgid "Default: None (let nsupdate choose the server)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:317 sssd-ad.5.xml:1031 +#: sssd-ipa.5.xml:317 sssd-ad.5.xml:1050 msgid "dyndns_update_per_family (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:320 sssd-ad.5.xml:1034 +#: sssd-ipa.5.xml:320 sssd-ad.5.xml:1053 msgid "" "DNS update is by default performed in two steps - IPv4 update and then IPv6 " "update. In some cases it might be desirable to perform IPv4 and IPv6 update " @@ -9027,26 +9316,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:458 sssd-ad.5.xml:1049 +#: sssd-ipa.5.xml:458 sssd-ad.5.xml:1068 msgid "krb5_confd_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:461 sssd-ad.5.xml:1052 +#: sssd-ipa.5.xml:461 sssd-ad.5.xml:1071 msgid "" "Absolute path of a directory where SSSD should place Kerberos configuration " "snippets." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:465 sssd-ad.5.xml:1056 +#: sssd-ipa.5.xml:465 sssd-ad.5.xml:1075 msgid "" "To disable the creation of the configuration snippets set the parameter to " "'none'." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:469 sssd-ad.5.xml:1060 +#: sssd-ipa.5.xml:469 sssd-ad.5.xml:1079 msgid "Default: not set (krb5.include.d subdirectory of SSSD's pubconf directory)" msgstr "" @@ -9064,7 +9353,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:486 sssd-ipa.5.xml:516 sssd-ipa.5.xml:532 sssd-ad.5.xml:452 +#: sssd-ipa.5.xml:486 sssd-ipa.5.xml:516 sssd-ipa.5.xml:532 sssd-ad.5.xml:471 msgid "Default: 5 (seconds)" msgstr "" @@ -9940,12 +10229,27 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:442 +#: sssd-ad.5.xml:441 +msgid "ad_gpo_ignore_unreadable (boolean)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:444 +msgid "" +"Normally when some group policy containers (AD object) of applicable group " +"policy objects are not readable by SSSD then users are denied access. This " +"option allows to ignore group policy containers and with them associated " +"policies if their attributes in group policy containers are not readable for " +"SSSD." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:461 msgid "ad_gpo_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:445 +#: sssd-ad.5.xml:464 msgid "" "The amount of time between lookups of GPO policy files against the AD " "server. This will reduce the latency and load on the AD server if there are " @@ -9953,12 +10257,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:458 +#: sssd-ad.5.xml:477 msgid "ad_gpo_map_interactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:461 +#: sssd-ad.5.xml:480 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the InteractiveLogonRight and " @@ -9966,14 +10270,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:467 +#: sssd-ad.5.xml:486 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on locally\" and \"Deny log on locally\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:481 +#: sssd-ad.5.xml:500 #, no-wrap msgid "" "ad_gpo_map_interactive = +my_pam_service, -login\n" @@ -9981,7 +10285,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:472 +#: sssd-ad.5.xml:491 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9993,42 +10297,42 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:504 +#: sssd-ad.5.xml:523 msgid "gdm-fingerprint" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:524 +#: sssd-ad.5.xml:543 msgid "lightdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:529 +#: sssd-ad.5.xml:548 msgid "lxdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:534 +#: sssd-ad.5.xml:553 msgid "sddm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:539 +#: sssd-ad.5.xml:558 msgid "unity" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:544 +#: sssd-ad.5.xml:563 msgid "xdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:553 +#: sssd-ad.5.xml:572 msgid "ad_gpo_map_remote_interactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:556 +#: sssd-ad.5.xml:575 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the RemoteInteractiveLogonRight and " @@ -10036,7 +10340,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:562 +#: sssd-ad.5.xml:581 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on through Remote Desktop Services\" and \"Deny log on through Remote " @@ -10044,7 +10348,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:577 +#: sssd-ad.5.xml:596 #, no-wrap msgid "" "ad_gpo_map_remote_interactive = +my_pam_service, -sshd\n" @@ -10052,7 +10356,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:568 +#: sssd-ad.5.xml:587 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -10064,22 +10368,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:585 +#: sssd-ad.5.xml:604 msgid "sshd" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:590 +#: sssd-ad.5.xml:609 msgid "cockpit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:599 +#: sssd-ad.5.xml:618 msgid "ad_gpo_map_network (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:602 +#: sssd-ad.5.xml:621 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the NetworkLogonRight and " @@ -10087,7 +10391,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:608 +#: sssd-ad.5.xml:627 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Access " "this computer from the network\" and \"Deny access to this computer from the " @@ -10095,7 +10399,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:623 +#: sssd-ad.5.xml:642 #, no-wrap msgid "" "ad_gpo_map_network = +my_pam_service, -ftp\n" @@ -10103,7 +10407,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:614 +#: sssd-ad.5.xml:633 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -10115,22 +10419,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:631 +#: sssd-ad.5.xml:650 msgid "ftp" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:636 +#: sssd-ad.5.xml:655 msgid "samba" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:645 +#: sssd-ad.5.xml:664 msgid "ad_gpo_map_batch (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:648 +#: sssd-ad.5.xml:667 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the BatchLogonRight and DenyBatchLogonRight " @@ -10138,14 +10442,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:654 +#: sssd-ad.5.xml:673 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a batch job\" and \"Deny log on as a batch job\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:668 +#: sssd-ad.5.xml:687 #, no-wrap msgid "" "ad_gpo_map_batch = +my_pam_service, -crond\n" @@ -10153,7 +10457,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:659 +#: sssd-ad.5.xml:678 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -10165,22 +10469,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:671 +#: sssd-ad.5.xml:690 msgid "Note: Cron service name may differ depending on Linux distribution used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:677 +#: sssd-ad.5.xml:696 msgid "crond" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:686 +#: sssd-ad.5.xml:705 msgid "ad_gpo_map_service (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:689 +#: sssd-ad.5.xml:708 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the ServiceLogonRight and " @@ -10188,14 +10492,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:695 +#: sssd-ad.5.xml:714 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a service\" and \"Deny log on as a service\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:708 +#: sssd-ad.5.xml:727 #, no-wrap msgid "" "ad_gpo_map_service = +my_pam_service\n" @@ -10203,7 +10507,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:700 sssd-ad.5.xml:775 +#: sssd-ad.5.xml:719 sssd-ad.5.xml:794 msgid "" "It is possible to add a PAM service name to the default set by using " "<quote>+service_name</quote>. Since the default set is empty, it is not " @@ -10214,19 +10518,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:718 +#: sssd-ad.5.xml:737 msgid "ad_gpo_map_permit (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:721 +#: sssd-ad.5.xml:740 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always granted, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:735 +#: sssd-ad.5.xml:754 #, no-wrap msgid "" "ad_gpo_map_permit = +my_pam_service, -sudo\n" @@ -10234,7 +10538,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:726 +#: sssd-ad.5.xml:745 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -10246,29 +10550,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:743 +#: sssd-ad.5.xml:762 msgid "polkit-1" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:758 +#: sssd-ad.5.xml:777 msgid "systemd-user" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:767 +#: sssd-ad.5.xml:786 msgid "ad_gpo_map_deny (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:770 +#: sssd-ad.5.xml:789 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always denied, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:783 +#: sssd-ad.5.xml:802 #, no-wrap msgid "" "ad_gpo_map_deny = +my_pam_service\n" @@ -10276,12 +10580,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:793 +#: sssd-ad.5.xml:812 msgid "ad_gpo_default_right (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:796 +#: sssd-ad.5.xml:815 msgid "" "This option defines how access control is evaluated for PAM service names " "that are not explicitly listed in one of the ad_gpo_map_* options. This " @@ -10294,57 +10598,57 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:809 +#: sssd-ad.5.xml:828 msgid "Supported values for this option include:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:813 +#: sssd-ad.5.xml:832 msgid "interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:818 +#: sssd-ad.5.xml:837 msgid "remote_interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:823 +#: sssd-ad.5.xml:842 msgid "network" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:828 +#: sssd-ad.5.xml:847 msgid "batch" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:833 +#: sssd-ad.5.xml:852 msgid "service" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:838 +#: sssd-ad.5.xml:857 msgid "permit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:843 +#: sssd-ad.5.xml:862 msgid "deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:849 +#: sssd-ad.5.xml:868 msgid "Default: deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:855 +#: sssd-ad.5.xml:874 msgid "ad_maximum_machine_account_password_age (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:858 +#: sssd-ad.5.xml:877 msgid "" "SSSD will check once a day if the machine account password is older than the " "given age in days and try to renew it. A value of 0 will disable the renewal " @@ -10352,17 +10656,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:864 +#: sssd-ad.5.xml:883 msgid "Default: 30 days" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:870 +#: sssd-ad.5.xml:889 msgid "ad_machine_account_password_renewal_opts (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:873 +#: sssd-ad.5.xml:892 msgid "" "This option should only be used to test the machine account renewal " "task. The option expects 2 integers separated by a colon (':'). The first " @@ -10372,12 +10676,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:882 +#: sssd-ad.5.xml:901 msgid "Default: 86400:750 (24h and 15m)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:891 +#: sssd-ad.5.xml:910 msgid "" "Optional. This option tells SSSD to automatically update the Active " "Directory DNS server with the IP address of this client. The update is " @@ -10388,19 +10692,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:921 +#: sssd-ad.5.xml:940 msgid "Default: 3600 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:937 +#: sssd-ad.5.xml:956 msgid "" "Default: Use the IP addresses of the interface which is used for AD LDAP " "connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:950 +#: sssd-ad.5.xml:969 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -10410,12 +10714,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:973 sss_rpcidmapd.5.xml:76 +#: sssd-ad.5.xml:992 sss_rpcidmapd.5.xml:76 msgid "Default: True" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1080 +#: sssd-ad.5.xml:1099 msgid "" "The following example assumes that SSSD is correctly configured and " "example.com is one of the domains in the <replaceable>[sssd]</replaceable> " @@ -10423,7 +10727,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1087 +#: sssd-ad.5.xml:1106 #, no-wrap msgid "" "[domain/EXAMPLE]\n" @@ -10438,7 +10742,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1107 +#: sssd-ad.5.xml:1126 #, no-wrap msgid "" "access_provider = ldap\n" @@ -10447,7 +10751,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1103 +#: sssd-ad.5.xml:1122 msgid "" "The AD access control provider checks if the account is expired. It has the " "same effect as the following configuration of the LDAP provider: " @@ -10455,7 +10759,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1113 +#: sssd-ad.5.xml:1132 msgid "" "However, unless the <quote>ad</quote> access control provider is explicitly " "configured, the default access provider is <quote>permit</quote>. Please " @@ -10465,7 +10769,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1121 +#: sssd-ad.5.xml:1140 msgid "" "When the autofs provider is set to <quote>ad</quote>, the RFC2307 schema " "attribute mapping (nisMap, nisObject, ...) is used, because these attributes " @@ -11953,24 +12257,61 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-krb5.5.xml:505 -msgid "krb5_use_enterprise_principal (boolean)" +msgid "krb5_kdcinfo_lookahead (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:508 msgid "" +"When krb5_use_kdcinfo is set to true, you can limit the amount of servers " +"handed to <citerefentry> " +"<refentrytitle>sssd_krb5_locator_plugin</refentrytitle> " +"<manvolnum>8</manvolnum> </citerefentry>. This might be helpful when there " +"are too many servers discovered using SRV record." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:518 +msgid "" +"The krb5_kdcinfo_lookahead option contains two numbers seperated by a " +"colon. The first number represents number of primary servers used and the " +"second number specifies the number of backup servers." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:524 +msgid "" +"For example <emphasis>10:0</emphasis> means that up to 10 primary servers " +"will be handed to <citerefentry> " +"<refentrytitle>sssd_krb5_locator_plugin</refentrytitle> " +"<manvolnum>8</manvolnum> </citerefentry>. but no backup servers." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:533 +msgid "Default: 3:1" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-krb5.5.xml:539 +msgid "krb5_use_enterprise_principal (boolean)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:542 +msgid "" "Specifies if the user principal should be treated as enterprise " "principal. See section 5 of RFC 6806 for more details about enterprise " "principals." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:514 +#: sssd-krb5.5.xml:548 msgid "Default: false (AD provider: true)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:517 +#: sssd-krb5.5.xml:551 msgid "" "The IPA provider will set to option to 'true' if it detects that the server " "is capable of handling enterprise principals and the option is not set " @@ -11978,12 +12319,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:526 +#: sssd-krb5.5.xml:560 msgid "krb5_map_user (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:529 +#: sssd-krb5.5.xml:563 msgid "" "The list of mappings is given as a comma-separated list of pairs " "<quote>username:primary</quote> where <quote>username</quote> is a UNIX user " @@ -11993,7 +12334,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-krb5.5.xml:541 +#: sssd-krb5.5.xml:575 #, no-wrap msgid "" "krb5_realm = REALM\n" @@ -12001,7 +12342,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:546 +#: sssd-krb5.5.xml:580 msgid "" "<quote>joe</quote> and <quote>dick</quote> are UNIX user names and " "<quote>juser</quote> and <quote>richard</quote> are primaries of kerberos " @@ -12022,7 +12363,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:572 +#: sssd-krb5.5.xml:606 msgid "" "The following example assumes that SSSD is correctly configured and FOO is " "one of the domains in the <replaceable>[sssd]</replaceable> section. This " @@ -12031,7 +12372,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-krb5.5.xml:580 +#: sssd-krb5.5.xml:614 #, no-wrap msgid "" "[domain/FOO]\n" diff --git a/src/man/po/sv.po b/src/man/po/sv.po index 4138d5fa646..1fe6d969bf2 100644 --- a/src/man/po/sv.po +++ b/src/man/po/sv.po @@ -1,9 +1,9 @@ # Göran Uddeborg <goeran@uddeborg.se>, 2018. #zanata msgid "" msgstr "" -"Project-Id-Version: sssd-docs 1.16.2\n" +"Project-Id-Version: sssd-docs 2.0.99\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2019-02-27 19:54+0100\n" +"POT-Creation-Date: 2019-06-13 20:34+0200\n" "PO-Revision-Date: 2018-07-31 12:14+0000\n" "Last-Translator: Göran Uddeborg <goeran@uddeborg.se>\n" "Language-Team: Swedish\n" @@ -341,11 +341,11 @@ msgstr "" "aktiverat för SSSD-felsökningsloggning igoreras denna flagga." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:133 sssd.conf.5.xml:579 sssd.conf.5.xml:875 -#: sssd.conf.5.xml:1648 sssd.conf.5.xml:1678 sssd-ldap.5.xml:1792 -#: sssd-ldap.5.xml:1889 sssd-ldap.5.xml:1951 sssd-ldap.5.xml:2517 -#: sssd-ldap.5.xml:2582 sssd-ipa.5.xml:326 sssd-ad.5.xml:227 sssd-ad.5.xml:341 -#: sssd-ad.5.xml:907 sssd-ad.5.xml:1040 sssd-krb5.5.xml:499 +#: sssd.conf.5.xml:133 sssd.conf.5.xml:579 sssd.conf.5.xml:876 +#: sssd.conf.5.xml:1649 sssd.conf.5.xml:1679 sssd-ldap.5.xml:1849 +#: sssd-ldap.5.xml:1947 sssd-ldap.5.xml:2009 sssd-ldap.5.xml:2586 +#: sssd-ldap.5.xml:2651 sssd-ipa.5.xml:326 sssd-ad.5.xml:227 sssd-ad.5.xml:341 +#: sssd-ad.5.xml:926 sssd-ad.5.xml:1059 sssd-krb5.5.xml:499 #: sssd-secrets.5.xml:351 sssd-secrets.5.xml:364 msgid "Default: true" msgstr "Standard: true" @@ -366,16 +366,16 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:146 sssd.conf.5.xml:576 sssd.conf.5.xml:758 -#: sssd.conf.5.xml:1581 sssd.conf.5.xml:3140 sssd-ldap.5.xml:708 -#: sssd-ldap.5.xml:1655 sssd-ldap.5.xml:1674 sssd-ldap.5.xml:1861 -#: sssd-ldap.5.xml:2287 sssd-ldap.5.xml:2606 sssd-ipa.5.xml:151 +#: sssd.conf.5.xml:1582 sssd.conf.5.xml:3207 sssd-ldap.5.xml:746 +#: sssd-ldap.5.xml:1700 sssd-ldap.5.xml:1719 sssd-ldap.5.xml:1919 +#: sssd-ldap.5.xml:2345 sssd-ldap.5.xml:2675 sssd-ipa.5.xml:151 #: sssd-ipa.5.xml:238 sssd-ipa.5.xml:574 sssd-krb5.5.xml:266 #: sssd-krb5.5.xml:300 sssd-krb5.5.xml:471 msgid "Default: false" msgstr "Standard: false" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:2325 +#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:2383 #: sssd-systemtap.5.xml:82 sssd-systemtap.5.xml:143 sssd-systemtap.5.xml:210 #: sssd-systemtap.5.xml:248 sssd-systemtap.5.xml:304 msgid "<placeholder type=\"variablelist\" id=\"0\"/>" @@ -403,8 +403,8 @@ msgstr "" "att efter tre missade hjärtslag kommer processen avsluta sig själv." #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:169 sssd.conf.5.xml:1412 sssd.conf.5.xml:3156 -#: sssd-ldap.5.xml:1526 include/ldap_id_mapping.xml:264 +#: sssd.conf.5.xml:169 sssd.conf.5.xml:1413 sssd.conf.5.xml:3223 +#: sssd-ldap.5.xml:1571 include/ldap_id_mapping.xml:264 msgid "Default: 10" msgstr "Standard: 10" @@ -419,7 +419,7 @@ msgid "The [sssd] section" msgstr "Sektionen [sssd]" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:191 sssd.conf.5.xml:3245 +#: sssd.conf.5.xml:191 sssd.conf.5.xml:3312 msgid "Section parameters" msgstr "Sektionsparametrar" @@ -520,7 +520,7 @@ msgstr "" "understrykningstecken." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:259 sssd.conf.5.xml:2754 +#: sssd.conf.5.xml:259 sssd.conf.5.xml:2755 msgid "re_expression (string)" msgstr "re_expression (sträng)" @@ -545,12 +545,12 @@ msgstr "" "för mer information om dessa reguljära uttryck." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:276 sssd.conf.5.xml:2802 +#: sssd.conf.5.xml:276 sssd.conf.5.xml:2803 msgid "full_name_format (string)" msgstr "full_name_format (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:279 sssd.conf.5.xml:2805 +#: sssd.conf.5.xml:279 sssd.conf.5.xml:2806 msgid "" "A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" "manvolnum> </citerefentry>-compatible format that describes how to compose a " @@ -561,32 +561,32 @@ msgstr "" "samman ett fullständigt kvalificerat namn från namn- och domänkomponenter." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:290 sssd.conf.5.xml:2816 +#: sssd.conf.5.xml:290 sssd.conf.5.xml:2817 msgid "%1$s" msgstr "%1$s" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:291 sssd.conf.5.xml:2817 +#: sssd.conf.5.xml:291 sssd.conf.5.xml:2818 msgid "user name" msgstr "användarnamn" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:294 sssd.conf.5.xml:2820 +#: sssd.conf.5.xml:294 sssd.conf.5.xml:2821 msgid "%2$s" msgstr "%2$s" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:297 sssd.conf.5.xml:2823 +#: sssd.conf.5.xml:297 sssd.conf.5.xml:2824 msgid "domain name as specified in the SSSD config file." msgstr "domännamn som det anges i SSSD-konfigurationsfilen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:303 sssd.conf.5.xml:2829 +#: sssd.conf.5.xml:303 sssd.conf.5.xml:2830 msgid "%3$s" msgstr "%3$s" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:306 sssd.conf.5.xml:2832 +#: sssd.conf.5.xml:306 sssd.conf.5.xml:2833 msgid "" "domain flat name. Mostly usable for Active Directory domains, both directly " "configured or discovered via IPA trusts." @@ -595,7 +595,7 @@ msgstr "" "både direkt konfigurerade eller hittade via IPA-förtroenden." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:287 sssd.conf.5.xml:2813 +#: sssd.conf.5.xml:287 sssd.conf.5.xml:2814 msgid "" "The following expansions are supported: <placeholder type=\"variablelist\" " "id=\"0\"/>" @@ -761,10 +761,10 @@ msgstr "" "till False." #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:418 sssd.conf.5.xml:1201 sssd-ldap.5.xml:679 -#: sssd-ldap.5.xml:1260 sssd-ldap.5.xml:1614 sssd-ldap.5.xml:1626 -#: sssd-ldap.5.xml:1708 sssd-ad.5.xml:712 sssd-ad.5.xml:787 sssd.8.xml:126 -#: sssd-krb5.5.xml:410 sssd-krb5.5.xml:556 sssd-secrets.5.xml:339 +#: sssd.conf.5.xml:418 sssd.conf.5.xml:1202 sssd-ldap.5.xml:717 +#: sssd-ldap.5.xml:1298 sssd-ldap.5.xml:1659 sssd-ldap.5.xml:1671 +#: sssd-ldap.5.xml:1763 sssd-ad.5.xml:731 sssd-ad.5.xml:806 sssd.8.xml:126 +#: sssd-krb5.5.xml:410 sssd-krb5.5.xml:590 sssd-secrets.5.xml:339 #: sssd-secrets.5.xml:377 sssd-secrets.5.xml:390 sssd-secrets.5.xml:404 #: sssd-secrets.5.xml:415 include/ldap_id_mapping.xml:205 #: include/ldap_id_mapping.xml:216 @@ -862,16 +862,10 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:482 -#, fuzzy -#| msgid "" -#| "This option must be used together with " -#| "ocsp_default_responder_signing_cert." msgid "" "(NSS Version) This option must be used together with " "ocsp_default_responder_signing_cert." msgstr "" -"Detta alternativ måste användas tillsammans med " -"ocsp_default_responder_signing_cert." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:490 @@ -880,19 +874,11 @@ msgstr "ocsp_default_responder_signing_cert=NAMN" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:492 -#, fuzzy -#| msgid "" -#| "The nickname of the cert to trust (expected) to sign the OCSP responses. " -#| "The certificate with the given nickname must be available in the systems " -#| "NSS database." msgid "" "(NSS Version) The nickname of the cert to trust (expected) to sign the OCSP " "responses. The certificate with the given nickname must be available in the " "systems NSS database." msgstr "" -"Smeknamnet på certifikatet att lita på att (förväntas) signera OCSP-svaren. " -"Certifikatet med det angivna smeknamnet måste vara tillgänglig i systemets " -"NSS-databas." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:497 @@ -913,41 +899,21 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:509 -#, fuzzy -#| msgid "" -#| "<quote>ipa</quote> to load maps stored in an IPA server. See " -#| "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" -#| "manvolnum> </citerefentry> for more information on configuring IPA." msgid "" "(NSS Version) This option is ignored, please see <citerefentry> " "<refentrytitle>crlutil</refentrytitle> <manvolnum>1</manvolnum> </" "citerefentry> how to import a Certificate Revocation List (CRL) into a NSS " "database." msgstr "" -"<quote>ipa</quote> för att läsa mappar lagrade i en IPA-server. Se " -"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> för mer information om att konfigurera IPA." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:518 -#, fuzzy -#| msgid "" -#| "If set to true the <command>sss_ssh_authorizedkeys</command> will return " -#| "ssh keys derived from the public key of X.509 certificates stored in the " -#| "user entry as well. See <citerefentry> " -#| "<refentrytitle>sss_ssh_authorizedkeys</refentrytitle> <manvolnum>1</" -#| "manvolnum> </citerefentry> for details." msgid "" "(OpenSSL Version) Use the Certificate Revocation List (CRL) from the given " "file during the verification of the certificate. The CRL must be given in " "PEM format, see <citerefentry> <refentrytitle>crl</refentrytitle> " "<manvolnum>1ssl</manvolnum> </citerefentry> for details." msgstr "" -"Om satt till true true kommer <command>sss_ssh_authorizedkeys</command> " -"returnera ssh-nycklar härledda från den publika nyckeln i X.509-certifikat " -"även lagrade in användarposten. Se <citerefentry> " -"<refentrytitle>sss_ssh_authorizedkeys</refentrytitle> <manvolnum>1</" -"manvolnum> </citerefentry> för detaljer." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:451 @@ -961,12 +927,12 @@ msgstr "" "type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:533 sssd.conf.5.xml:1397 sssd.conf.5.xml:1703 +#: sssd.conf.5.xml:533 sssd.conf.5.xml:1398 sssd.conf.5.xml:1704 msgid "This man page was generated for the NSS version." msgstr "Denna manualsida genererades för NSS-versionen." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:536 sssd.conf.5.xml:1400 sssd.conf.5.xml:1706 +#: sssd.conf.5.xml:536 sssd.conf.5.xml:1401 sssd.conf.5.xml:1707 msgid "This man page was generated for the OpenSSL version." msgstr "Denna manualsida genererades för OpenSSL-versionen." @@ -1075,7 +1041,7 @@ msgstr "" "användarnamn kan överlappa mellan domäner." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:624 sssd.conf.5.xml:1424 sssd.conf.5.xml:3206 +#: sssd.conf.5.xml:624 sssd.conf.5.xml:1425 sssd.conf.5.xml:3273 #: sssd-ad.5.xml:164 sssd-ad.5.xml:302 sssd-ad.5.xml:316 msgid "Default: Not set" msgstr "Standard: inte satt" @@ -1171,8 +1137,8 @@ msgstr "" "konfigureras kommer det att justeras till 10 sekunder." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:692 sssd.conf.5.xml:724 sssd.conf.5.xml:1006 -#: sssd.conf.5.xml:1267 sssd.conf.5.xml:1513 sssd-ldap.5.xml:1353 +#: sssd.conf.5.xml:692 sssd.conf.5.xml:724 sssd.conf.5.xml:1007 +#: sssd.conf.5.xml:1268 sssd.conf.5.xml:1514 sssd-ldap.5.xml:1391 msgid "Default: 60" msgstr "Standard: 60" @@ -1247,8 +1213,8 @@ msgstr "" "antingen uttags- eller D-Bus-aktiverade." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:746 sssd.conf.5.xml:1019 sssd.conf.5.xml:1773 -#: sssd-ldap.5.xml:722 +#: sssd.conf.5.xml:746 sssd.conf.5.xml:1020 sssd.conf.5.xml:1774 +#: sssd-ldap.5.xml:760 msgid "Default: 300" msgstr "Standard: 300" @@ -1343,7 +1309,7 @@ msgstr "" "(0 avaktiverar denna funktion)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:812 sssd.conf.5.xml:1602 +#: sssd.conf.5.xml:812 sssd.conf.5.xml:1603 msgid "Default: 50" msgstr "Standard: 50" @@ -1364,7 +1330,7 @@ msgstr "" "bakänden tillfrågas igen." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:826 sssd.conf.5.xml:1626 +#: sssd.conf.5.xml:826 sssd.conf.5.xml:1627 msgid "Default: 15" msgstr "Standard: 15" @@ -1396,11 +1362,17 @@ msgstr "filter_users, filter_groups (sträng)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:848 +#, fuzzy +#| msgid "" +#| "Exclude certain users or groups from being fetched from the sss NSS " +#| "database. This is particularly useful for system accounts. This option " +#| "can also be set per-domain or include fully-qualified names to filter " +#| "only users from the particular domain." msgid "" "Exclude certain users or groups from being fetched from the sss NSS " "database. This is particularly useful for system accounts. This option can " "also be set per-domain or include fully-qualified names to filter only users " -"from the particular domain." +"from the particular domain or by a user principal name (UPN)." msgstr "" "Uteslut vissa användare eller grupper från att hämtas från sss NSS-" "databasen. Detta är särskilt användbart för systemkonton. Detta alternativ " @@ -1408,7 +1380,7 @@ msgstr "" "för att filtrera endast användare från den angivna domänen." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:855 +#: sssd.conf.5.xml:856 msgid "" "NOTE: The filter_groups option doesn't affect inheritance of nested group " "members, since filtering happens after they are propagated for returning via " @@ -1421,17 +1393,17 @@ msgstr "" "kommer fortfarande ha medlemsanvändarna i den senare listade." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:863 +#: sssd.conf.5.xml:864 msgid "Default: root" msgstr "Standard: root" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:868 +#: sssd.conf.5.xml:869 msgid "filter_users_in_groups (bool)" msgstr "filter_users_in_groups (bool)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:871 +#: sssd.conf.5.xml:872 msgid "" "If you want filtered user still be group members set this option to false." msgstr "" @@ -1439,12 +1411,12 @@ msgstr "" "sätt då detta alternativ till false." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:882 +#: sssd.conf.5.xml:883 msgid "fallback_homedir (string)" msgstr "fallback_homedir (sträng)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:885 +#: sssd.conf.5.xml:886 msgid "" "Set a default template for a user's home directory if one is not specified " "explicitly by the domain's data provider." @@ -1453,7 +1425,7 @@ msgstr "" "anges av domänens dataleverantör." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:890 +#: sssd.conf.5.xml:891 msgid "" "The available values for this option are the same as for override_homedir." msgstr "" @@ -1461,7 +1433,7 @@ msgstr "" "override_homedir." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:896 +#: sssd.conf.5.xml:897 #, no-wrap msgid "" "fallback_homedir = /home/%u\n" @@ -1471,23 +1443,23 @@ msgstr "" " " #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:894 sssd.conf.5.xml:1334 sssd.conf.5.xml:1353 -#: sssd-krb5.5.xml:539 include/override_homedir.xml:59 +#: sssd.conf.5.xml:895 sssd.conf.5.xml:1335 sssd.conf.5.xml:1354 +#: sssd-krb5.5.xml:573 include/override_homedir.xml:59 msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "exempel: <placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:900 +#: sssd.conf.5.xml:901 msgid "Default: not set (no substitution for unset home directories)" msgstr "Standard: inte satt (ingen ersättning för ej angivna hemkataloger)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:906 +#: sssd.conf.5.xml:907 msgid "override_shell (string)" msgstr "override_shell (sträng)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:909 +#: sssd.conf.5.xml:910 msgid "" "Override the login shell for all users. This option supersedes any other " "shell options if it takes effect and can be set either in the [nss] section " @@ -1498,30 +1470,30 @@ msgstr "" "sektionen [nss] eller per domän." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:915 +#: sssd.conf.5.xml:916 msgid "Default: not set (SSSD will use the value retrieved from LDAP)" msgstr "" "Standard: inte angivet (SSSD kommer använda värdet som hämtats från LDAP)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:921 +#: sssd.conf.5.xml:922 msgid "allowed_shells (string)" msgstr "allowed_shells (sträng)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:924 +#: sssd.conf.5.xml:925 msgid "" "Restrict user shell to one of the listed values. The order of evaluation is:" msgstr "" "Begränsa användarskal till en av de listade värdena. Beräkningsordningen är:" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:927 +#: sssd.conf.5.xml:928 msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used." msgstr "1. Om skalet finns i <quote>/etc/shells</quote> används det." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:931 +#: sssd.conf.5.xml:932 msgid "" "2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</" "quote>, use the value of the shell_fallback parameter." @@ -1530,7 +1502,7 @@ msgstr "" "quote>, använd värdet på parametern shell_fallback." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:936 +#: sssd.conf.5.xml:937 msgid "" "3. If the shell is not in the allowed_shells list and not in <quote>/etc/" "shells</quote>, a nologin shell is used." @@ -1539,12 +1511,12 @@ msgstr "" "shells</quote> används ett nologin-skal." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:941 +#: sssd.conf.5.xml:942 msgid "The wildcard (*) can be used to allow any shell." msgstr "Jokertecknet (*) kan användas för att tillåta godtyckligt skal." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:944 +#: sssd.conf.5.xml:945 msgid "" "The (*) is useful if you want to use shell_fallback in case that user's " "shell is not in <quote>/etc/shells</quote> and maintaining list of all " @@ -1555,12 +1527,12 @@ msgstr "" "alla skal i allowed_shells skulle vara för mycket overhead." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:951 +#: sssd.conf.5.xml:952 msgid "An empty string for shell is passed as-is to libc." msgstr "En tom sträng som skal skickas som den är till libc." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:954 +#: sssd.conf.5.xml:955 msgid "" "The <quote>/etc/shells</quote> is only read on SSSD start up, which means " "that a restart of the SSSD is required in case a new shell is installed." @@ -1569,27 +1541,27 @@ msgstr "" "att en omstart av SSSD behövs ifall ett nytt skal installeras." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:958 +#: sssd.conf.5.xml:959 msgid "Default: Not set. The user shell is automatically used." msgstr "Standard: inte satt. Användarens skal används automatiskt." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:963 +#: sssd.conf.5.xml:964 msgid "vetoed_shells (string)" msgstr "vetoed_shells (sträng)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:966 +#: sssd.conf.5.xml:967 msgid "Replace any instance of these shells with the shell_fallback" msgstr "Ersätt alla instanser av dessa skal med shell_fallback" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:971 +#: sssd.conf.5.xml:972 msgid "shell_fallback (string)" msgstr "shell_fallback (sträng)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:974 +#: sssd.conf.5.xml:975 msgid "" "The default shell to use if an allowed shell is not installed on the machine." msgstr "" @@ -1597,17 +1569,17 @@ msgstr "" "maskinen." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:978 +#: sssd.conf.5.xml:979 msgid "Default: /bin/sh" msgstr "Standard: /bin/sh" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:983 +#: sssd.conf.5.xml:984 msgid "default_shell" msgstr "default_shell" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:986 +#: sssd.conf.5.xml:987 msgid "" "The default shell to use if the provider does not return one during lookup. " "This option can be specified globally in the [nss] section or per-domain." @@ -1617,7 +1589,7 @@ msgstr "" "per domän." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:992 +#: sssd.conf.5.xml:993 msgid "" "Default: not set (Return NULL if no shell is specified and rely on libc to " "substitute something sensible when necessary, usually /bin/sh)" @@ -1626,12 +1598,12 @@ msgstr "" "libc ersätter med något rimligt när nödvändigt, vanligen /bin/sh)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:999 sssd.conf.5.xml:1260 +#: sssd.conf.5.xml:1000 sssd.conf.5.xml:1261 msgid "get_domains_timeout (int)" msgstr "get_domains_timeout (heltal)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1002 sssd.conf.5.xml:1263 +#: sssd.conf.5.xml:1003 sssd.conf.5.xml:1264 msgid "" "Specifies time in seconds for which the list of subdomains will be " "considered valid." @@ -1640,12 +1612,12 @@ msgstr "" "som giltiga." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1011 +#: sssd.conf.5.xml:1012 msgid "memcache_timeout (int)" msgstr "memcache_timeout (heltal)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1014 +#: sssd.conf.5.xml:1015 msgid "" "Specifies time in seconds for which records in the in-memory cache will be " "valid. Setting this option to zero will disable the in-memory cache." @@ -1655,7 +1627,7 @@ msgstr "" "minnet." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1022 +#: sssd.conf.5.xml:1023 msgid "" "WARNING: Disabling the in-memory cache will have significant negative impact " "on SSSD's performance and should only be used for testing." @@ -1664,7 +1636,7 @@ msgstr "" "påverkan på SSSDs prestanda och skall bara användas för testning." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1028 +#: sssd.conf.5.xml:1029 msgid "" "NOTE: If the environment variable SSS_NSS_USE_MEMCACHE is set to \"NO\", " "client applications will not use the fast in-memory cache." @@ -1673,12 +1645,12 @@ msgstr "" "klientprogram inte använda den snabba cachen i minnet." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1036 sssd-ifp.5.xml:74 +#: sssd.conf.5.xml:1037 sssd-ifp.5.xml:74 msgid "user_attributes (string)" msgstr "user_attributes (sträng)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1039 +#: sssd.conf.5.xml:1040 msgid "" "Some of the additional NSS responder requests can return more attributes " "than just the POSIX ones defined by the NSS interface. The list of " @@ -1695,7 +1667,7 @@ msgstr "" "citerefentry> för detaljer) men utan standardvärden." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1052 +#: sssd.conf.5.xml:1053 msgid "" "To make configuration more easy the NSS responder will check the InfoPipe " "option if it is not set for the NSS responder." @@ -1704,17 +1676,17 @@ msgstr "" "InfoPipe-altenativet om det inte är satt för NSS-respondenten." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1057 +#: sssd.conf.5.xml:1058 msgid "Default: not set, fallback to InfoPipe option" msgstr "Standard: inte satt, gåtillbaka till InfoPipe-alternativet" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1062 +#: sssd.conf.5.xml:1063 msgid "pwfield (string)" msgstr "pwfield (sträng)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1065 +#: sssd.conf.5.xml:1066 msgid "" "The value that NSS operations that return users or groups will return for " "the <quote>password</quote> field." @@ -1723,12 +1695,12 @@ msgstr "" "returnera i fältet <quote>password</quote>." #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:1070 include/override_homedir.xml:56 +#: sssd.conf.5.xml:1071 include/override_homedir.xml:56 msgid "This option can also be set per-domain." msgstr "Detta alternativ kan även sättas per domän." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1073 +#: sssd.conf.5.xml:1074 msgid "" "Default: <quote>*</quote> (remote domains) or <quote>x</quote> (the files " "domain)" @@ -1737,12 +1709,12 @@ msgstr "" "(fildomänerna)" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1081 +#: sssd.conf.5.xml:1082 msgid "PAM configuration options" msgstr "PAM-konfigurationsalternativ" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1083 +#: sssd.conf.5.xml:1084 msgid "" "These options can be used to configure the Pluggable Authentication Module " "(PAM) service." @@ -1751,12 +1723,12 @@ msgstr "" "Authentication Module (PAM)." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1088 +#: sssd.conf.5.xml:1089 msgid "offline_credentials_expiration (integer)" msgstr "offline_credentials_expiration (heltal)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1091 +#: sssd.conf.5.xml:1092 msgid "" "If the authentication provider is offline, how long should we allow cached " "logins (in days since the last successful online login)." @@ -1766,17 +1738,17 @@ msgstr "" "inloggningen)." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1096 sssd.conf.5.xml:1109 +#: sssd.conf.5.xml:1097 sssd.conf.5.xml:1110 msgid "Default: 0 (No limit)" msgstr "Standard: 0 (ingen gräns)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1102 +#: sssd.conf.5.xml:1103 msgid "offline_failed_login_attempts (integer)" msgstr "offline_failed_login_attempts (heltal)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1105 +#: sssd.conf.5.xml:1106 msgid "" "If the authentication provider is offline, how many failed login attempts " "are allowed." @@ -1785,12 +1757,12 @@ msgstr "" "inloggningsförsök är tillåtna." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1115 +#: sssd.conf.5.xml:1116 msgid "offline_failed_login_delay (integer)" msgstr "offline_failed_login_delay (heltal)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1118 +#: sssd.conf.5.xml:1119 msgid "" "The time in minutes which has to pass after offline_failed_login_attempts " "has been reached before a new login attempt is possible." @@ -1799,7 +1771,7 @@ msgstr "" "har nåtts före ett nytt inloggningsförsök är möjligt." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1123 +#: sssd.conf.5.xml:1124 msgid "" "If set to 0 the user cannot authenticate offline if " "offline_failed_login_attempts has been reached. Only a successful online " @@ -1810,17 +1782,17 @@ msgstr "" "autentisering kan aktivera autentisering utan uppkoppling igen." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1129 sssd.conf.5.xml:1227 +#: sssd.conf.5.xml:1130 sssd.conf.5.xml:1228 msgid "Default: 5" msgstr "Standard: 5" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1135 +#: sssd.conf.5.xml:1136 msgid "pam_verbosity (integer)" msgstr "pam_verbosity (heltal)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1138 +#: sssd.conf.5.xml:1139 msgid "" "Controls what kind of messages are shown to the user during authentication. " "The higher the number to more messages are displayed." @@ -1829,43 +1801,43 @@ msgstr "" "Ju högre tal desto fler meddelanden visas." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1143 +#: sssd.conf.5.xml:1144 msgid "Currently sssd supports the following values:" msgstr "För närvarande stödjs följande värden:" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1146 +#: sssd.conf.5.xml:1147 msgid "<emphasis>0</emphasis>: do not show any message" msgstr "<emphasis>0</emphasis>: visa inte några meddelanden" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1149 +#: sssd.conf.5.xml:1150 msgid "<emphasis>1</emphasis>: show only important messages" msgstr "<emphasis>1</emphasis>: visa endast viktiga meddelanden" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1153 +#: sssd.conf.5.xml:1154 msgid "<emphasis>2</emphasis>: show informational messages" msgstr "<emphasis>2</emphasis>: visa informationsmeddelanden" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1156 +#: sssd.conf.5.xml:1157 msgid "<emphasis>3</emphasis>: show all messages and debug information" msgstr "" "<emphasis>3</emphasis>: visa alla meddelanden och felsökningsinformation" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1160 sssd.8.xml:63 +#: sssd.conf.5.xml:1161 sssd.8.xml:63 msgid "Default: 1" msgstr "Standard: 1" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1166 +#: sssd.conf.5.xml:1167 msgid "pam_response_filter (integer)" msgstr "pam_response_filter (heltal)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1169 +#: sssd.conf.5.xml:1170 msgid "" "A comma separated list of strings which allows to remove (filter) data sent " "by the PAM responder to pam_sss PAM module. There are different kind of " @@ -1878,7 +1850,7 @@ msgstr "" "användaren eller miljövariabler som skall sättas av pam_sss." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1177 +#: sssd.conf.5.xml:1178 msgid "" "While messages already can be controlled with the help of the pam_verbosity " "option this option allows to filter out other kind of responses as well." @@ -1887,37 +1859,37 @@ msgstr "" "gör detta alternativ att man kan filtrera ut andra sorters svar dessutom." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1184 +#: sssd.conf.5.xml:1185 msgid "ENV" msgstr "ENV" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1185 +#: sssd.conf.5.xml:1186 msgid "Do not send any environment variables to any service." msgstr "Skicka inte några miljövariabler till någon tjänst." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1188 +#: sssd.conf.5.xml:1189 msgid "ENV:var_name" msgstr "ENV:varnamn" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1189 +#: sssd.conf.5.xml:1190 msgid "Do not send environment variable var_name to any service." msgstr "Skicka inte miljövariableln varnamn till någon tjänst." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1193 +#: sssd.conf.5.xml:1194 msgid "ENV:var_name:service" msgstr "ENV:varnamn:tjänst" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1194 +#: sssd.conf.5.xml:1195 msgid "Do not send environment variable var_name to service." msgstr "Skicka inte miljövariabeln varnamn till tjänst." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1182 +#: sssd.conf.5.xml:1183 msgid "" "Currently the following filters are supported: <placeholder type=" "\"variablelist\" id=\"0\"/>" @@ -1926,17 +1898,17 @@ msgstr "" "\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1204 +#: sssd.conf.5.xml:1205 msgid "Example: ENV:KRB5CCNAME:sudo-i" msgstr "Example: ENV:KRB5CCNAME:sudo-i" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1210 +#: sssd.conf.5.xml:1211 msgid "pam_id_timeout (integer)" msgstr "pam_id_timeout (heltal)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1213 +#: sssd.conf.5.xml:1214 msgid "" "For any PAM request while SSSD is online, the SSSD will attempt to " "immediately update the cached identity information for the user in order to " @@ -1947,7 +1919,7 @@ msgstr "" "till att autentisering sker med den senaste informationen." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1219 +#: sssd.conf.5.xml:1220 msgid "" "A complete PAM conversation may perform multiple PAM requests, such as " "account management and session opening. This option controls (on a per-" @@ -1961,17 +1933,17 @@ msgstr "" "identitetsleverantören." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1233 +#: sssd.conf.5.xml:1234 msgid "pam_pwd_expiration_warning (integer)" msgstr "pam_pwd_expiration_warning (heltal)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1236 sssd.conf.5.xml:2235 +#: sssd.conf.5.xml:1237 sssd.conf.5.xml:2236 msgid "Display a warning N days before the password expires." msgstr "Visa en varning N dagar före lösenordet går ut." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1239 +#: sssd.conf.5.xml:1240 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -1981,7 +1953,7 @@ msgstr "" "lösenordet. Om denna information saknas kan sssd inte visa någon varning." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1245 sssd.conf.5.xml:2238 +#: sssd.conf.5.xml:1246 sssd.conf.5.xml:2239 msgid "" "If zero is set, then this filter is not applied, i.e. if the expiration " "warning was received from backend server, it will automatically be displayed." @@ -1990,7 +1962,7 @@ msgstr "" "mottogs från bakändeserver kommer den automatiskt visas." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1250 +#: sssd.conf.5.xml:1251 msgid "" "This setting can be overridden by setting <emphasis>pwd_expiration_warning</" "emphasis> for a particular domain." @@ -1999,17 +1971,17 @@ msgstr "" "<emphasis>pwd_expiration_warning</emphasis> för en viss domän." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1255 sssd.conf.5.xml:3061 sssd.8.xml:79 +#: sssd.conf.5.xml:1256 sssd.conf.5.xml:3069 sssd.8.xml:79 msgid "Default: 0" msgstr "Standard: 0" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1272 +#: sssd.conf.5.xml:1273 msgid "pam_trusted_users (string)" msgstr "pam_trusted_users (sträng)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1275 +#: sssd.conf.5.xml:1276 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to run PAM conversations against trusted domains. Users not " @@ -2024,12 +1996,12 @@ msgstr "" "UID vid uppstart." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1285 +#: sssd.conf.5.xml:1286 msgid "Default: All users are considered trusted by default" msgstr "Standard: alla användare betraktas som betrodda som standard" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1289 +#: sssd.conf.5.xml:1290 msgid "" "Please note that UID 0 is always allowed to access the PAM responder even in " "case it is not in the pam_trusted_users list." @@ -2038,12 +2010,12 @@ msgstr "" "inte är i listan pam_trusted_users." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1296 +#: sssd.conf.5.xml:1297 msgid "pam_public_domains (string)" msgstr "pam_public_domains (sträng)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1299 +#: sssd.conf.5.xml:1300 msgid "" "Specifies the comma-separated list of domain names that are accessible even " "to untrusted users." @@ -2052,20 +2024,20 @@ msgstr "" "betrodda användare." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1303 +#: sssd.conf.5.xml:1304 msgid "Two special values for pam_public_domains option are defined:" msgstr "" "Två speciella värden för alternativet pam_public_domains är definierade:" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1307 +#: sssd.conf.5.xml:1308 msgid "" "all (Untrusted users are allowed to access all domains in PAM responder.)" msgstr "" "all (Ej betrodda användare tillåts komma åt alla domäner i PAM-respondenten.)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1311 +#: sssd.conf.5.xml:1312 msgid "" "none (Untrusted users are not allowed to access any domains PAM in " "responder.)" @@ -2074,19 +2046,19 @@ msgstr "" "respondenten.)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1315 sssd.conf.5.xml:1340 sssd.conf.5.xml:1359 -#: sssd.conf.5.xml:1546 sssd.conf.5.xml:2032 sssd.conf.5.xml:2997 -#: sssd-ldap.5.xml:1920 +#: sssd.conf.5.xml:1316 sssd.conf.5.xml:1341 sssd.conf.5.xml:1360 +#: sssd.conf.5.xml:1547 sssd.conf.5.xml:2033 sssd.conf.5.xml:2998 +#: sssd-ldap.5.xml:1978 msgid "Default: none" msgstr "Standard: none" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1320 +#: sssd.conf.5.xml:1321 msgid "pam_account_expired_message (string)" msgstr "pam_account_expired_message (sträng)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1323 +#: sssd.conf.5.xml:1324 msgid "" "Allows a custom expiration message to be set, replacing the default " "'Permission denied' message." @@ -2095,7 +2067,7 @@ msgstr "" "standardmeddelandet ”åtkomst nekas”." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1328 +#: sssd.conf.5.xml:1329 msgid "" "Note: Please be aware that message is only printed for the SSH service " "unless pam_verbosity is set to 3 (show all messages and debug information)." @@ -2105,7 +2077,7 @@ msgstr "" "felsökningsinformation)." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1336 +#: sssd.conf.5.xml:1337 #, no-wrap msgid "" "pam_account_expired_message = Account expired, please contact help desk.\n" @@ -2115,12 +2087,12 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1345 +#: sssd.conf.5.xml:1346 msgid "pam_account_locked_message (string)" msgstr "pam_account_locked_message (sträng)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1348 +#: sssd.conf.5.xml:1349 msgid "" "Allows a custom lockout message to be set, replacing the default 'Permission " "denied' message." @@ -2129,7 +2101,7 @@ msgstr "" "standardmeddelandet ”åtkomst nekas”." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1355 +#: sssd.conf.5.xml:1356 #, no-wrap msgid "" "pam_account_locked_message = Account locked, please contact help desk.\n" @@ -2137,12 +2109,12 @@ msgid "" msgstr "pam_account_locked_message = Kontot är låst, kontakta kundtjänsten. " #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1364 +#: sssd.conf.5.xml:1365 msgid "pam_cert_auth (bool)" msgstr "pam_cert_auth (bool)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1367 +#: sssd.conf.5.xml:1368 msgid "" "Enable certificate based Smartcard authentication. Since this requires " "additional communication with the Smartcard which will delay the " @@ -2153,19 +2125,19 @@ msgstr "" "autentiseringsprocessen är detta alternativ avaktiverat som standard." #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1373 sssd.conf.5.xml:3090 sssd-ldap.5.xml:1455 -#: sssd-ldap.5.xml:1476 sssd-ldap.5.xml:1993 sssd-ad.5.xml:435 +#: sssd.conf.5.xml:1374 sssd-ldap.5.xml:1493 sssd-ldap.5.xml:1514 +#: sssd-ldap.5.xml:2051 sssd-ad.5.xml:435 sssd-ad.5.xml:453 #: include/ldap_id_mapping.xml:244 msgid "Default: False" msgstr "Default: False" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1378 +#: sssd.conf.5.xml:1379 msgid "pam_cert_db_path (string)" msgstr "pam_cert_db_path (sträng)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1381 +#: sssd.conf.5.xml:1382 msgid "" "The path to the certificate database which contain the PKCS#11 modules to " "access the Smartcard." @@ -2174,17 +2146,17 @@ msgstr "" "komma åt smartkortet." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1385 sssd.conf.5.xml:1691 sssd.conf.5.xml:3441 +#: sssd.conf.5.xml:1386 sssd.conf.5.xml:1692 sssd.conf.5.xml:3509 msgid "Default:" msgstr "Standard:" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1387 sssd.conf.5.xml:1693 +#: sssd.conf.5.xml:1388 sssd.conf.5.xml:1694 msgid "/etc/pki/nssdb (NSS version, path to a NSS database)" msgstr "/etc/pki/nssdb (NSS-version, sökväg till en NSS-databas)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1390 sssd.conf.5.xml:1696 +#: sssd.conf.5.xml:1391 sssd.conf.5.xml:1697 msgid "" "/etc/sssd/pki/sssd_auth_ca_db.pem (OpenSSL version, path to a file with " "trusted CA certificates in PEM format)" @@ -2193,22 +2165,22 @@ msgstr "" "betrodda CA-certifikat i PEM-format)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1405 +#: sssd.conf.5.xml:1406 msgid "p11_child_timeout (integer)" msgstr "p11_child_timeout (heltal)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1408 +#: sssd.conf.5.xml:1409 msgid "How many seconds will pam_sss wait for p11_child to finish." msgstr "Hur många sekunder pam_sss kommer vänta på p11_child att avsluta." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1417 +#: sssd.conf.5.xml:1418 msgid "pam_app_services (string)" msgstr "pam_app_services (sträng)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1420 +#: sssd.conf.5.xml:1421 msgid "" "Which PAM services are permitted to contact domains of type " "<quote>application</quote>" @@ -2217,34 +2189,27 @@ msgstr "" "<quote>application</quote>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1429 -#, fuzzy -#| msgid "pam_app_services (string)" +#: sssd.conf.5.xml:1430 msgid "pam_p11_allowed_services (integer)" -msgstr "pam_app_services (sträng)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1432 +#: sssd.conf.5.xml:1433 msgid "" "A comma-separated list of PAM service names for which it will be allowed to " "use Smartcards." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1447 -#, fuzzy, no-wrap -#| msgid "" -#| "fallback_homedir = /home/%u\n" -#| " " +#: sssd.conf.5.xml:1448 +#, no-wrap msgid "" "pam_p11_allowed_services = +my_pam_service, -login\n" " " msgstr "" -"fallback_homedir = /home/%u\n" -" " #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1436 +#: sssd.conf.5.xml:1437 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -2256,65 +2221,63 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1451 sssd-ad.5.xml:485 sssd-ad.5.xml:581 sssd-ad.5.xml:627 -#: sssd-ad.5.xml:673 sssd-ad.5.xml:739 +#: sssd.conf.5.xml:1452 sssd-ad.5.xml:504 sssd-ad.5.xml:600 sssd-ad.5.xml:646 +#: sssd-ad.5.xml:692 sssd-ad.5.xml:758 msgid "Default: the default set of PAM service names includes:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1456 sssd-ad.5.xml:489 +#: sssd.conf.5.xml:1457 sssd-ad.5.xml:508 msgid "login" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1461 sssd-ad.5.xml:494 +#: sssd.conf.5.xml:1462 sssd-ad.5.xml:513 msgid "su" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1466 sssd-ad.5.xml:499 +#: sssd.conf.5.xml:1467 sssd-ad.5.xml:518 msgid "su-l" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1471 sssd-ad.5.xml:514 +#: sssd.conf.5.xml:1472 sssd-ad.5.xml:533 msgid "gdm-smartcard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1476 sssd-ad.5.xml:509 +#: sssd.conf.5.xml:1477 sssd-ad.5.xml:528 msgid "gdm-password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1481 sssd-ad.5.xml:519 +#: sssd.conf.5.xml:1482 sssd-ad.5.xml:538 msgid "kdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1486 sssd-ad.5.xml:748 +#: sssd.conf.5.xml:1487 sssd-ad.5.xml:767 msgid "sudo" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1491 sssd-ad.5.xml:753 +#: sssd.conf.5.xml:1492 sssd-ad.5.xml:772 msgid "sudo-i" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1496 +#: sssd.conf.5.xml:1497 msgid "gnome-screensaver" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1504 -#, fuzzy -#| msgid "p11_child_timeout (integer)" +#: sssd.conf.5.xml:1505 msgid "p11_wait_for_card_timeout (integer)" -msgstr "p11_child_timeout (heltal)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1507 +#: sssd.conf.5.xml:1508 msgid "" "If Smartcard authentication is required how many extra seconds in addition " "to p11_child_timeout should the PAM responder wait until a Smartcard is " @@ -2322,25 +2285,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1518 -#, fuzzy -#| msgid "user (string)" +#: sssd.conf.5.xml:1519 msgid "p11_uri (string)" -msgstr "user (sträng)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1521 +#: sssd.conf.5.xml:1522 msgid "" "PKCS#11 URI (see RFC-7512 for details) which can be used to restrict the " "selection of devices used for Smartcard authentication. By default SSSD's " "p11_child will search for a PKCS#11 slot (reader) where the 'removable' " "flags is set and read the certificates from the inserted token from the " -"first slot found. If multiple readers are connected p11_uri can be use to " +"first slot found. If multiple readers are connected p11_uri can be used to " "tell p11_child to use a specific reader." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1534 +#: sssd.conf.5.xml:1535 #, no-wrap msgid "" "p11_uri = slot-description=My%20Smartcar%20Reader\n" @@ -2348,7 +2309,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1538 +#: sssd.conf.5.xml:1539 #, no-wrap msgid "" "p11_uri = library-description=OpenSC%20smartcard%20framework;slot-id=2\n" @@ -2356,7 +2317,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1532 +#: sssd.conf.5.xml:1533 msgid "" "Example: <placeholder type=\"programlisting\" id=\"0\"/> or <placeholder " "type=\"programlisting\" id=\"1\"/> To find suitable URI please check the " @@ -2365,12 +2326,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1554 +#: sssd.conf.5.xml:1555 msgid "SUDO configuration options" msgstr "SUDO-konfigurationsalternativ" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1556 +#: sssd.conf.5.xml:1557 msgid "" "These options can be used to configure the sudo service. The detailed " "instructions for configuration of <citerefentry> <refentrytitle>sudo</" @@ -2388,12 +2349,12 @@ msgstr "" "citerefentry>." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1573 +#: sssd.conf.5.xml:1574 msgid "sudo_timed (bool)" msgstr "sudo_timed (bool)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1576 +#: sssd.conf.5.xml:1577 msgid "" "Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " "that implement time-dependent sudoers entries." @@ -2402,12 +2363,12 @@ msgstr "" "tidsberoende sudoers-poster skall evalueras eller inte." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1588 +#: sssd.conf.5.xml:1589 msgid "sudo_threshold (integer)" msgstr "sudo_threshold (heltal)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1591 +#: sssd.conf.5.xml:1592 msgid "" "Maximum number of expired rules that can be refreshed at once. If number of " "expired rules is below threshold, those rules are refreshed with " @@ -2422,22 +2383,22 @@ msgstr "" "gränsvärde gäller även IPA-sudo-kommandon och kommandugruppsökningar." #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1610 +#: sssd.conf.5.xml:1611 msgid "AUTOFS configuration options" msgstr "AUTOFS-konfigurationsalternativ" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1612 +#: sssd.conf.5.xml:1613 msgid "These options can be used to configure the autofs service." msgstr "Dessa alternativ kan användas för att konfigurera tjänsten autofs." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1616 +#: sssd.conf.5.xml:1617 msgid "autofs_negative_timeout (integer)" msgstr "autofs_negative_timeout (heltal)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1619 +#: sssd.conf.5.xml:1620 msgid "" "Specifies for how many seconds should the autofs responder negative cache " "hits (that is, queries for invalid map entries, like nonexistent ones) " @@ -2448,22 +2409,22 @@ msgstr "" "finns) innan bakänden tillfrågas igen." #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1635 +#: sssd.conf.5.xml:1636 msgid "SSH configuration options" msgstr "SSH-konfigurationsalternativ" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1637 +#: sssd.conf.5.xml:1638 msgid "These options can be used to configure the SSH service." msgstr "Dessa alternativ kan användas för att konfigurera tjänsten SSH." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1641 +#: sssd.conf.5.xml:1642 msgid "ssh_hash_known_hosts (bool)" msgstr "ssh_hash_known_hosts (bool)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1644 +#: sssd.conf.5.xml:1645 msgid "" "Whether or not to hash host names and addresses in the managed known_hosts " "file." @@ -2472,12 +2433,12 @@ msgstr "" "till kontrollsummor eller inte." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1653 +#: sssd.conf.5.xml:1654 msgid "ssh_known_hosts_timeout (integer)" msgstr "ssh_known_hosts_timeout (heltal)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1656 +#: sssd.conf.5.xml:1657 msgid "" "How many seconds to keep a host in the managed known_hosts file after its " "host keys were requested." @@ -2486,17 +2447,17 @@ msgstr "" "att dess värdnycklar begärdes" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1660 +#: sssd.conf.5.xml:1661 msgid "Default: 180" msgstr "Standard: 180" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1665 +#: sssd.conf.5.xml:1666 msgid "ssh_use_certificate_keys (bool)" msgstr "ssh_use_certificate_keys (bool)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1668 +#: sssd.conf.5.xml:1669 msgid "" "If set to true the <command>sss_ssh_authorizedkeys</command> will return ssh " "keys derived from the public key of X.509 certificates stored in the user " @@ -2510,12 +2471,12 @@ msgstr "" "manvolnum> </citerefentry> för detaljer." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1683 +#: sssd.conf.5.xml:1684 msgid "ca_db (string)" msgstr "ca_db (sträng)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1686 +#: sssd.conf.5.xml:1687 msgid "" "Path to a storage of trusted CA certificates. The option is used to validate " "user certificates before deriving public ssh keys from them." @@ -2524,12 +2485,12 @@ msgstr "" "validera användarcertifikat före publika ssh-nycklar härleds från dem." #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1714 +#: sssd.conf.5.xml:1715 msgid "PAC responder configuration options" msgstr "PAC-respondentskonfigurationsalternativ" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1716 +#: sssd.conf.5.xml:1717 msgid "" "The PAC responder works together with the authorization data plugin for MIT " "Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the " @@ -2547,7 +2508,7 @@ msgstr "" "beräknad kommer några av följande operationer att göras:" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1725 +#: sssd.conf.5.xml:1726 msgid "" "If the remote user does not exist in the cache, it is created. The UID is " "determined with the help of the SID, trusted domains will have UPGs and the " @@ -2563,7 +2524,7 @@ msgstr "" "kan skrivas över med parametern default_shell." #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1733 +#: sssd.conf.5.xml:1734 msgid "" "If there are SIDs of groups from domains sssd knows about, the user will be " "added to those groups." @@ -2572,17 +2533,17 @@ msgstr "" "användaren läggas till i dessa grupper." #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1739 +#: sssd.conf.5.xml:1740 msgid "These options can be used to configure the PAC responder." msgstr "Dessa alternativ kan användas för att konfigurera PAC-respondenten." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1743 sssd-ifp.5.xml:50 +#: sssd.conf.5.xml:1744 sssd-ifp.5.xml:50 msgid "allowed_uids (string)" msgstr "allowed_uids (sträng)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1746 +#: sssd.conf.5.xml:1747 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to access the PAC responder. User names are resolved to UIDs at " @@ -2593,12 +2554,12 @@ msgstr "" "uppstart." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1752 +#: sssd.conf.5.xml:1753 msgid "Default: 0 (only the root user is allowed to access the PAC responder)" msgstr "Standard: 0 (endast root-användaren tillåts komma åt PAC-respondenten)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1756 +#: sssd.conf.5.xml:1757 msgid "" "Please note that although the UID 0 is used as the default it will be " "overwritten with this option. If you still want to allow the root user to " @@ -2611,12 +2572,12 @@ msgstr "" "0 i listan av tillåtna UID:er." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1765 +#: sssd.conf.5.xml:1766 msgid "pac_lifetime (integer)" msgstr "pac_lifetime (heltal)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1768 +#: sssd.conf.5.xml:1769 msgid "" "Lifetime of the PAC entry in seconds. As long as the PAC is valid the PAC " "data can be used to determine the group memberships of a user." @@ -2625,12 +2586,12 @@ msgstr "" "datan användas för att avgöra gruppmedlemskap för en användare." #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1781 +#: sssd.conf.5.xml:1782 msgid "Session recording configuration options" msgstr "Konfigurationsalternatvi för inspelning av sessioner" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1783 +#: sssd.conf.5.xml:1784 msgid "" "Session recording works in conjunction with <citerefentry> " "<refentrytitle>tlog-rec-session</refentrytitle> <manvolnum>8</manvolnum> </" @@ -2646,33 +2607,33 @@ msgstr "" "manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1796 +#: sssd.conf.5.xml:1797 msgid "These options can be used to configure session recording." msgstr "" "Dessa alternativ kan användas för att konfigurera inspelning av sessioner." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1800 sssd-session-recording.5.xml:64 +#: sssd.conf.5.xml:1801 sssd-session-recording.5.xml:64 msgid "scope (string)" msgstr "scope (sträng)" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1807 sssd-session-recording.5.xml:71 +#: sssd.conf.5.xml:1808 sssd-session-recording.5.xml:71 msgid "\"none\"" msgstr "”none”" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1810 sssd-session-recording.5.xml:74 +#: sssd.conf.5.xml:1811 sssd-session-recording.5.xml:74 msgid "No users are recorded." msgstr "Inga användare spelas in." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1815 sssd-session-recording.5.xml:79 +#: sssd.conf.5.xml:1816 sssd-session-recording.5.xml:79 msgid "\"some\"" msgstr "”some”" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1818 sssd-session-recording.5.xml:82 +#: sssd.conf.5.xml:1819 sssd-session-recording.5.xml:82 msgid "" "Users/groups specified by <replaceable>users</replaceable> and " "<replaceable>groups</replaceable> options are recorded." @@ -2681,17 +2642,17 @@ msgstr "" "och <replaceable>groups</replaceable> spelas in." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1827 sssd-session-recording.5.xml:91 +#: sssd.conf.5.xml:1828 sssd-session-recording.5.xml:91 msgid "\"all\"" msgstr "”all”" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1830 sssd-session-recording.5.xml:94 +#: sssd.conf.5.xml:1831 sssd-session-recording.5.xml:94 msgid "All users are recorded." msgstr "Alla användare spelas in." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1803 sssd-session-recording.5.xml:67 +#: sssd.conf.5.xml:1804 sssd-session-recording.5.xml:67 msgid "" "One of the following strings specifying the scope of session recording: " "<placeholder type=\"variablelist\" id=\"0\"/>" @@ -2700,17 +2661,17 @@ msgstr "" "<placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1837 sssd-session-recording.5.xml:101 +#: sssd.conf.5.xml:1838 sssd-session-recording.5.xml:101 msgid "Default: \"none\"" msgstr "Standard: ”none”" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1842 sssd-session-recording.5.xml:106 +#: sssd.conf.5.xml:1843 sssd-session-recording.5.xml:106 msgid "users (string)" msgstr "users (sträng)" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1845 sssd-session-recording.5.xml:109 +#: sssd.conf.5.xml:1846 sssd-session-recording.5.xml:109 msgid "" "A comma-separated list of users which should have session recording enabled. " "Matches user names as returned by NSS. I.e. after the possible space " @@ -2721,17 +2682,17 @@ msgstr "" "efter eventuellt utbyte av mellanslag, ändring av skiftläge, etc." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1851 sssd-session-recording.5.xml:115 +#: sssd.conf.5.xml:1852 sssd-session-recording.5.xml:115 msgid "Default: Empty. Matches no users." msgstr "Default: Tomt. Matchar inte några användare." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1856 sssd-session-recording.5.xml:120 +#: sssd.conf.5.xml:1857 sssd-session-recording.5.xml:120 msgid "groups (string)" msgstr "groups (sträng)" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1859 sssd-session-recording.5.xml:123 +#: sssd.conf.5.xml:1860 sssd-session-recording.5.xml:123 msgid "" "A comma-separated list of groups, members of which should have session " "recording enabled. Matches group names as returned by NSS. I.e. after the " @@ -2742,7 +2703,7 @@ msgstr "" "efter eventuellt utbyte av mellanslag, ändring av skiftläge, etc." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1865 sssd-session-recording.5.xml:129 +#: sssd.conf.5.xml:1866 sssd-session-recording.5.xml:129 msgid "" "NOTE: using this option (having it set to anything) has a considerable " "performance cost, because each uncached request for a user requires " @@ -2753,22 +2714,22 @@ msgstr "" "användare måste hämtas och matchas mot grupperna användaren är en medlem i." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1872 sssd-session-recording.5.xml:136 +#: sssd.conf.5.xml:1873 sssd-session-recording.5.xml:136 msgid "Default: Empty. Matches no groups." msgstr "Standard: Tom. Matchar inga grupper." #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1882 +#: sssd.conf.5.xml:1883 msgid "DOMAIN SECTIONS" msgstr "DOMÄNSEKTIONER" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1889 +#: sssd.conf.5.xml:1890 msgid "domain_type (string)" msgstr "domain_type (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1892 +#: sssd.conf.5.xml:1893 msgid "" "Specifies whether the domain is meant to be used by POSIX-aware clients such " "as the Name Service Switch or by applications that do not need POSIX data to " @@ -2781,7 +2742,7 @@ msgstr "" "operativsystemets gränssnitt och verktyg." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1900 +#: sssd.conf.5.xml:1901 msgid "" "Allowed values for this option are <quote>posix</quote> and " "<quote>application</quote>." @@ -2790,7 +2751,7 @@ msgstr "" "<quote>application</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1904 +#: sssd.conf.5.xml:1905 msgid "" "POSIX domains are reachable by all services. Application domains are only " "reachable from the InfoPipe responder (see <citerefentry> " @@ -2803,7 +2764,7 @@ msgstr "" "respondenten." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1912 +#: sssd.conf.5.xml:1913 msgid "" "NOTE: The application domains are currently well tested with " "<quote>id_provider=ldap</quote> only." @@ -2812,7 +2773,7 @@ msgstr "" "<quote>id_provider=ldap</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1916 +#: sssd.conf.5.xml:1917 msgid "" "For an easy way to configure a non-POSIX domains, please see the " "<quote>Application domains</quote> section." @@ -2821,17 +2782,17 @@ msgstr "" "<quote>Programdomäner</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1920 +#: sssd.conf.5.xml:1921 msgid "Default: posix" msgstr "Standard: posix" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1926 +#: sssd.conf.5.xml:1927 msgid "min_id,max_id (integer)" msgstr "min_id,max_id (heltal)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1929 +#: sssd.conf.5.xml:1930 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." @@ -2840,7 +2801,7 @@ msgstr "" "utanför dessa gränser ignoreras den." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1934 +#: sssd.conf.5.xml:1935 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For non-" @@ -2853,7 +2814,7 @@ msgstr "" "ligger i intervallet rapporteras som förväntat." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1941 +#: sssd.conf.5.xml:1942 msgid "" "These ID limits affect even saving entries to cache, not only returning them " "by name or ID." @@ -2862,17 +2823,17 @@ msgstr "" "när de returneras via namn eller ID." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1945 +#: sssd.conf.5.xml:1946 msgid "Default: 1 for min_id, 0 (no limit) for max_id" msgstr "Standard: 1 för min_id, 0 (ingen gräns) för max_id" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1951 +#: sssd.conf.5.xml:1952 msgid "enumerate (bool)" msgstr "enumerate (bool)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1954 +#: sssd.conf.5.xml:1955 msgid "" "Determines if a domain can be enumerated, that is, whether the domain can " "list all the users and group it contains. Note that it is not required to " @@ -2885,22 +2846,22 @@ msgstr "" "Denna parameter kan ha ett av följande värden:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1962 +#: sssd.conf.5.xml:1963 msgid "TRUE = Users and groups are enumerated" msgstr "TRUE = Användare och grupper räknas upp" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1965 +#: sssd.conf.5.xml:1966 msgid "FALSE = No enumerations for this domain" msgstr "FALSE = Inga uppräkningar för denna domän" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1968 sssd.conf.5.xml:2190 sssd.conf.5.xml:2365 +#: sssd.conf.5.xml:1969 sssd.conf.5.xml:2191 sssd.conf.5.xml:2366 msgid "Default: FALSE" msgstr "Standard: FALSE" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1971 +#: sssd.conf.5.xml:1972 msgid "" "Enumerating a domain requires SSSD to download and store ALL user and group " "entries from the remote server." @@ -2909,7 +2870,7 @@ msgstr "" "grupposter från fjärrservern." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1976 +#: sssd.conf.5.xml:1977 msgid "" "Note: Enabling enumeration has a moderate performance impact on SSSD while " "enumeration is running. It may take up to several minutes after SSSD startup " @@ -2932,7 +2893,7 @@ msgstr "" "med startas om av den interna vakthunden." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1991 +#: sssd.conf.5.xml:1992 msgid "" "While the first enumeration is running, requests for the complete user or " "group lists may return no results until it completes." @@ -2941,7 +2902,7 @@ msgstr "" "användar- eller grupplistan returnera utan resultat tills den är färdig." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1996 +#: sssd.conf.5.xml:1997 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " @@ -2954,7 +2915,7 @@ msgstr "" "information, se manualsidorna för den specifika id-leverantören som används." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2004 +#: sssd.conf.5.xml:2005 msgid "" "For the reasons cited above, enabling enumeration is not recommended, " "especially in large environments." @@ -2963,32 +2924,32 @@ msgstr "" "stora miljöer." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2012 +#: sssd.conf.5.xml:2013 msgid "subdomain_enumerate (string)" msgstr "subdomain_enumerate (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2019 +#: sssd.conf.5.xml:2020 msgid "all" msgstr "all" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2020 +#: sssd.conf.5.xml:2021 msgid "All discovered trusted domains will be enumerated" msgstr "Alla upptäckta betrodda domäner kommer räknas upp" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2023 +#: sssd.conf.5.xml:2024 msgid "none" msgstr "none" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2024 +#: sssd.conf.5.xml:2025 msgid "No discovered trusted domains will be enumerated" msgstr "Inga upptäckta betrodda domäner kommer räknas upp" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2015 +#: sssd.conf.5.xml:2016 msgid "" "Whether any of autodetected trusted domains should be enumerated. The " "supported values are: <placeholder type=\"variablelist\" id=\"0\"/> " @@ -3001,12 +2962,12 @@ msgstr "" "bara för dessa betrodda domäner." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2038 +#: sssd.conf.5.xml:2039 msgid "entry_cache_timeout (integer)" msgstr "entry_cache_timeout (heltal)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2041 +#: sssd.conf.5.xml:2042 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" @@ -3015,7 +2976,7 @@ msgstr "" "bakänden igen" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2045 +#: sssd.conf.5.xml:2046 msgid "" "The cache expiration timestamps are stored as attributes of individual " "objects in the cache. Therefore, changing the cache timeout only has effect " @@ -3032,17 +2993,17 @@ msgstr "" "redan har cachats." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2058 +#: sssd.conf.5.xml:2059 msgid "Default: 5400" msgstr "Standard: 5400" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2064 +#: sssd.conf.5.xml:2065 msgid "entry_cache_user_timeout (integer)" msgstr "entry_cache_user_timeout (heltal)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2067 +#: sssd.conf.5.xml:2068 msgid "" "How many seconds should nss_sss consider user entries valid before asking " "the backend again" @@ -3051,19 +3012,19 @@ msgstr "" "bakänden igen" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2071 sssd.conf.5.xml:2084 sssd.conf.5.xml:2097 -#: sssd.conf.5.xml:2110 sssd.conf.5.xml:2123 sssd.conf.5.xml:2137 -#: sssd.conf.5.xml:2151 +#: sssd.conf.5.xml:2072 sssd.conf.5.xml:2085 sssd.conf.5.xml:2098 +#: sssd.conf.5.xml:2111 sssd.conf.5.xml:2124 sssd.conf.5.xml:2138 +#: sssd.conf.5.xml:2152 msgid "Default: entry_cache_timeout" msgstr "Standard: entry_cache_timeout" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2077 +#: sssd.conf.5.xml:2078 msgid "entry_cache_group_timeout (integer)" msgstr "entry_cache_group_timeout (heltal)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2080 +#: sssd.conf.5.xml:2081 msgid "" "How many seconds should nss_sss consider group entries valid before asking " "the backend again" @@ -3072,12 +3033,12 @@ msgstr "" "bakänden igen" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2090 +#: sssd.conf.5.xml:2091 msgid "entry_cache_netgroup_timeout (integer)" msgstr "entry_cache_netgroup_timeout (heltal)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2093 +#: sssd.conf.5.xml:2094 msgid "" "How many seconds should nss_sss consider netgroup entries valid before " "asking the backend again" @@ -3086,12 +3047,12 @@ msgstr "" "frågar bakänden igen" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2103 +#: sssd.conf.5.xml:2104 msgid "entry_cache_service_timeout (integer)" msgstr "entry_cache_service_timeout (heltal)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2106 +#: sssd.conf.5.xml:2107 msgid "" "How many seconds should nss_sss consider service entries valid before asking " "the backend again" @@ -3100,12 +3061,12 @@ msgstr "" "bakänden igen" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2116 +#: sssd.conf.5.xml:2117 msgid "entry_cache_sudo_timeout (integer)" msgstr "entry_cache_sudo_timeout (heltal)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2119 +#: sssd.conf.5.xml:2120 msgid "" "How many seconds should sudo consider rules valid before asking the backend " "again" @@ -3114,12 +3075,12 @@ msgstr "" "igen" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2129 +#: sssd.conf.5.xml:2130 msgid "entry_cache_autofs_timeout (integer)" msgstr "entry_cache_autofs_timeout (heltal)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2132 +#: sssd.conf.5.xml:2133 msgid "" "How many seconds should the autofs service consider automounter maps valid " "before asking the backend again" @@ -3128,12 +3089,12 @@ msgstr "" "giltiga före den frågar bakänden igen" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2143 +#: sssd.conf.5.xml:2144 msgid "entry_cache_ssh_host_timeout (integer)" msgstr "entry_cache_ssh_host_timeout (heltal)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2146 +#: sssd.conf.5.xml:2147 msgid "" "How many seconds to keep a host ssh key after refresh. IE how long to cache " "the host key for." @@ -3142,12 +3103,12 @@ msgstr "" "hur länge värdnyckeln skall cachas." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2157 +#: sssd.conf.5.xml:2158 msgid "refresh_expired_interval (integer)" msgstr "refresh_expired_interval (heltal)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2160 +#: sssd.conf.5.xml:2161 msgid "" "Specifies how many seconds SSSD has to wait before triggering a background " "refresh task which will refresh all expired or nearly expired records." @@ -3156,7 +3117,7 @@ msgstr "" "i bakgrunden som kommer uppdatera alla utgångna eller nästan utgångna poster." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2165 +#: sssd.conf.5.xml:2166 msgid "" "The background refresh will process users, groups and netgroups in the cache." msgstr "" @@ -3164,37 +3125,37 @@ msgstr "" "cachen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2169 +#: sssd.conf.5.xml:2170 msgid "You can consider setting this value to 3/4 * entry_cache_timeout." msgstr "Du kan överväga att sätta detta värde till ¾ · entry_cache_timeout." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2173 sssd-ldap.5.xml:746 sssd-ipa.5.xml:254 +#: sssd.conf.5.xml:2174 sssd-ldap.5.xml:784 sssd-ipa.5.xml:254 msgid "Default: 0 (disabled)" msgstr "Standard: 0 (avaktiverat)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2179 +#: sssd.conf.5.xml:2180 msgid "cache_credentials (bool)" msgstr "cache_credentials (bool)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2182 +#: sssd.conf.5.xml:2183 msgid "Determines if user credentials are also cached in the local LDB cache" msgstr "Bestämmer om användarkreditiv också cachas i den lokala LDB-cachen" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2186 +#: sssd.conf.5.xml:2187 msgid "User credentials are stored in a SHA512 hash, not in plaintext" msgstr "Användarkreditiv sparas i en SHA512-kontrollsumma, inte i klartext" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2196 +#: sssd.conf.5.xml:2197 msgid "cache_credentials_minimal_first_factor_length (int)" msgstr "cache_credentials_minimal_first_factor_length (heltal)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2199 +#: sssd.conf.5.xml:2200 msgid "" "If 2-Factor-Authentication (2FA) is used and credentials should be saved " "this value determines the minimal length the first authentication factor " @@ -3205,7 +3166,7 @@ msgstr "" "lösenord) måste ha för att sparas som en SHA512-kontrollsumma i cachen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2206 +#: sssd.conf.5.xml:2207 msgid "" "This should avoid that the short PINs of a PIN based 2FA scheme are saved in " "the cache which would make them easy targets for brute-force attacks." @@ -3215,17 +3176,17 @@ msgstr "" "attacker." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2211 +#: sssd.conf.5.xml:2212 msgid "Default: 8" msgstr "Standard: 8" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2217 +#: sssd.conf.5.xml:2218 msgid "account_cache_expiration (integer)" msgstr "account_cache_expiration (heltal)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2220 +#: sssd.conf.5.xml:2221 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " @@ -3238,17 +3199,17 @@ msgstr "" "offline_credentials_expiration." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2227 +#: sssd.conf.5.xml:2228 msgid "Default: 0 (unlimited)" msgstr "Standard: 0 (obegränsat)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2232 +#: sssd.conf.5.xml:2233 msgid "pwd_expiration_warning (integer)" msgstr "pwd_expiration_warning (heltal)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2243 +#: sssd.conf.5.xml:2244 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -3260,17 +3221,17 @@ msgstr "" "Dessutom måste en autentiseringsleverantör ha konfigurerats för bakänden." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2250 +#: sssd.conf.5.xml:2251 msgid "Default: 7 (Kerberos), 0 (LDAP)" msgstr "Standard: 7 (Kerberos), 0 (LDAP)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2256 +#: sssd.conf.5.xml:2257 msgid "id_provider (string)" msgstr "id_provider (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2259 +#: sssd.conf.5.xml:2260 msgid "" "The identification provider used for the domain. Supported ID providers are:" msgstr "" @@ -3278,12 +3239,12 @@ msgstr "" "stödjs är:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2263 +#: sssd.conf.5.xml:2264 msgid "<quote>proxy</quote>: Support a legacy NSS provider." msgstr "<quote>proxy</quote>: Stöd en tidigare NSS-leverantör." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2266 +#: sssd.conf.5.xml:2267 msgid "" "<quote>local</quote>: SSSD internal provider for local users (DEPRECATED)." msgstr "" @@ -3291,7 +3252,7 @@ msgstr "" "(FÖRÅLDRAT)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2270 +#: sssd.conf.5.xml:2271 msgid "" "<quote>files</quote>: FILES provider. See <citerefentry> <refentrytitle>sssd-" "files</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -3302,7 +3263,7 @@ msgstr "" "information om hur lokala användare och grupper kan speglas in i SSSD." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2278 +#: sssd.conf.5.xml:2279 msgid "" "<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -3313,8 +3274,8 @@ msgstr "" "information om att konfigurera LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2286 sssd.conf.5.xml:2391 sssd.conf.5.xml:2446 -#: sssd.conf.5.xml:2509 +#: sssd.conf.5.xml:2287 sssd.conf.5.xml:2392 sssd.conf.5.xml:2447 +#: sssd.conf.5.xml:2510 msgid "" "<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management " "provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " @@ -3327,8 +3288,8 @@ msgstr "" "konfigurera FreeIPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2295 sssd.conf.5.xml:2400 sssd.conf.5.xml:2455 -#: sssd.conf.5.xml:2518 +#: sssd.conf.5.xml:2296 sssd.conf.5.xml:2401 sssd.conf.5.xml:2456 +#: sssd.conf.5.xml:2519 msgid "" "<quote>ad</quote>: Active Directory provider. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3339,12 +3300,12 @@ msgstr "" "citerefentry> för mer information om att konfigurera Active Directory." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2306 +#: sssd.conf.5.xml:2307 msgid "use_fully_qualified_names (bool)" msgstr "use_fully_qualified_names (bool)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2309 +#: sssd.conf.5.xml:2310 msgid "" "Use the full name and domain (as formatted by the domain's full_name_format) " "as the user's login name reported to NSS." @@ -3353,7 +3314,7 @@ msgstr "" "full_name_format) som användarens inloggningsnamn rapporterat till NSS." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2314 +#: sssd.conf.5.xml:2315 msgid "" "If set to TRUE, all requests to this domain must use fully qualified names. " "For example, if used in LOCAL domain that contains a \"test\" user, " @@ -3367,7 +3328,7 @@ msgstr "" "command> skulle det." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2322 +#: sssd.conf.5.xml:2323 msgid "" "NOTE: This option has no effect on netgroup lookups due to their tendency to " "include nested netgroups without qualified names. For netgroups, all domains " @@ -3379,22 +3340,22 @@ msgstr "" "namn begärs." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2329 +#: sssd.conf.5.xml:2330 msgid "Default: FALSE (TRUE if default_domain_suffix is used)" msgstr "Standard: FALSE (TRUE om default_domain_suffix används)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2335 +#: sssd.conf.5.xml:2336 msgid "ignore_group_members (bool)" msgstr "ignore_group_members (bool)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2338 +#: sssd.conf.5.xml:2339 msgid "Do not return group members for group lookups." msgstr "Returnera inte gruppmedlemmar för gruppuppslagningar." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2341 +#: sssd.conf.5.xml:2342 msgid "" "If set to TRUE, the group membership attribute is not requested from the " "ldap server, and group members are not returned when processing group lookup " @@ -3413,7 +3374,7 @@ msgstr "" "som om den vore tom." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2359 +#: sssd.conf.5.xml:2360 msgid "" "Enabling this option can also make access provider checks for group " "membership significantly faster, especially for groups containing many " @@ -3424,12 +3385,12 @@ msgstr "" "innehåller många medlemmar." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2370 +#: sssd.conf.5.xml:2371 msgid "auth_provider (string)" msgstr "auth_provider (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2373 +#: sssd.conf.5.xml:2374 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" @@ -3438,7 +3399,7 @@ msgstr "" "är:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2377 sssd.conf.5.xml:2439 +#: sssd.conf.5.xml:2378 sssd.conf.5.xml:2440 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3449,7 +3410,7 @@ msgstr "" "citerefentry> för mer information om att konfigurera LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2384 +#: sssd.conf.5.xml:2385 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3460,7 +3421,7 @@ msgstr "" "citerefentry> för mer information om att konfigurera Kerberos." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2408 +#: sssd.conf.5.xml:2409 msgid "" "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "" @@ -3468,17 +3429,17 @@ msgstr "" "PAM-mål." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2411 +#: sssd.conf.5.xml:2412 msgid "<quote>local</quote>: SSSD internal provider for local users" msgstr "<quote>local</quote>: SSSD:s interna leverantör för lokala användare." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2415 +#: sssd.conf.5.xml:2416 msgid "<quote>none</quote> disables authentication explicitly." msgstr "<quote>none</quote> avaktiverar explicit autentisering." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2418 +#: sssd.conf.5.xml:2419 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." @@ -3487,12 +3448,12 @@ msgstr "" "autentiseringsbegäranden." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2424 +#: sssd.conf.5.xml:2425 msgid "access_provider (string)" msgstr "access_provider (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2427 +#: sssd.conf.5.xml:2428 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " @@ -3503,7 +3464,7 @@ msgstr "" "Interna specialleverantörer är:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2433 +#: sssd.conf.5.xml:2434 msgid "" "<quote>permit</quote> always allow access. It's the only permitted access " "provider for a local domain." @@ -3512,12 +3473,12 @@ msgstr "" "åtkomstleverantören för en lokal domän." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2436 +#: sssd.conf.5.xml:2437 msgid "<quote>deny</quote> always deny access." msgstr "<quote>deny</quote> neka alltid åtkomst." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2463 +#: sssd.conf.5.xml:2464 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" @@ -3530,7 +3491,7 @@ msgstr "" "konfigurera åtkomstmodulen simple." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2470 +#: sssd.conf.5.xml:2471 msgid "" "<quote>krb5</quote>: .k5login based access control. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum></" @@ -3541,24 +3502,24 @@ msgstr "" "citerefentry> för mer information om att konfigurera Kerberos." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2477 +#: sssd.conf.5.xml:2478 msgid "<quote>proxy</quote> for relaying access control to another PAM module." msgstr "" "<quote>proxy</quote> för att skicka vidare åtkomstkontroll till någon annam " "PAM-modul." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2480 +#: sssd.conf.5.xml:2481 msgid "Default: <quote>permit</quote>" msgstr "Standard: <quote>permit</quote>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2485 +#: sssd.conf.5.xml:2486 msgid "chpass_provider (string)" msgstr "chpass_provider (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2488 +#: sssd.conf.5.xml:2489 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" @@ -3567,7 +3528,7 @@ msgstr "" "av lösenordsändring som stödjs är:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2493 +#: sssd.conf.5.xml:2494 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -3578,7 +3539,7 @@ msgstr "" "manvolnum> </citerefentry> för mer information om att konfigurera LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2501 +#: sssd.conf.5.xml:2502 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3589,7 +3550,7 @@ msgstr "" "citerefentry> för mer information om att konfigurera Kerberos." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2526 +#: sssd.conf.5.xml:2527 msgid "" "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "" @@ -3597,12 +3558,12 @@ msgstr "" "annat PAM-mål." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2530 +#: sssd.conf.5.xml:2531 msgid "<quote>none</quote> disallows password changes explicitly." msgstr "<quote>none</quote> tillåter uttryckligen inte lösenordsändringar.." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2533 +#: sssd.conf.5.xml:2534 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." @@ -3611,18 +3572,18 @@ msgstr "" "hantera begäranden om ändring av lösenord." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2540 +#: sssd.conf.5.xml:2541 msgid "sudo_provider (string)" msgstr "sudo_provider (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2543 +#: sssd.conf.5.xml:2544 msgid "The SUDO provider used for the domain. Supported SUDO providers are:" msgstr "" "SUDO-leverantören som används för domänen. SUDO-leverantörer som stödjs är:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2547 +#: sssd.conf.5.xml:2548 msgid "" "<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3633,7 +3594,7 @@ msgstr "" "citerefentry> för mer information om att konfigurera LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2555 +#: sssd.conf.5.xml:2556 msgid "" "<quote>ipa</quote> the same as <quote>ldap</quote> but with IPA default " "settings." @@ -3642,7 +3603,7 @@ msgstr "" "standandardsinställningar för IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2559 +#: sssd.conf.5.xml:2560 msgid "" "<quote>ad</quote> the same as <quote>ldap</quote> but with AD default " "settings." @@ -3651,18 +3612,18 @@ msgstr "" "standandardsinställningar för AD." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2563 +#: sssd.conf.5.xml:2564 msgid "<quote>none</quote> disables SUDO explicitly." msgstr "<quote>none</quote> avaktiverar explicit SUDO." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2566 sssd.conf.5.xml:2652 sssd.conf.5.xml:2722 -#: sssd.conf.5.xml:2747 +#: sssd.conf.5.xml:2567 sssd.conf.5.xml:2653 sssd.conf.5.xml:2723 +#: sssd.conf.5.xml:2748 msgid "Default: The value of <quote>id_provider</quote> is used if it is set." msgstr "Standard: värdet på <quote>id_provider</quote> används om det är satt." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2570 +#: sssd.conf.5.xml:2571 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -3679,7 +3640,7 @@ msgstr "" "<manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2585 +#: sssd.conf.5.xml:2586 msgid "" "<emphasis>NOTE:</emphasis> Sudo rules are periodically downloaded in the " "background unless the sudo provider is explicitly disabled. Set " @@ -3692,12 +3653,12 @@ msgstr "" "relaterad aktivitet i SSSD om du inte vill använda sudo med SSSD alls." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2595 +#: sssd.conf.5.xml:2596 msgid "selinux_provider (string)" msgstr "selinux_provider (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2598 +#: sssd.conf.5.xml:2599 msgid "" "The provider which should handle loading of selinux settings. Note that this " "provider will be called right after access provider ends. Supported selinux " @@ -3708,7 +3669,7 @@ msgstr "" "åtkomstleverantören avslutar. Selinux-leverantörer som stödjs är:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2604 +#: sssd.conf.5.xml:2605 msgid "" "<quote>ipa</quote> to load selinux settings from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3720,14 +3681,14 @@ msgstr "" "konfigurera IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2612 +#: sssd.conf.5.xml:2613 msgid "<quote>none</quote> disallows fetching selinux settings explicitly." msgstr "" "<quote>none</quote> tillåter uttryckligen inte att hämta selinux-" "inställningar." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2615 +#: sssd.conf.5.xml:2616 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "selinux loading requests." @@ -3736,12 +3697,12 @@ msgstr "" "begäranden om inläsning av selinux." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2621 +#: sssd.conf.5.xml:2622 msgid "subdomains_provider (string)" msgstr "subdomains_provider (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2624 +#: sssd.conf.5.xml:2625 msgid "" "The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider. Supported subdomain providers are:" @@ -3750,7 +3711,7 @@ msgstr "" "alltid vara samma som id_provider. Underdomänleverantörer som stödjs är:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2630 +#: sssd.conf.5.xml:2631 msgid "" "<quote>ipa</quote> to load a list of subdomains from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3762,7 +3723,7 @@ msgstr "" "konfigurera IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2639 +#: sssd.conf.5.xml:2640 msgid "" "<quote>ad</quote> to load a list of subdomains from an Active Directory " "server. See <citerefentry> <refentrytitle>sssd-ad</refentrytitle> " @@ -3775,17 +3736,17 @@ msgstr "" "konfigurera AD-leverantören." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2648 +#: sssd.conf.5.xml:2649 msgid "<quote>none</quote> disallows fetching subdomains explicitly." msgstr "<quote>none</quote> tillåter uttryckligen inte att hämta underdomäner." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2658 +#: sssd.conf.5.xml:2659 msgid "session_provider (string)" msgstr "session_provider (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2661 +#: sssd.conf.5.xml:2662 msgid "" "The provider which configures and manages user session related tasks. The " "only user session task currently provided is the integration with Fleet " @@ -3797,14 +3758,14 @@ msgstr "" "med IPA. Sessionsleverantörer som stödjs är:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2668 +#: sssd.conf.5.xml:2669 msgid "<quote>ipa</quote> to allow performing user session related tasks." msgstr "" "<quote>ipa</quote> för att utföra uppgifter relaterade till " "användarsessioner." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2672 +#: sssd.conf.5.xml:2673 msgid "" "<quote>none</quote> does not perform any kind of user session related tasks." msgstr "" @@ -3812,7 +3773,7 @@ msgstr "" "användarsessioner." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2676 +#: sssd.conf.5.xml:2677 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can perform " "session related tasks." @@ -3821,7 +3782,7 @@ msgstr "" "sessionsrelaterade uppgifter." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2680 +#: sssd.conf.5.xml:2681 msgid "" "<emphasis>NOTE:</emphasis> In order to have this feature working as expected " "SSSD must be running as \"root\" and not as the unprivileged user." @@ -3831,12 +3792,12 @@ msgstr "" "användaren." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2688 +#: sssd.conf.5.xml:2689 msgid "autofs_provider (string)" msgstr "autofs_provider (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2691 +#: sssd.conf.5.xml:2692 msgid "" "The autofs provider used for the domain. Supported autofs providers are:" msgstr "" @@ -3844,7 +3805,7 @@ msgstr "" "är:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2695 +#: sssd.conf.5.xml:2696 msgid "" "<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3855,7 +3816,7 @@ msgstr "" "citerefentry> för mer information om att konfigurera LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2702 +#: sssd.conf.5.xml:2703 msgid "" "<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> " "<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3866,7 +3827,7 @@ msgstr "" "manvolnum> </citerefentry> för mer information om att konfigurera IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2710 +#: sssd.conf.5.xml:2711 msgid "" "<quote>ad</quote> to load maps stored in an AD server. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3878,17 +3839,17 @@ msgstr "" "leverantören." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2719 +#: sssd.conf.5.xml:2720 msgid "<quote>none</quote> disables autofs explicitly." msgstr "<quote>none</quote> avaktiverar explicit autofs." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2729 +#: sssd.conf.5.xml:2730 msgid "hostid_provider (string)" msgstr "hostid_provider (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2732 +#: sssd.conf.5.xml:2733 msgid "" "The provider used for retrieving host identity information. Supported " "hostid providers are:" @@ -3897,7 +3858,7 @@ msgstr "" "leverantörer som stödjs är:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2736 +#: sssd.conf.5.xml:2737 msgid "" "<quote>ipa</quote> to load host identity stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3908,12 +3869,12 @@ msgstr "" "manvolnum> </citerefentry> för mer information om att konfigurera IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2744 +#: sssd.conf.5.xml:2745 msgid "<quote>none</quote> disables hostid explicitly." msgstr "<quote>none</quote> avaktiverar explicit värd-id:n." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2757 +#: sssd.conf.5.xml:2758 msgid "" "Regular expression for this domain that describes how to parse the string " "containing user name and domain into these components. The \"domain\" can " @@ -3928,7 +3889,7 @@ msgstr "" "(NetBIOS) namnet på domänen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2766 +#: sssd.conf.5.xml:2767 msgid "" "Default for the AD and IPA provider: <quote>(((?P<domain>[^\\\\]+)\\" "\\(?P<name>.+$))|((?P<name>[^@]+)@(?P<domain>.+$))|(^(?" @@ -3941,22 +3902,22 @@ msgstr "" "användarnamn:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2771 +#: sssd.conf.5.xml:2772 msgid "username" msgstr "användarnamn" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2774 +#: sssd.conf.5.xml:2775 msgid "username@domain.name" msgstr "användarnamn@domän.namn" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2777 +#: sssd.conf.5.xml:2778 msgid "domain\\username" msgstr "domån\\användarnamn" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2780 +#: sssd.conf.5.xml:2781 msgid "" "While the first two correspond to the general default the third one is " "introduced to allow easy integration of users from Windows domains." @@ -3965,7 +3926,7 @@ msgstr "" "tredje för att tillåta enkel integration av användare från Windows-domäner." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2785 +#: sssd.conf.5.xml:2786 msgid "" "Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " "which translates to \"the name is everything up to the <quote>@</quote> " @@ -3976,7 +3937,7 @@ msgstr "" "quote>, sedan är domänen allting efter det”" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2791 +#: sssd.conf.5.xml:2792 msgid "" "NOTE: Some Active Directory groups, typically those used for MS Exchange " "contain an <quote>@</quote> sign in the name, which clashes with the default " @@ -3986,17 +3947,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2842 +#: sssd.conf.5.xml:2843 msgid "Default: <quote>%1$s@%2$s</quote>." msgstr "Standard: <quote>%1$s@%2$s</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2848 +#: sssd.conf.5.xml:2849 msgid "lookup_family_order (string)" msgstr "lookup_family_order (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2851 +#: sssd.conf.5.xml:2852 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." @@ -4005,42 +3966,42 @@ msgstr "" "uppslagningar." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2855 +#: sssd.conf.5.xml:2856 msgid "Supported values:" msgstr "Värden som stödjs:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2858 +#: sssd.conf.5.xml:2859 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" msgstr "ipv4_first: Försök slå up IPv4-adresser, om det misslyckas, prova IPv6" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2861 +#: sssd.conf.5.xml:2862 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." msgstr "ipv4_only: Försök endast slå upp värdnamn som IPv4-adresser." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2864 +#: sssd.conf.5.xml:2865 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" msgstr "ipv6_first: Försök slå up IPv6-adresser, om det misslyckas, prova IPv4" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2867 +#: sssd.conf.5.xml:2868 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." msgstr "ipv6_only: Försök endast slå upp värdnamn som IPv6-adresser." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2870 +#: sssd.conf.5.xml:2871 msgid "Default: ipv4_first" msgstr "Standard: ipv4_first" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2876 +#: sssd.conf.5.xml:2877 msgid "dns_resolver_timeout (integer)" msgstr "dns_resolver_timeout (heltal)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2879 +#: sssd.conf.5.xml:2880 msgid "" "Defines the amount of time (in seconds) to wait for a reply from the " "internal fail over service before assuming that the service is unreachable. " @@ -4052,7 +4013,7 @@ msgstr "" "nås kommer domänen fortsätta att fungera i frånkopplat läge." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2886 +#: sssd.conf.5.xml:2887 msgid "" "Please see the section <quote>FAILOVER</quote> for more information about " "the service resolution." @@ -4060,18 +4021,18 @@ msgstr "" "Se avsnittet <quote>RESERVER</quote> för mer information om tjänstevalet." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2891 sssd-ldap.5.xml:1337 sssd-ldap.5.xml:1379 -#: sssd-ldap.5.xml:1397 sssd-krb5.5.xml:248 +#: sssd.conf.5.xml:2892 sssd-ldap.5.xml:1375 sssd-ldap.5.xml:1417 +#: sssd-ldap.5.xml:1435 sssd-krb5.5.xml:248 msgid "Default: 6" msgstr "Standard: 6" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2897 +#: sssd.conf.5.xml:2898 msgid "dns_discovery_domain (string)" msgstr "dns_discovery_domain (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2900 +#: sssd.conf.5.xml:2901 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." @@ -4080,52 +4041,52 @@ msgstr "" "fråga om tjänsteupptäckt." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2904 +#: sssd.conf.5.xml:2905 msgid "Default: Use the domain part of machine's hostname" msgstr "Standard: använd domändelen av maskinens värdnamn" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2910 +#: sssd.conf.5.xml:2911 msgid "override_gid (integer)" msgstr "override_gid (heltal)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2913 +#: sssd.conf.5.xml:2914 msgid "Override the primary GID value with the one specified." msgstr "Ersätt det primära GID-värdet med det angivna." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2919 +#: sssd.conf.5.xml:2920 msgid "case_sensitive (string)" msgstr "case_sensitive (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2930 +#: sssd.conf.5.xml:2931 msgid "True" msgstr "True" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2933 +#: sssd.conf.5.xml:2934 msgid "Case sensitive. This value is invalid for AD provider." msgstr "Skiftlägeskänsligt. Detta värde är inte giltigt för AD-leverantörer." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2939 +#: sssd.conf.5.xml:2940 msgid "False" msgstr "False" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2941 +#: sssd.conf.5.xml:2942 msgid "Case insensitive." msgstr "Skiftlägesokänsligt." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2945 +#: sssd.conf.5.xml:2946 msgid "Preserving" msgstr "Preserving" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2948 +#: sssd.conf.5.xml:2949 msgid "" "Same as False (case insensitive), but does not lowercase names in the result " "of NSS operations. Note that name aliases (and in case of services also " @@ -4136,34 +4097,26 @@ msgstr "" "tjänster även protokollnamn) fortfarande skiftas ner i utdata." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2922 -#, fuzzy -#| msgid "" -#| "Treat user and group names as case sensitive. At the moment, this option " -#| "is not supported in the local provider. Possible option values are: " -#| "<placeholder type=\"variablelist\" id=\"0\"/>" +#: sssd.conf.5.xml:2923 msgid "" "Treat user and group names as case sensitive. <phrase condition=" "\"enable_local_provider\"> At the moment, this option is not supported in " "the local provider. </phrase> Possible option values are: <placeholder type=" "\"variablelist\" id=\"0\"/>" msgstr "" -"Behandla användar- och gruppnamn som skiftlägeskänsliga. För tillfället " -"stödjs inte detta alternativ för den lokala leverantören. Möjliga värden på " -"alternativet är: <placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2960 +#: sssd.conf.5.xml:2961 msgid "Default: True (False for AD provider)" msgstr "Standard: True (False för AD-leverantören)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2966 +#: sssd.conf.5.xml:2967 msgid "subdomain_inherit (string)" msgstr "subdomain_inherit (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2969 +#: sssd.conf.5.xml:2970 msgid "" "Specifies a list of configuration parameters that should be inherited by a " "subdomain. Please note that only selected parameters can be inherited. " @@ -4174,27 +4127,27 @@ msgstr "" "följande alternativ ärvas:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2975 +#: sssd.conf.5.xml:2976 msgid "ignore_group_members" msgstr "ignore_group_members" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2978 +#: sssd.conf.5.xml:2979 msgid "ldap_purge_cache_timeout" msgstr "ldap_purge_cache_timeout" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2981 sssd-ldap.5.xml:1061 +#: sssd.conf.5.xml:2982 sssd-ldap.5.xml:1099 msgid "ldap_use_tokengroups" msgstr "ldap_use_tokengroups" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2984 +#: sssd.conf.5.xml:2985 msgid "ldap_user_principal" msgstr "ldap_user_principal" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2987 +#: sssd.conf.5.xml:2988 msgid "" "ldap_krb5_keytab (the value of krb5_keytab will be used if ldap_krb5_keytab " "is not set explicitly)" @@ -4203,7 +4156,7 @@ msgstr "" "ldap_krb5_keytab sätts särskilt)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:2993 +#: sssd.conf.5.xml:2994 #, no-wrap msgid "" "subdomain_inherit = ldap_purge_cache_timeout\n" @@ -4213,33 +4166,33 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2991 sssd-secrets.5.xml:448 +#: sssd.conf.5.xml:2992 sssd-secrets.5.xml:448 msgid "Example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "Exempel: <placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3000 +#: sssd.conf.5.xml:3001 msgid "Note: This option only works with the IPA and AD provider." msgstr "" "Observera: detta alternativ fungerar endast med leverantörerna IPA och AD." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3007 +#: sssd.conf.5.xml:3008 msgid "subdomain_homedir (string)" msgstr "subdomain_homedir (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3018 +#: sssd.conf.5.xml:3019 msgid "%F" msgstr "%F" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3019 +#: sssd.conf.5.xml:3020 msgid "flat (NetBIOS) name of a subdomain." msgstr "platt (NetBIOS) namn på en underdomän." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3010 +#: sssd.conf.5.xml:3011 msgid "" "Use this homedir as default value for all subdomains within this domain in " "IPA AD trust. See <emphasis>override_homedir</emphasis> for info about " @@ -4254,52 +4207,65 @@ msgstr "" "\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3024 +#: sssd.conf.5.xml:3025 msgid "" "The value can be overridden by <emphasis>override_homedir</emphasis> option." msgstr "" "Värdet kan åsidosättas av alternativet <emphasis>override_homedir</emphasis>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3028 +#: sssd.conf.5.xml:3029 msgid "Default: <filename>/home/%d/%u</filename>" msgstr "Standard: <filename>/home/%d/%u</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3033 +#: sssd.conf.5.xml:3034 msgid "realmd_tags (string)" msgstr "realmd_tags (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3036 +#: sssd.conf.5.xml:3037 msgid "" "Various tags stored by the realmd configuration service for this domain." msgstr "" "Diverse taggar lagrade av ralmd-konfigurationstjänsten för denna domän." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3042 +#: sssd.conf.5.xml:3043 msgid "cached_auth_timeout (int)" msgstr "cached_auth_timeout (heltal)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3045 +#: sssd.conf.5.xml:3046 +#, fuzzy +#| msgid "" +#| "Specifies time in seconds since last successful online authentication for " +#| "which user will be authenticated using cached credentials while SSSD is " +#| "in the online mode." msgid "" "Specifies time in seconds since last successful online authentication for " "which user will be authenticated using cached credentials while SSSD is in " -"the online mode." +"the online mode. If the credentials are incorrect, SSSD falls back to online " +"authentication." msgstr "" "Anger tiden i sekunder sedan senaste lyckade uppkopplade autentisering under " "vilka användaren kommer autentiseras med cachade kreditiv medan SSSD är i " "uppkopplad läge." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3051 +#: sssd.conf.5.xml:3054 +msgid "" +"This option's value is inherited by all trusted domains. At the moment it is " +"not possible to set a different value per trusted domain." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3059 msgid "Special value 0 implies that this feature is disabled." msgstr "Specialvärdet 0 betyder att denna funktion är avaktiverad." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3055 +#: sssd.conf.5.xml:3063 msgid "" "Please note that if <quote>cached_auth_timeout</quote> is longer than " "<quote>pam_id_timeout</quote> then the back end could be called to handle " @@ -4310,55 +4276,134 @@ msgstr "" "<quote>initgroups.</quote>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3066 +#: sssd.conf.5.xml:3074 msgid "auto_private_groups (string)" msgstr "auto_private_groups (sträng)" -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3069 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3080 +msgid "true" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3083 +#, fuzzy +#| msgid "" +#| "If this option is enabled, SSSD will automatically create user private " +#| "groups based on user's UID number. The GID number is ignored in this case." msgid "" -"If this option is enabled, SSSD will automatically create user private " -"groups based on user's UID number. The GID number is ignored in this case." +"Create user's private group unconditionally from user's UID number. The GID " +"number is ignored in this case." msgstr "" "Om detta alternativ är aktiverat kommer SSSD automatiskt att skapa privata " "användargrupper baserat på anvindarens UID-nummer. GID-numret ignoreras i " "detta fall." +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3087 +msgid "" +"NOTE: Because the GID number and the user private group are inferred from " +"the UID number, it is not supported to have multiple entries with the same " +"UID or GID number with this option. In other words, enabling this option " +"enforces uniqueness across the ID space." +msgstr "" +"OBSERVERA: Eftersom GID-numret och användarens privata grupp härleds från " +"UID-numret stödjs det inte att ha flera poster med samma UID- eller GID-" +"nummer med detta alternativ. Med andra ord, att aktivera detta alternativ " +"framtvingar unika nummer över hela ID-rymden." + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3096 +#, fuzzy +#| msgid "False" +msgid "false" +msgstr "False" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3099 +msgid "" +"Always use the user's primary GID number. The GID number must refer to a " +"group object in the LDAP database." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3105 +msgid "hybrid" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3108 +msgid "" +"A primary group is autogenerated for user entries whose UID and GID numbers " +"have the same value and at the same time the GID number does not correspond " +"to a real group object in LDAP If the values are the same, but the primary " +"GID in the user entry is also used by a group object, the primary GID of the " +"user resolves to that group object." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3121 +msgid "" +"If the UID and GID of a user are different, then the GID must correspond to " +"a group entry, otherwise the GID is simply not resolvable." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3128 +msgid "" +"This feature is useful for environments that wish to stop maintaining a " +"separate group objects for the user private groups, but also wish to retain " +"the existing user private groups." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3074 +#: sssd.conf.5.xml:3077 +#, fuzzy +#| msgid "" +#| "Options valid for proxy domains. <placeholder type=\"variablelist\" id=" +#| "\"0\"/>" msgid "" -"For POSIX subdomains, setting the option in the main domain is inherited in " -"the subdomain." +"This option takes any of three available values: <placeholder type=" +"\"variablelist\" id=\"0\"/>" msgstr "" -"För POSIX-underdomäner ärvs detta värde till underdomäner om det sätts i " -"huvuddomänen." +"Giltiga alternativ för proxy-domäner. <placeholder type=\"variablelist\" id=" +"\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3078 +#: sssd.conf.5.xml:3140 +msgid "" +"For subdomains, the default value is False for subdomains that use assigned " +"POSIX IDs and True for subdomains that use automatic ID-mapping." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd.conf.5.xml:3148 +#, no-wrap +msgid "" +"[domain/forest.domain/sub.domain]\n" +"auto_private_groups = false\n" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd.conf.5.xml:3154 +#, no-wrap msgid "" -"For ID-mapping subdomains, auto_private_groups is already enabled for the " -"subdomains and setting it to false will not have any effect for the " -"subdomain." +"[domain/forest.domain]\n" +"subdomain_inherit = auto_private_groups\n" +"auto_private_groups = false\n" msgstr "" -"För ID-mappning av underdomäner är auto_private_groups redan aktiverat för " -"underdomänerna och att sätta det till falskt kommer inte ha någon effekt för " -"underdomänen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3083 +#: sssd.conf.5.xml:3145 msgid "" -"NOTE: Because the GID number and the user private group are inferred from " -"the UID number, it is not supported to have multiple entries with the same " -"UID or GID number with this option. In other words, enabling this option " -"enforces uniqueness across the ID space." +"The value of auto_private_groups can either be set per subdomains in a " +"subsection, for example: <placeholder type=\"programlisting\" id=\"0\"/> or " +"globally for all subdomains in the main domain section using the " +"subdomain_inherit option: <placeholder type=\"programlisting\" id=\"1\"/>" msgstr "" -"OBSERVERA: Eftersom GID-numret och användarens privata grupp härleds från " -"UID-numret stödjs det inte att ha flera poster med samma UID- eller GID-" -"nummer med detta alternativ. Med andra ord, att aktivera detta alternativ " -"framtvingar unika nummer över hela ID-rymden." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1884 +#: sssd.conf.5.xml:1885 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called <quote>[domain/<replaceable>NAME</" @@ -4369,17 +4414,17 @@ msgstr "" "replaceable>]</quote> <placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3102 +#: sssd.conf.5.xml:3169 msgid "proxy_pam_target (string)" msgstr "proxy_pam_target (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3105 +#: sssd.conf.5.xml:3172 msgid "The proxy target PAM proxies to." msgstr "Proxymålet PAM är en proxy för." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3108 +#: sssd.conf.5.xml:3175 msgid "" "Default: not set by default, you have to take an existing pam configuration " "or create a new one and add the service name here." @@ -4388,12 +4433,12 @@ msgstr "" "eller skapa en ny och lägga till tjänstenamnet här." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3116 +#: sssd.conf.5.xml:3183 msgid "proxy_lib_name (string)" msgstr "proxy_lib_name (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3119 +#: sssd.conf.5.xml:3186 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " @@ -4404,12 +4449,12 @@ msgstr "" "exempel _nss_files_getpwent." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3129 +#: sssd.conf.5.xml:3196 msgid "proxy_fast_alias (boolean)" msgstr "proxy_fast_alias (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3132 +#: sssd.conf.5.xml:3199 msgid "" "When a user or group is looked up by name in the proxy provider, a second " "lookup by ID is performed to \"canonicalize\" the name in case the requested " @@ -4422,12 +4467,12 @@ msgstr "" "få SSSD att utföra ID-uppslagningen från cachen av prestandaskäl" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3146 +#: sssd.conf.5.xml:3213 msgid "proxy_max_children (integer)" msgstr "proxy_max_children (heltal)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3149 +#: sssd.conf.5.xml:3216 msgid "" "This option specifies the number of pre-forked proxy children. It is useful " "for high-load SSSD environments where sssd may run out of available child " @@ -4439,7 +4484,7 @@ msgstr "" "begäranden skulle köas upp." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3098 +#: sssd.conf.5.xml:3165 msgid "" "Options valid for proxy domains. <placeholder type=\"variablelist\" id=" "\"0\"/>" @@ -4448,12 +4493,12 @@ msgstr "" "\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:3165 +#: sssd.conf.5.xml:3232 msgid "Application domains" msgstr "Programdomäner" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3167 +#: sssd.conf.5.xml:3234 msgid "" "SSSD, with its D-Bus interface (see <citerefentry> <refentrytitle>sssd-ifp</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry>) is appealing to " @@ -4482,7 +4527,7 @@ msgstr "" "traditionell SSSD-domän." #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3187 +#: sssd.conf.5.xml:3254 msgid "" "Please note that the application domain must still be explicitly enabled in " "the <quote>domains</quote> parameter so that the lookup order between the " @@ -4493,17 +4538,17 @@ msgstr "" "programdomänen och dess POSIX-syskondomän sätts korrekt." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:3193 +#: sssd.conf.5.xml:3260 msgid "Application domain parameters" msgstr "Programdomänparametrar" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3195 +#: sssd.conf.5.xml:3262 msgid "inherit_from (string)" msgstr "inherit_from (sträng)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3198 +#: sssd.conf.5.xml:3265 msgid "" "The SSSD POSIX-type domain the application domain inherits all settings " "from. The application domain can moreover add its own settings to the " @@ -4516,7 +4561,7 @@ msgstr "" "quote>domänens inställningar." #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3212 +#: sssd.conf.5.xml:3279 msgid "" "The following example illustrates the use of an application domain. In this " "setup, the POSIX domain is connected to an LDAP server and is used by the OS " @@ -4531,7 +4576,7 @@ msgstr "" "attributet telefon nåbart via D-Bus-gränssnittet." #. type: Content of: <reference><refentry><refsect1><refsect2><programlisting> -#: sssd.conf.5.xml:3220 +#: sssd.conf.5.xml:3287 #, no-wrap msgid "" "[sssd]\n" @@ -4565,12 +4610,12 @@ msgstr "" "ldap_user_extra_attrs = telefon:telephoneNumber\n" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:3238 +#: sssd.conf.5.xml:3305 msgid "The local domain section" msgstr "Den lokala domänsektionen" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3240 +#: sssd.conf.5.xml:3307 msgid "" "This section contains settings for domain that stores users and groups in " "SSSD native database, that is, a domain that uses " @@ -4581,29 +4626,29 @@ msgstr "" "<replaceable>id_provider=local</replaceable>." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3247 +#: sssd.conf.5.xml:3314 msgid "default_shell (string)" msgstr "default_shell (sträng)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3250 +#: sssd.conf.5.xml:3317 msgid "The default shell for users created with SSSD userspace tools." msgstr "" "Standardskalet för användare som skapas med SSSD:s verktyg för " "användarrymden." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3254 +#: sssd.conf.5.xml:3321 msgid "Default: <filename>/bin/bash</filename>" msgstr "Standard: <filename>/bin/bash</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3259 +#: sssd.conf.5.xml:3326 msgid "base_directory (string)" msgstr "base_directory (sträng)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3262 +#: sssd.conf.5.xml:3329 msgid "" "The tools append the login name to <replaceable>base_directory</replaceable> " "and use that as the home directory." @@ -4612,17 +4657,17 @@ msgstr "" "replaceable> och använder det som hemkatalogen." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3267 +#: sssd.conf.5.xml:3334 msgid "Default: <filename>/home</filename>" msgstr "Standard: <filename>/home</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3272 +#: sssd.conf.5.xml:3339 msgid "create_homedir (bool)" msgstr "create_homedir (bool)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3275 +#: sssd.conf.5.xml:3342 msgid "" "Indicate if a home directory should be created by default for new users. " "Can be overridden on command line." @@ -4631,17 +4676,17 @@ msgstr "" "åsidosättas på kommandoraden." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3279 sssd.conf.5.xml:3291 +#: sssd.conf.5.xml:3346 sssd.conf.5.xml:3358 msgid "Default: TRUE" msgstr "Standard: TRUE" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3284 +#: sssd.conf.5.xml:3351 msgid "remove_homedir (bool)" msgstr "remove_homedir (bool)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3287 +#: sssd.conf.5.xml:3354 msgid "" "Indicate if a home directory should be removed by default for deleted " "users. Can be overridden on command line." @@ -4650,12 +4695,12 @@ msgstr "" "användare. Kan åsidosättas på kommandoraden." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3296 +#: sssd.conf.5.xml:3363 msgid "homedir_umask (integer)" msgstr "homedir_umask (heltal)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3299 +#: sssd.conf.5.xml:3366 msgid "" "Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " @@ -4666,17 +4711,17 @@ msgstr "" "på en nyskapad hemkatalog." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3307 +#: sssd.conf.5.xml:3374 msgid "Default: 077" msgstr "Standard: 077" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3312 +#: sssd.conf.5.xml:3379 msgid "skel_dir (string)" msgstr "skel_dir (sträng)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3315 +#: sssd.conf.5.xml:3382 msgid "" "The skeleton directory, which contains files and directories to be copied in " "the user's home directory, when the home directory is created by " @@ -4689,17 +4734,17 @@ msgstr "" "citerefentry>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3325 +#: sssd.conf.5.xml:3392 msgid "Default: <filename>/etc/skel</filename>" msgstr "Standard: <filename>/etc/skel</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3330 +#: sssd.conf.5.xml:3397 msgid "mail_dir (string)" msgstr "mail_dir (sträng)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3333 +#: sssd.conf.5.xml:3400 msgid "" "The mail spool directory. This is needed to manipulate the mailbox when its " "corresponding user account is modified or deleted. If not specified, a " @@ -4710,17 +4755,17 @@ msgstr "" "ett standardvärde." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3340 +#: sssd.conf.5.xml:3407 msgid "Default: <filename>/var/mail</filename>" msgstr "Standard: <filename>/var/mail</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3345 +#: sssd.conf.5.xml:3412 msgid "userdel_cmd (string)" msgstr "userdel_cmd (sträng)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3348 +#: sssd.conf.5.xml:3415 msgid "" "The command that is run after a user is removed. The command us passed the " "username of the user being removed as the first and only parameter. The " @@ -4731,17 +4776,17 @@ msgstr "" "Ingen hänsyn tas till returkoden från kommandot." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3354 +#: sssd.conf.5.xml:3421 msgid "Default: None, no command is run" msgstr "Standard: Inget, inget kommando körs" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3364 +#: sssd.conf.5.xml:3431 msgid "TRUSTED DOMAIN SECTION" msgstr "SEKTIONEN BETRODDA DOMÄNER" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3366 +#: sssd.conf.5.xml:3433 msgid "" "Some options used in the domain section can also be used in the trusted " "domain section, that is, in a section called <quote>[domain/" @@ -4758,52 +4803,59 @@ msgstr "" "alternativ i sektionen för betrodda domäner är:" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3373 +#: sssd.conf.5.xml:3440 msgid "ldap_search_base," msgstr "ldap_search_base," #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3374 +#: sssd.conf.5.xml:3441 msgid "ldap_user_search_base," msgstr "ldap_user_search_base," #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3375 +#: sssd.conf.5.xml:3442 msgid "ldap_group_search_base," msgstr "ldap_group_search_base," #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3376 +#: sssd.conf.5.xml:3443 msgid "ldap_netgroup_search_base," msgstr "ldap_netgroup_search_base," #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3377 +#: sssd.conf.5.xml:3444 msgid "ldap_service_search_base," msgstr "ldap_service_search_base," #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3378 +#: sssd.conf.5.xml:3445 +#, fuzzy +#| msgid "ldap_search_base," +msgid "ldap_sasl_mech," +msgstr "ldap_search_base," + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:3446 msgid "ad_server," msgstr "ad_server," #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3379 +#: sssd.conf.5.xml:3447 msgid "ad_backup_server," msgstr "ad_backup_server," #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3380 +#: sssd.conf.5.xml:3448 msgid "ad_site," msgstr "ad_site," #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3381 sssd-ipa.5.xml:797 +#: sssd.conf.5.xml:3449 sssd-ipa.5.xml:797 msgid "use_fully_qualified_names" msgstr "use_fully_qualified_names" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3383 +#: sssd.conf.5.xml:3451 msgid "" "For more details about these options see their individual description in the " "manual page." @@ -4812,14 +4864,12 @@ msgstr "" "manualsidan." #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3389 -#, fuzzy -#| msgid "TRUSTED DOMAIN SECTION" +#: sssd.conf.5.xml:3457 msgid "CERTIFICATE MAPPING SECTION" -msgstr "SEKTIONEN BETRODDA DOMÄNER" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3391 +#: sssd.conf.5.xml:3459 msgid "" "To allow authentication with Smartcards and certificates SSSD must be able " "to map certificates to users. This can be done by adding the full " @@ -4832,23 +4882,15 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3405 -#, fuzzy -#| msgid "" -#| "<quote>ipa</quote> to load maps stored in an IPA server. See " -#| "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" -#| "manvolnum> </citerefentry> for more information on configuring IPA." +#: sssd.conf.5.xml:3473 msgid "" "To make the mapping more flexible mapping and matching rules were added to " "SSSD (see <citerefentry> <refentrytitle>sss-certmap</refentrytitle> " "<manvolnum>5</manvolnum> </citerefentry> for details)." msgstr "" -"<quote>ipa</quote> för att läsa mappar lagrade i en IPA-server. Se " -"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> för mer information om att konfigurera IPA." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3414 +#: sssd.conf.5.xml:3482 msgid "" "A mapping and matching rule can be added to the SSSD configuration in a " "section on its own with a name like <quote>[certmap/" @@ -4857,61 +4899,55 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3421 -#, fuzzy -#| msgid "user (string)" +#: sssd.conf.5.xml:3489 msgid "matchrule (string)" -msgstr "user (sträng)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3424 +#: sssd.conf.5.xml:3492 msgid "" "Only certificates from the Smartcard which matches this rule will be " "processed, all others are ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3428 +#: sssd.conf.5.xml:3496 msgid "" "Default: KRB5:<EKU>clientAuth, i.e. only certificates which have the " "Extended Key Usage <quote>clientAuth</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3435 -#, fuzzy -#| msgid "user (string)" +#: sssd.conf.5.xml:3503 msgid "maprule (string)" -msgstr "user (sträng)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3438 +#: sssd.conf.5.xml:3506 msgid "Defines how the user is found for a given certificate." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3444 +#: sssd.conf.5.xml:3512 msgid "" "LDAP:(userCertificate;binary={cert!bin}) for LDAP based providers like " "<quote>ldap</quote>, <quote>AD</quote> or <quote>ipa</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3450 +#: sssd.conf.5.xml:3518 msgid "" "The RULE_NAME for the <quote>files</quote> provider which tries to find a " "user with the same name." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3459 -#, fuzzy -#| msgid "domain_type (string)" +#: sssd.conf.5.xml:3527 msgid "domains (string)" -msgstr "domain_type (sträng)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3462 +#: sssd.conf.5.xml:3530 msgid "" "Comma separated list of domain names the rule should be applied. By default " "a rule is only valid in the domain configured in sssd.conf. If the provider " @@ -4920,19 +4956,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3469 +#: sssd.conf.5.xml:3537 msgid "Default: the configured domain in sssd.conf" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3474 -#, fuzzy -#| msgid "pam_verbosity (integer)" +#: sssd.conf.5.xml:3542 msgid "priority (integer)" -msgstr "pam_verbosity (heltal)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3477 +#: sssd.conf.5.xml:3545 msgid "" "Unsigned integer value defining the priority of the rule. The higher the " "number the lower the priority. <quote>0</quote> stands for the highest " @@ -4940,28 +4974,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3483 -#, fuzzy -#| msgid "Default: homeDirectory" +#: sssd.conf.5.xml:3551 msgid "Default: the lowest priority" -msgstr "Standard: homeDirectory" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3489 +#: sssd.conf.5.xml:3557 msgid "" "To make the configuration simple and reduce the amount of configuration " "options the <quote>files</quote> provider has some special properties:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3495 +#: sssd.conf.5.xml:3563 msgid "" "if maprule is not set the RULE_NAME name is assumed to be the name of the " "matching user" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3501 +#: sssd.conf.5.xml:3569 msgid "" "if a maprule is used both a single user name or a template like " "<quote>{subject_rfc822_name.short_name}</quote> must be in braces like e.g. " @@ -4970,17 +5002,140 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3510 +#: sssd.conf.5.xml:3578 msgid "the <quote>domains</quote> option is ignored" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3518 idmap_sss.8.xml:43 +#: sssd.conf.5.xml:3586 +#, fuzzy +#| msgid "CONFIGURATION OPTIONS" +msgid "PROMPTING CONFIGURATION SECTION" +msgstr "KONFIGURATIONSALTERNATIV" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:3588 +msgid "" +"If a special file (<filename>/var/lib/sss/pubconf/pam_preauth_available</" +"filename>) exists SSSD's PAM module pam_sss will ask SSSD to figure out " +"which authentication methods are available for the user trying to log in. " +"Based on the results pam_sss will prompt the user for appropriate " +"credentials." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:3596 +msgid "" +"With the growing number of authentication methods and the possibility that " +"there are multiple ones for a single user the heuristic used by pam_sss to " +"select the prompting might not be suitable for all use cases. To following " +"options should provide a better flexibility here." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3608 +msgid "[prompting/password]" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3611 +#, fuzzy +#| msgid "password" +msgid "password_prompt" +msgstr "password" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3612 +msgid "to change the string of the password prompt" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3610 +#, fuzzy +#| msgid "" +#| "Options valid for proxy domains. <placeholder type=\"variablelist\" id=" +#| "\"0\"/>" +msgid "" +"to configure password prompting, allowed options are: <placeholder type=" +"\"variablelist\" id=\"0\"/>" +msgstr "" +"Giltiga alternativ för proxy-domäner. <placeholder type=\"variablelist\" id=" +"\"0\"/>" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3620 +msgid "[prompting/2fa]" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3624 +msgid "first_prompt" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3625 +msgid "to change the string of the prompt for the first factor" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3628 +msgid "second_prompt" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3629 +msgid "to change the string of the prompt for the second factor" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3632 +msgid "single_prompt" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3633 +msgid "" +"boolean value, if True there will be only a single prompt using the value of " +"first_prompt where it is expected that both factor are entered as a single " +"string" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3622 +#, fuzzy +#| msgid "" +#| "Options valid for proxy domains. <placeholder type=\"variablelist\" id=" +#| "\"0\"/>" +msgid "" +"to configure two-factor authentication prompting, allowed options are: " +"<placeholder type=\"variablelist\" id=\"0\"/>" +msgstr "" +"Giltiga alternativ för proxy-domäner. <placeholder type=\"variablelist\" id=" +"\"0\"/>" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:3603 +msgid "" +"Each supported authentication method has it's own configuration sub-section " +"under <quote>[prompting/...]</quote>. Currently there are: <placeholder type=" +"\"variablelist\" id=\"0\"/> <placeholder type=\"variablelist\" id=\"1\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:3645 +msgid "" +"It is possible to add a sub-section for specific PAM services like e.g. " +"<quote>[prompting/password/sshd]</quote> to individual change the prompting " +"for this service." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sssd.conf.5.xml:3652 idmap_sss.8.xml:43 msgid "EXAMPLES" msgstr "EXEMPEL" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3524 +#: sssd.conf.5.xml:3658 #, no-wrap msgid "" "[sssd]\n" @@ -5034,7 +5189,7 @@ msgstr "" "enumerate = False\n" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3520 +#: sssd.conf.5.xml:3654 msgid "" "1. The following example shows a typical SSSD config. It does not describe " "configuration of the domains themselves - refer to documentation on " @@ -5046,7 +5201,7 @@ msgstr "" "domäner för fler detaljer. <placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3557 +#: sssd.conf.5.xml:3691 #, no-wrap msgid "" "[domain/ipa.com/child.ad.com]\n" @@ -5056,7 +5211,7 @@ msgstr "" "use_fully_qualified_names = false\n" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3551 +#: sssd.conf.5.xml:3685 msgid "" "2. The following example shows configuration of IPA AD trust where the AD " "forest consists of two domains in a parent-child structure. Suppose IPA " @@ -5072,7 +5227,7 @@ msgstr "" "\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3571 +#: sssd.conf.5.xml:3705 #, no-wrap msgid "" "[certmap/my.domain/rule_name]\n" @@ -5086,7 +5241,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3562 +#: sssd.conf.5.xml:3696 msgid "" "3. The following example shows the configuration for two certificate mapping " "rules. The first is valid for the configured domain <quote>my.domain</quote> " @@ -5265,7 +5420,7 @@ msgstr "" "ietf.org/rfc/rfc2254.txt" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:662 sssd-ad.5.xml:286 +#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:700 sssd-ad.5.xml:286 #: sss_override.8.xml:137 sss_override.8.xml:234 msgid "Examples:" msgstr "Exempel:" @@ -5382,51 +5537,96 @@ msgstr "Standard: rfc2307" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:209 +#, fuzzy +#| msgid "ldap_user_modify_timestamp (string)" +msgid "ldap_pwmodify_mode (string)" +msgstr "ldap_user_modify_timestamp (sträng)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:212 +msgid "Specify the operation that is used to modify user password." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:216 +#, fuzzy +#| msgid "Four schema types are currently supported:" +msgid "Two modes are currently supported:" +msgstr "Fyra schematyper stödjs för närvarande:" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ldap.5.xml:220 +msgid "exop - Password Modify Extended Operation (RFC 3062)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ldap.5.xml:226 +msgid "ldap_modify - Direct modification of userPassword (not recommended)." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:233 +msgid "" +"Note: First, a new connection is established to verify current password by " +"binding as the user that requested password change. If successful, this " +"connection is used to change the password therefore the user must have write " +"access to userPassword attribute." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:241 +#, fuzzy +#| msgid "Default: gecos" +msgid "Default: exop" +msgstr "Standard: gecos" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:247 msgid "ldap_default_bind_dn (string)" msgstr "ldap_default_bind_dn (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:212 +#: sssd-ldap.5.xml:250 msgid "The default bind DN to use for performing LDAP operations." msgstr "Standard bindning-DN att använda för att utföra LDAP-operationer." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:219 +#: sssd-ldap.5.xml:257 msgid "ldap_default_authtok_type (string)" msgstr "ldap_default_authtok_type (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:222 +#: sssd-ldap.5.xml:260 msgid "The type of the authentication token of the default bind DN." msgstr "Typen på autentiseringstecknet hos standardbindnings-DN." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:226 +#: sssd-ldap.5.xml:264 msgid "The two mechanisms currently supported are:" msgstr "De två mekanismerna som stödjs för närvarande är:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:229 +#: sssd-ldap.5.xml:267 msgid "password" msgstr "password" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:232 +#: sssd-ldap.5.xml:270 msgid "obfuscated_password" msgstr "obfuscated_password" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:235 +#: sssd-ldap.5.xml:273 msgid "Default: password" msgstr "Standard: password" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:241 +#: sssd-ldap.5.xml:279 msgid "ldap_default_authtok (string)" msgstr "ldap_default_authtok (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:244 +#: sssd-ldap.5.xml:282 msgid "" "The authentication token of the default bind DN. Only clear text passwords " "are currently supported." @@ -5435,72 +5635,72 @@ msgstr "" "stödjs för närvarande." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:251 +#: sssd-ldap.5.xml:289 msgid "ldap_user_object_class (string)" msgstr "ldap_user_object_class (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:254 +#: sssd-ldap.5.xml:292 msgid "The object class of a user entry in LDAP." msgstr "Objektklassen hos en användarpost i LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:257 +#: sssd-ldap.5.xml:295 msgid "Default: posixAccount" msgstr "Standard: posixAccount" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:263 +#: sssd-ldap.5.xml:301 msgid "ldap_user_name (string)" msgstr "ldap_user_name (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:266 +#: sssd-ldap.5.xml:304 msgid "The LDAP attribute that corresponds to the user's login name." msgstr "LDAP-attributet som motsvarar användarens inloggningsnamn." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:270 +#: sssd-ldap.5.xml:308 msgid "Default: uid (rfc2307, rfc2307bis and IPA), sAMAccountName (AD)" msgstr "Standard: uid (rfc2307, rfc2307bis och IPA), sAMAccountName (AD)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:277 +#: sssd-ldap.5.xml:315 msgid "ldap_user_uid_number (string)" msgstr "ldap_user_uid_number (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:280 +#: sssd-ldap.5.xml:318 msgid "The LDAP attribute that corresponds to the user's id." msgstr "LDAP-attributet som motsvarar användarens id." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:284 +#: sssd-ldap.5.xml:322 msgid "Default: uidNumber" msgstr "Standard: uidNumber" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:290 +#: sssd-ldap.5.xml:328 msgid "ldap_user_gid_number (string)" msgstr "ldap_user_gid_number (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:293 +#: sssd-ldap.5.xml:331 msgid "The LDAP attribute that corresponds to the user's primary group id." msgstr "LDAP-attributet som motsvarar användarens primära grupp-id." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:297 sssd-ldap.5.xml:929 +#: sssd-ldap.5.xml:335 sssd-ldap.5.xml:967 msgid "Default: gidNumber" msgstr "Standard: gidNumber" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:303 +#: sssd-ldap.5.xml:341 msgid "ldap_user_primary_group (string)" msgstr "ldap_user_primary_group (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:306 +#: sssd-ldap.5.xml:344 msgid "" "Active Directory primary group attribute for ID-mapping. Note that this " "attribute should only be set manually if you are running the <quote>ldap</" @@ -5511,67 +5711,67 @@ msgstr "" "leverantören med ID-mappning." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:312 +#: sssd-ldap.5.xml:350 msgid "Default: unset (LDAP), primaryGroupID (AD)" msgstr "Standard: ej satt (LDAP), primaryGroupID (AD)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:318 +#: sssd-ldap.5.xml:356 msgid "ldap_user_gecos (string)" msgstr "ldap_user_gecos (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:321 +#: sssd-ldap.5.xml:359 msgid "The LDAP attribute that corresponds to the user's gecos field." msgstr "LDAP-attributet som motsvarar användarens gecos-fält." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:325 +#: sssd-ldap.5.xml:363 msgid "Default: gecos" msgstr "Standard: gecos" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:331 +#: sssd-ldap.5.xml:369 msgid "ldap_user_home_directory (string)" msgstr "ldap_user_home_directory (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:334 +#: sssd-ldap.5.xml:372 msgid "The LDAP attribute that contains the name of the user's home directory." msgstr "LDAP-attributet som innehåller namnet på användarens hemkatalog." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:338 +#: sssd-ldap.5.xml:376 msgid "Default: homeDirectory" msgstr "Standard: homeDirectory" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:344 +#: sssd-ldap.5.xml:382 msgid "ldap_user_shell (string)" msgstr "ldap_user_shell (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:347 +#: sssd-ldap.5.xml:385 msgid "The LDAP attribute that contains the path to the user's default shell." msgstr "LDAP-attributet som innehåller sökvägen till användarens standardskal." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:351 +#: sssd-ldap.5.xml:389 msgid "Default: loginShell" msgstr "Standard: loginShell" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:357 +#: sssd-ldap.5.xml:395 msgid "ldap_user_uuid (string)" msgstr "ldap_user_uuid (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:360 +#: sssd-ldap.5.xml:398 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object." msgstr "LDAP-attributet som innehåller UUID/GUID för ett LDAP-användarobjekt." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:364 sssd-ldap.5.xml:955 +#: sssd-ldap.5.xml:402 sssd-ldap.5.xml:993 msgid "" "Default: not set in the general case, objectGUID for AD and ipaUniqueID for " "IPA" @@ -5580,12 +5780,12 @@ msgstr "" "för IPA" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:371 +#: sssd-ldap.5.xml:409 msgid "ldap_user_objectsid (string)" msgstr "ldap_user_objectsid (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:374 +#: sssd-ldap.5.xml:412 msgid "" "The LDAP attribute that contains the objectSID of an LDAP user object. This " "is usually only necessary for ActiveDirectory servers." @@ -5594,17 +5794,17 @@ msgstr "" "är normalt bara nödvändigt för Active Directory-servrar." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:379 sssd-ldap.5.xml:970 +#: sssd-ldap.5.xml:417 sssd-ldap.5.xml:1008 msgid "Default: objectSid for ActiveDirectory, not set for other servers." msgstr "Standard: objectSid för Active Directory, inte satt för andra servrar." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:386 +#: sssd-ldap.5.xml:424 msgid "ldap_user_modify_timestamp (string)" msgstr "ldap_user_modify_timestamp (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:389 sssd-ldap.5.xml:980 sssd-ldap.5.xml:1144 +#: sssd-ldap.5.xml:427 sssd-ldap.5.xml:1018 sssd-ldap.5.xml:1182 msgid "" "The LDAP attribute that contains timestamp of the last modification of the " "parent object." @@ -5613,17 +5813,17 @@ msgstr "" "föräldraobjektet." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:393 sssd-ldap.5.xml:984 sssd-ldap.5.xml:1151 +#: sssd-ldap.5.xml:431 sssd-ldap.5.xml:1022 sssd-ldap.5.xml:1189 msgid "Default: modifyTimestamp" msgstr "Standard: modifyTimestamp" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:399 +#: sssd-ldap.5.xml:437 msgid "ldap_user_shadow_last_change (string)" msgstr "ldap_user_shadow_last_change (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:402 +#: sssd-ldap.5.xml:440 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -5636,17 +5836,17 @@ msgstr "" "citerefentry> (tidpunkt för senaste lösenordsändring)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:412 +#: sssd-ldap.5.xml:450 msgid "Default: shadowLastChange" msgstr "Standard: shadowLastChange" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:418 +#: sssd-ldap.5.xml:456 msgid "ldap_user_shadow_min (string)" msgstr "ldap_user_shadow_min (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:421 +#: sssd-ldap.5.xml:459 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -5659,17 +5859,17 @@ msgstr "" "citerefentry> (minsta lösenordsålder)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:430 +#: sssd-ldap.5.xml:468 msgid "Default: shadowMin" msgstr "Standard: shadowMin" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:436 +#: sssd-ldap.5.xml:474 msgid "ldap_user_shadow_max (string)" msgstr "ldap_user_shadow_max (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:439 +#: sssd-ldap.5.xml:477 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -5682,17 +5882,17 @@ msgstr "" "citerefentry> (största lösenordsålder)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:448 +#: sssd-ldap.5.xml:486 msgid "Default: shadowMax" msgstr "Standard: shadowMax" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:454 +#: sssd-ldap.5.xml:492 msgid "ldap_user_shadow_warning (string)" msgstr "ldap_user_shadow_warning (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:457 +#: sssd-ldap.5.xml:495 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -5705,17 +5905,17 @@ msgstr "" "citerefentry> (varningsperiod för lösenord)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:467 +#: sssd-ldap.5.xml:505 msgid "Default: shadowWarning" msgstr "Standard: shadowWarning" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:473 +#: sssd-ldap.5.xml:511 msgid "ldap_user_shadow_inactive (string)" msgstr "ldap_user_shadow_inactive (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:476 +#: sssd-ldap.5.xml:514 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -5728,17 +5928,17 @@ msgstr "" "citerefentry> (inaktivitetsperiod för lösenord)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:486 +#: sssd-ldap.5.xml:524 msgid "Default: shadowInactive" msgstr "Standard: shadowInactive" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:492 +#: sssd-ldap.5.xml:530 msgid "ldap_user_shadow_expire (string)" msgstr "ldap_user_shadow_expire (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:495 +#: sssd-ldap.5.xml:533 msgid "" "When using ldap_pwd_policy=shadow or ldap_account_expire_policy=shadow, this " "parameter contains the name of an LDAP attribute corresponding to its " @@ -5751,17 +5951,17 @@ msgstr "" "citerefentry> (tid då kontot går ut)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:505 +#: sssd-ldap.5.xml:543 msgid "Default: shadowExpire" msgstr "Standard: shadowExpire" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:511 +#: sssd-ldap.5.xml:549 msgid "ldap_user_krb_last_pwd_change (string)" msgstr "ldap_user_krb_last_pwd_change (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:514 +#: sssd-ldap.5.xml:552 msgid "" "When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " "an LDAP attribute storing the date and time of last password change in " @@ -5772,17 +5972,17 @@ msgstr "" "kerberos." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:520 +#: sssd-ldap.5.xml:558 msgid "Default: krbLastPwdChange" msgstr "Standard: krbLastPwdChange" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:526 +#: sssd-ldap.5.xml:564 msgid "ldap_user_krb_password_expiration (string)" msgstr "ldap_user_krb_password_expiration (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:529 +#: sssd-ldap.5.xml:567 msgid "" "When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " "an LDAP attribute storing the date and time when current password expires." @@ -5792,17 +5992,17 @@ msgstr "" "ut." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:535 +#: sssd-ldap.5.xml:573 msgid "Default: krbPasswordExpiration" msgstr "Standard: krbPasswordExpiration" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:541 +#: sssd-ldap.5.xml:579 msgid "ldap_user_ad_account_expires (string)" msgstr "ldap_user_ad_account_expires (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:544 +#: sssd-ldap.5.xml:582 msgid "" "When using ldap_account_expire_policy=ad, this parameter contains the name " "of an LDAP attribute storing the expiration time of the account." @@ -5811,17 +6011,17 @@ msgstr "" "på ett LDAP-attribut som lagrar tidpunkten när kontot går ut." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:549 +#: sssd-ldap.5.xml:587 msgid "Default: accountExpires" msgstr "Standard: accountExpires" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:555 +#: sssd-ldap.5.xml:593 msgid "ldap_user_ad_user_account_control (string)" msgstr "ldap_user_ad_user_account_control (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:558 +#: sssd-ldap.5.xml:596 msgid "" "When using ldap_account_expire_policy=ad, this parameter contains the name " "of an LDAP attribute storing the user account control bit field." @@ -5830,17 +6030,17 @@ msgstr "" "på ett LDAP-attribut som lagrar användarkontots styrbitfält." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:563 +#: sssd-ldap.5.xml:601 msgid "Default: userAccountControl" msgstr "Standard: userAccountControl" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:569 +#: sssd-ldap.5.xml:607 msgid "ldap_ns_account_lock (string)" msgstr "ldap_ns_account_lock (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:572 +#: sssd-ldap.5.xml:610 msgid "" "When using ldap_account_expire_policy=rhds or equivalent, this parameter " "determines if access is allowed or not." @@ -5849,17 +6049,17 @@ msgstr "" "parameter om åtkomst skall tillåtas eller inte." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:577 +#: sssd-ldap.5.xml:615 msgid "Default: nsAccountLock" msgstr "Standard: nsAccountLock" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:583 +#: sssd-ldap.5.xml:621 msgid "ldap_user_nds_login_disabled (string)" msgstr "ldap_user_nds_login_disabled (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:586 +#: sssd-ldap.5.xml:624 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines if " "access is allowed or not." @@ -5868,17 +6068,17 @@ msgstr "" "skall tillåtas eller inte." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:590 sssd-ldap.5.xml:604 +#: sssd-ldap.5.xml:628 sssd-ldap.5.xml:642 msgid "Default: loginDisabled" msgstr "Standard: loginDisabled" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:596 +#: sssd-ldap.5.xml:634 msgid "ldap_user_nds_login_expiration_time (string)" msgstr "ldap_user_nds_login_expiration_time (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:599 +#: sssd-ldap.5.xml:637 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines until " "which date access is granted." @@ -5887,12 +6087,12 @@ msgstr "" "datum åtkomst tillåts." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:610 +#: sssd-ldap.5.xml:648 msgid "ldap_user_nds_login_allowed_time_map (string)" msgstr "ldap_user_nds_login_allowed_time_map (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:613 +#: sssd-ldap.5.xml:651 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines the " "hours of a day in a week when access is granted." @@ -5901,17 +6101,17 @@ msgstr "" "på dagen i en vecka åtkomst tillåts." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:618 +#: sssd-ldap.5.xml:656 msgid "Default: loginAllowedTimeMap" msgstr "Standard: loginAllowedTimeMap" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:624 +#: sssd-ldap.5.xml:662 msgid "ldap_user_principal (string)" msgstr "ldap_user_principal (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:627 +#: sssd-ldap.5.xml:665 msgid "" "The LDAP attribute that contains the user's Kerberos User Principal Name " "(UPN)." @@ -5920,17 +6120,17 @@ msgstr "" "(UPN)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:631 +#: sssd-ldap.5.xml:669 msgid "Default: krbPrincipalName" msgstr "Standard: krbPrincipalName" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:637 +#: sssd-ldap.5.xml:675 msgid "ldap_user_extra_attrs (string)" msgstr "ldap_user_extra_attrs (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:640 +#: sssd-ldap.5.xml:678 msgid "" "Comma-separated list of LDAP attributes that SSSD would fetch along with the " "usual set of user attributes." @@ -5939,7 +6139,7 @@ msgstr "" "den vanliga uppsättningen av användarattribut." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:645 +#: sssd-ldap.5.xml:683 msgid "" "The list can either contain LDAP attribute names only, or colon-separated " "tuples of SSSD cache attribute name and LDAP attribute name. In case only " @@ -5954,7 +6154,7 @@ msgstr "" "konfigurerar flera SSSD-domäner med olika LDAP-scheman." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:655 +#: sssd-ldap.5.xml:693 msgid "" "Please note that several attribute names are reserved by SSSD, notably the " "<quote>name</quote> attribute. SSSD would report an error if any of the " @@ -5965,12 +6165,12 @@ msgstr "" "reserverade attributnamnen används som ett extra attributnamn." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:665 +#: sssd-ldap.5.xml:703 msgid "ldap_user_extra_attrs = telephoneNumber" msgstr "ldap_user_extra_attrs = telephoneNumber" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:668 +#: sssd-ldap.5.xml:706 msgid "" "Save the <quote>telephoneNumber</quote> attribute from LDAP as " "<quote>telephoneNumber</quote> to the cache." @@ -5979,12 +6179,12 @@ msgstr "" "<quote>telephoneNumber</quote> i cachen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:672 +#: sssd-ldap.5.xml:710 msgid "ldap_user_extra_attrs = phone:telephoneNumber" msgstr "ldap_user_extra_attrs = phone:telephoneNumber" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:675 +#: sssd-ldap.5.xml:713 msgid "" "Save the <quote>telephoneNumber</quote> attribute from LDAP as <quote>phone</" "quote> to the cache." @@ -5993,27 +6193,27 @@ msgstr "" "quote> i cachen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:685 +#: sssd-ldap.5.xml:723 msgid "ldap_user_ssh_public_key (string)" msgstr "ldap_user_ssh_public_key (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:688 +#: sssd-ldap.5.xml:726 msgid "The LDAP attribute that contains the user's SSH public keys." msgstr "LDAP-attributet som innehåller användarens publika SSH-nycklar." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:692 sssd-ldap.5.xml:1247 +#: sssd-ldap.5.xml:730 sssd-ldap.5.xml:1285 msgid "Default: sshPublicKey" msgstr "Standard: sshPublicKey" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:698 +#: sssd-ldap.5.xml:736 msgid "ldap_force_upper_case_realm (boolean)" msgstr "ldap_force_upper_case_realm (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:701 +#: sssd-ldap.5.xml:739 msgid "" "Some directory servers, for example Active Directory, might deliver the " "realm part of the UPN in lower case, which might cause the authentication to " @@ -6026,12 +6226,12 @@ msgstr "" "rike i versaler." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:714 +#: sssd-ldap.5.xml:752 msgid "ldap_enumeration_refresh_timeout (integer)" msgstr "ldap_enumeration_refresh_timeout (heltal)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:717 +#: sssd-ldap.5.xml:755 msgid "" "Specifies how many seconds SSSD has to wait before refreshing its cache of " "enumerated records." @@ -6040,12 +6240,12 @@ msgstr "" "uppräknade poster." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:728 +#: sssd-ldap.5.xml:766 msgid "ldap_purge_cache_timeout (integer)" msgstr "ldap_purge_cache_timeout (heltal)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:731 +#: sssd-ldap.5.xml:769 msgid "" "Determine how often to check the cache for inactive entries (such as groups " "with no members and users who have never logged in) and remove them to save " @@ -6056,7 +6256,7 @@ msgstr "" "att spara utrymme." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:737 +#: sssd-ldap.5.xml:775 msgid "" "Setting this option to zero will disable the cache cleanup operation. Please " "note that if enumeration is enabled, the cleanup task is required in order " @@ -6069,43 +6269,43 @@ msgstr "" "Som standard kör rensningsjobbet var 3:e timma när uppräkning är aktiverat." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:752 +#: sssd-ldap.5.xml:790 msgid "ldap_user_fullname (string)" msgstr "ldap_user_fullname (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:755 +#: sssd-ldap.5.xml:793 msgid "The LDAP attribute that corresponds to the user's full name." msgstr "LDAP-attributet som motsvarar användarens fullständiga namn." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:759 sssd-ldap.5.xml:1102 sssd-ldap.5.xml:1176 -#: sssd-ldap.5.xml:1285 sssd-ldap.5.xml:2346 sssd-ipa.5.xml:622 +#: sssd-ldap.5.xml:797 sssd-ldap.5.xml:1140 sssd-ldap.5.xml:1214 +#: sssd-ldap.5.xml:1323 sssd-ldap.5.xml:2404 sssd-ipa.5.xml:622 msgid "Default: cn" msgstr "Standard: cn" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:765 +#: sssd-ldap.5.xml:803 msgid "ldap_user_member_of (string)" msgstr "ldap_user_member_of (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:768 +#: sssd-ldap.5.xml:806 msgid "The LDAP attribute that lists the user's group memberships." msgstr "LDAP-attributet som räknar upp användarens gruppmedlemskap." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:772 sssd-ldap.5.xml:1215 +#: sssd-ldap.5.xml:810 sssd-ldap.5.xml:1253 msgid "Default: memberOf" msgstr "Standard: memberOf" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:778 +#: sssd-ldap.5.xml:816 msgid "ldap_user_authorized_service (string)" msgstr "ldap_user_authorized_service (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:781 +#: sssd-ldap.5.xml:819 msgid "" "If access_provider=ldap and ldap_access_order=authorized_service, SSSD will " "use the presence of the authorizedService attribute in the user's LDAP entry " @@ -6116,7 +6316,7 @@ msgstr "" "för att avgöra åtkomstpriviligier." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:788 +#: sssd-ldap.5.xml:826 msgid "" "An explicit deny (!svc) is resolved first. Second, SSSD searches for " "explicit allow (svc) and finally for allow_all (*)." @@ -6125,7 +6325,7 @@ msgstr "" "explicit tillåtelse (svc) och slutligen efter allow_all (*)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:793 +#: sssd-ldap.5.xml:831 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>authorized_service</quote> in order for the " @@ -6136,17 +6336,17 @@ msgstr "" "ldap_user_authorized_service skall fungera." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:800 +#: sssd-ldap.5.xml:838 msgid "Default: authorizedService" msgstr "Standard: authorizedService" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:806 +#: sssd-ldap.5.xml:844 msgid "ldap_user_authorized_host (string)" msgstr "ldap_user_authorized_host (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:809 +#: sssd-ldap.5.xml:847 msgid "" "If access_provider=ldap and ldap_access_order=host, SSSD will use the " "presence of the host attribute in the user's LDAP entry to determine access " @@ -6157,7 +6357,7 @@ msgstr "" "åtkomstpriviligier." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:815 +#: sssd-ldap.5.xml:853 msgid "" "An explicit deny (!host) is resolved first. Second, SSSD searches for " "explicit allow (host) and finally for allow_all (*)." @@ -6166,7 +6366,7 @@ msgstr "" "explicit tillåtelse (host) och slutligen efter allow_all (*)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:820 +#: sssd-ldap.5.xml:858 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>host</quote> in order for the " @@ -6177,17 +6377,17 @@ msgstr "" "ldap_user_authorized_host skall fungera." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:827 +#: sssd-ldap.5.xml:865 msgid "Default: host" msgstr "Standard: host" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:833 +#: sssd-ldap.5.xml:871 msgid "ldap_user_authorized_rhost (string)" msgstr "ldap_user_authorized_rhost (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:836 +#: sssd-ldap.5.xml:874 msgid "" "If access_provider=ldap and ldap_access_order=rhost, SSSD will use the " "presence of the rhost attribute in the user's LDAP entry to determine access " @@ -6198,7 +6398,7 @@ msgstr "" "åtkomstpriviligier." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:843 +#: sssd-ldap.5.xml:881 msgid "" "An explicit deny (!rhost) is resolved first. Second, SSSD searches for " "explicit allow (rhost) and finally for allow_all (*)." @@ -6207,7 +6407,7 @@ msgstr "" "explicit tillåtelse (rhost) och slutligen efter allow_all (*)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:848 +#: sssd-ldap.5.xml:886 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>rhost</quote> in order for the " @@ -6218,37 +6418,37 @@ msgstr "" "ldap_user_authorized_rhost skall fungera." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:855 +#: sssd-ldap.5.xml:893 msgid "Default: rhost" msgstr "Standard: rhost" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:861 +#: sssd-ldap.5.xml:899 msgid "ldap_user_certificate (string)" msgstr "ldap_user_certificate (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:864 +#: sssd-ldap.5.xml:902 msgid "Name of the LDAP attribute containing the X509 certificate of the user." msgstr "Namnet på LDAP-attributet som innehåller användarens X509-certifikat." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:868 +#: sssd-ldap.5.xml:906 msgid "Default: userCertificate;binary" msgstr "Standard: userCertificate;binary" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:874 +#: sssd-ldap.5.xml:912 msgid "ldap_user_email (string)" msgstr "ldap_user_email (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:877 +#: sssd-ldap.5.xml:915 msgid "Name of the LDAP attribute containing the email address of the user." msgstr "Namnet på LDAP-attributet som innehåller användarens e-postadress." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:881 +#: sssd-ldap.5.xml:919 msgid "" "Note: If an email address of a user conflicts with an email address or fully " "qualified name of another user, then SSSD will not be able to serve those " @@ -6264,106 +6464,106 @@ msgstr "" "via e-post." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:890 +#: sssd-ldap.5.xml:928 msgid "Default: mail" msgstr "Standard: mail" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:896 +#: sssd-ldap.5.xml:934 msgid "ldap_group_object_class (string)" msgstr "ldap_group_object_class (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:899 +#: sssd-ldap.5.xml:937 msgid "The object class of a group entry in LDAP." msgstr "Objektklassen hos en gruppost i LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:902 +#: sssd-ldap.5.xml:940 msgid "Default: posixGroup" msgstr "Standard: posixGroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:908 +#: sssd-ldap.5.xml:946 msgid "ldap_group_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:911 +#: sssd-ldap.5.xml:949 msgid "The LDAP attribute that corresponds to the group name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:915 +#: sssd-ldap.5.xml:953 msgid "Default: cn (rfc2307, rfc2307bis and IPA), sAMAccountName (AD)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:922 +#: sssd-ldap.5.xml:960 msgid "ldap_group_gid_number (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:925 +#: sssd-ldap.5.xml:963 msgid "The LDAP attribute that corresponds to the group's id." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:935 +#: sssd-ldap.5.xml:973 msgid "ldap_group_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:938 +#: sssd-ldap.5.xml:976 msgid "The LDAP attribute that contains the names of the group's members." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:942 +#: sssd-ldap.5.xml:980 msgid "Default: memberuid (rfc2307) / member (rfc2307bis)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:948 +#: sssd-ldap.5.xml:986 msgid "ldap_group_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:951 +#: sssd-ldap.5.xml:989 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:962 +#: sssd-ldap.5.xml:1000 msgid "ldap_group_objectsid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:965 +#: sssd-ldap.5.xml:1003 msgid "" "The LDAP attribute that contains the objectSID of an LDAP group object. This " "is usually only necessary for ActiveDirectory servers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:977 +#: sssd-ldap.5.xml:1015 msgid "ldap_group_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:990 +#: sssd-ldap.5.xml:1028 msgid "ldap_group_type (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:993 +#: sssd-ldap.5.xml:1031 msgid "" "The LDAP attribute that contains an integer value indicating the type of the " "group and maybe other flags." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:998 +#: sssd-ldap.5.xml:1036 msgid "" "This attribute is currently only used by the AD provider to determine if a " "group is a domain local groups and has to be filtered out for trusted " @@ -6371,34 +6571,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1004 +#: sssd-ldap.5.xml:1042 msgid "Default: groupType in the AD provider, otherwise not set" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1011 +#: sssd-ldap.5.xml:1049 msgid "ldap_group_external_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1014 +#: sssd-ldap.5.xml:1052 msgid "" "The LDAP attribute that references group members that are defined in an " "external domain. At the moment, only IPA's external members are supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1020 +#: sssd-ldap.5.xml:1058 msgid "Default: ipaExternalMember in the IPA provider, otherwise unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1027 +#: sssd-ldap.5.xml:1065 msgid "ldap_group_nesting_level (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1030 +#: sssd-ldap.5.xml:1068 msgid "" "If ldap_schema is set to a schema format that supports nested groups (e.g. " "RFC2307bis), then this option controls how many levels of nesting SSSD will " @@ -6406,7 +6606,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1037 +#: sssd-ldap.5.xml:1075 msgid "" "Note: This option specifies the guaranteed level of nested groups to be " "processed for any lookup. However, nested groups beyond this limit " @@ -6416,7 +6616,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1046 +#: sssd-ldap.5.xml:1084 msgid "" "If ldap_group_nesting_level is set to 0 then no nested groups are processed " "at all. However, when connected to Active-Directory Server 2008 and later " @@ -6426,177 +6626,177 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1055 +#: sssd-ldap.5.xml:1093 msgid "Default: 2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1064 +#: sssd-ldap.5.xml:1102 msgid "" "This options enables or disables use of Token-Groups attribute when " "performing initgroup for users from Active Directory Server 2008 and later." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1069 +#: sssd-ldap.5.xml:1107 msgid "Default: True for AD and IPA otherwise False." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1075 +#: sssd-ldap.5.xml:1113 msgid "ldap_netgroup_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1078 +#: sssd-ldap.5.xml:1116 msgid "The object class of a netgroup entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1081 +#: sssd-ldap.5.xml:1119 msgid "In IPA provider, ipa_netgroup_object_class should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1085 +#: sssd-ldap.5.xml:1123 msgid "Default: nisNetgroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1091 +#: sssd-ldap.5.xml:1129 msgid "ldap_netgroup_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1094 +#: sssd-ldap.5.xml:1132 msgid "The LDAP attribute that corresponds to the netgroup name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1098 +#: sssd-ldap.5.xml:1136 msgid "In IPA provider, ipa_netgroup_name should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1108 +#: sssd-ldap.5.xml:1146 msgid "ldap_netgroup_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1111 +#: sssd-ldap.5.xml:1149 msgid "The LDAP attribute that contains the names of the netgroup's members." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1115 +#: sssd-ldap.5.xml:1153 msgid "In IPA provider, ipa_netgroup_member should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1119 +#: sssd-ldap.5.xml:1157 msgid "Default: memberNisNetgroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1125 +#: sssd-ldap.5.xml:1163 msgid "ldap_netgroup_triple (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1128 +#: sssd-ldap.5.xml:1166 msgid "" "The LDAP attribute that contains the (host, user, domain) netgroup triples." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1132 sssd-ldap.5.xml:1148 +#: sssd-ldap.5.xml:1170 sssd-ldap.5.xml:1186 msgid "This option is not available in IPA provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1135 +#: sssd-ldap.5.xml:1173 msgid "Default: nisNetgroupTriple" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1141 +#: sssd-ldap.5.xml:1179 msgid "ldap_netgroup_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1157 +#: sssd-ldap.5.xml:1195 msgid "ldap_host_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1160 +#: sssd-ldap.5.xml:1198 msgid "The object class of a host entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1163 sssd-ldap.5.xml:1272 +#: sssd-ldap.5.xml:1201 sssd-ldap.5.xml:1310 msgid "Default: ipService" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1169 +#: sssd-ldap.5.xml:1207 msgid "ldap_host_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1172 sssd-ldap.5.xml:1198 +#: sssd-ldap.5.xml:1210 sssd-ldap.5.xml:1236 msgid "The LDAP attribute that corresponds to the host's name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1182 +#: sssd-ldap.5.xml:1220 msgid "ldap_host_fqdn (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1185 +#: sssd-ldap.5.xml:1223 msgid "" "The LDAP attribute that corresponds to the host's fully-qualified domain " "name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1189 +#: sssd-ldap.5.xml:1227 msgid "Default: fqdn" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1195 +#: sssd-ldap.5.xml:1233 msgid "ldap_host_serverhostname (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1202 +#: sssd-ldap.5.xml:1240 msgid "Default: serverHostname" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1208 +#: sssd-ldap.5.xml:1246 msgid "ldap_host_member_of (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1211 +#: sssd-ldap.5.xml:1249 msgid "The LDAP attribute that lists the host's group memberships." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1221 +#: sssd-ldap.5.xml:1259 msgid "ldap_host_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1224 +#: sssd-ldap.5.xml:1262 msgid "Optional. Use the given string as search base for host objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1228 sssd-ipa.5.xml:374 sssd-ipa.5.xml:393 +#: sssd-ldap.5.xml:1266 sssd-ipa.5.xml:374 sssd-ipa.5.xml:393 #: sssd-ipa.5.xml:412 sssd-ipa.5.xml:431 msgid "" "See <quote>ldap_search_base</quote> for information about configuring " @@ -6604,95 +6804,95 @@ msgid "" msgstr "" #. type: Content of: <listitem><para> -#: sssd-ldap.5.xml:1233 sssd-ipa.5.xml:379 include/ldap_search_bases.xml:27 +#: sssd-ldap.5.xml:1271 sssd-ipa.5.xml:379 include/ldap_search_bases.xml:27 msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1240 +#: sssd-ldap.5.xml:1278 msgid "ldap_host_ssh_public_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1243 +#: sssd-ldap.5.xml:1281 msgid "The LDAP attribute that contains the host's SSH public keys." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1253 +#: sssd-ldap.5.xml:1291 msgid "ldap_host_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1256 +#: sssd-ldap.5.xml:1294 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP host object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1266 +#: sssd-ldap.5.xml:1304 msgid "ldap_service_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1269 +#: sssd-ldap.5.xml:1307 msgid "The object class of a service entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1278 +#: sssd-ldap.5.xml:1316 msgid "ldap_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1281 +#: sssd-ldap.5.xml:1319 msgid "" "The LDAP attribute that contains the name of service attributes and their " "aliases." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1291 +#: sssd-ldap.5.xml:1329 msgid "ldap_service_port (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1294 +#: sssd-ldap.5.xml:1332 msgid "The LDAP attribute that contains the port managed by this service." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1298 +#: sssd-ldap.5.xml:1336 msgid "Default: ipServicePort" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1304 +#: sssd-ldap.5.xml:1342 msgid "ldap_service_proto (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1307 +#: sssd-ldap.5.xml:1345 msgid "" "The LDAP attribute that contains the protocols understood by this service." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1311 +#: sssd-ldap.5.xml:1349 msgid "Default: ipServiceProtocol" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1317 +#: sssd-ldap.5.xml:1355 msgid "ldap_service_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1322 +#: sssd-ldap.5.xml:1360 msgid "ldap_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1325 +#: sssd-ldap.5.xml:1363 msgid "" "Specifies the timeout (in seconds) that ldap searches are allowed to run " "before they are cancelled and cached results are returned (and offline mode " @@ -6700,7 +6900,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1331 +#: sssd-ldap.5.xml:1369 msgid "" "Note: this option is subject to change in future versions of the SSSD. It " "will likely be replaced at some point by a series of timeouts for specific " @@ -6708,12 +6908,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1343 +#: sssd-ldap.5.xml:1381 msgid "ldap_enumeration_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1346 +#: sssd-ldap.5.xml:1384 msgid "" "Specifies the timeout (in seconds) that ldap searches for user and group " "enumerations are allowed to run before they are cancelled and cached results " @@ -6721,12 +6921,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1359 +#: sssd-ldap.5.xml:1397 msgid "ldap_network_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1362 +#: sssd-ldap.5.xml:1400 msgid "" "Specifies the timeout (in seconds) after which the <citerefentry> " "<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" @@ -6737,12 +6937,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1385 +#: sssd-ldap.5.xml:1423 msgid "ldap_opt_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1388 +#: sssd-ldap.5.xml:1426 msgid "" "Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " "will abort if no response is received. Also controls the timeout when " @@ -6751,12 +6951,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1403 +#: sssd-ldap.5.xml:1441 msgid "ldap_connection_expire_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1406 +#: sssd-ldap.5.xml:1444 msgid "" "Specifies a timeout (in seconds) that a connection to an LDAP server will be " "maintained. After this time, the connection will be re-established. If used " @@ -6765,34 +6965,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1414 sssd-ldap.5.xml:2503 +#: sssd-ldap.5.xml:1452 sssd-ldap.5.xml:2572 msgid "Default: 900 (15 minutes)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1420 +#: sssd-ldap.5.xml:1458 msgid "ldap_page_size (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1423 +#: sssd-ldap.5.xml:1461 msgid "" "Specify the number of records to retrieve from LDAP in a single request. " "Some LDAP servers enforce a maximum limit per-request." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1428 +#: sssd-ldap.5.xml:1466 msgid "Default: 1000" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1434 +#: sssd-ldap.5.xml:1472 msgid "ldap_disable_paging (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1437 +#: sssd-ldap.5.xml:1475 msgid "" "Disable the LDAP paging control. This option should be used if the LDAP " "server reports that it supports the LDAP paging control in its RootDSE but " @@ -6800,14 +7000,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1443 +#: sssd-ldap.5.xml:1481 msgid "" "Example: OpenLDAP servers with the paging control module installed on the " "server but not enabled will report it in the RootDSE but be unable to use it." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1449 +#: sssd-ldap.5.xml:1487 msgid "" "Example: 389 DS has a bug where it can only support a one paging control at " "a time on a single connection. On busy clients, this can result in some " @@ -6815,17 +7015,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1461 +#: sssd-ldap.5.xml:1499 msgid "ldap_disable_range_retrieval (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1464 +#: sssd-ldap.5.xml:1502 msgid "Disable Active Directory range retrieval." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1467 +#: sssd-ldap.5.xml:1505 msgid "" "Active Directory limits the number of members to be retrieved in a single " "lookup using the MaxValRange policy (which defaults to 1500 members). If a " @@ -6835,12 +7035,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1482 +#: sssd-ldap.5.xml:1520 msgid "ldap_sasl_minssf (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1485 +#: sssd-ldap.5.xml:1523 msgid "" "When communicating with an LDAP server using SASL, specify the minimum " "security level necessary to establish the connection. The values of this " @@ -6848,17 +7048,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1491 +#: sssd-ldap.5.xml:1529 msgid "Default: Use the system default (usually specified by ldap.conf)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1498 +#: sssd-ldap.5.xml:1536 msgid "ldap_deref_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1501 +#: sssd-ldap.5.xml:1539 msgid "" "Specify the number of group members that must be missing from the internal " "cache in order to trigger a dereference lookup. If less members are missing, " @@ -6866,13 +7066,18 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1507 +#: sssd-ldap.5.xml:1545 msgid "" -"You can turn off dereference lookups completely by setting the value to 0." +"You can turn off dereference lookups completely by setting the value to 0. " +"Please note that there are some codepaths in SSSD, like the IPA HBAC " +"provider, that are only implemented using the dereference call, so even with " +"dereference explicitly disabled, those parts will still use dereference if " +"the server supports it and advertises the dereference control in the rootDSE " +"object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1511 +#: sssd-ldap.5.xml:1556 msgid "" "A dereference lookup is a means of fetching all group members in a single " "LDAP call. Different LDAP servers may implement different dereference " @@ -6881,7 +7086,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1519 +#: sssd-ldap.5.xml:1564 msgid "" "<emphasis>Note:</emphasis> If any of the search bases specifies a search " "filter, then the dereference lookup performance enhancement will be disabled " @@ -6889,26 +7094,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1532 +#: sssd-ldap.5.xml:1577 msgid "ldap_tls_reqcert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1535 +#: sssd-ldap.5.xml:1580 msgid "" "Specifies what checks to perform on server certificates in a TLS session, if " "any. It can be specified as one of the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1541 +#: sssd-ldap.5.xml:1586 msgid "" "<emphasis>never</emphasis> = The client will not request or check any server " "certificate." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1545 +#: sssd-ldap.5.xml:1590 msgid "" "<emphasis>allow</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -6916,7 +7121,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1552 +#: sssd-ldap.5.xml:1597 msgid "" "<emphasis>try</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -6924,7 +7129,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1558 +#: sssd-ldap.5.xml:1603 msgid "" "<emphasis>demand</emphasis> = The server certificate is requested. If no " "certificate is provided, or a bad certificate is provided, the session is " @@ -6932,41 +7137,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1564 +#: sssd-ldap.5.xml:1609 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1568 +#: sssd-ldap.5.xml:1613 msgid "Default: hard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1574 +#: sssd-ldap.5.xml:1619 msgid "ldap_tls_cacert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1577 +#: sssd-ldap.5.xml:1622 msgid "" "Specifies the file that contains certificates for all of the Certificate " "Authorities that <command>sssd</command> will recognize." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1582 sssd-ldap.5.xml:1600 sssd-ldap.5.xml:1641 +#: sssd-ldap.5.xml:1627 sssd-ldap.5.xml:1645 sssd-ldap.5.xml:1686 msgid "" "Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." "conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1589 +#: sssd-ldap.5.xml:1634 msgid "ldap_tls_cacertdir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1592 +#: sssd-ldap.5.xml:1637 msgid "" "Specifies the path of a directory that contains Certificate Authority " "certificates in separate individual files. Typically the file names need to " @@ -6975,32 +7180,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1607 +#: sssd-ldap.5.xml:1652 msgid "ldap_tls_cert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1610 +#: sssd-ldap.5.xml:1655 msgid "Specifies the file that contains the certificate for the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1620 +#: sssd-ldap.5.xml:1665 msgid "ldap_tls_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1623 +#: sssd-ldap.5.xml:1668 msgid "Specifies the file that contains the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1632 +#: sssd-ldap.5.xml:1677 msgid "ldap_tls_cipher_suite (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1635 +#: sssd-ldap.5.xml:1680 msgid "" "Specifies acceptable cipher suites. Typically this is a colon separated " "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " @@ -7008,24 +7213,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1648 +#: sssd-ldap.5.xml:1693 msgid "ldap_id_use_start_tls (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1651 +#: sssd-ldap.5.xml:1696 msgid "" "Specifies that the id_provider connection must also use <systemitem class=" "\"protocol\">tls</systemitem> to protect the channel." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1661 +#: sssd-ldap.5.xml:1706 msgid "ldap_id_mapping (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1664 +#: sssd-ldap.5.xml:1709 msgid "" "Specifies that SSSD should attempt to map user and group IDs from the " "ldap_user_objectsid and ldap_group_objectsid attributes instead of relying " @@ -7033,17 +7238,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1670 +#: sssd-ldap.5.xml:1715 msgid "Currently this feature supports only ActiveDirectory objectSID mapping." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1680 +#: sssd-ldap.5.xml:1725 msgid "ldap_min_id, ldap_max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1683 +#: sssd-ldap.5.xml:1728 msgid "" "In contrast to the SID based ID mapping which is used if ldap_id_mapping is " "set to true the allowed ID range for ldap_user_uid_number and " @@ -7054,29 +7259,40 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1695 +#: sssd-ldap.5.xml:1740 msgid "Default: not set (both options are set to 0)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1701 +#: sssd-ldap.5.xml:1746 msgid "ldap_sasl_mech (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1704 +#: sssd-ldap.5.xml:1749 +msgid "" +"Specify the SASL mechanism to use. Currently only GSSAPI and GSS-SPNEGO are " +"tested and supported." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1753 msgid "" -"Specify the SASL mechanism to use. Currently only GSSAPI is tested and " -"supported." +"If the backend supports sub-domains the value of ldap_sasl_mech is " +"automatically inherited to the sub-domains. If a different value is needed " +"for a sub-domain it can be overwritten by setting ldap_sasl_mech for this " +"sub-domain explicitly. Please see TRUSTED DOMAIN SECTION in " +"<citerefentry><refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" +"manvolnum></citerefentry> for details." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1714 +#: sssd-ldap.5.xml:1769 msgid "ldap_sasl_authid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ldap.5.xml:1725 +#: sssd-ldap.5.xml:1781 #, no-wrap msgid "" "hostname@REALM\n" @@ -7089,29 +7305,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1717 +#: sssd-ldap.5.xml:1772 msgid "" -"Specify the SASL authorization id to use. When GSSAPI is used, this " -"represents the Kerberos principal used for authentication to the directory. " -"This option can either contain the full principal (for example host/" -"myhost@EXAMPLE.COM) or just the principal name (for example host/myhost). By " -"default, the value is not set and the following principals are used: " -"<placeholder type=\"programlisting\" id=\"0\"/> If none of them are found, " -"the first principal in keytab is returned." +"Specify the SASL authorization id to use. When GSSAPI/GSS-SPNEGO are used, " +"this represents the Kerberos principal used for authentication to the " +"directory. This option can either contain the full principal (for example " +"host/myhost@EXAMPLE.COM) or just the principal name (for example host/" +"myhost). By default, the value is not set and the following principals are " +"used: <placeholder type=\"programlisting\" id=\"0\"/> If none of them are " +"found, the first principal in keytab is returned." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1736 +#: sssd-ldap.5.xml:1792 msgid "Default: host/hostname@REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1742 +#: sssd-ldap.5.xml:1798 msgid "ldap_sasl_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1745 +#: sssd-ldap.5.xml:1801 msgid "" "Specify the SASL realm to use. When not specified, this option defaults to " "the value of krb5_realm. If the ldap_sasl_authid contains the realm as " @@ -7119,77 +7335,78 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1751 +#: sssd-ldap.5.xml:1807 msgid "Default: the value of krb5_realm." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1757 +#: sssd-ldap.5.xml:1813 msgid "ldap_sasl_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1760 +#: sssd-ldap.5.xml:1816 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1765 +#: sssd-ldap.5.xml:1821 msgid "Default: false;" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1771 +#: sssd-ldap.5.xml:1827 msgid "ldap_krb5_keytab (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1774 -msgid "Specify the keytab to use when using SASL/GSSAPI." +#: sssd-ldap.5.xml:1830 +msgid "Specify the keytab to use when using SASL/GSSAPI/GSS-SPNEGO." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1777 +#: sssd-ldap.5.xml:1834 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1783 +#: sssd-ldap.5.xml:1840 msgid "ldap_krb5_init_creds (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1786 +#: sssd-ldap.5.xml:1843 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " -"GSSAPI." +"GSSAPI or GSS-SPNEGO." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1798 +#: sssd-ldap.5.xml:1855 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1801 -msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." +#: sssd-ldap.5.xml:1858 +msgid "" +"Specifies the lifetime in seconds of the TGT if GSSAPI or GSS-SPNEGO is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1805 sssd-ad.5.xml:959 +#: sssd-ldap.5.xml:1862 sssd-ad.5.xml:978 msgid "Default: 86400 (24 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1811 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:1868 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1814 +#: sssd-ldap.5.xml:1871 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of preference. " @@ -7207,7 +7424,7 @@ msgstr "" "mer information, se avsnittet <quote>TJÄNSTEUPPTÄCKT</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1826 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:1883 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -7218,7 +7435,7 @@ msgstr "" "hittas." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1831 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1888 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " @@ -7226,39 +7443,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1840 sssd-ipa.5.xml:443 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1897 sssd-ipa.5.xml:443 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1843 -msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." +#: sssd-ldap.5.xml:1900 +msgid "Specify the Kerberos REALM (for SASL/GSSAPI/GSS-SPNEGO auth)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1846 +#: sssd-ldap.5.xml:1904 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1852 sssd-krb5.5.xml:462 +#: sssd-ldap.5.xml:1910 sssd-krb5.5.xml:462 msgid "krb5_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1855 +#: sssd-ldap.5.xml:1913 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1867 sssd-krb5.5.xml:477 +#: sssd-ldap.5.xml:1925 sssd-krb5.5.xml:477 msgid "krb5_use_kdcinfo (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1870 sssd-krb5.5.xml:480 +#: sssd-ldap.5.xml:1928 sssd-krb5.5.xml:480 msgid "" "Specifies if the SSSD should instruct the Kerberos libraries what realm and " "which KDCs to use. This option is on by default, if you disable it, you need " @@ -7268,7 +7485,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1881 sssd-krb5.5.xml:491 +#: sssd-ldap.5.xml:1939 sssd-krb5.5.xml:491 msgid "" "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more " @@ -7276,26 +7493,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1895 +#: sssd-ldap.5.xml:1953 msgid "ldap_pwd_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1898 +#: sssd-ldap.5.xml:1956 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1903 +#: sssd-ldap.5.xml:1961 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1908 +#: sssd-ldap.5.xml:1966 msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " @@ -7303,7 +7520,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1914 +#: sssd-ldap.5.xml:1972 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " @@ -7311,31 +7528,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1923 +#: sssd-ldap.5.xml:1981 msgid "" "<emphasis>Note</emphasis>: if a password policy is configured on server " "side, it always takes precedence over policy set with this option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1931 +#: sssd-ldap.5.xml:1989 msgid "ldap_referrals (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1934 +#: sssd-ldap.5.xml:1992 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1938 +#: sssd-ldap.5.xml:1996 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1943 +#: sssd-ldap.5.xml:2001 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " @@ -7344,28 +7561,28 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1957 +#: sssd-ldap.5.xml:2015 msgid "ldap_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1960 +#: sssd-ldap.5.xml:2018 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" "Anger tjänstenamnet som skall användas när tjänsteupptäckt är aktiverat." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1964 +#: sssd-ldap.5.xml:2022 msgid "Default: ldap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1970 +#: sssd-ldap.5.xml:2028 msgid "ldap_chpass_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1973 +#: sssd-ldap.5.xml:2031 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." @@ -7374,29 +7591,29 @@ msgstr "" "lösenordsändringar när tjänsteupptäckte är aktiverat." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1978 +#: sssd-ldap.5.xml:2036 msgid "Default: not set, i.e. service discovery is disabled" msgstr "Standard: inte satt, d.v.s. tjänsteupptäckt är avaktiverat" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1984 +#: sssd-ldap.5.xml:2042 msgid "ldap_chpass_update_last_change (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1987 +#: sssd-ldap.5.xml:2045 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1999 +#: sssd-ldap.5.xml:2057 msgid "ldap_access_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2002 +#: sssd-ldap.5.xml:2060 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -7412,12 +7629,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2022 +#: sssd-ldap.5.xml:2080 msgid "Example:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:2025 +#: sssd-ldap.5.xml:2083 #, no-wrap msgid "" "access_provider = ldap\n" @@ -7426,14 +7643,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2029 +#: sssd-ldap.5.xml:2087 msgid "" "This example means that access to this host is restricted to users whose " "employeeType attribute is set to \"admin\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2034 +#: sssd-ldap.5.xml:2092 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -7442,24 +7659,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2042 sssd-ldap.5.xml:2099 +#: sssd-ldap.5.xml:2100 sssd-ldap.5.xml:2157 msgid "Default: Empty" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2048 +#: sssd-ldap.5.xml:2106 msgid "ldap_account_expire_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2051 +#: sssd-ldap.5.xml:2109 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2055 +#: sssd-ldap.5.xml:2113 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -7467,19 +7684,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2062 +#: sssd-ldap.5.xml:2120 msgid "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2065 +#: sssd-ldap.5.xml:2123 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2070 +#: sssd-ldap.5.xml:2128 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -7488,7 +7705,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2077 +#: sssd-ldap.5.xml:2135 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " @@ -7496,7 +7713,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2083 +#: sssd-ldap.5.xml:2141 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -7505,7 +7722,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2092 +#: sssd-ldap.5.xml:2150 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>expire</quote> in order for the " @@ -7513,22 +7730,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2105 +#: sssd-ldap.5.xml:2163 msgid "ldap_access_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2108 +#: sssd-ldap.5.xml:2166 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2112 +#: sssd-ldap.5.xml:2170 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2115 +#: sssd-ldap.5.xml:2173 msgid "" "<emphasis>lockout</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -7538,14 +7755,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2125 +#: sssd-ldap.5.xml:2183 msgid "" "<emphasis> Please note that this option is superseded by the <quote>ppolicy</" "quote> option and might be removed in a future release. </emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2132 +#: sssd-ldap.5.xml:2190 msgid "" "<emphasis>ppolicy</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -7558,12 +7775,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2149 +#: sssd-ldap.5.xml:2207 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2153 +#: sssd-ldap.5.xml:2211 msgid "" "<emphasis>pwd_expire_policy_reject, pwd_expire_policy_warn, " "pwd_expire_policy_renew: </emphasis> These options are useful if users are " @@ -7573,7 +7790,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2163 +#: sssd-ldap.5.xml:2221 msgid "" "The difference between these options is the action taken if user password is " "expired: pwd_expire_policy_reject - user is denied to log in, " @@ -7583,63 +7800,63 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2171 +#: sssd-ldap.5.xml:2229 msgid "" "Note If user password is expired no explicit message is prompted by SSSD." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2175 +#: sssd-ldap.5.xml:2233 msgid "" "Please note that 'access_provider = ldap' must be set for this feature to " "work. Also 'ldap_pwd_policy' must be set to an appropriate password policy." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2180 +#: sssd-ldap.5.xml:2238 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2185 +#: sssd-ldap.5.xml:2243 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2189 +#: sssd-ldap.5.xml:2247 msgid "" "<emphasis>rhost</emphasis>: use the rhost attribute to determine whether " "remote host can access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2193 +#: sssd-ldap.5.xml:2251 msgid "" "Please note, rhost field in pam is set by application, it is better to check " "what the application sends to pam, before enabling this access control option" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2198 +#: sssd-ldap.5.xml:2256 msgid "Default: filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2201 +#: sssd-ldap.5.xml:2259 msgid "" "Please note that it is a configuration error if a value is used more than " "once." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2208 +#: sssd-ldap.5.xml:2266 msgid "ldap_pwdlockout_dn (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2211 +#: sssd-ldap.5.xml:2269 msgid "" "This option specifies the DN of password policy entry on LDAP server. Please " "note that absence of this option in sssd.conf in case of enabled account " @@ -7648,74 +7865,74 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2219 +#: sssd-ldap.5.xml:2277 msgid "Example: cn=ppolicy,ou=policies,dc=example,dc=com" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2222 +#: sssd-ldap.5.xml:2280 msgid "Default: cn=ppolicy,ou=policies,$ldap_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2228 +#: sssd-ldap.5.xml:2286 msgid "ldap_deref (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2231 +#: sssd-ldap.5.xml:2289 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2236 +#: sssd-ldap.5.xml:2294 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2240 +#: sssd-ldap.5.xml:2298 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2245 +#: sssd-ldap.5.xml:2303 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2250 +#: sssd-ldap.5.xml:2308 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2255 +#: sssd-ldap.5.xml:2313 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2263 +#: sssd-ldap.5.xml:2321 msgid "ldap_rfc2307_fallback_to_local_users (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2266 +#: sssd-ldap.5.xml:2324 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2270 +#: sssd-ldap.5.xml:2328 msgid "" "In some environments where the RFC2307 schema is used, local users are made " "members of LDAP groups by adding their names to the memberUid attribute. " @@ -7726,7 +7943,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2281 +#: sssd-ldap.5.xml:2339 msgid "" "This option falls back to checking if local users are referenced, and caches " "them so that later initgroups() calls will augment the local users with the " @@ -7734,24 +7951,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2293 sssd-ifp.5.xml:136 +#: sssd-ldap.5.xml:2351 sssd-ifp.5.xml:136 msgid "wildcard_limit (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2296 +#: sssd-ldap.5.xml:2354 msgid "" "Specifies an upper limit on the number of entries that are downloaded during " "a wildcard lookup." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2300 +#: sssd-ldap.5.xml:2358 msgid "At the moment, only the InfoPipe responder supports wildcard lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2304 +#: sssd-ldap.5.xml:2362 msgid "Default: 1000 (often the size of one page)" msgstr "" @@ -7766,12 +7983,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2314 +#: sssd-ldap.5.xml:2372 msgid "SUDO OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2316 +#: sssd-ldap.5.xml:2374 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -7779,317 +7996,327 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2327 +#: sssd-ldap.5.xml:2385 msgid "ldap_sudorule_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2330 +#: sssd-ldap.5.xml:2388 msgid "The object class of a sudo rule entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2333 +#: sssd-ldap.5.xml:2391 msgid "Default: sudoRole" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2339 +#: sssd-ldap.5.xml:2397 msgid "ldap_sudorule_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2342 +#: sssd-ldap.5.xml:2400 msgid "The LDAP attribute that corresponds to the sudo rule name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2352 +#: sssd-ldap.5.xml:2410 msgid "ldap_sudorule_command (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2355 +#: sssd-ldap.5.xml:2413 msgid "The LDAP attribute that corresponds to the command name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2359 +#: sssd-ldap.5.xml:2417 msgid "Default: sudoCommand" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2365 +#: sssd-ldap.5.xml:2423 msgid "ldap_sudorule_host (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2368 +#: sssd-ldap.5.xml:2426 msgid "" "The LDAP attribute that corresponds to the host name (or host IP address, " "host IP network, or host netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2373 +#: sssd-ldap.5.xml:2431 msgid "Default: sudoHost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2379 +#: sssd-ldap.5.xml:2437 msgid "ldap_sudorule_user (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2382 +#: sssd-ldap.5.xml:2440 msgid "" "The LDAP attribute that corresponds to the user name (or UID, group name or " "user's netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2386 +#: sssd-ldap.5.xml:2444 msgid "Default: sudoUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2392 +#: sssd-ldap.5.xml:2450 msgid "ldap_sudorule_option (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2395 +#: sssd-ldap.5.xml:2453 msgid "The LDAP attribute that corresponds to the sudo options." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2399 +#: sssd-ldap.5.xml:2457 msgid "Default: sudoOption" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2405 +#: sssd-ldap.5.xml:2463 msgid "ldap_sudorule_runasuser (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2408 +#: sssd-ldap.5.xml:2466 msgid "" "The LDAP attribute that corresponds to the user name that commands may be " "run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2412 +#: sssd-ldap.5.xml:2470 msgid "Default: sudoRunAsUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2418 +#: sssd-ldap.5.xml:2476 msgid "ldap_sudorule_runasgroup (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2421 +#: sssd-ldap.5.xml:2479 msgid "" "The LDAP attribute that corresponds to the group name or group GID that " "commands may be run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2425 +#: sssd-ldap.5.xml:2483 msgid "Default: sudoRunAsGroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2431 +#: sssd-ldap.5.xml:2489 msgid "ldap_sudorule_notbefore (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2434 +#: sssd-ldap.5.xml:2492 msgid "" "The LDAP attribute that corresponds to the start date/time for when the sudo " "rule is valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2438 +#: sssd-ldap.5.xml:2496 msgid "Default: sudoNotBefore" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2444 +#: sssd-ldap.5.xml:2502 msgid "ldap_sudorule_notafter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2447 +#: sssd-ldap.5.xml:2505 msgid "" "The LDAP attribute that corresponds to the expiration date/time, after which " "the sudo rule will no longer be valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2452 +#: sssd-ldap.5.xml:2510 msgid "Default: sudoNotAfter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2458 +#: sssd-ldap.5.xml:2516 msgid "ldap_sudorule_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2461 +#: sssd-ldap.5.xml:2519 msgid "The LDAP attribute that corresponds to the ordering index of the rule." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2465 +#: sssd-ldap.5.xml:2523 msgid "Default: sudoOrder" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2471 +#: sssd-ldap.5.xml:2529 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2474 +#: sssd-ldap.5.xml:2532 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2479 +#: sssd-ldap.5.xml:2537 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </" "emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2484 +#: sssd-ldap.5.xml:2542 msgid "Default: 21600 (6 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2490 +#: sssd-ldap.5.xml:2548 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2493 +#: sssd-ldap.5.xml:2551 msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " -"rules (which downloads all rules that have USN higher than the highest USN " -"of cached rules)." +"rules (which downloads all rules that have USN higher than the highest " +"server USN value that is currently known by SSSD)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2499 +#: sssd-ldap.5.xml:2557 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:2561 +msgid "" +"<emphasis>Note:</emphasis> the highest USN value can be updated by three " +"tasks: 1) By sudo full and smart refresh (if updated rules are found), 2) by " +"enumeration of users and groups (if enabled and updated users or groups are " +"found) and 3) by reconnecting to the server (by default every 15 minutes, " +"see <emphasis>ldap_connection_expire_timeout</emphasis>)." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2509 +#: sssd-ldap.5.xml:2578 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2512 +#: sssd-ldap.5.xml:2581 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2523 +#: sssd-ldap.5.xml:2592 msgid "ldap_sudo_hostnames (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2526 +#: sssd-ldap.5.xml:2595 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2531 +#: sssd-ldap.5.xml:2600 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2536 sssd-ldap.5.xml:2559 sssd-ldap.5.xml:2577 -#: sssd-ldap.5.xml:2595 +#: sssd-ldap.5.xml:2605 sssd-ldap.5.xml:2628 sssd-ldap.5.xml:2646 +#: sssd-ldap.5.xml:2664 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</" "emphasis> then this option has no effect." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2541 sssd-ldap.5.xml:2564 +#: sssd-ldap.5.xml:2610 sssd-ldap.5.xml:2633 msgid "Default: not specified" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2547 +#: sssd-ldap.5.xml:2616 msgid "ldap_sudo_ip (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2550 +#: sssd-ldap.5.xml:2619 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2555 +#: sssd-ldap.5.xml:2624 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2570 +#: sssd-ldap.5.xml:2639 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2573 +#: sssd-ldap.5.xml:2642 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2588 +#: sssd-ldap.5.xml:2657 msgid "ldap_sudo_include_regexp (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2591 +#: sssd-ldap.5.xml:2660 msgid "" "If true then SSSD will download every rule that contains a wildcard in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><note><para> -#: sssd-ldap.5.xml:2601 +#: sssd-ldap.5.xml:2670 msgid "" "Using wildcard is an operation that is very costly to evaluate on the LDAP " "server side!" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2613 +#: sssd-ldap.5.xml:2682 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -8098,111 +8325,111 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2623 +#: sssd-ldap.5.xml:2692 msgid "AUTOFS OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2625 +#: sssd-ldap.5.xml:2694 msgid "" "Some of the defaults for the parameters below are dependent on the LDAP " "schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2631 +#: sssd-ldap.5.xml:2700 msgid "ldap_autofs_map_master_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2634 +#: sssd-ldap.5.xml:2703 msgid "The name of the automount master map in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2637 +#: sssd-ldap.5.xml:2706 msgid "Default: auto.master" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2644 +#: sssd-ldap.5.xml:2713 msgid "ldap_autofs_map_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2647 +#: sssd-ldap.5.xml:2716 msgid "The object class of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2650 +#: sssd-ldap.5.xml:2719 msgid "Default: nisMap (rfc2307, autofs_provider=ad), otherwise automountMap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2658 +#: sssd-ldap.5.xml:2727 msgid "ldap_autofs_map_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2661 +#: sssd-ldap.5.xml:2730 msgid "The name of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2664 +#: sssd-ldap.5.xml:2733 msgid "" "Default: nisMapName (rfc2307, autofs_provider=ad), otherwise automountMapName" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2672 +#: sssd-ldap.5.xml:2741 msgid "ldap_autofs_entry_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2675 +#: sssd-ldap.5.xml:2744 msgid "" "The object class of an automount entry in LDAP. The entry usually " "corresponds to a mount point." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2680 +#: sssd-ldap.5.xml:2749 msgid "Default: nisObject (rfc2307, autofs_provider=ad), otherwise automount" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2688 +#: sssd-ldap.5.xml:2757 msgid "ldap_autofs_entry_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2691 sssd-ldap.5.xml:2706 +#: sssd-ldap.5.xml:2760 sssd-ldap.5.xml:2775 msgid "" "The key of an automount entry in LDAP. The entry usually corresponds to a " "mount point." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2695 +#: sssd-ldap.5.xml:2764 msgid "Default: cn (rfc2307, autofs_provider=ad), otherwise automountKey" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2703 +#: sssd-ldap.5.xml:2772 msgid "ldap_autofs_entry_value (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2710 +#: sssd-ldap.5.xml:2779 msgid "" "Default: nisMapEntry (rfc2307, autofs_provider=ad), otherwise " "automountInformation" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2629 +#: sssd-ldap.5.xml:2698 msgid "" "<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" "\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " @@ -8211,32 +8438,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2721 +#: sssd-ldap.5.xml:2790 msgid "ADVANCED OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2728 +#: sssd-ldap.5.xml:2797 msgid "ldap_netgroup_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2733 +#: sssd-ldap.5.xml:2802 msgid "ldap_user_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2738 +#: sssd-ldap.5.xml:2807 msgid "ldap_group_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note> -#: sssd-ldap.5.xml:2743 +#: sssd-ldap.5.xml:2812 msgid "<note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note><para> -#: sssd-ldap.5.xml:2745 +#: sssd-ldap.5.xml:2814 msgid "" "If the option <quote>ldap_use_tokengroups</quote> is enabled, the searches " "against Active Directory will not be restricted and return all groups " @@ -8245,22 +8472,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist> -#: sssd-ldap.5.xml:2752 +#: sssd-ldap.5.xml:2821 msgid "</note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2754 +#: sssd-ldap.5.xml:2823 msgid "ldap_sudo_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2759 +#: sssd-ldap.5.xml:2828 msgid "ldap_autofs_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2723 +#: sssd-ldap.5.xml:2792 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -8269,14 +8496,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2774 sssd-simple.5.xml:131 sssd-ipa.5.xml:843 -#: sssd-ad.5.xml:1078 sssd-krb5.5.xml:570 sss_rpcidmapd.5.xml:98 +#: sssd-ldap.5.xml:2843 sssd-simple.5.xml:131 sssd-ipa.5.xml:843 +#: sssd-ad.5.xml:1097 sssd-krb5.5.xml:604 sss_rpcidmapd.5.xml:98 #: sssd-files.5.xml:130 sssd-session-recording.5.xml:144 msgid "EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2776 +#: sssd-ldap.5.xml:2845 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -8284,7 +8511,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2782 +#: sssd-ldap.5.xml:2851 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -8297,27 +8524,27 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:2781 sssd-ldap.5.xml:2799 sssd-simple.5.xml:139 -#: sssd-ipa.5.xml:851 sssd-ad.5.xml:1086 sssd-sudo.5.xml:56 sssd-krb5.5.xml:579 +#: sssd-ldap.5.xml:2850 sssd-ldap.5.xml:2868 sssd-simple.5.xml:139 +#: sssd-ipa.5.xml:851 sssd-ad.5.xml:1105 sssd-sudo.5.xml:56 sssd-krb5.5.xml:613 #: sssd-files.5.xml:137 sssd-files.5.xml:148 sssd-session-recording.5.xml:150 #: include/ldap_id_mapping.xml:105 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2793 +#: sssd-ldap.5.xml:2862 msgid "LDAP ACCESS FILTER EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2795 +#: sssd-ldap.5.xml:2864 msgid "" "The following example assumes that SSSD is correctly configured and to use " "the ldap_access_order=lockout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2800 +#: sssd-ldap.5.xml:2869 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -8333,13 +8560,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2815 sssd_krb5_locator_plugin.8.xml:81 sssd-simple.5.xml:148 -#: sssd-ad.5.xml:1101 sssd.8.xml:257 sss_seed.8.xml:163 +#: sssd-ldap.5.xml:2884 sssd_krb5_locator_plugin.8.xml:83 sssd-simple.5.xml:148 +#: sssd-ad.5.xml:1120 sssd.8.xml:257 sss_seed.8.xml:163 msgid "NOTES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2817 +#: sssd-ldap.5.xml:2886 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -8552,7 +8779,7 @@ msgstr "" msgid "" "Try to use certificate based authentication, i.e. authentication with a " "Smartcard or similar devices. If a Smartcard is available and the service is " -"allowed for Smartcard authentication the use will be prompted for a PIN and " +"allowed for Smartcard authentication the user will be prompted for a PIN and " "the certificate based authentication will continue" msgstr "" @@ -8599,13 +8826,22 @@ msgid "" "<option>password</option> and <option>session</option>) are provided." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para> +#: pam_sss.8.xml:259 +msgid "" +"If SSSD's PAM responder is not running, e.g. if the PAM responder socket is " +"not available, pam_sss will return PAM_USER_UNKNOWN when called as " +"<option>account</option> module to avoid issues with users from other " +"sources during access control." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><title> -#: pam_sss.8.xml:262 +#: pam_sss.8.xml:266 msgid "FILES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:263 +#: pam_sss.8.xml:267 msgid "" "If a password reset by root fails, because the corresponding SSSD provider " "does not support password resets, an individual message can be displayed. " @@ -8613,7 +8849,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:268 +#: pam_sss.8.xml:272 msgid "" "The message is read from the file <filename>pam_sss_pw_reset_message.LOC</" "filename> where LOC stands for a locale string returned by <citerefentry> " @@ -8625,7 +8861,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:278 +#: pam_sss.8.xml:282 msgid "" "These files are searched in the directory <filename>/etc/sssd/customize/" "DOMAIN_NAME/</filename>. If no matching file is present a generic message is " @@ -8675,34 +8911,44 @@ msgstr "" msgid "" "The plugin reads the information about the KDCs of a given realm from a file " "called <filename>kdcinfo.REALM</filename>. The file should contain one or " -"more IP addresses either in dotted-decimal IPv4 notation or the hexadecimal " -"IPv6 notation. An optional port number can be added to the end separated " -"with a colon, the IPv6 address has to be enclosed in squared brackets in " -"this case as usual. Valid entries are:" +"more DNS names or IP addresses either in dotted-decimal IPv4 notation or the " +"hexadecimal IPv6 notation. An optional port number can be added to the end " +"separated with a colon, the IPv6 address has to be enclosed in squared " +"brackets in this case as usual. Valid entries are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> #: sssd_krb5_locator_plugin.8.xml:58 -msgid "1.2.3.4" +msgid "kdc.example.com" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> #: sssd_krb5_locator_plugin.8.xml:59 -msgid "5.6.7.8:99" +msgid "kdc.example.com:321" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> #: sssd_krb5_locator_plugin.8.xml:60 -msgid "2001:db8:85a3::8a2e:370:7334" +msgid "1.2.3.4" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> #: sssd_krb5_locator_plugin.8.xml:61 +msgid "5.6.7.8:99" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd_krb5_locator_plugin.8.xml:62 +msgid "2001:db8:85a3::8a2e:370:7334" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd_krb5_locator_plugin.8.xml:63 msgid "[2001:db8:85a3::8a2e:370:7334]:321" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:63 +#: sssd_krb5_locator_plugin.8.xml:65 msgid "" "SSSD's krb5 auth-provider which is used by the IPA and AD providers as well " "adds the address of the current KDC or domain controller SSSD is using to " @@ -8710,7 +8956,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:68 +#: sssd_krb5_locator_plugin.8.xml:70 msgid "" "In environments with read-only and read-write KDCs where clients are " "expected to use the read-only instances for the general operations and only " @@ -8723,7 +8969,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:83 +#: sssd_krb5_locator_plugin.8.xml:85 msgid "" "Not all Kerberos implementations support the use of plugins. If " "<command>sssd_krb5_locator_plugin</command> is not available on your system " @@ -8731,20 +8977,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:89 +#: sssd_krb5_locator_plugin.8.xml:91 msgid "" "If the environment variable SSSD_KRB5_LOCATOR_DEBUG is set to any value " "debug messages will be sent to stderr." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:93 +#: sssd_krb5_locator_plugin.8.xml:95 msgid "" "If the environment variable SSSD_KRB5_LOCATOR_DISABLE is set to any value " "the plugin is disabled and will just return KRB5_PLUGIN_NO_HANDLE to the " "caller." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:100 +msgid "" +"If the environment variable SSSD_KRB5_LOCATOR_IGNORE_DNS_FAILURES is set to " +"any value plugin will try to resolve all DNS names in kdcinfo file. By " +"default plugin returns KRB5_PLUGIN_NO_HANDLE to the caller immediately on " +"first DNS resolving failure." +msgstr "" + #. type: Content of: <reference><refentry><refnamediv><refname> #: sssd-simple.5.xml:10 sssd-simple.5.xml:16 msgid "sssd-simple" @@ -9846,7 +10101,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:128 sssd-ad.5.xml:888 +#: sssd-ipa.5.xml:128 sssd-ad.5.xml:907 msgid "dyndns_update (boolean)" msgstr "" @@ -9861,7 +10116,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:140 sssd-ad.5.xml:902 +#: sssd-ipa.5.xml:140 sssd-ad.5.xml:921 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" @@ -9876,12 +10131,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:157 sssd-ad.5.xml:913 +#: sssd-ipa.5.xml:157 sssd-ad.5.xml:932 msgid "dyndns_ttl (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:160 sssd-ad.5.xml:916 +#: sssd-ipa.5.xml:160 sssd-ad.5.xml:935 msgid "" "The TTL to apply to the client DNS record when updating it. If " "dyndns_update is false this has no effect. This will override the TTL " @@ -9902,12 +10157,12 @@ msgid "Default: 1200 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:177 sssd-ad.5.xml:927 +#: sssd-ipa.5.xml:177 sssd-ad.5.xml:946 msgid "dyndns_iface (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:180 sssd-ad.5.xml:930 +#: sssd-ipa.5.xml:180 sssd-ad.5.xml:949 msgid "" "Optional. Applicable only when dyndns_update is true. Choose the interface " "or a list of interfaces whose IP addresses should be used for dynamic DNS " @@ -9931,17 +10186,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:197 sssd-ad.5.xml:941 +#: sssd-ipa.5.xml:197 sssd-ad.5.xml:960 msgid "Example: dyndns_iface = em1, vnet1, vnet2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:203 sssd-ad.5.xml:992 +#: sssd-ipa.5.xml:203 sssd-ad.5.xml:1011 msgid "dyndns_auth (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:206 sssd-ad.5.xml:995 +#: sssd-ipa.5.xml:206 sssd-ad.5.xml:1014 msgid "" "Whether the nsupdate utility should use GSS-TSIG authentication for secure " "updates with the DNS server, insecure updates can be sent by setting this " @@ -9949,7 +10204,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:212 sssd-ad.5.xml:1001 +#: sssd-ipa.5.xml:212 sssd-ad.5.xml:1020 msgid "Default: GSS-TSIG" msgstr "" @@ -9983,7 +10238,7 @@ msgstr "" "upptäckten används som backup-servrar." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:244 sssd-ad.5.xml:947 +#: sssd-ipa.5.xml:244 sssd-ad.5.xml:966 msgid "dyndns_refresh_interval (integer)" msgstr "" @@ -9996,12 +10251,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:260 sssd-ad.5.xml:965 +#: sssd-ipa.5.xml:260 sssd-ad.5.xml:984 msgid "dyndns_update_ptr (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:263 sssd-ad.5.xml:968 +#: sssd-ipa.5.xml:263 sssd-ad.5.xml:987 msgid "" "Whether the PTR record should also be explicitly updated when updating the " "client's DNS records. Applicable only when dyndns_update is true." @@ -10020,60 +10275,60 @@ msgid "Default: False (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:280 sssd-ad.5.xml:979 +#: sssd-ipa.5.xml:280 sssd-ad.5.xml:998 msgid "dyndns_force_tcp (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:283 sssd-ad.5.xml:982 +#: sssd-ipa.5.xml:283 sssd-ad.5.xml:1001 msgid "" "Whether the nsupdate utility should default to using TCP for communicating " "with the DNS server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:287 sssd-ad.5.xml:986 +#: sssd-ipa.5.xml:287 sssd-ad.5.xml:1005 msgid "Default: False (let nsupdate choose the protocol)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:293 sssd-ad.5.xml:1007 +#: sssd-ipa.5.xml:293 sssd-ad.5.xml:1026 msgid "dyndns_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:296 sssd-ad.5.xml:1010 +#: sssd-ipa.5.xml:296 sssd-ad.5.xml:1029 msgid "" "The DNS server to use when performing a DNS update. In most setups, it's " "recommended to leave this option unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:301 sssd-ad.5.xml:1015 +#: sssd-ipa.5.xml:301 sssd-ad.5.xml:1034 msgid "" "Setting this option makes sense for environments where the DNS server is " "different from the identity server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:306 sssd-ad.5.xml:1020 +#: sssd-ipa.5.xml:306 sssd-ad.5.xml:1039 msgid "" "Please note that this option will be only used in fallback attempt when " "previous attempt using autodetected settings failed." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:311 sssd-ad.5.xml:1025 +#: sssd-ipa.5.xml:311 sssd-ad.5.xml:1044 msgid "Default: None (let nsupdate choose the server)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:317 sssd-ad.5.xml:1031 +#: sssd-ipa.5.xml:317 sssd-ad.5.xml:1050 msgid "dyndns_update_per_family (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:320 sssd-ad.5.xml:1034 +#: sssd-ipa.5.xml:320 sssd-ad.5.xml:1053 msgid "" "DNS update is by default performed in two steps - IPv4 update and then IPv6 " "update. In some cases it might be desirable to perform IPv4 and IPv6 update " @@ -10187,26 +10442,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:458 sssd-ad.5.xml:1049 +#: sssd-ipa.5.xml:458 sssd-ad.5.xml:1068 msgid "krb5_confd_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:461 sssd-ad.5.xml:1052 +#: sssd-ipa.5.xml:461 sssd-ad.5.xml:1071 msgid "" "Absolute path of a directory where SSSD should place Kerberos configuration " "snippets." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:465 sssd-ad.5.xml:1056 +#: sssd-ipa.5.xml:465 sssd-ad.5.xml:1075 msgid "" "To disable the creation of the configuration snippets set the parameter to " "'none'." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:469 sssd-ad.5.xml:1060 +#: sssd-ipa.5.xml:469 sssd-ad.5.xml:1079 msgid "" "Default: not set (krb5.include.d subdirectory of SSSD's pubconf directory)" msgstr "" @@ -10225,7 +10480,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:486 sssd-ipa.5.xml:516 sssd-ipa.5.xml:532 sssd-ad.5.xml:452 +#: sssd-ipa.5.xml:486 sssd-ipa.5.xml:516 sssd-ipa.5.xml:532 sssd-ad.5.xml:471 msgid "Default: 5 (seconds)" msgstr "" @@ -10523,10 +10778,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><title> #: sssd-ipa.5.xml:747 -#, fuzzy -#| msgid "TRUSTED DOMAIN SECTION" msgid "TRUSTED DOMAINS CONFIGURATION" -msgstr "SEKTIONEN BETRODDA DOMÄNER" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> #: sssd-ipa.5.xml:753 @@ -10538,38 +10791,20 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ipa.5.xml:749 -#, fuzzy -#| msgid "" -#| "These configuration options can be present in a domain configuration " -#| "section, that is, in a section called <quote>[domain/<replaceable>NAME</" -#| "replaceable>]</quote> <placeholder type=\"variablelist\" id=\"0\"/>" msgid "" "Some configuration options can be also set for a trusted domain. A trusted " "domain configuration can either be done using a subsection, for example: " "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" -"Dessa konfigurationsalternativ kan finnas i en domänkonfigurationssektion, " -"det vill säga en sektion som heter <quote>[domain/<replaceable>NAMN</" -"replaceable>]</quote> <placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ipa.5.xml:758 -#, fuzzy -#| msgid "" -#| "POSIX domains are reachable by all services. Application domains are only " -#| "reachable from the InfoPipe responder (see <citerefentry> " -#| "<refentrytitle>sssd-ifp</refentrytitle> <manvolnum>5</manvolnum> </" -#| "citerefentry>) and the PAM responder." msgid "" "In addition, some options can be set in the parent domain and inherited by " "the trusted domain using the <quote>subdomain_inherit</quote> option. For " "more details, see the <citerefentry> <refentrytitle>sssd.conf</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page." msgstr "" -"POSIX-domäner kan nås av alla tjänster. Programdomäner kan endast nås från " -"InfoPipe-respondenten (se <citerefentry> <refentrytitle>sssd-ifp</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry>) och PAM-" -"respondenten." #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ipa.5.xml:768 @@ -10591,45 +10826,33 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> #: sssd-ipa.5.xml:779 sssd-ipa.5.xml:809 -#, fuzzy -#| msgid "ad_server," msgid "ad_server" -msgstr "ad_server," +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> #: sssd-ipa.5.xml:782 -#, fuzzy -#| msgid "ad_backup_server," msgid "ad_backup_server" -msgstr "ad_backup_server," +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> #: sssd-ipa.5.xml:785 sssd-ipa.5.xml:812 -#, fuzzy -#| msgid "ad_site," msgid "ad_site" -msgstr "ad_site," +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> #: sssd-ipa.5.xml:788 -#, fuzzy -#| msgid "ldap_search_base," msgid "ldap_search_base" -msgstr "ldap_search_base," +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> #: sssd-ipa.5.xml:791 -#, fuzzy -#| msgid "ldap_user_search_base," msgid "ldap_user_search_base" -msgstr "ldap_user_search_base," +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> #: sssd-ipa.5.xml:794 -#, fuzzy -#| msgid "ldap_group_search_base," msgid "ldap_group_search_base" -msgstr "ldap_group_search_base," +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> #: sssd-ipa.5.xml:803 @@ -11144,12 +11367,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:442 +#: sssd-ad.5.xml:441 +#, fuzzy +#| msgid "ldap_force_upper_case_realm (boolean)" +msgid "ad_gpo_ignore_unreadable (boolean)" +msgstr "ldap_force_upper_case_realm (boolean)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:444 +msgid "" +"Normally when some group policy containers (AD object) of applicable group " +"policy objects are not readable by SSSD then users are denied access. This " +"option allows to ignore group policy containers and with them associated " +"policies if their attributes in group policy containers are not readable for " +"SSSD." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:461 msgid "ad_gpo_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:445 +#: sssd-ad.5.xml:464 msgid "" "The amount of time between lookups of GPO policy files against the AD " "server. This will reduce the latency and load on the AD server if there are " @@ -11157,12 +11397,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:458 +#: sssd-ad.5.xml:477 msgid "ad_gpo_map_interactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:461 +#: sssd-ad.5.xml:480 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the InteractiveLogonRight and " @@ -11170,14 +11410,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:467 +#: sssd-ad.5.xml:486 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on locally\" and \"Deny log on locally\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:481 +#: sssd-ad.5.xml:500 #, no-wrap msgid "" "ad_gpo_map_interactive = +my_pam_service, -login\n" @@ -11185,7 +11425,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:472 +#: sssd-ad.5.xml:491 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -11197,42 +11437,42 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:504 +#: sssd-ad.5.xml:523 msgid "gdm-fingerprint" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:524 +#: sssd-ad.5.xml:543 msgid "lightdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:529 +#: sssd-ad.5.xml:548 msgid "lxdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:534 +#: sssd-ad.5.xml:553 msgid "sddm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:539 +#: sssd-ad.5.xml:558 msgid "unity" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:544 +#: sssd-ad.5.xml:563 msgid "xdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:553 +#: sssd-ad.5.xml:572 msgid "ad_gpo_map_remote_interactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:556 +#: sssd-ad.5.xml:575 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the RemoteInteractiveLogonRight and " @@ -11240,7 +11480,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:562 +#: sssd-ad.5.xml:581 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on through Remote Desktop Services\" and \"Deny log on through Remote " @@ -11248,7 +11488,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:577 +#: sssd-ad.5.xml:596 #, no-wrap msgid "" "ad_gpo_map_remote_interactive = +my_pam_service, -sshd\n" @@ -11256,7 +11496,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:568 +#: sssd-ad.5.xml:587 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -11268,22 +11508,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:585 +#: sssd-ad.5.xml:604 msgid "sshd" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:590 +#: sssd-ad.5.xml:609 msgid "cockpit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:599 +#: sssd-ad.5.xml:618 msgid "ad_gpo_map_network (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:602 +#: sssd-ad.5.xml:621 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the NetworkLogonRight and " @@ -11291,7 +11531,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:608 +#: sssd-ad.5.xml:627 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Access " "this computer from the network\" and \"Deny access to this computer from the " @@ -11299,7 +11539,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:623 +#: sssd-ad.5.xml:642 #, no-wrap msgid "" "ad_gpo_map_network = +my_pam_service, -ftp\n" @@ -11307,7 +11547,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:614 +#: sssd-ad.5.xml:633 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -11319,22 +11559,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:631 +#: sssd-ad.5.xml:650 msgid "ftp" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:636 +#: sssd-ad.5.xml:655 msgid "samba" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:645 +#: sssd-ad.5.xml:664 msgid "ad_gpo_map_batch (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:648 +#: sssd-ad.5.xml:667 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the BatchLogonRight and DenyBatchLogonRight " @@ -11342,14 +11582,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:654 +#: sssd-ad.5.xml:673 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a batch job\" and \"Deny log on as a batch job\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:668 +#: sssd-ad.5.xml:687 #, no-wrap msgid "" "ad_gpo_map_batch = +my_pam_service, -crond\n" @@ -11357,7 +11597,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:659 +#: sssd-ad.5.xml:678 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -11369,23 +11609,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:671 +#: sssd-ad.5.xml:690 msgid "" "Note: Cron service name may differ depending on Linux distribution used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:677 +#: sssd-ad.5.xml:696 msgid "crond" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:686 +#: sssd-ad.5.xml:705 msgid "ad_gpo_map_service (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:689 +#: sssd-ad.5.xml:708 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the ServiceLogonRight and " @@ -11393,14 +11633,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:695 +#: sssd-ad.5.xml:714 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a service\" and \"Deny log on as a service\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:708 +#: sssd-ad.5.xml:727 #, no-wrap msgid "" "ad_gpo_map_service = +my_pam_service\n" @@ -11408,7 +11648,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:700 sssd-ad.5.xml:775 +#: sssd-ad.5.xml:719 sssd-ad.5.xml:794 msgid "" "It is possible to add a PAM service name to the default set by using <quote>" "+service_name</quote>. Since the default set is empty, it is not possible " @@ -11419,19 +11659,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:718 +#: sssd-ad.5.xml:737 msgid "ad_gpo_map_permit (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:721 +#: sssd-ad.5.xml:740 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always granted, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:735 +#: sssd-ad.5.xml:754 #, no-wrap msgid "" "ad_gpo_map_permit = +my_pam_service, -sudo\n" @@ -11439,7 +11679,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:726 +#: sssd-ad.5.xml:745 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -11451,29 +11691,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:743 +#: sssd-ad.5.xml:762 msgid "polkit-1" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:758 +#: sssd-ad.5.xml:777 msgid "systemd-user" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:767 +#: sssd-ad.5.xml:786 msgid "ad_gpo_map_deny (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:770 +#: sssd-ad.5.xml:789 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always denied, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:783 +#: sssd-ad.5.xml:802 #, no-wrap msgid "" "ad_gpo_map_deny = +my_pam_service\n" @@ -11481,12 +11721,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:793 +#: sssd-ad.5.xml:812 msgid "ad_gpo_default_right (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:796 +#: sssd-ad.5.xml:815 msgid "" "This option defines how access control is evaluated for PAM service names " "that are not explicitly listed in one of the ad_gpo_map_* options. This " @@ -11499,57 +11739,57 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:809 +#: sssd-ad.5.xml:828 msgid "Supported values for this option include:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:813 +#: sssd-ad.5.xml:832 msgid "interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:818 +#: sssd-ad.5.xml:837 msgid "remote_interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:823 +#: sssd-ad.5.xml:842 msgid "network" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:828 +#: sssd-ad.5.xml:847 msgid "batch" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:833 +#: sssd-ad.5.xml:852 msgid "service" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:838 +#: sssd-ad.5.xml:857 msgid "permit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:843 +#: sssd-ad.5.xml:862 msgid "deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:849 +#: sssd-ad.5.xml:868 msgid "Default: deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:855 +#: sssd-ad.5.xml:874 msgid "ad_maximum_machine_account_password_age (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:858 +#: sssd-ad.5.xml:877 msgid "" "SSSD will check once a day if the machine account password is older than the " "given age in days and try to renew it. A value of 0 will disable the renewal " @@ -11557,17 +11797,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:864 +#: sssd-ad.5.xml:883 msgid "Default: 30 days" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:870 +#: sssd-ad.5.xml:889 msgid "ad_machine_account_password_renewal_opts (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:873 +#: sssd-ad.5.xml:892 msgid "" "This option should only be used to test the machine account renewal task. " "The option expects 2 integers separated by a colon (':'). The first integer " @@ -11577,12 +11817,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:882 +#: sssd-ad.5.xml:901 msgid "Default: 86400:750 (24h and 15m)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:891 +#: sssd-ad.5.xml:910 msgid "" "Optional. This option tells SSSD to automatically update the Active " "Directory DNS server with the IP address of this client. The update is " @@ -11593,19 +11833,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:921 +#: sssd-ad.5.xml:940 msgid "Default: 3600 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:937 +#: sssd-ad.5.xml:956 msgid "" "Default: Use the IP addresses of the interface which is used for AD LDAP " "connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:950 +#: sssd-ad.5.xml:969 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -11615,12 +11855,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:973 sss_rpcidmapd.5.xml:76 +#: sssd-ad.5.xml:992 sss_rpcidmapd.5.xml:76 msgid "Default: True" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1080 +#: sssd-ad.5.xml:1099 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -11628,7 +11868,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1087 +#: sssd-ad.5.xml:1106 #, no-wrap msgid "" "[domain/EXAMPLE]\n" @@ -11643,7 +11883,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1107 +#: sssd-ad.5.xml:1126 #, no-wrap msgid "" "access_provider = ldap\n" @@ -11652,7 +11892,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1103 +#: sssd-ad.5.xml:1122 msgid "" "The AD access control provider checks if the account is expired. It has the " "same effect as the following configuration of the LDAP provider: " @@ -11660,7 +11900,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1113 +#: sssd-ad.5.xml:1132 msgid "" "However, unless the <quote>ad</quote> access control provider is explicitly " "configured, the default access provider is <quote>permit</quote>. Please " @@ -11670,7 +11910,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1121 +#: sssd-ad.5.xml:1140 msgid "" "When the autofs provider is set to <quote>ad</quote>, the RFC2307 schema " "attribute mapping (nisMap, nisObject, ...) is used, because these attributes " @@ -12056,14 +12296,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd.8.xml:169 -#, fuzzy -#| msgid "" -#| "<option>-a</option>,<option>--append-group</option> <replaceable>GROUPS</" -#| "replaceable>" msgid "<option>-g</option>,<option>--genconf</option>" msgstr "" -"<option>-a</option>,<option>--append-group</option> <replaceable>GRUPPER</" -"replaceable>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.8.xml:173 @@ -12074,14 +12308,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd.8.xml:181 -#, fuzzy -#| msgid "" -#| "<option>-a</option>,<option>--append-group</option> <replaceable>GROUPS</" -#| "replaceable>" msgid "<option>-s</option>,<option>--genconf-section</option>" msgstr "" -"<option>-a</option>,<option>--append-group</option> <replaceable>GRUPPER</" -"replaceable>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.8.xml:185 @@ -13176,23 +13404,79 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-krb5.5.xml:505 +#, fuzzy +#| msgid "krb5_rcache_dir (string)" +msgid "krb5_kdcinfo_lookahead (string)" +msgstr "krb5_rcache_dir (sträng)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:508 +#, fuzzy +#| msgid "" +#| "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " +#| "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" +#| "citerefentry> for more information on configuring Kerberos." +msgid "" +"When krb5_use_kdcinfo is set to true, you can limit the amount of servers " +"handed to <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" +"refentrytitle> <manvolnum>8</manvolnum> </citerefentry>. This might be " +"helpful when there are too many servers discovered using SRV record." +msgstr "" +"<quote>krb5</quote> för att ändra Kerberoslösenordet. Se <citerefentry> " +"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" +"citerefentry> för mer information om att konfigurera Kerberos." + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:518 +msgid "" +"The krb5_kdcinfo_lookahead option contains two numbers seperated by a colon. " +"The first number represents number of primary servers used and the second " +"number specifies the number of backup servers." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:524 +#, fuzzy +#| msgid "" +#| "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " +#| "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" +#| "citerefentry> for more information on configuring Kerberos." +msgid "" +"For example <emphasis>10:0</emphasis> means that up to 10 primary servers " +"will be handed to <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" +"refentrytitle> <manvolnum>8</manvolnum> </citerefentry>. but no backup " +"servers." +msgstr "" +"<quote>krb5</quote> för att ändra Kerberoslösenordet. Se <citerefentry> " +"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" +"citerefentry> för mer information om att konfigurera Kerberos." + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:533 +#, fuzzy +#| msgid "Default: 3" +msgid "Default: 3:1" +msgstr "Standard: 3" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-krb5.5.xml:539 msgid "krb5_use_enterprise_principal (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:508 +#: sssd-krb5.5.xml:542 msgid "" "Specifies if the user principal should be treated as enterprise principal. " "See section 5 of RFC 6806 for more details about enterprise principals." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:514 +#: sssd-krb5.5.xml:548 msgid "Default: false (AD provider: true)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:517 +#: sssd-krb5.5.xml:551 msgid "" "The IPA provider will set to option to 'true' if it detects that the server " "is capable of handling enterprise principals and the option is not set " @@ -13200,12 +13484,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:526 +#: sssd-krb5.5.xml:560 msgid "krb5_map_user (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:529 +#: sssd-krb5.5.xml:563 msgid "" "The list of mappings is given as a comma-separated list of pairs " "<quote>username:primary</quote> where <quote>username</quote> is a UNIX user " @@ -13215,7 +13499,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-krb5.5.xml:541 +#: sssd-krb5.5.xml:575 #, no-wrap msgid "" "krb5_realm = REALM\n" @@ -13223,7 +13507,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:546 +#: sssd-krb5.5.xml:580 msgid "" "<quote>joe</quote> and <quote>dick</quote> are UNIX user names and " "<quote>juser</quote> and <quote>richard</quote> are primaries of kerberos " @@ -13243,7 +13527,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:572 +#: sssd-krb5.5.xml:606 msgid "" "The following example assumes that SSSD is correctly configured and FOO is " "one of the domains in the <replaceable>[sssd]</replaceable> section. This " @@ -13252,7 +13536,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-krb5.5.xml:580 +#: sssd-krb5.5.xml:614 #, no-wrap msgid "" "[domain/FOO]\n" @@ -14425,14 +14709,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_ssh_knownhostsproxy.1.xml:89 -#, fuzzy -#| msgid "" -#| "<option>-a</option>,<option>--append-group</option> <replaceable>GROUPS</" -#| "replaceable>" msgid "<option>-k</option>,<option>--pubkey</option>" msgstr "" -"<option>-a</option>,<option>--append-group</option> <replaceable>GRUPPER</" -"replaceable>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_ssh_knownhostsproxy.1.xml:93 @@ -14589,22 +14867,12 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-files.5.xml:58 -#, fuzzy -#| msgid "" -#| "The skeleton directory, which contains files and directories to be copied " -#| "in the user's home directory, when the home directory is created by " -#| "<citerefentry> <refentrytitle>sss_useradd</refentrytitle> <manvolnum>8</" -#| "manvolnum> </citerefentry>" msgid "" "Please note that some distributions enable the files domain automatically, " "prepending the domain before any explicitly configured domains. See " "enable_files_domain in <citerefentry> <refentrytitle>sssd.conf</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry>." msgstr "" -"Skelettkatalogen, som innehåller filer och kataloger som skall kopieras till " -"användarens hemkatalog, när hemkatalogen skapas av <citerefentry> " -"<refentrytitle>sss_useradd</refentrytitle> <manvolnum>8</manvolnum> </" -"citerefentry>" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-files.5.xml:67 @@ -17283,21 +17551,13 @@ msgstr "" #. type: Content of: <refsect1><refsect2><title> #: include/ad_modified_defaults.xml:80 -#, fuzzy -#| msgid "NSS configuration options" msgid "NSS configuration" -msgstr "NSS-konfigurationsalternativ" +msgstr "" #. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> #: include/ad_modified_defaults.xml:84 -#, fuzzy -#| msgid "" -#| "fallback_homedir = /home/%u\n" -#| " " msgid "fallback_homedir = /home/%d/%u" msgstr "" -"fallback_homedir = /home/%u\n" -" " #. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> #: include/ad_modified_defaults.xml:87 @@ -17413,18 +17673,17 @@ msgid "ldap_group_external_member = ipaExternalMember" msgstr "" #~ msgid "" -#~ "PLEASE NOTE: the support for non-unique named subpatterns is not " -#~ "available on all platforms (e.g. RHEL5 and SLES10). Only platforms with " -#~ "libpcre version 7 or higher can support non-unique named subpatterns." +#~ "For POSIX subdomains, setting the option in the main domain is inherited " +#~ "in the subdomain." #~ msgstr "" -#~ "OBSERVERA: stödet för icke unikt namngivna undermänster stödjs inte på " -#~ "alla plattformar (t.ex. RHEL5 och SLES10). Endast plattformar med " -#~ "libpcre version 7 och senare kan stödja namngivna undermönster som inte " -#~ "är unika." +#~ "För POSIX-underdomäner ärvs detta värde till underdomäner om det sätts i " +#~ "huvuddomänen." #~ msgid "" -#~ "PLEASE NOTE ALSO: older version of libpcre only support the Python syntax " -#~ "(?P<name>) to label subpatterns." +#~ "For ID-mapping subdomains, auto_private_groups is already enabled for the " +#~ "subdomains and setting it to false will not have any effect for the " +#~ "subdomain." #~ msgstr "" -#~ "OBSERVERA ÄVEN: äldre versioner av libpcre stödjer endast Pythonsyntaxen " -#~ "(?P<name>) för att namnge undermänster." +#~ "För ID-mappning av underdomäner är auto_private_groups redan aktiverat " +#~ "för underdomänerna och att sätta det till falskt kommer inte ha någon " +#~ "effekt för underdomänen." diff --git a/src/man/po/tg.po b/src/man/po/tg.po index 21560908073..e42904e2bc0 100644 --- a/src/man/po/tg.po +++ b/src/man/po/tg.po @@ -5,9 +5,9 @@ # Translators: msgid "" msgstr "" -"Project-Id-Version: sssd-docs 1.16.2\n" +"Project-Id-Version: sssd-docs 2.0.99\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2019-02-27 19:54+0100\n" +"POT-Creation-Date: 2019-06-13 20:34+0200\n" "PO-Revision-Date: 2014-12-15 12:10+0000\n" "Last-Translator: Copied by Zanata <copied-by-zanata@zanata.org>\n" "Language-Team: Tajik (http://www.transifex.com/projects/p/sssd/language/" @@ -292,11 +292,11 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:133 sssd.conf.5.xml:579 sssd.conf.5.xml:875 -#: sssd.conf.5.xml:1648 sssd.conf.5.xml:1678 sssd-ldap.5.xml:1792 -#: sssd-ldap.5.xml:1889 sssd-ldap.5.xml:1951 sssd-ldap.5.xml:2517 -#: sssd-ldap.5.xml:2582 sssd-ipa.5.xml:326 sssd-ad.5.xml:227 sssd-ad.5.xml:341 -#: sssd-ad.5.xml:907 sssd-ad.5.xml:1040 sssd-krb5.5.xml:499 +#: sssd.conf.5.xml:133 sssd.conf.5.xml:579 sssd.conf.5.xml:876 +#: sssd.conf.5.xml:1649 sssd.conf.5.xml:1679 sssd-ldap.5.xml:1849 +#: sssd-ldap.5.xml:1947 sssd-ldap.5.xml:2009 sssd-ldap.5.xml:2586 +#: sssd-ldap.5.xml:2651 sssd-ipa.5.xml:326 sssd-ad.5.xml:227 sssd-ad.5.xml:341 +#: sssd-ad.5.xml:926 sssd-ad.5.xml:1059 sssd-krb5.5.xml:499 #: sssd-secrets.5.xml:351 sssd-secrets.5.xml:364 msgid "Default: true" msgstr "Пешфарз: true" @@ -315,16 +315,16 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:146 sssd.conf.5.xml:576 sssd.conf.5.xml:758 -#: sssd.conf.5.xml:1581 sssd.conf.5.xml:3140 sssd-ldap.5.xml:708 -#: sssd-ldap.5.xml:1655 sssd-ldap.5.xml:1674 sssd-ldap.5.xml:1861 -#: sssd-ldap.5.xml:2287 sssd-ldap.5.xml:2606 sssd-ipa.5.xml:151 +#: sssd.conf.5.xml:1582 sssd.conf.5.xml:3207 sssd-ldap.5.xml:746 +#: sssd-ldap.5.xml:1700 sssd-ldap.5.xml:1719 sssd-ldap.5.xml:1919 +#: sssd-ldap.5.xml:2345 sssd-ldap.5.xml:2675 sssd-ipa.5.xml:151 #: sssd-ipa.5.xml:238 sssd-ipa.5.xml:574 sssd-krb5.5.xml:266 #: sssd-krb5.5.xml:300 sssd-krb5.5.xml:471 msgid "Default: false" msgstr "Пешфарз: false" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:2325 +#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:2383 #: sssd-systemtap.5.xml:82 sssd-systemtap.5.xml:143 sssd-systemtap.5.xml:210 #: sssd-systemtap.5.xml:248 sssd-systemtap.5.xml:304 msgid "<placeholder type=\"variablelist\" id=\"0\"/>" @@ -349,8 +349,8 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:169 sssd.conf.5.xml:1412 sssd.conf.5.xml:3156 -#: sssd-ldap.5.xml:1526 include/ldap_id_mapping.xml:264 +#: sssd.conf.5.xml:169 sssd.conf.5.xml:1413 sssd.conf.5.xml:3223 +#: sssd-ldap.5.xml:1571 include/ldap_id_mapping.xml:264 msgid "Default: 10" msgstr "Пешфарз: 10" @@ -365,7 +365,7 @@ msgid "The [sssd] section" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:191 sssd.conf.5.xml:3245 +#: sssd.conf.5.xml:191 sssd.conf.5.xml:3312 msgid "Section parameters" msgstr "" @@ -445,7 +445,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:259 sssd.conf.5.xml:2754 +#: sssd.conf.5.xml:259 sssd.conf.5.xml:2755 msgid "re_expression (string)" msgstr "" @@ -465,12 +465,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:276 sssd.conf.5.xml:2802 +#: sssd.conf.5.xml:276 sssd.conf.5.xml:2803 msgid "full_name_format (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:279 sssd.conf.5.xml:2805 +#: sssd.conf.5.xml:279 sssd.conf.5.xml:2806 msgid "" "A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" "manvolnum> </citerefentry>-compatible format that describes how to compose a " @@ -478,39 +478,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:290 sssd.conf.5.xml:2816 +#: sssd.conf.5.xml:290 sssd.conf.5.xml:2817 msgid "%1$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:291 sssd.conf.5.xml:2817 +#: sssd.conf.5.xml:291 sssd.conf.5.xml:2818 msgid "user name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:294 sssd.conf.5.xml:2820 +#: sssd.conf.5.xml:294 sssd.conf.5.xml:2821 msgid "%2$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:297 sssd.conf.5.xml:2823 +#: sssd.conf.5.xml:297 sssd.conf.5.xml:2824 msgid "domain name as specified in the SSSD config file." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:303 sssd.conf.5.xml:2829 +#: sssd.conf.5.xml:303 sssd.conf.5.xml:2830 msgid "%3$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:306 sssd.conf.5.xml:2832 +#: sssd.conf.5.xml:306 sssd.conf.5.xml:2833 msgid "" "domain flat name. Mostly usable for Active Directory domains, both directly " "configured or discovered via IPA trusts." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:287 sssd.conf.5.xml:2813 +#: sssd.conf.5.xml:287 sssd.conf.5.xml:2814 msgid "" "The following expansions are supported: <placeholder type=\"variablelist\" " "id=\"0\"/>" @@ -634,10 +634,10 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:418 sssd.conf.5.xml:1201 sssd-ldap.5.xml:679 -#: sssd-ldap.5.xml:1260 sssd-ldap.5.xml:1614 sssd-ldap.5.xml:1626 -#: sssd-ldap.5.xml:1708 sssd-ad.5.xml:712 sssd-ad.5.xml:787 sssd.8.xml:126 -#: sssd-krb5.5.xml:410 sssd-krb5.5.xml:556 sssd-secrets.5.xml:339 +#: sssd.conf.5.xml:418 sssd.conf.5.xml:1202 sssd-ldap.5.xml:717 +#: sssd-ldap.5.xml:1298 sssd-ldap.5.xml:1659 sssd-ldap.5.xml:1671 +#: sssd-ldap.5.xml:1763 sssd-ad.5.xml:731 sssd-ad.5.xml:806 sssd.8.xml:126 +#: sssd-krb5.5.xml:410 sssd-krb5.5.xml:590 sssd-secrets.5.xml:339 #: sssd-secrets.5.xml:377 sssd-secrets.5.xml:390 sssd-secrets.5.xml:404 #: sssd-secrets.5.xml:415 include/ldap_id_mapping.xml:205 #: include/ldap_id_mapping.xml:216 @@ -780,12 +780,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:533 sssd.conf.5.xml:1397 sssd.conf.5.xml:1703 +#: sssd.conf.5.xml:533 sssd.conf.5.xml:1398 sssd.conf.5.xml:1704 msgid "This man page was generated for the NSS version." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:536 sssd.conf.5.xml:1400 sssd.conf.5.xml:1706 +#: sssd.conf.5.xml:536 sssd.conf.5.xml:1401 sssd.conf.5.xml:1707 msgid "This man page was generated for the OpenSSL version." msgstr "" @@ -869,7 +869,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:624 sssd.conf.5.xml:1424 sssd.conf.5.xml:3206 +#: sssd.conf.5.xml:624 sssd.conf.5.xml:1425 sssd.conf.5.xml:3273 #: sssd-ad.5.xml:164 sssd-ad.5.xml:302 sssd-ad.5.xml:316 msgid "Default: Not set" msgstr "" @@ -945,8 +945,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:692 sssd.conf.5.xml:724 sssd.conf.5.xml:1006 -#: sssd.conf.5.xml:1267 sssd.conf.5.xml:1513 sssd-ldap.5.xml:1353 +#: sssd.conf.5.xml:692 sssd.conf.5.xml:724 sssd.conf.5.xml:1007 +#: sssd.conf.5.xml:1268 sssd.conf.5.xml:1514 sssd-ldap.5.xml:1391 msgid "Default: 60" msgstr "" @@ -1006,8 +1006,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:746 sssd.conf.5.xml:1019 sssd.conf.5.xml:1773 -#: sssd-ldap.5.xml:722 +#: sssd.conf.5.xml:746 sssd.conf.5.xml:1020 sssd.conf.5.xml:1774 +#: sssd-ldap.5.xml:760 msgid "Default: 300" msgstr "" @@ -1084,7 +1084,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:812 sssd.conf.5.xml:1602 +#: sssd.conf.5.xml:812 sssd.conf.5.xml:1603 msgid "Default: 50" msgstr "Пешфарз: 50" @@ -1102,7 +1102,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:826 sssd.conf.5.xml:1626 +#: sssd.conf.5.xml:826 sssd.conf.5.xml:1627 msgid "Default: 15" msgstr "Пешфарз: 15" @@ -1135,11 +1135,11 @@ msgid "" "Exclude certain users or groups from being fetched from the sss NSS " "database. This is particularly useful for system accounts. This option can " "also be set per-domain or include fully-qualified names to filter only users " -"from the particular domain." +"from the particular domain or by a user principal name (UPN)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:855 +#: sssd.conf.5.xml:856 msgid "" "NOTE: The filter_groups option doesn't affect inheritance of nested group " "members, since filtering happens after they are propagated for returning via " @@ -1148,41 +1148,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:863 +#: sssd.conf.5.xml:864 msgid "Default: root" msgstr "Пешфарз: root" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:868 +#: sssd.conf.5.xml:869 msgid "filter_users_in_groups (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:871 +#: sssd.conf.5.xml:872 msgid "" "If you want filtered user still be group members set this option to false." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:882 +#: sssd.conf.5.xml:883 msgid "fallback_homedir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:885 +#: sssd.conf.5.xml:886 msgid "" "Set a default template for a user's home directory if one is not specified " "explicitly by the domain's data provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:890 +#: sssd.conf.5.xml:891 msgid "" "The available values for this option are the same as for override_homedir." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:896 +#: sssd.conf.5.xml:897 #, no-wrap msgid "" "fallback_homedir = /home/%u\n" @@ -1190,23 +1190,23 @@ msgid "" msgstr "" #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:894 sssd.conf.5.xml:1334 sssd.conf.5.xml:1353 -#: sssd-krb5.5.xml:539 include/override_homedir.xml:59 +#: sssd.conf.5.xml:895 sssd.conf.5.xml:1335 sssd.conf.5.xml:1354 +#: sssd-krb5.5.xml:573 include/override_homedir.xml:59 msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:900 +#: sssd.conf.5.xml:901 msgid "Default: not set (no substitution for unset home directories)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:906 +#: sssd.conf.5.xml:907 msgid "override_shell (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:909 +#: sssd.conf.5.xml:910 msgid "" "Override the login shell for all users. This option supersedes any other " "shell options if it takes effect and can be set either in the [nss] section " @@ -1214,47 +1214,47 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:915 +#: sssd.conf.5.xml:916 msgid "Default: not set (SSSD will use the value retrieved from LDAP)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:921 +#: sssd.conf.5.xml:922 msgid "allowed_shells (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:924 +#: sssd.conf.5.xml:925 msgid "" "Restrict user shell to one of the listed values. The order of evaluation is:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:927 +#: sssd.conf.5.xml:928 msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:931 +#: sssd.conf.5.xml:932 msgid "" "2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</" "quote>, use the value of the shell_fallback parameter." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:936 +#: sssd.conf.5.xml:937 msgid "" "3. If the shell is not in the allowed_shells list and not in <quote>/etc/" "shells</quote>, a nologin shell is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:941 +#: sssd.conf.5.xml:942 msgid "The wildcard (*) can be used to allow any shell." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:944 +#: sssd.conf.5.xml:945 msgid "" "The (*) is useful if you want to use shell_fallback in case that user's " "shell is not in <quote>/etc/shells</quote> and maintaining list of all " @@ -1262,112 +1262,112 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:951 +#: sssd.conf.5.xml:952 msgid "An empty string for shell is passed as-is to libc." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:954 +#: sssd.conf.5.xml:955 msgid "" "The <quote>/etc/shells</quote> is only read on SSSD start up, which means " "that a restart of the SSSD is required in case a new shell is installed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:958 +#: sssd.conf.5.xml:959 msgid "Default: Not set. The user shell is automatically used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:963 +#: sssd.conf.5.xml:964 msgid "vetoed_shells (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:966 +#: sssd.conf.5.xml:967 msgid "Replace any instance of these shells with the shell_fallback" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:971 +#: sssd.conf.5.xml:972 msgid "shell_fallback (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:974 +#: sssd.conf.5.xml:975 msgid "" "The default shell to use if an allowed shell is not installed on the machine." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:978 +#: sssd.conf.5.xml:979 msgid "Default: /bin/sh" msgstr "Пешфарз: /bin/sh" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:983 +#: sssd.conf.5.xml:984 msgid "default_shell" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:986 +#: sssd.conf.5.xml:987 msgid "" "The default shell to use if the provider does not return one during lookup. " "This option can be specified globally in the [nss] section or per-domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:992 +#: sssd.conf.5.xml:993 msgid "" "Default: not set (Return NULL if no shell is specified and rely on libc to " "substitute something sensible when necessary, usually /bin/sh)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:999 sssd.conf.5.xml:1260 +#: sssd.conf.5.xml:1000 sssd.conf.5.xml:1261 msgid "get_domains_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1002 sssd.conf.5.xml:1263 +#: sssd.conf.5.xml:1003 sssd.conf.5.xml:1264 msgid "" "Specifies time in seconds for which the list of subdomains will be " "considered valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1011 +#: sssd.conf.5.xml:1012 msgid "memcache_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1014 +#: sssd.conf.5.xml:1015 msgid "" "Specifies time in seconds for which records in the in-memory cache will be " "valid. Setting this option to zero will disable the in-memory cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1022 +#: sssd.conf.5.xml:1023 msgid "" "WARNING: Disabling the in-memory cache will have significant negative impact " "on SSSD's performance and should only be used for testing." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1028 +#: sssd.conf.5.xml:1029 msgid "" "NOTE: If the environment variable SSS_NSS_USE_MEMCACHE is set to \"NO\", " "client applications will not use the fast in-memory cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1036 sssd-ifp.5.xml:74 +#: sssd.conf.5.xml:1037 sssd-ifp.5.xml:74 msgid "user_attributes (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1039 +#: sssd.conf.5.xml:1040 msgid "" "Some of the additional NSS responder requests can return more attributes " "than just the POSIX ones defined by the NSS interface. The list of " @@ -1378,96 +1378,96 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1052 +#: sssd.conf.5.xml:1053 msgid "" "To make configuration more easy the NSS responder will check the InfoPipe " "option if it is not set for the NSS responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1057 +#: sssd.conf.5.xml:1058 msgid "Default: not set, fallback to InfoPipe option" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1062 +#: sssd.conf.5.xml:1063 msgid "pwfield (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1065 +#: sssd.conf.5.xml:1066 msgid "" "The value that NSS operations that return users or groups will return for " "the <quote>password</quote> field." msgstr "" #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:1070 include/override_homedir.xml:56 +#: sssd.conf.5.xml:1071 include/override_homedir.xml:56 msgid "This option can also be set per-domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1073 +#: sssd.conf.5.xml:1074 msgid "" "Default: <quote>*</quote> (remote domains) or <quote>x</quote> (the files " "domain)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1081 +#: sssd.conf.5.xml:1082 msgid "PAM configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1083 +#: sssd.conf.5.xml:1084 msgid "" "These options can be used to configure the Pluggable Authentication Module " "(PAM) service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1088 +#: sssd.conf.5.xml:1089 msgid "offline_credentials_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1091 +#: sssd.conf.5.xml:1092 msgid "" "If the authentication provider is offline, how long should we allow cached " "logins (in days since the last successful online login)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1096 sssd.conf.5.xml:1109 +#: sssd.conf.5.xml:1097 sssd.conf.5.xml:1110 msgid "Default: 0 (No limit)" msgstr "Пешфарз: 0 (Номаҳдуд)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1102 +#: sssd.conf.5.xml:1103 msgid "offline_failed_login_attempts (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1105 +#: sssd.conf.5.xml:1106 msgid "" "If the authentication provider is offline, how many failed login attempts " "are allowed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1115 +#: sssd.conf.5.xml:1116 msgid "offline_failed_login_delay (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1118 +#: sssd.conf.5.xml:1119 msgid "" "The time in minutes which has to pass after offline_failed_login_attempts " "has been reached before a new login attempt is possible." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1123 +#: sssd.conf.5.xml:1124 msgid "" "If set to 0 the user cannot authenticate offline if " "offline_failed_login_attempts has been reached. Only a successful online " @@ -1475,59 +1475,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1129 sssd.conf.5.xml:1227 +#: sssd.conf.5.xml:1130 sssd.conf.5.xml:1228 msgid "Default: 5" msgstr "Пешфарз: 5" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1135 +#: sssd.conf.5.xml:1136 msgid "pam_verbosity (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1138 +#: sssd.conf.5.xml:1139 msgid "" "Controls what kind of messages are shown to the user during authentication. " "The higher the number to more messages are displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1143 +#: sssd.conf.5.xml:1144 msgid "Currently sssd supports the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1146 +#: sssd.conf.5.xml:1147 msgid "<emphasis>0</emphasis>: do not show any message" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1149 +#: sssd.conf.5.xml:1150 msgid "<emphasis>1</emphasis>: show only important messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1153 +#: sssd.conf.5.xml:1154 msgid "<emphasis>2</emphasis>: show informational messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1156 +#: sssd.conf.5.xml:1157 msgid "<emphasis>3</emphasis>: show all messages and debug information" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1160 sssd.8.xml:63 +#: sssd.conf.5.xml:1161 sssd.8.xml:63 msgid "Default: 1" msgstr "Пешфарз: 1" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1166 +#: sssd.conf.5.xml:1167 msgid "pam_response_filter (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1169 +#: sssd.conf.5.xml:1170 msgid "" "A comma separated list of strings which allows to remove (filter) data sent " "by the PAM responder to pam_sss PAM module. There are different kind of " @@ -1536,61 +1536,61 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1177 +#: sssd.conf.5.xml:1178 msgid "" "While messages already can be controlled with the help of the pam_verbosity " "option this option allows to filter out other kind of responses as well." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1184 +#: sssd.conf.5.xml:1185 msgid "ENV" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1185 +#: sssd.conf.5.xml:1186 msgid "Do not send any environment variables to any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1188 +#: sssd.conf.5.xml:1189 msgid "ENV:var_name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1189 +#: sssd.conf.5.xml:1190 msgid "Do not send environment variable var_name to any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1193 +#: sssd.conf.5.xml:1194 msgid "ENV:var_name:service" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1194 +#: sssd.conf.5.xml:1195 msgid "Do not send environment variable var_name to service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1182 +#: sssd.conf.5.xml:1183 msgid "" "Currently the following filters are supported: <placeholder type=" "\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1204 +#: sssd.conf.5.xml:1205 msgid "Example: ENV:KRB5CCNAME:sudo-i" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1210 +#: sssd.conf.5.xml:1211 msgid "pam_id_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1213 +#: sssd.conf.5.xml:1214 msgid "" "For any PAM request while SSSD is online, the SSSD will attempt to " "immediately update the cached identity information for the user in order to " @@ -1598,7 +1598,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1219 +#: sssd.conf.5.xml:1220 msgid "" "A complete PAM conversation may perform multiple PAM requests, such as " "account management and session opening. This option controls (on a per-" @@ -1607,17 +1607,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1233 +#: sssd.conf.5.xml:1234 msgid "pam_pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1236 sssd.conf.5.xml:2235 +#: sssd.conf.5.xml:1237 sssd.conf.5.xml:2236 msgid "Display a warning N days before the password expires." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1239 +#: sssd.conf.5.xml:1240 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -1625,31 +1625,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1245 sssd.conf.5.xml:2238 +#: sssd.conf.5.xml:1246 sssd.conf.5.xml:2239 msgid "" "If zero is set, then this filter is not applied, i.e. if the expiration " "warning was received from backend server, it will automatically be displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1250 +#: sssd.conf.5.xml:1251 msgid "" "This setting can be overridden by setting <emphasis>pwd_expiration_warning</" "emphasis> for a particular domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1255 sssd.conf.5.xml:3061 sssd.8.xml:79 +#: sssd.conf.5.xml:1256 sssd.conf.5.xml:3069 sssd.8.xml:79 msgid "Default: 0" msgstr "Пешфарз: 0" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1272 +#: sssd.conf.5.xml:1273 msgid "pam_trusted_users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1275 +#: sssd.conf.5.xml:1276 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to run PAM conversations against trusted domains. Users not " @@ -1659,75 +1659,75 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1285 +#: sssd.conf.5.xml:1286 msgid "Default: All users are considered trusted by default" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1289 +#: sssd.conf.5.xml:1290 msgid "" "Please note that UID 0 is always allowed to access the PAM responder even in " "case it is not in the pam_trusted_users list." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1296 +#: sssd.conf.5.xml:1297 msgid "pam_public_domains (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1299 +#: sssd.conf.5.xml:1300 msgid "" "Specifies the comma-separated list of domain names that are accessible even " "to untrusted users." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1303 +#: sssd.conf.5.xml:1304 msgid "Two special values for pam_public_domains option are defined:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1307 +#: sssd.conf.5.xml:1308 msgid "" "all (Untrusted users are allowed to access all domains in PAM responder.)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1311 +#: sssd.conf.5.xml:1312 msgid "" "none (Untrusted users are not allowed to access any domains PAM in " "responder.)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1315 sssd.conf.5.xml:1340 sssd.conf.5.xml:1359 -#: sssd.conf.5.xml:1546 sssd.conf.5.xml:2032 sssd.conf.5.xml:2997 -#: sssd-ldap.5.xml:1920 +#: sssd.conf.5.xml:1316 sssd.conf.5.xml:1341 sssd.conf.5.xml:1360 +#: sssd.conf.5.xml:1547 sssd.conf.5.xml:2033 sssd.conf.5.xml:2998 +#: sssd-ldap.5.xml:1978 msgid "Default: none" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1320 +#: sssd.conf.5.xml:1321 msgid "pam_account_expired_message (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1323 +#: sssd.conf.5.xml:1324 msgid "" "Allows a custom expiration message to be set, replacing the default " "'Permission denied' message." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1328 +#: sssd.conf.5.xml:1329 msgid "" "Note: Please be aware that message is only printed for the SSH service " "unless pam_verbosity is set to 3 (show all messages and debug information)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1336 +#: sssd.conf.5.xml:1337 #, no-wrap msgid "" "pam_account_expired_message = Account expired, please contact help desk.\n" @@ -1735,19 +1735,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1345 +#: sssd.conf.5.xml:1346 msgid "pam_account_locked_message (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1348 +#: sssd.conf.5.xml:1349 msgid "" "Allows a custom lockout message to be set, replacing the default 'Permission " "denied' message." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1355 +#: sssd.conf.5.xml:1356 #, no-wrap msgid "" "pam_account_locked_message = Account locked, please contact help desk.\n" @@ -1755,12 +1755,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1364 +#: sssd.conf.5.xml:1365 msgid "pam_cert_auth (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1367 +#: sssd.conf.5.xml:1368 msgid "" "Enable certificate based Smartcard authentication. Since this requires " "additional communication with the Smartcard which will delay the " @@ -1768,77 +1768,77 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1373 sssd.conf.5.xml:3090 sssd-ldap.5.xml:1455 -#: sssd-ldap.5.xml:1476 sssd-ldap.5.xml:1993 sssd-ad.5.xml:435 +#: sssd.conf.5.xml:1374 sssd-ldap.5.xml:1493 sssd-ldap.5.xml:1514 +#: sssd-ldap.5.xml:2051 sssd-ad.5.xml:435 sssd-ad.5.xml:453 #: include/ldap_id_mapping.xml:244 msgid "Default: False" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1378 +#: sssd.conf.5.xml:1379 msgid "pam_cert_db_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1381 +#: sssd.conf.5.xml:1382 msgid "" "The path to the certificate database which contain the PKCS#11 modules to " "access the Smartcard." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1385 sssd.conf.5.xml:1691 sssd.conf.5.xml:3441 +#: sssd.conf.5.xml:1386 sssd.conf.5.xml:1692 sssd.conf.5.xml:3509 msgid "Default:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1387 sssd.conf.5.xml:1693 +#: sssd.conf.5.xml:1388 sssd.conf.5.xml:1694 msgid "/etc/pki/nssdb (NSS version, path to a NSS database)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1390 sssd.conf.5.xml:1696 +#: sssd.conf.5.xml:1391 sssd.conf.5.xml:1697 msgid "" "/etc/sssd/pki/sssd_auth_ca_db.pem (OpenSSL version, path to a file with " "trusted CA certificates in PEM format)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1405 +#: sssd.conf.5.xml:1406 msgid "p11_child_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1408 +#: sssd.conf.5.xml:1409 msgid "How many seconds will pam_sss wait for p11_child to finish." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1417 +#: sssd.conf.5.xml:1418 msgid "pam_app_services (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1420 +#: sssd.conf.5.xml:1421 msgid "" "Which PAM services are permitted to contact domains of type " "<quote>application</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1429 +#: sssd.conf.5.xml:1430 msgid "pam_p11_allowed_services (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1432 +#: sssd.conf.5.xml:1433 msgid "" "A comma-separated list of PAM service names for which it will be allowed to " "use Smartcards." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1447 +#: sssd.conf.5.xml:1448 #, no-wrap msgid "" "pam_p11_allowed_services = +my_pam_service, -login\n" @@ -1846,7 +1846,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1436 +#: sssd.conf.5.xml:1437 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -1858,63 +1858,63 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1451 sssd-ad.5.xml:485 sssd-ad.5.xml:581 sssd-ad.5.xml:627 -#: sssd-ad.5.xml:673 sssd-ad.5.xml:739 +#: sssd.conf.5.xml:1452 sssd-ad.5.xml:504 sssd-ad.5.xml:600 sssd-ad.5.xml:646 +#: sssd-ad.5.xml:692 sssd-ad.5.xml:758 msgid "Default: the default set of PAM service names includes:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1456 sssd-ad.5.xml:489 +#: sssd.conf.5.xml:1457 sssd-ad.5.xml:508 msgid "login" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1461 sssd-ad.5.xml:494 +#: sssd.conf.5.xml:1462 sssd-ad.5.xml:513 msgid "su" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1466 sssd-ad.5.xml:499 +#: sssd.conf.5.xml:1467 sssd-ad.5.xml:518 msgid "su-l" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1471 sssd-ad.5.xml:514 +#: sssd.conf.5.xml:1472 sssd-ad.5.xml:533 msgid "gdm-smartcard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1476 sssd-ad.5.xml:509 +#: sssd.conf.5.xml:1477 sssd-ad.5.xml:528 msgid "gdm-password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1481 sssd-ad.5.xml:519 +#: sssd.conf.5.xml:1482 sssd-ad.5.xml:538 msgid "kdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1486 sssd-ad.5.xml:748 +#: sssd.conf.5.xml:1487 sssd-ad.5.xml:767 msgid "sudo" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1491 sssd-ad.5.xml:753 +#: sssd.conf.5.xml:1492 sssd-ad.5.xml:772 msgid "sudo-i" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1496 +#: sssd.conf.5.xml:1497 msgid "gnome-screensaver" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1504 +#: sssd.conf.5.xml:1505 msgid "p11_wait_for_card_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1507 +#: sssd.conf.5.xml:1508 msgid "" "If Smartcard authentication is required how many extra seconds in addition " "to p11_child_timeout should the PAM responder wait until a Smartcard is " @@ -1922,23 +1922,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1518 +#: sssd.conf.5.xml:1519 msgid "p11_uri (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1521 +#: sssd.conf.5.xml:1522 msgid "" "PKCS#11 URI (see RFC-7512 for details) which can be used to restrict the " "selection of devices used for Smartcard authentication. By default SSSD's " "p11_child will search for a PKCS#11 slot (reader) where the 'removable' " "flags is set and read the certificates from the inserted token from the " -"first slot found. If multiple readers are connected p11_uri can be use to " +"first slot found. If multiple readers are connected p11_uri can be used to " "tell p11_child to use a specific reader." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1534 +#: sssd.conf.5.xml:1535 #, no-wrap msgid "" "p11_uri = slot-description=My%20Smartcar%20Reader\n" @@ -1946,7 +1946,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1538 +#: sssd.conf.5.xml:1539 #, no-wrap msgid "" "p11_uri = library-description=OpenSC%20smartcard%20framework;slot-id=2\n" @@ -1954,7 +1954,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1532 +#: sssd.conf.5.xml:1533 msgid "" "Example: <placeholder type=\"programlisting\" id=\"0\"/> or <placeholder " "type=\"programlisting\" id=\"1\"/> To find suitable URI please check the " @@ -1963,12 +1963,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1554 +#: sssd.conf.5.xml:1555 msgid "SUDO configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1556 +#: sssd.conf.5.xml:1557 msgid "" "These options can be used to configure the sudo service. The detailed " "instructions for configuration of <citerefentry> <refentrytitle>sudo</" @@ -1979,24 +1979,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1573 +#: sssd.conf.5.xml:1574 msgid "sudo_timed (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1576 +#: sssd.conf.5.xml:1577 msgid "" "Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " "that implement time-dependent sudoers entries." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1588 +#: sssd.conf.5.xml:1589 msgid "sudo_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1591 +#: sssd.conf.5.xml:1592 msgid "" "Maximum number of expired rules that can be refreshed at once. If number of " "expired rules is below threshold, those rules are refreshed with " @@ -2006,22 +2006,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1610 +#: sssd.conf.5.xml:1611 msgid "AUTOFS configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1612 +#: sssd.conf.5.xml:1613 msgid "These options can be used to configure the autofs service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1616 +#: sssd.conf.5.xml:1617 msgid "autofs_negative_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1619 +#: sssd.conf.5.xml:1620 msgid "" "Specifies for how many seconds should the autofs responder negative cache " "hits (that is, queries for invalid map entries, like nonexistent ones) " @@ -2029,51 +2029,51 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1635 +#: sssd.conf.5.xml:1636 msgid "SSH configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1637 +#: sssd.conf.5.xml:1638 msgid "These options can be used to configure the SSH service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1641 +#: sssd.conf.5.xml:1642 msgid "ssh_hash_known_hosts (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1644 +#: sssd.conf.5.xml:1645 msgid "" "Whether or not to hash host names and addresses in the managed known_hosts " "file." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1653 +#: sssd.conf.5.xml:1654 msgid "ssh_known_hosts_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1656 +#: sssd.conf.5.xml:1657 msgid "" "How many seconds to keep a host in the managed known_hosts file after its " "host keys were requested." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1660 +#: sssd.conf.5.xml:1661 msgid "Default: 180" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1665 +#: sssd.conf.5.xml:1666 msgid "ssh_use_certificate_keys (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1668 +#: sssd.conf.5.xml:1669 msgid "" "If set to true the <command>sss_ssh_authorizedkeys</command> will return ssh " "keys derived from the public key of X.509 certificates stored in the user " @@ -2082,24 +2082,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1683 +#: sssd.conf.5.xml:1684 msgid "ca_db (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1686 +#: sssd.conf.5.xml:1687 msgid "" "Path to a storage of trusted CA certificates. The option is used to validate " "user certificates before deriving public ssh keys from them." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1714 +#: sssd.conf.5.xml:1715 msgid "PAC responder configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1716 +#: sssd.conf.5.xml:1717 msgid "" "The PAC responder works together with the authorization data plugin for MIT " "Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the " @@ -2110,7 +2110,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1725 +#: sssd.conf.5.xml:1726 msgid "" "If the remote user does not exist in the cache, it is created. The UID is " "determined with the help of the SID, trusted domains will have UPGs and the " @@ -2121,24 +2121,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1733 +#: sssd.conf.5.xml:1734 msgid "" "If there are SIDs of groups from domains sssd knows about, the user will be " "added to those groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1739 +#: sssd.conf.5.xml:1740 msgid "These options can be used to configure the PAC responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1743 sssd-ifp.5.xml:50 +#: sssd.conf.5.xml:1744 sssd-ifp.5.xml:50 msgid "allowed_uids (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1746 +#: sssd.conf.5.xml:1747 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to access the PAC responder. User names are resolved to UIDs at " @@ -2146,12 +2146,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1752 +#: sssd.conf.5.xml:1753 msgid "Default: 0 (only the root user is allowed to access the PAC responder)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1756 +#: sssd.conf.5.xml:1757 msgid "" "Please note that although the UID 0 is used as the default it will be " "overwritten with this option. If you still want to allow the root user to " @@ -2160,24 +2160,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1765 +#: sssd.conf.5.xml:1766 msgid "pac_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1768 +#: sssd.conf.5.xml:1769 msgid "" "Lifetime of the PAC entry in seconds. As long as the PAC is valid the PAC " "data can be used to determine the group memberships of a user." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1781 +#: sssd.conf.5.xml:1782 msgid "Session recording configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1783 +#: sssd.conf.5.xml:1784 msgid "" "Session recording works in conjunction with <citerefentry> " "<refentrytitle>tlog-rec-session</refentrytitle> <manvolnum>8</manvolnum> </" @@ -2187,66 +2187,66 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1796 +#: sssd.conf.5.xml:1797 msgid "These options can be used to configure session recording." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1800 sssd-session-recording.5.xml:64 +#: sssd.conf.5.xml:1801 sssd-session-recording.5.xml:64 msgid "scope (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1807 sssd-session-recording.5.xml:71 +#: sssd.conf.5.xml:1808 sssd-session-recording.5.xml:71 msgid "\"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1810 sssd-session-recording.5.xml:74 +#: sssd.conf.5.xml:1811 sssd-session-recording.5.xml:74 msgid "No users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1815 sssd-session-recording.5.xml:79 +#: sssd.conf.5.xml:1816 sssd-session-recording.5.xml:79 msgid "\"some\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1818 sssd-session-recording.5.xml:82 +#: sssd.conf.5.xml:1819 sssd-session-recording.5.xml:82 msgid "" "Users/groups specified by <replaceable>users</replaceable> and " "<replaceable>groups</replaceable> options are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1827 sssd-session-recording.5.xml:91 +#: sssd.conf.5.xml:1828 sssd-session-recording.5.xml:91 msgid "\"all\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1830 sssd-session-recording.5.xml:94 +#: sssd.conf.5.xml:1831 sssd-session-recording.5.xml:94 msgid "All users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1803 sssd-session-recording.5.xml:67 +#: sssd.conf.5.xml:1804 sssd-session-recording.5.xml:67 msgid "" "One of the following strings specifying the scope of session recording: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1837 sssd-session-recording.5.xml:101 +#: sssd.conf.5.xml:1838 sssd-session-recording.5.xml:101 msgid "Default: \"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1842 sssd-session-recording.5.xml:106 +#: sssd.conf.5.xml:1843 sssd-session-recording.5.xml:106 msgid "users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1845 sssd-session-recording.5.xml:109 +#: sssd.conf.5.xml:1846 sssd-session-recording.5.xml:109 msgid "" "A comma-separated list of users which should have session recording enabled. " "Matches user names as returned by NSS. I.e. after the possible space " @@ -2254,17 +2254,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1851 sssd-session-recording.5.xml:115 +#: sssd.conf.5.xml:1852 sssd-session-recording.5.xml:115 msgid "Default: Empty. Matches no users." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1856 sssd-session-recording.5.xml:120 +#: sssd.conf.5.xml:1857 sssd-session-recording.5.xml:120 msgid "groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1859 sssd-session-recording.5.xml:123 +#: sssd.conf.5.xml:1860 sssd-session-recording.5.xml:123 msgid "" "A comma-separated list of groups, members of which should have session " "recording enabled. Matches group names as returned by NSS. I.e. after the " @@ -2272,7 +2272,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1865 sssd-session-recording.5.xml:129 +#: sssd.conf.5.xml:1866 sssd-session-recording.5.xml:129 msgid "" "NOTE: using this option (having it set to anything) has a considerable " "performance cost, because each uncached request for a user requires " @@ -2280,22 +2280,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1872 sssd-session-recording.5.xml:136 +#: sssd.conf.5.xml:1873 sssd-session-recording.5.xml:136 msgid "Default: Empty. Matches no groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1882 +#: sssd.conf.5.xml:1883 msgid "DOMAIN SECTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1889 +#: sssd.conf.5.xml:1890 msgid "domain_type (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1892 +#: sssd.conf.5.xml:1893 msgid "" "Specifies whether the domain is meant to be used by POSIX-aware clients such " "as the Name Service Switch or by applications that do not need POSIX data to " @@ -2304,14 +2304,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1900 +#: sssd.conf.5.xml:1901 msgid "" "Allowed values for this option are <quote>posix</quote> and " "<quote>application</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1904 +#: sssd.conf.5.xml:1905 msgid "" "POSIX domains are reachable by all services. Application domains are only " "reachable from the InfoPipe responder (see <citerefentry> " @@ -2320,38 +2320,38 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1912 +#: sssd.conf.5.xml:1913 msgid "" "NOTE: The application domains are currently well tested with " "<quote>id_provider=ldap</quote> only." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1916 +#: sssd.conf.5.xml:1917 msgid "" "For an easy way to configure a non-POSIX domains, please see the " "<quote>Application domains</quote> section." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1920 +#: sssd.conf.5.xml:1921 msgid "Default: posix" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1926 +#: sssd.conf.5.xml:1927 msgid "min_id,max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1929 +#: sssd.conf.5.xml:1930 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1934 +#: sssd.conf.5.xml:1935 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For non-" @@ -2360,24 +2360,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1941 +#: sssd.conf.5.xml:1942 msgid "" "These ID limits affect even saving entries to cache, not only returning them " "by name or ID." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1945 +#: sssd.conf.5.xml:1946 msgid "Default: 1 for min_id, 0 (no limit) for max_id" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1951 +#: sssd.conf.5.xml:1952 msgid "enumerate (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1954 +#: sssd.conf.5.xml:1955 msgid "" "Determines if a domain can be enumerated, that is, whether the domain can " "list all the users and group it contains. Note that it is not required to " @@ -2386,29 +2386,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1962 +#: sssd.conf.5.xml:1963 msgid "TRUE = Users and groups are enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1965 +#: sssd.conf.5.xml:1966 msgid "FALSE = No enumerations for this domain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1968 sssd.conf.5.xml:2190 sssd.conf.5.xml:2365 +#: sssd.conf.5.xml:1969 sssd.conf.5.xml:2191 sssd.conf.5.xml:2366 msgid "Default: FALSE" msgstr "Пешфарз: FALSE" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1971 +#: sssd.conf.5.xml:1972 msgid "" "Enumerating a domain requires SSSD to download and store ALL user and group " "entries from the remote server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1976 +#: sssd.conf.5.xml:1977 msgid "" "Note: Enabling enumeration has a moderate performance impact on SSSD while " "enumeration is running. It may take up to several minutes after SSSD startup " @@ -2422,14 +2422,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1991 +#: sssd.conf.5.xml:1992 msgid "" "While the first enumeration is running, requests for the complete user or " "group lists may return no results until it completes." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1996 +#: sssd.conf.5.xml:1997 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " @@ -2438,39 +2438,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2004 +#: sssd.conf.5.xml:2005 msgid "" "For the reasons cited above, enabling enumeration is not recommended, " "especially in large environments." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2012 +#: sssd.conf.5.xml:2013 msgid "subdomain_enumerate (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2019 +#: sssd.conf.5.xml:2020 msgid "all" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2020 +#: sssd.conf.5.xml:2021 msgid "All discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2023 +#: sssd.conf.5.xml:2024 msgid "none" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2024 +#: sssd.conf.5.xml:2025 msgid "No discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2015 +#: sssd.conf.5.xml:2016 msgid "" "Whether any of autodetected trusted domains should be enumerated. The " "supported values are: <placeholder type=\"variablelist\" id=\"0\"/> " @@ -2479,19 +2479,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2038 +#: sssd.conf.5.xml:2039 msgid "entry_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2041 +#: sssd.conf.5.xml:2042 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2045 +#: sssd.conf.5.xml:2046 msgid "" "The cache expiration timestamps are stored as attributes of individual " "objects in the cache. Therefore, changing the cache timeout only has effect " @@ -2502,151 +2502,151 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2058 +#: sssd.conf.5.xml:2059 msgid "Default: 5400" msgstr "Пешфарз: 5400" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2064 +#: sssd.conf.5.xml:2065 msgid "entry_cache_user_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2067 +#: sssd.conf.5.xml:2068 msgid "" "How many seconds should nss_sss consider user entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2071 sssd.conf.5.xml:2084 sssd.conf.5.xml:2097 -#: sssd.conf.5.xml:2110 sssd.conf.5.xml:2123 sssd.conf.5.xml:2137 -#: sssd.conf.5.xml:2151 +#: sssd.conf.5.xml:2072 sssd.conf.5.xml:2085 sssd.conf.5.xml:2098 +#: sssd.conf.5.xml:2111 sssd.conf.5.xml:2124 sssd.conf.5.xml:2138 +#: sssd.conf.5.xml:2152 msgid "Default: entry_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2077 +#: sssd.conf.5.xml:2078 msgid "entry_cache_group_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2080 +#: sssd.conf.5.xml:2081 msgid "" "How many seconds should nss_sss consider group entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2090 +#: sssd.conf.5.xml:2091 msgid "entry_cache_netgroup_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2093 +#: sssd.conf.5.xml:2094 msgid "" "How many seconds should nss_sss consider netgroup entries valid before " "asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2103 +#: sssd.conf.5.xml:2104 msgid "entry_cache_service_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2106 +#: sssd.conf.5.xml:2107 msgid "" "How many seconds should nss_sss consider service entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2116 +#: sssd.conf.5.xml:2117 msgid "entry_cache_sudo_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2119 +#: sssd.conf.5.xml:2120 msgid "" "How many seconds should sudo consider rules valid before asking the backend " "again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2129 +#: sssd.conf.5.xml:2130 msgid "entry_cache_autofs_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2132 +#: sssd.conf.5.xml:2133 msgid "" "How many seconds should the autofs service consider automounter maps valid " "before asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2143 +#: sssd.conf.5.xml:2144 msgid "entry_cache_ssh_host_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2146 +#: sssd.conf.5.xml:2147 msgid "" "How many seconds to keep a host ssh key after refresh. IE how long to cache " "the host key for." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2157 +#: sssd.conf.5.xml:2158 msgid "refresh_expired_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2160 +#: sssd.conf.5.xml:2161 msgid "" "Specifies how many seconds SSSD has to wait before triggering a background " "refresh task which will refresh all expired or nearly expired records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2165 +#: sssd.conf.5.xml:2166 msgid "" "The background refresh will process users, groups and netgroups in the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2169 +#: sssd.conf.5.xml:2170 msgid "You can consider setting this value to 3/4 * entry_cache_timeout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2173 sssd-ldap.5.xml:746 sssd-ipa.5.xml:254 +#: sssd.conf.5.xml:2174 sssd-ldap.5.xml:784 sssd-ipa.5.xml:254 msgid "Default: 0 (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2179 +#: sssd.conf.5.xml:2180 msgid "cache_credentials (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2182 +#: sssd.conf.5.xml:2183 msgid "Determines if user credentials are also cached in the local LDB cache" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2186 +#: sssd.conf.5.xml:2187 msgid "User credentials are stored in a SHA512 hash, not in plaintext" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2196 +#: sssd.conf.5.xml:2197 msgid "cache_credentials_minimal_first_factor_length (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2199 +#: sssd.conf.5.xml:2200 msgid "" "If 2-Factor-Authentication (2FA) is used and credentials should be saved " "this value determines the minimal length the first authentication factor " @@ -2654,24 +2654,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2206 +#: sssd.conf.5.xml:2207 msgid "" "This should avoid that the short PINs of a PIN based 2FA scheme are saved in " "the cache which would make them easy targets for brute-force attacks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2211 +#: sssd.conf.5.xml:2212 msgid "Default: 8" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2217 +#: sssd.conf.5.xml:2218 msgid "account_cache_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2220 +#: sssd.conf.5.xml:2221 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " @@ -2680,17 +2680,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2227 +#: sssd.conf.5.xml:2228 msgid "Default: 0 (unlimited)" msgstr "Пешфарз: 0 (номаҳдуд)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2232 +#: sssd.conf.5.xml:2233 msgid "pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2243 +#: sssd.conf.5.xml:2244 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -2699,34 +2699,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2250 +#: sssd.conf.5.xml:2251 msgid "Default: 7 (Kerberos), 0 (LDAP)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2256 +#: sssd.conf.5.xml:2257 msgid "id_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2259 +#: sssd.conf.5.xml:2260 msgid "" "The identification provider used for the domain. Supported ID providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2263 +#: sssd.conf.5.xml:2264 msgid "<quote>proxy</quote>: Support a legacy NSS provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2266 +#: sssd.conf.5.xml:2267 msgid "" "<quote>local</quote>: SSSD internal provider for local users (DEPRECATED)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2270 +#: sssd.conf.5.xml:2271 msgid "" "<quote>files</quote>: FILES provider. See <citerefentry> <refentrytitle>sssd-" "files</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -2734,7 +2734,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2278 +#: sssd.conf.5.xml:2279 msgid "" "<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -2742,8 +2742,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2286 sssd.conf.5.xml:2391 sssd.conf.5.xml:2446 -#: sssd.conf.5.xml:2509 +#: sssd.conf.5.xml:2287 sssd.conf.5.xml:2392 sssd.conf.5.xml:2447 +#: sssd.conf.5.xml:2510 msgid "" "<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management " "provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " @@ -2752,8 +2752,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2295 sssd.conf.5.xml:2400 sssd.conf.5.xml:2455 -#: sssd.conf.5.xml:2518 +#: sssd.conf.5.xml:2296 sssd.conf.5.xml:2401 sssd.conf.5.xml:2456 +#: sssd.conf.5.xml:2519 msgid "" "<quote>ad</quote>: Active Directory provider. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2761,19 +2761,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2306 +#: sssd.conf.5.xml:2307 msgid "use_fully_qualified_names (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2309 +#: sssd.conf.5.xml:2310 msgid "" "Use the full name and domain (as formatted by the domain's full_name_format) " "as the user's login name reported to NSS." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2314 +#: sssd.conf.5.xml:2315 msgid "" "If set to TRUE, all requests to this domain must use fully qualified names. " "For example, if used in LOCAL domain that contains a \"test\" user, " @@ -2782,7 +2782,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2322 +#: sssd.conf.5.xml:2323 msgid "" "NOTE: This option has no effect on netgroup lookups due to their tendency to " "include nested netgroups without qualified names. For netgroups, all domains " @@ -2790,22 +2790,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2329 +#: sssd.conf.5.xml:2330 msgid "Default: FALSE (TRUE if default_domain_suffix is used)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2335 +#: sssd.conf.5.xml:2336 msgid "ignore_group_members (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2338 +#: sssd.conf.5.xml:2339 msgid "Do not return group members for group lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2341 +#: sssd.conf.5.xml:2342 msgid "" "If set to TRUE, the group membership attribute is not requested from the " "ldap server, and group members are not returned when processing group lookup " @@ -2817,7 +2817,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2359 +#: sssd.conf.5.xml:2360 msgid "" "Enabling this option can also make access provider checks for group " "membership significantly faster, especially for groups containing many " @@ -2825,19 +2825,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2370 +#: sssd.conf.5.xml:2371 msgid "auth_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2373 +#: sssd.conf.5.xml:2374 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2377 sssd.conf.5.xml:2439 +#: sssd.conf.5.xml:2378 sssd.conf.5.xml:2440 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2845,7 +2845,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2384 +#: sssd.conf.5.xml:2385 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2853,35 +2853,35 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2408 +#: sssd.conf.5.xml:2409 msgid "" "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2411 +#: sssd.conf.5.xml:2412 msgid "<quote>local</quote>: SSSD internal provider for local users" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2415 +#: sssd.conf.5.xml:2416 msgid "<quote>none</quote> disables authentication explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2418 +#: sssd.conf.5.xml:2419 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2424 +#: sssd.conf.5.xml:2425 msgid "access_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2427 +#: sssd.conf.5.xml:2428 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " @@ -2889,19 +2889,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2433 +#: sssd.conf.5.xml:2434 msgid "" "<quote>permit</quote> always allow access. It's the only permitted access " "provider for a local domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2436 +#: sssd.conf.5.xml:2437 msgid "<quote>deny</quote> always deny access." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2463 +#: sssd.conf.5.xml:2464 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" @@ -2910,7 +2910,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2470 +#: sssd.conf.5.xml:2471 msgid "" "<quote>krb5</quote>: .k5login based access control. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum></" @@ -2918,29 +2918,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2477 +#: sssd.conf.5.xml:2478 msgid "<quote>proxy</quote> for relaying access control to another PAM module." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2480 +#: sssd.conf.5.xml:2481 msgid "Default: <quote>permit</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2485 +#: sssd.conf.5.xml:2486 msgid "chpass_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2488 +#: sssd.conf.5.xml:2489 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2493 +#: sssd.conf.5.xml:2494 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -2948,7 +2948,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2501 +#: sssd.conf.5.xml:2502 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2956,35 +2956,35 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2526 +#: sssd.conf.5.xml:2527 msgid "" "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2530 +#: sssd.conf.5.xml:2531 msgid "<quote>none</quote> disallows password changes explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2533 +#: sssd.conf.5.xml:2534 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2540 +#: sssd.conf.5.xml:2541 msgid "sudo_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2543 +#: sssd.conf.5.xml:2544 msgid "The SUDO provider used for the domain. Supported SUDO providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2547 +#: sssd.conf.5.xml:2548 msgid "" "<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2992,32 +2992,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2555 +#: sssd.conf.5.xml:2556 msgid "" "<quote>ipa</quote> the same as <quote>ldap</quote> but with IPA default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2559 +#: sssd.conf.5.xml:2560 msgid "" "<quote>ad</quote> the same as <quote>ldap</quote> but with AD default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2563 +#: sssd.conf.5.xml:2564 msgid "<quote>none</quote> disables SUDO explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2566 sssd.conf.5.xml:2652 sssd.conf.5.xml:2722 -#: sssd.conf.5.xml:2747 +#: sssd.conf.5.xml:2567 sssd.conf.5.xml:2653 sssd.conf.5.xml:2723 +#: sssd.conf.5.xml:2748 msgid "Default: The value of <quote>id_provider</quote> is used if it is set." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2570 +#: sssd.conf.5.xml:2571 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -3028,7 +3028,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2585 +#: sssd.conf.5.xml:2586 msgid "" "<emphasis>NOTE:</emphasis> Sudo rules are periodically downloaded in the " "background unless the sudo provider is explicitly disabled. Set " @@ -3037,12 +3037,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2595 +#: sssd.conf.5.xml:2596 msgid "selinux_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2598 +#: sssd.conf.5.xml:2599 msgid "" "The provider which should handle loading of selinux settings. Note that this " "provider will be called right after access provider ends. Supported selinux " @@ -3050,7 +3050,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2604 +#: sssd.conf.5.xml:2605 msgid "" "<quote>ipa</quote> to load selinux settings from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3058,31 +3058,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2612 +#: sssd.conf.5.xml:2613 msgid "<quote>none</quote> disallows fetching selinux settings explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2615 +#: sssd.conf.5.xml:2616 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "selinux loading requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2621 +#: sssd.conf.5.xml:2622 msgid "subdomains_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2624 +#: sssd.conf.5.xml:2625 msgid "" "The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider. Supported subdomain providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2630 +#: sssd.conf.5.xml:2631 msgid "" "<quote>ipa</quote> to load a list of subdomains from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3090,7 +3090,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2639 +#: sssd.conf.5.xml:2640 msgid "" "<quote>ad</quote> to load a list of subdomains from an Active Directory " "server. See <citerefentry> <refentrytitle>sssd-ad</refentrytitle> " @@ -3099,17 +3099,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2648 +#: sssd.conf.5.xml:2649 msgid "<quote>none</quote> disallows fetching subdomains explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2658 +#: sssd.conf.5.xml:2659 msgid "session_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2661 +#: sssd.conf.5.xml:2662 msgid "" "The provider which configures and manages user session related tasks. The " "only user session task currently provided is the integration with Fleet " @@ -3117,43 +3117,43 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2668 +#: sssd.conf.5.xml:2669 msgid "<quote>ipa</quote> to allow performing user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2672 +#: sssd.conf.5.xml:2673 msgid "" "<quote>none</quote> does not perform any kind of user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2676 +#: sssd.conf.5.xml:2677 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can perform " "session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2680 +#: sssd.conf.5.xml:2681 msgid "" "<emphasis>NOTE:</emphasis> In order to have this feature working as expected " "SSSD must be running as \"root\" and not as the unprivileged user." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2688 +#: sssd.conf.5.xml:2689 msgid "autofs_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2691 +#: sssd.conf.5.xml:2692 msgid "" "The autofs provider used for the domain. Supported autofs providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2695 +#: sssd.conf.5.xml:2696 msgid "" "<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3161,7 +3161,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2702 +#: sssd.conf.5.xml:2703 msgid "" "<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> " "<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3169,7 +3169,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2710 +#: sssd.conf.5.xml:2711 msgid "" "<quote>ad</quote> to load maps stored in an AD server. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3177,24 +3177,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2719 +#: sssd.conf.5.xml:2720 msgid "<quote>none</quote> disables autofs explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2729 +#: sssd.conf.5.xml:2730 msgid "hostid_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2732 +#: sssd.conf.5.xml:2733 msgid "" "The provider used for retrieving host identity information. Supported " "hostid providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2736 +#: sssd.conf.5.xml:2737 msgid "" "<quote>ipa</quote> to load host identity stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3202,12 +3202,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2744 +#: sssd.conf.5.xml:2745 msgid "<quote>none</quote> disables hostid explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2757 +#: sssd.conf.5.xml:2758 msgid "" "Regular expression for this domain that describes how to parse the string " "containing user name and domain into these components. The \"domain\" can " @@ -3217,7 +3217,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2766 +#: sssd.conf.5.xml:2767 msgid "" "Default for the AD and IPA provider: <quote>(((?P<domain>[^\\\\]+)\\" "\\(?P<name>.+$))|((?P<name>[^@]+)@(?P<domain>.+$))|(^(?" @@ -3226,29 +3226,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2771 +#: sssd.conf.5.xml:2772 msgid "username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2774 +#: sssd.conf.5.xml:2775 msgid "username@domain.name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2777 +#: sssd.conf.5.xml:2778 msgid "domain\\username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2780 +#: sssd.conf.5.xml:2781 msgid "" "While the first two correspond to the general default the third one is " "introduced to allow easy integration of users from Windows domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2785 +#: sssd.conf.5.xml:2786 msgid "" "Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " "which translates to \"the name is everything up to the <quote>@</quote> " @@ -3256,7 +3256,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2791 +#: sssd.conf.5.xml:2792 msgid "" "NOTE: Some Active Directory groups, typically those used for MS Exchange " "contain an <quote>@</quote> sign in the name, which clashes with the default " @@ -3266,59 +3266,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2842 +#: sssd.conf.5.xml:2843 msgid "Default: <quote>%1$s@%2$s</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2848 +#: sssd.conf.5.xml:2849 msgid "lookup_family_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2851 +#: sssd.conf.5.xml:2852 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2855 +#: sssd.conf.5.xml:2856 msgid "Supported values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2858 +#: sssd.conf.5.xml:2859 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2861 +#: sssd.conf.5.xml:2862 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2864 +#: sssd.conf.5.xml:2865 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2867 +#: sssd.conf.5.xml:2868 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2870 +#: sssd.conf.5.xml:2871 msgid "Default: ipv4_first" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2876 +#: sssd.conf.5.xml:2877 msgid "dns_resolver_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2879 +#: sssd.conf.5.xml:2880 msgid "" "Defines the amount of time (in seconds) to wait for a reply from the " "internal fail over service before assuming that the service is unreachable. " @@ -3327,77 +3327,77 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2886 +#: sssd.conf.5.xml:2887 msgid "" "Please see the section <quote>FAILOVER</quote> for more information about " "the service resolution." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2891 sssd-ldap.5.xml:1337 sssd-ldap.5.xml:1379 -#: sssd-ldap.5.xml:1397 sssd-krb5.5.xml:248 +#: sssd.conf.5.xml:2892 sssd-ldap.5.xml:1375 sssd-ldap.5.xml:1417 +#: sssd-ldap.5.xml:1435 sssd-krb5.5.xml:248 msgid "Default: 6" msgstr "Пешфарз: 6" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2897 +#: sssd.conf.5.xml:2898 msgid "dns_discovery_domain (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2900 +#: sssd.conf.5.xml:2901 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2904 +#: sssd.conf.5.xml:2905 msgid "Default: Use the domain part of machine's hostname" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2910 +#: sssd.conf.5.xml:2911 msgid "override_gid (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2913 +#: sssd.conf.5.xml:2914 msgid "Override the primary GID value with the one specified." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2919 +#: sssd.conf.5.xml:2920 msgid "case_sensitive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2930 +#: sssd.conf.5.xml:2931 msgid "True" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2933 +#: sssd.conf.5.xml:2934 msgid "Case sensitive. This value is invalid for AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2939 +#: sssd.conf.5.xml:2940 msgid "False" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2941 +#: sssd.conf.5.xml:2942 msgid "Case insensitive." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2945 +#: sssd.conf.5.xml:2946 msgid "Preserving" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2948 +#: sssd.conf.5.xml:2949 msgid "" "Same as False (case insensitive), but does not lowercase names in the result " "of NSS operations. Note that name aliases (and in case of services also " @@ -3405,7 +3405,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2922 +#: sssd.conf.5.xml:2923 msgid "" "Treat user and group names as case sensitive. <phrase condition=" "\"enable_local_provider\"> At the moment, this option is not supported in " @@ -3414,17 +3414,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2960 +#: sssd.conf.5.xml:2961 msgid "Default: True (False for AD provider)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2966 +#: sssd.conf.5.xml:2967 msgid "subdomain_inherit (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2969 +#: sssd.conf.5.xml:2970 msgid "" "Specifies a list of configuration parameters that should be inherited by a " "subdomain. Please note that only selected parameters can be inherited. " @@ -3432,34 +3432,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2975 +#: sssd.conf.5.xml:2976 msgid "ignore_group_members" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2978 +#: sssd.conf.5.xml:2979 msgid "ldap_purge_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2981 sssd-ldap.5.xml:1061 +#: sssd.conf.5.xml:2982 sssd-ldap.5.xml:1099 msgid "ldap_use_tokengroups" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2984 +#: sssd.conf.5.xml:2985 msgid "ldap_user_principal" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2987 +#: sssd.conf.5.xml:2988 msgid "" "ldap_krb5_keytab (the value of krb5_keytab will be used if ldap_krb5_keytab " "is not set explicitly)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:2993 +#: sssd.conf.5.xml:2994 #, no-wrap msgid "" "subdomain_inherit = ldap_purge_cache_timeout\n" @@ -3467,32 +3467,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2991 sssd-secrets.5.xml:448 +#: sssd.conf.5.xml:2992 sssd-secrets.5.xml:448 msgid "Example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3000 +#: sssd.conf.5.xml:3001 msgid "Note: This option only works with the IPA and AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3007 +#: sssd.conf.5.xml:3008 msgid "subdomain_homedir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3018 +#: sssd.conf.5.xml:3019 msgid "%F" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3019 +#: sssd.conf.5.xml:3020 msgid "flat (NetBIOS) name of a subdomain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3010 +#: sssd.conf.5.xml:3011 msgid "" "Use this homedir as default value for all subdomains within this domain in " "IPA AD trust. See <emphasis>override_homedir</emphasis> for info about " @@ -3502,47 +3502,55 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3024 +#: sssd.conf.5.xml:3025 msgid "" "The value can be overridden by <emphasis>override_homedir</emphasis> option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3028 +#: sssd.conf.5.xml:3029 msgid "Default: <filename>/home/%d/%u</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3033 +#: sssd.conf.5.xml:3034 msgid "realmd_tags (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3036 +#: sssd.conf.5.xml:3037 msgid "" "Various tags stored by the realmd configuration service for this domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3042 +#: sssd.conf.5.xml:3043 msgid "cached_auth_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3045 +#: sssd.conf.5.xml:3046 msgid "" "Specifies time in seconds since last successful online authentication for " "which user will be authenticated using cached credentials while SSSD is in " -"the online mode." +"the online mode. If the credentials are incorrect, SSSD falls back to online " +"authentication." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3051 +#: sssd.conf.5.xml:3054 +msgid "" +"This option's value is inherited by all trusted domains. At the moment it is " +"not possible to set a different value per trusted domain." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3059 msgid "Special value 0 implies that this feature is disabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3055 +#: sssd.conf.5.xml:3063 msgid "" "Please note that if <quote>cached_auth_timeout</quote> is longer than " "<quote>pam_id_timeout</quote> then the back end could be called to handle " @@ -3550,43 +3558,115 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3066 +#: sssd.conf.5.xml:3074 msgid "auto_private_groups (string)" msgstr "" -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3069 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3080 +msgid "true" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3083 +msgid "" +"Create user's private group unconditionally from user's UID number. The GID " +"number is ignored in this case." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3087 +msgid "" +"NOTE: Because the GID number and the user private group are inferred from " +"the UID number, it is not supported to have multiple entries with the same " +"UID or GID number with this option. In other words, enabling this option " +"enforces uniqueness across the ID space." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3096 +msgid "false" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3099 +msgid "" +"Always use the user's primary GID number. The GID number must refer to a " +"group object in the LDAP database." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3105 +msgid "hybrid" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3108 +msgid "" +"A primary group is autogenerated for user entries whose UID and GID numbers " +"have the same value and at the same time the GID number does not correspond " +"to a real group object in LDAP If the values are the same, but the primary " +"GID in the user entry is also used by a group object, the primary GID of the " +"user resolves to that group object." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3121 msgid "" -"If this option is enabled, SSSD will automatically create user private " -"groups based on user's UID number. The GID number is ignored in this case." +"If the UID and GID of a user are different, then the GID must correspond to " +"a group entry, otherwise the GID is simply not resolvable." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3128 +msgid "" +"This feature is useful for environments that wish to stop maintaining a " +"separate group objects for the user private groups, but also wish to retain " +"the existing user private groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3074 +#: sssd.conf.5.xml:3077 msgid "" -"For POSIX subdomains, setting the option in the main domain is inherited in " -"the subdomain." +"This option takes any of three available values: <placeholder type=" +"\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3078 +#: sssd.conf.5.xml:3140 +msgid "" +"For subdomains, the default value is False for subdomains that use assigned " +"POSIX IDs and True for subdomains that use automatic ID-mapping." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd.conf.5.xml:3148 +#, no-wrap +msgid "" +"[domain/forest.domain/sub.domain]\n" +"auto_private_groups = false\n" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd.conf.5.xml:3154 +#, no-wrap msgid "" -"For ID-mapping subdomains, auto_private_groups is already enabled for the " -"subdomains and setting it to false will not have any effect for the " -"subdomain." +"[domain/forest.domain]\n" +"subdomain_inherit = auto_private_groups\n" +"auto_private_groups = false\n" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3083 +#: sssd.conf.5.xml:3145 msgid "" -"NOTE: Because the GID number and the user private group are inferred from " -"the UID number, it is not supported to have multiple entries with the same " -"UID or GID number with this option. In other words, enabling this option " -"enforces uniqueness across the ID space." +"The value of auto_private_groups can either be set per subdomains in a " +"subsection, for example: <placeholder type=\"programlisting\" id=\"0\"/> or " +"globally for all subdomains in the main domain section using the " +"subdomain_inherit option: <placeholder type=\"programlisting\" id=\"1\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1884 +#: sssd.conf.5.xml:1885 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called <quote>[domain/<replaceable>NAME</" @@ -3594,29 +3674,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3102 +#: sssd.conf.5.xml:3169 msgid "proxy_pam_target (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3105 +#: sssd.conf.5.xml:3172 msgid "The proxy target PAM proxies to." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3108 +#: sssd.conf.5.xml:3175 msgid "" "Default: not set by default, you have to take an existing pam configuration " "or create a new one and add the service name here." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3116 +#: sssd.conf.5.xml:3183 msgid "proxy_lib_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3119 +#: sssd.conf.5.xml:3186 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " @@ -3624,12 +3704,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3129 +#: sssd.conf.5.xml:3196 msgid "proxy_fast_alias (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3132 +#: sssd.conf.5.xml:3199 msgid "" "When a user or group is looked up by name in the proxy provider, a second " "lookup by ID is performed to \"canonicalize\" the name in case the requested " @@ -3638,12 +3718,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3146 +#: sssd.conf.5.xml:3213 msgid "proxy_max_children (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3149 +#: sssd.conf.5.xml:3216 msgid "" "This option specifies the number of pre-forked proxy children. It is useful " "for high-load SSSD environments where sssd may run out of available child " @@ -3651,19 +3731,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3098 +#: sssd.conf.5.xml:3165 msgid "" "Options valid for proxy domains. <placeholder type=\"variablelist\" id=" "\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:3165 +#: sssd.conf.5.xml:3232 msgid "Application domains" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3167 +#: sssd.conf.5.xml:3234 msgid "" "SSSD, with its D-Bus interface (see <citerefentry> <refentrytitle>sssd-ifp</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry>) is appealing to " @@ -3680,7 +3760,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3187 +#: sssd.conf.5.xml:3254 msgid "" "Please note that the application domain must still be explicitly enabled in " "the <quote>domains</quote> parameter so that the lookup order between the " @@ -3688,17 +3768,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:3193 +#: sssd.conf.5.xml:3260 msgid "Application domain parameters" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3195 +#: sssd.conf.5.xml:3262 msgid "inherit_from (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3198 +#: sssd.conf.5.xml:3265 msgid "" "The SSSD POSIX-type domain the application domain inherits all settings " "from. The application domain can moreover add its own settings to the " @@ -3707,7 +3787,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3212 +#: sssd.conf.5.xml:3279 msgid "" "The following example illustrates the use of an application domain. In this " "setup, the POSIX domain is connected to an LDAP server and is used by the OS " @@ -3717,7 +3797,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><programlisting> -#: sssd.conf.5.xml:3220 +#: sssd.conf.5.xml:3287 #, no-wrap msgid "" "[sssd]\n" @@ -3737,12 +3817,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:3238 +#: sssd.conf.5.xml:3305 msgid "The local domain section" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3240 +#: sssd.conf.5.xml:3307 msgid "" "This section contains settings for domain that stores users and groups in " "SSSD native database, that is, a domain that uses " @@ -3750,73 +3830,73 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3247 +#: sssd.conf.5.xml:3314 msgid "default_shell (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3250 +#: sssd.conf.5.xml:3317 msgid "The default shell for users created with SSSD userspace tools." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3254 +#: sssd.conf.5.xml:3321 msgid "Default: <filename>/bin/bash</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3259 +#: sssd.conf.5.xml:3326 msgid "base_directory (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3262 +#: sssd.conf.5.xml:3329 msgid "" "The tools append the login name to <replaceable>base_directory</replaceable> " "and use that as the home directory." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3267 +#: sssd.conf.5.xml:3334 msgid "Default: <filename>/home</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3272 +#: sssd.conf.5.xml:3339 msgid "create_homedir (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3275 +#: sssd.conf.5.xml:3342 msgid "" "Indicate if a home directory should be created by default for new users. " "Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3279 sssd.conf.5.xml:3291 +#: sssd.conf.5.xml:3346 sssd.conf.5.xml:3358 msgid "Default: TRUE" msgstr "Пешфарз: TRUE" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3284 +#: sssd.conf.5.xml:3351 msgid "remove_homedir (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3287 +#: sssd.conf.5.xml:3354 msgid "" "Indicate if a home directory should be removed by default for deleted " "users. Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3296 +#: sssd.conf.5.xml:3363 msgid "homedir_umask (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3299 +#: sssd.conf.5.xml:3366 msgid "" "Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " @@ -3824,17 +3904,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3307 +#: sssd.conf.5.xml:3374 msgid "Default: 077" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3312 +#: sssd.conf.5.xml:3379 msgid "skel_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3315 +#: sssd.conf.5.xml:3382 msgid "" "The skeleton directory, which contains files and directories to be copied in " "the user's home directory, when the home directory is created by " @@ -3843,17 +3923,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3325 +#: sssd.conf.5.xml:3392 msgid "Default: <filename>/etc/skel</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3330 +#: sssd.conf.5.xml:3397 msgid "mail_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3333 +#: sssd.conf.5.xml:3400 msgid "" "The mail spool directory. This is needed to manipulate the mailbox when its " "corresponding user account is modified or deleted. If not specified, a " @@ -3861,17 +3941,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3340 +#: sssd.conf.5.xml:3407 msgid "Default: <filename>/var/mail</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3345 +#: sssd.conf.5.xml:3412 msgid "userdel_cmd (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3348 +#: sssd.conf.5.xml:3415 msgid "" "The command that is run after a user is removed. The command us passed the " "username of the user being removed as the first and only parameter. The " @@ -3879,17 +3959,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3354 +#: sssd.conf.5.xml:3421 msgid "Default: None, no command is run" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3364 +#: sssd.conf.5.xml:3431 msgid "TRUSTED DOMAIN SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3366 +#: sssd.conf.5.xml:3433 msgid "" "Some options used in the domain section can also be used in the trusted " "domain section, that is, in a section called <quote>[domain/" @@ -3900,64 +3980,69 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3373 +#: sssd.conf.5.xml:3440 msgid "ldap_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3374 +#: sssd.conf.5.xml:3441 msgid "ldap_user_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3375 +#: sssd.conf.5.xml:3442 msgid "ldap_group_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3376 +#: sssd.conf.5.xml:3443 msgid "ldap_netgroup_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3377 +#: sssd.conf.5.xml:3444 msgid "ldap_service_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3378 +#: sssd.conf.5.xml:3445 +msgid "ldap_sasl_mech," +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:3446 msgid "ad_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3379 +#: sssd.conf.5.xml:3447 msgid "ad_backup_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3380 +#: sssd.conf.5.xml:3448 msgid "ad_site," msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3381 sssd-ipa.5.xml:797 +#: sssd.conf.5.xml:3449 sssd-ipa.5.xml:797 msgid "use_fully_qualified_names" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3383 +#: sssd.conf.5.xml:3451 msgid "" "For more details about these options see their individual description in the " "manual page." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3389 +#: sssd.conf.5.xml:3457 msgid "CERTIFICATE MAPPING SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3391 +#: sssd.conf.5.xml:3459 msgid "" "To allow authentication with Smartcards and certificates SSSD must be able " "to map certificates to users. This can be done by adding the full " @@ -3970,7 +4055,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3405 +#: sssd.conf.5.xml:3473 msgid "" "To make the mapping more flexible mapping and matching rules were added to " "SSSD (see <citerefentry> <refentrytitle>sss-certmap</refentrytitle> " @@ -3978,7 +4063,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3414 +#: sssd.conf.5.xml:3482 msgid "" "A mapping and matching rule can be added to the SSSD configuration in a " "section on its own with a name like <quote>[certmap/" @@ -3987,55 +4072,55 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3421 +#: sssd.conf.5.xml:3489 msgid "matchrule (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3424 +#: sssd.conf.5.xml:3492 msgid "" "Only certificates from the Smartcard which matches this rule will be " "processed, all others are ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3428 +#: sssd.conf.5.xml:3496 msgid "" "Default: KRB5:<EKU>clientAuth, i.e. only certificates which have the " "Extended Key Usage <quote>clientAuth</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3435 +#: sssd.conf.5.xml:3503 msgid "maprule (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3438 +#: sssd.conf.5.xml:3506 msgid "Defines how the user is found for a given certificate." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3444 +#: sssd.conf.5.xml:3512 msgid "" "LDAP:(userCertificate;binary={cert!bin}) for LDAP based providers like " "<quote>ldap</quote>, <quote>AD</quote> or <quote>ipa</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3450 +#: sssd.conf.5.xml:3518 msgid "" "The RULE_NAME for the <quote>files</quote> provider which tries to find a " "user with the same name." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3459 +#: sssd.conf.5.xml:3527 msgid "domains (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3462 +#: sssd.conf.5.xml:3530 msgid "" "Comma separated list of domain names the rule should be applied. By default " "a rule is only valid in the domain configured in sssd.conf. If the provider " @@ -4044,17 +4129,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3469 +#: sssd.conf.5.xml:3537 msgid "Default: the configured domain in sssd.conf" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3474 +#: sssd.conf.5.xml:3542 msgid "priority (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3477 +#: sssd.conf.5.xml:3545 msgid "" "Unsigned integer value defining the priority of the rule. The higher the " "number the lower the priority. <quote>0</quote> stands for the highest " @@ -4062,28 +4147,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3483 -#, fuzzy -#| msgid "Default: 0 (No limit)" +#: sssd.conf.5.xml:3551 msgid "Default: the lowest priority" -msgstr "Пешфарз: 0 (Номаҳдуд)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3489 +#: sssd.conf.5.xml:3557 msgid "" "To make the configuration simple and reduce the amount of configuration " "options the <quote>files</quote> provider has some special properties:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3495 +#: sssd.conf.5.xml:3563 msgid "" "if maprule is not set the RULE_NAME name is assumed to be the name of the " "matching user" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3501 +#: sssd.conf.5.xml:3569 msgid "" "if a maprule is used both a single user name or a template like " "<quote>{subject_rfc822_name.short_name}</quote> must be in braces like e.g. " @@ -4092,17 +4175,126 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3510 +#: sssd.conf.5.xml:3578 msgid "the <quote>domains</quote> option is ignored" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3518 idmap_sss.8.xml:43 +#: sssd.conf.5.xml:3586 +msgid "PROMPTING CONFIGURATION SECTION" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:3588 +msgid "" +"If a special file (<filename>/var/lib/sss/pubconf/pam_preauth_available</" +"filename>) exists SSSD's PAM module pam_sss will ask SSSD to figure out " +"which authentication methods are available for the user trying to log in. " +"Based on the results pam_sss will prompt the user for appropriate " +"credentials." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:3596 +msgid "" +"With the growing number of authentication methods and the possibility that " +"there are multiple ones for a single user the heuristic used by pam_sss to " +"select the prompting might not be suitable for all use cases. To following " +"options should provide a better flexibility here." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3608 +msgid "[prompting/password]" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3611 +#, fuzzy +#| msgid "password" +msgid "password_prompt" +msgstr "парол" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3612 +msgid "to change the string of the password prompt" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3610 +msgid "" +"to configure password prompting, allowed options are: <placeholder type=" +"\"variablelist\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3620 +msgid "[prompting/2fa]" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3624 +msgid "first_prompt" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3625 +msgid "to change the string of the prompt for the first factor" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3628 +msgid "second_prompt" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3629 +msgid "to change the string of the prompt for the second factor" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3632 +msgid "single_prompt" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3633 +msgid "" +"boolean value, if True there will be only a single prompt using the value of " +"first_prompt where it is expected that both factor are entered as a single " +"string" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3622 +msgid "" +"to configure two-factor authentication prompting, allowed options are: " +"<placeholder type=\"variablelist\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:3603 +msgid "" +"Each supported authentication method has it's own configuration sub-section " +"under <quote>[prompting/...]</quote>. Currently there are: <placeholder type=" +"\"variablelist\" id=\"0\"/> <placeholder type=\"variablelist\" id=\"1\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:3645 +msgid "" +"It is possible to add a sub-section for specific PAM services like e.g. " +"<quote>[prompting/password/sshd]</quote> to individual change the prompting " +"for this service." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sssd.conf.5.xml:3652 idmap_sss.8.xml:43 msgid "EXAMPLES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3524 +#: sssd.conf.5.xml:3658 #, no-wrap msgid "" "[sssd]\n" @@ -4132,7 +4324,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3520 +#: sssd.conf.5.xml:3654 msgid "" "1. The following example shows a typical SSSD config. It does not describe " "configuration of the domains themselves - refer to documentation on " @@ -4141,7 +4333,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3557 +#: sssd.conf.5.xml:3691 #, no-wrap msgid "" "[domain/ipa.com/child.ad.com]\n" @@ -4149,7 +4341,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3551 +#: sssd.conf.5.xml:3685 msgid "" "2. The following example shows configuration of IPA AD trust where the AD " "forest consists of two domains in a parent-child structure. Suppose IPA " @@ -4160,7 +4352,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3571 +#: sssd.conf.5.xml:3705 #, no-wrap msgid "" "[certmap/my.domain/rule_name]\n" @@ -4174,7 +4366,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3562 +#: sssd.conf.5.xml:3696 msgid "" "3. The following example shows the configuration for two certificate mapping " "rules. The first is valid for the configured domain <quote>my.domain</quote> " @@ -4324,7 +4516,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:662 sssd-ad.5.xml:286 +#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:700 sssd-ad.5.xml:286 #: sss_override.8.xml:137 sss_override.8.xml:234 msgid "Examples:" msgstr "Намунаҳо:" @@ -4419,123 +4611,164 @@ msgstr "Пешфарз: rfc2307" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:209 -msgid "ldap_default_bind_dn (string)" +msgid "ldap_pwmodify_mode (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:212 +msgid "Specify the operation that is used to modify user password." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:216 +msgid "Two modes are currently supported:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ldap.5.xml:220 +msgid "exop - Password Modify Extended Operation (RFC 3062)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ldap.5.xml:226 +msgid "ldap_modify - Direct modification of userPassword (not recommended)." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:233 +msgid "" +"Note: First, a new connection is established to verify current password by " +"binding as the user that requested password change. If successful, this " +"connection is used to change the password therefore the user must have write " +"access to userPassword attribute." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:241 +#, fuzzy +#| msgid "Default: 3" +msgid "Default: exop" +msgstr "Пешфарз: 3" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:247 +msgid "ldap_default_bind_dn (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:250 msgid "The default bind DN to use for performing LDAP operations." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:219 +#: sssd-ldap.5.xml:257 msgid "ldap_default_authtok_type (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:222 +#: sssd-ldap.5.xml:260 msgid "The type of the authentication token of the default bind DN." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:226 +#: sssd-ldap.5.xml:264 msgid "The two mechanisms currently supported are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:229 +#: sssd-ldap.5.xml:267 msgid "password" msgstr "парол" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:232 +#: sssd-ldap.5.xml:270 msgid "obfuscated_password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:235 +#: sssd-ldap.5.xml:273 msgid "Default: password" msgstr "Пешфарз: парол" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:241 +#: sssd-ldap.5.xml:279 msgid "ldap_default_authtok (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:244 +#: sssd-ldap.5.xml:282 msgid "" "The authentication token of the default bind DN. Only clear text passwords " "are currently supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:251 +#: sssd-ldap.5.xml:289 msgid "ldap_user_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:254 +#: sssd-ldap.5.xml:292 msgid "The object class of a user entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:257 +#: sssd-ldap.5.xml:295 msgid "Default: posixAccount" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:263 +#: sssd-ldap.5.xml:301 msgid "ldap_user_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:266 +#: sssd-ldap.5.xml:304 msgid "The LDAP attribute that corresponds to the user's login name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:270 +#: sssd-ldap.5.xml:308 msgid "Default: uid (rfc2307, rfc2307bis and IPA), sAMAccountName (AD)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:277 +#: sssd-ldap.5.xml:315 msgid "ldap_user_uid_number (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:280 +#: sssd-ldap.5.xml:318 msgid "The LDAP attribute that corresponds to the user's id." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:284 +#: sssd-ldap.5.xml:322 msgid "Default: uidNumber" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:290 +#: sssd-ldap.5.xml:328 msgid "ldap_user_gid_number (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:293 +#: sssd-ldap.5.xml:331 msgid "The LDAP attribute that corresponds to the user's primary group id." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:297 sssd-ldap.5.xml:929 +#: sssd-ldap.5.xml:335 sssd-ldap.5.xml:967 msgid "Default: gidNumber" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:303 +#: sssd-ldap.5.xml:341 msgid "ldap_user_primary_group (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:306 +#: sssd-ldap.5.xml:344 msgid "" "Active Directory primary group attribute for ID-mapping. Note that this " "attribute should only be set manually if you are running the <quote>ldap</" @@ -4543,113 +4776,113 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:312 +#: sssd-ldap.5.xml:350 msgid "Default: unset (LDAP), primaryGroupID (AD)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:318 +#: sssd-ldap.5.xml:356 msgid "ldap_user_gecos (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:321 +#: sssd-ldap.5.xml:359 msgid "The LDAP attribute that corresponds to the user's gecos field." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:325 +#: sssd-ldap.5.xml:363 msgid "Default: gecos" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:331 +#: sssd-ldap.5.xml:369 msgid "ldap_user_home_directory (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:334 +#: sssd-ldap.5.xml:372 msgid "The LDAP attribute that contains the name of the user's home directory." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:338 +#: sssd-ldap.5.xml:376 msgid "Default: homeDirectory" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:344 +#: sssd-ldap.5.xml:382 msgid "ldap_user_shell (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:347 +#: sssd-ldap.5.xml:385 msgid "The LDAP attribute that contains the path to the user's default shell." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:351 +#: sssd-ldap.5.xml:389 msgid "Default: loginShell" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:357 +#: sssd-ldap.5.xml:395 msgid "ldap_user_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:360 +#: sssd-ldap.5.xml:398 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:364 sssd-ldap.5.xml:955 +#: sssd-ldap.5.xml:402 sssd-ldap.5.xml:993 msgid "" "Default: not set in the general case, objectGUID for AD and ipaUniqueID for " "IPA" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:371 +#: sssd-ldap.5.xml:409 msgid "ldap_user_objectsid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:374 +#: sssd-ldap.5.xml:412 msgid "" "The LDAP attribute that contains the objectSID of an LDAP user object. This " "is usually only necessary for ActiveDirectory servers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:379 sssd-ldap.5.xml:970 +#: sssd-ldap.5.xml:417 sssd-ldap.5.xml:1008 msgid "Default: objectSid for ActiveDirectory, not set for other servers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:386 +#: sssd-ldap.5.xml:424 msgid "ldap_user_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:389 sssd-ldap.5.xml:980 sssd-ldap.5.xml:1144 +#: sssd-ldap.5.xml:427 sssd-ldap.5.xml:1018 sssd-ldap.5.xml:1182 msgid "" "The LDAP attribute that contains timestamp of the last modification of the " "parent object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:393 sssd-ldap.5.xml:984 sssd-ldap.5.xml:1151 +#: sssd-ldap.5.xml:431 sssd-ldap.5.xml:1022 sssd-ldap.5.xml:1189 msgid "Default: modifyTimestamp" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:399 +#: sssd-ldap.5.xml:437 msgid "ldap_user_shadow_last_change (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:402 +#: sssd-ldap.5.xml:440 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -4658,17 +4891,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:412 +#: sssd-ldap.5.xml:450 msgid "Default: shadowLastChange" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:418 +#: sssd-ldap.5.xml:456 msgid "ldap_user_shadow_min (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:421 +#: sssd-ldap.5.xml:459 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -4677,17 +4910,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:430 +#: sssd-ldap.5.xml:468 msgid "Default: shadowMin" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:436 +#: sssd-ldap.5.xml:474 msgid "ldap_user_shadow_max (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:439 +#: sssd-ldap.5.xml:477 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -4696,17 +4929,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:448 +#: sssd-ldap.5.xml:486 msgid "Default: shadowMax" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:454 +#: sssd-ldap.5.xml:492 msgid "ldap_user_shadow_warning (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:457 +#: sssd-ldap.5.xml:495 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -4715,17 +4948,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:467 +#: sssd-ldap.5.xml:505 msgid "Default: shadowWarning" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:473 +#: sssd-ldap.5.xml:511 msgid "ldap_user_shadow_inactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:476 +#: sssd-ldap.5.xml:514 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -4734,17 +4967,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:486 +#: sssd-ldap.5.xml:524 msgid "Default: shadowInactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:492 +#: sssd-ldap.5.xml:530 msgid "ldap_user_shadow_expire (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:495 +#: sssd-ldap.5.xml:533 msgid "" "When using ldap_pwd_policy=shadow or ldap_account_expire_policy=shadow, this " "parameter contains the name of an LDAP attribute corresponding to its " @@ -4753,17 +4986,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:505 +#: sssd-ldap.5.xml:543 msgid "Default: shadowExpire" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:511 +#: sssd-ldap.5.xml:549 msgid "ldap_user_krb_last_pwd_change (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:514 +#: sssd-ldap.5.xml:552 msgid "" "When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " "an LDAP attribute storing the date and time of last password change in " @@ -4771,155 +5004,155 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:520 +#: sssd-ldap.5.xml:558 msgid "Default: krbLastPwdChange" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:526 +#: sssd-ldap.5.xml:564 msgid "ldap_user_krb_password_expiration (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:529 +#: sssd-ldap.5.xml:567 msgid "" "When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " "an LDAP attribute storing the date and time when current password expires." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:535 +#: sssd-ldap.5.xml:573 msgid "Default: krbPasswordExpiration" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:541 +#: sssd-ldap.5.xml:579 msgid "ldap_user_ad_account_expires (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:544 +#: sssd-ldap.5.xml:582 msgid "" "When using ldap_account_expire_policy=ad, this parameter contains the name " "of an LDAP attribute storing the expiration time of the account." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:549 +#: sssd-ldap.5.xml:587 msgid "Default: accountExpires" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:555 +#: sssd-ldap.5.xml:593 msgid "ldap_user_ad_user_account_control (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:558 +#: sssd-ldap.5.xml:596 msgid "" "When using ldap_account_expire_policy=ad, this parameter contains the name " "of an LDAP attribute storing the user account control bit field." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:563 +#: sssd-ldap.5.xml:601 msgid "Default: userAccountControl" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:569 +#: sssd-ldap.5.xml:607 msgid "ldap_ns_account_lock (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:572 +#: sssd-ldap.5.xml:610 msgid "" "When using ldap_account_expire_policy=rhds or equivalent, this parameter " "determines if access is allowed or not." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:577 +#: sssd-ldap.5.xml:615 msgid "Default: nsAccountLock" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:583 +#: sssd-ldap.5.xml:621 msgid "ldap_user_nds_login_disabled (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:586 +#: sssd-ldap.5.xml:624 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines if " "access is allowed or not." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:590 sssd-ldap.5.xml:604 +#: sssd-ldap.5.xml:628 sssd-ldap.5.xml:642 msgid "Default: loginDisabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:596 +#: sssd-ldap.5.xml:634 msgid "ldap_user_nds_login_expiration_time (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:599 +#: sssd-ldap.5.xml:637 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines until " "which date access is granted." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:610 +#: sssd-ldap.5.xml:648 msgid "ldap_user_nds_login_allowed_time_map (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:613 +#: sssd-ldap.5.xml:651 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines the " "hours of a day in a week when access is granted." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:618 +#: sssd-ldap.5.xml:656 msgid "Default: loginAllowedTimeMap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:624 +#: sssd-ldap.5.xml:662 msgid "ldap_user_principal (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:627 +#: sssd-ldap.5.xml:665 msgid "" "The LDAP attribute that contains the user's Kerberos User Principal Name " "(UPN)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:631 +#: sssd-ldap.5.xml:669 msgid "Default: krbPrincipalName" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:637 +#: sssd-ldap.5.xml:675 msgid "ldap_user_extra_attrs (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:640 +#: sssd-ldap.5.xml:678 msgid "" "Comma-separated list of LDAP attributes that SSSD would fetch along with the " "usual set of user attributes." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:645 +#: sssd-ldap.5.xml:683 msgid "" "The list can either contain LDAP attribute names only, or colon-separated " "tuples of SSSD cache attribute name and LDAP attribute name. In case only " @@ -4929,7 +5162,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:655 +#: sssd-ldap.5.xml:693 msgid "" "Please note that several attribute names are reserved by SSSD, notably the " "<quote>name</quote> attribute. SSSD would report an error if any of the " @@ -4937,51 +5170,51 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:665 +#: sssd-ldap.5.xml:703 msgid "ldap_user_extra_attrs = telephoneNumber" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:668 +#: sssd-ldap.5.xml:706 msgid "" "Save the <quote>telephoneNumber</quote> attribute from LDAP as " "<quote>telephoneNumber</quote> to the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:672 +#: sssd-ldap.5.xml:710 msgid "ldap_user_extra_attrs = phone:telephoneNumber" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:675 +#: sssd-ldap.5.xml:713 msgid "" "Save the <quote>telephoneNumber</quote> attribute from LDAP as <quote>phone</" "quote> to the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:685 +#: sssd-ldap.5.xml:723 msgid "ldap_user_ssh_public_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:688 +#: sssd-ldap.5.xml:726 msgid "The LDAP attribute that contains the user's SSH public keys." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:692 sssd-ldap.5.xml:1247 +#: sssd-ldap.5.xml:730 sssd-ldap.5.xml:1285 msgid "Default: sshPublicKey" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:698 +#: sssd-ldap.5.xml:736 msgid "ldap_force_upper_case_realm (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:701 +#: sssd-ldap.5.xml:739 msgid "" "Some directory servers, for example Active Directory, might deliver the " "realm part of the UPN in lower case, which might cause the authentication to " @@ -4990,24 +5223,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:714 +#: sssd-ldap.5.xml:752 msgid "ldap_enumeration_refresh_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:717 +#: sssd-ldap.5.xml:755 msgid "" "Specifies how many seconds SSSD has to wait before refreshing its cache of " "enumerated records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:728 +#: sssd-ldap.5.xml:766 msgid "ldap_purge_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:731 +#: sssd-ldap.5.xml:769 msgid "" "Determine how often to check the cache for inactive entries (such as groups " "with no members and users who have never logged in) and remove them to save " @@ -5015,7 +5248,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:737 +#: sssd-ldap.5.xml:775 msgid "" "Setting this option to zero will disable the cache cleanup operation. Please " "note that if enumeration is enabled, the cleanup task is required in order " @@ -5024,43 +5257,43 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:752 +#: sssd-ldap.5.xml:790 msgid "ldap_user_fullname (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:755 +#: sssd-ldap.5.xml:793 msgid "The LDAP attribute that corresponds to the user's full name." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:759 sssd-ldap.5.xml:1102 sssd-ldap.5.xml:1176 -#: sssd-ldap.5.xml:1285 sssd-ldap.5.xml:2346 sssd-ipa.5.xml:622 +#: sssd-ldap.5.xml:797 sssd-ldap.5.xml:1140 sssd-ldap.5.xml:1214 +#: sssd-ldap.5.xml:1323 sssd-ldap.5.xml:2404 sssd-ipa.5.xml:622 msgid "Default: cn" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:765 +#: sssd-ldap.5.xml:803 msgid "ldap_user_member_of (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:768 +#: sssd-ldap.5.xml:806 msgid "The LDAP attribute that lists the user's group memberships." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:772 sssd-ldap.5.xml:1215 +#: sssd-ldap.5.xml:810 sssd-ldap.5.xml:1253 msgid "Default: memberOf" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:778 +#: sssd-ldap.5.xml:816 msgid "ldap_user_authorized_service (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:781 +#: sssd-ldap.5.xml:819 msgid "" "If access_provider=ldap and ldap_access_order=authorized_service, SSSD will " "use the presence of the authorizedService attribute in the user's LDAP entry " @@ -5068,14 +5301,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:788 +#: sssd-ldap.5.xml:826 msgid "" "An explicit deny (!svc) is resolved first. Second, SSSD searches for " "explicit allow (svc) and finally for allow_all (*)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:793 +#: sssd-ldap.5.xml:831 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>authorized_service</quote> in order for the " @@ -5083,17 +5316,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:800 +#: sssd-ldap.5.xml:838 msgid "Default: authorizedService" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:806 +#: sssd-ldap.5.xml:844 msgid "ldap_user_authorized_host (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:809 +#: sssd-ldap.5.xml:847 msgid "" "If access_provider=ldap and ldap_access_order=host, SSSD will use the " "presence of the host attribute in the user's LDAP entry to determine access " @@ -5101,14 +5334,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:815 +#: sssd-ldap.5.xml:853 msgid "" "An explicit deny (!host) is resolved first. Second, SSSD searches for " "explicit allow (host) and finally for allow_all (*)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:820 +#: sssd-ldap.5.xml:858 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>host</quote> in order for the " @@ -5116,17 +5349,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:827 +#: sssd-ldap.5.xml:865 msgid "Default: host" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:833 +#: sssd-ldap.5.xml:871 msgid "ldap_user_authorized_rhost (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:836 +#: sssd-ldap.5.xml:874 msgid "" "If access_provider=ldap and ldap_access_order=rhost, SSSD will use the " "presence of the rhost attribute in the user's LDAP entry to determine access " @@ -5134,14 +5367,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:843 +#: sssd-ldap.5.xml:881 msgid "" "An explicit deny (!rhost) is resolved first. Second, SSSD searches for " "explicit allow (rhost) and finally for allow_all (*)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:848 +#: sssd-ldap.5.xml:886 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>rhost</quote> in order for the " @@ -5149,37 +5382,37 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:855 +#: sssd-ldap.5.xml:893 msgid "Default: rhost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:861 +#: sssd-ldap.5.xml:899 msgid "ldap_user_certificate (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:864 +#: sssd-ldap.5.xml:902 msgid "Name of the LDAP attribute containing the X509 certificate of the user." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:868 +#: sssd-ldap.5.xml:906 msgid "Default: userCertificate;binary" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:874 +#: sssd-ldap.5.xml:912 msgid "ldap_user_email (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:877 +#: sssd-ldap.5.xml:915 msgid "Name of the LDAP attribute containing the email address of the user." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:881 +#: sssd-ldap.5.xml:919 msgid "" "Note: If an email address of a user conflicts with an email address or fully " "qualified name of another user, then SSSD will not be able to serve those " @@ -5189,106 +5422,106 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:890 +#: sssd-ldap.5.xml:928 msgid "Default: mail" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:896 +#: sssd-ldap.5.xml:934 msgid "ldap_group_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:899 +#: sssd-ldap.5.xml:937 msgid "The object class of a group entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:902 +#: sssd-ldap.5.xml:940 msgid "Default: posixGroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:908 +#: sssd-ldap.5.xml:946 msgid "ldap_group_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:911 +#: sssd-ldap.5.xml:949 msgid "The LDAP attribute that corresponds to the group name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:915 +#: sssd-ldap.5.xml:953 msgid "Default: cn (rfc2307, rfc2307bis and IPA), sAMAccountName (AD)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:922 +#: sssd-ldap.5.xml:960 msgid "ldap_group_gid_number (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:925 +#: sssd-ldap.5.xml:963 msgid "The LDAP attribute that corresponds to the group's id." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:935 +#: sssd-ldap.5.xml:973 msgid "ldap_group_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:938 +#: sssd-ldap.5.xml:976 msgid "The LDAP attribute that contains the names of the group's members." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:942 +#: sssd-ldap.5.xml:980 msgid "Default: memberuid (rfc2307) / member (rfc2307bis)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:948 +#: sssd-ldap.5.xml:986 msgid "ldap_group_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:951 +#: sssd-ldap.5.xml:989 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:962 +#: sssd-ldap.5.xml:1000 msgid "ldap_group_objectsid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:965 +#: sssd-ldap.5.xml:1003 msgid "" "The LDAP attribute that contains the objectSID of an LDAP group object. This " "is usually only necessary for ActiveDirectory servers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:977 +#: sssd-ldap.5.xml:1015 msgid "ldap_group_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:990 +#: sssd-ldap.5.xml:1028 msgid "ldap_group_type (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:993 +#: sssd-ldap.5.xml:1031 msgid "" "The LDAP attribute that contains an integer value indicating the type of the " "group and maybe other flags." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:998 +#: sssd-ldap.5.xml:1036 msgid "" "This attribute is currently only used by the AD provider to determine if a " "group is a domain local groups and has to be filtered out for trusted " @@ -5296,34 +5529,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1004 +#: sssd-ldap.5.xml:1042 msgid "Default: groupType in the AD provider, otherwise not set" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1011 +#: sssd-ldap.5.xml:1049 msgid "ldap_group_external_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1014 +#: sssd-ldap.5.xml:1052 msgid "" "The LDAP attribute that references group members that are defined in an " "external domain. At the moment, only IPA's external members are supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1020 +#: sssd-ldap.5.xml:1058 msgid "Default: ipaExternalMember in the IPA provider, otherwise unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1027 +#: sssd-ldap.5.xml:1065 msgid "ldap_group_nesting_level (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1030 +#: sssd-ldap.5.xml:1068 msgid "" "If ldap_schema is set to a schema format that supports nested groups (e.g. " "RFC2307bis), then this option controls how many levels of nesting SSSD will " @@ -5331,7 +5564,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1037 +#: sssd-ldap.5.xml:1075 msgid "" "Note: This option specifies the guaranteed level of nested groups to be " "processed for any lookup. However, nested groups beyond this limit " @@ -5341,7 +5574,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1046 +#: sssd-ldap.5.xml:1084 msgid "" "If ldap_group_nesting_level is set to 0 then no nested groups are processed " "at all. However, when connected to Active-Directory Server 2008 and later " @@ -5351,177 +5584,177 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1055 +#: sssd-ldap.5.xml:1093 msgid "Default: 2" msgstr "Пешфарз: 2" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1064 +#: sssd-ldap.5.xml:1102 msgid "" "This options enables or disables use of Token-Groups attribute when " "performing initgroup for users from Active Directory Server 2008 and later." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1069 +#: sssd-ldap.5.xml:1107 msgid "Default: True for AD and IPA otherwise False." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1075 +#: sssd-ldap.5.xml:1113 msgid "ldap_netgroup_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1078 +#: sssd-ldap.5.xml:1116 msgid "The object class of a netgroup entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1081 +#: sssd-ldap.5.xml:1119 msgid "In IPA provider, ipa_netgroup_object_class should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1085 +#: sssd-ldap.5.xml:1123 msgid "Default: nisNetgroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1091 +#: sssd-ldap.5.xml:1129 msgid "ldap_netgroup_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1094 +#: sssd-ldap.5.xml:1132 msgid "The LDAP attribute that corresponds to the netgroup name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1098 +#: sssd-ldap.5.xml:1136 msgid "In IPA provider, ipa_netgroup_name should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1108 +#: sssd-ldap.5.xml:1146 msgid "ldap_netgroup_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1111 +#: sssd-ldap.5.xml:1149 msgid "The LDAP attribute that contains the names of the netgroup's members." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1115 +#: sssd-ldap.5.xml:1153 msgid "In IPA provider, ipa_netgroup_member should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1119 +#: sssd-ldap.5.xml:1157 msgid "Default: memberNisNetgroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1125 +#: sssd-ldap.5.xml:1163 msgid "ldap_netgroup_triple (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1128 +#: sssd-ldap.5.xml:1166 msgid "" "The LDAP attribute that contains the (host, user, domain) netgroup triples." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1132 sssd-ldap.5.xml:1148 +#: sssd-ldap.5.xml:1170 sssd-ldap.5.xml:1186 msgid "This option is not available in IPA provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1135 +#: sssd-ldap.5.xml:1173 msgid "Default: nisNetgroupTriple" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1141 +#: sssd-ldap.5.xml:1179 msgid "ldap_netgroup_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1157 +#: sssd-ldap.5.xml:1195 msgid "ldap_host_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1160 +#: sssd-ldap.5.xml:1198 msgid "The object class of a host entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1163 sssd-ldap.5.xml:1272 +#: sssd-ldap.5.xml:1201 sssd-ldap.5.xml:1310 msgid "Default: ipService" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1169 +#: sssd-ldap.5.xml:1207 msgid "ldap_host_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1172 sssd-ldap.5.xml:1198 +#: sssd-ldap.5.xml:1210 sssd-ldap.5.xml:1236 msgid "The LDAP attribute that corresponds to the host's name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1182 +#: sssd-ldap.5.xml:1220 msgid "ldap_host_fqdn (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1185 +#: sssd-ldap.5.xml:1223 msgid "" "The LDAP attribute that corresponds to the host's fully-qualified domain " "name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1189 +#: sssd-ldap.5.xml:1227 msgid "Default: fqdn" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1195 +#: sssd-ldap.5.xml:1233 msgid "ldap_host_serverhostname (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1202 +#: sssd-ldap.5.xml:1240 msgid "Default: serverHostname" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1208 +#: sssd-ldap.5.xml:1246 msgid "ldap_host_member_of (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1211 +#: sssd-ldap.5.xml:1249 msgid "The LDAP attribute that lists the host's group memberships." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1221 +#: sssd-ldap.5.xml:1259 msgid "ldap_host_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1224 +#: sssd-ldap.5.xml:1262 msgid "Optional. Use the given string as search base for host objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1228 sssd-ipa.5.xml:374 sssd-ipa.5.xml:393 +#: sssd-ldap.5.xml:1266 sssd-ipa.5.xml:374 sssd-ipa.5.xml:393 #: sssd-ipa.5.xml:412 sssd-ipa.5.xml:431 msgid "" "See <quote>ldap_search_base</quote> for information about configuring " @@ -5529,95 +5762,95 @@ msgid "" msgstr "" #. type: Content of: <listitem><para> -#: sssd-ldap.5.xml:1233 sssd-ipa.5.xml:379 include/ldap_search_bases.xml:27 +#: sssd-ldap.5.xml:1271 sssd-ipa.5.xml:379 include/ldap_search_bases.xml:27 msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1240 +#: sssd-ldap.5.xml:1278 msgid "ldap_host_ssh_public_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1243 +#: sssd-ldap.5.xml:1281 msgid "The LDAP attribute that contains the host's SSH public keys." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1253 +#: sssd-ldap.5.xml:1291 msgid "ldap_host_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1256 +#: sssd-ldap.5.xml:1294 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP host object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1266 +#: sssd-ldap.5.xml:1304 msgid "ldap_service_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1269 +#: sssd-ldap.5.xml:1307 msgid "The object class of a service entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1278 +#: sssd-ldap.5.xml:1316 msgid "ldap_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1281 +#: sssd-ldap.5.xml:1319 msgid "" "The LDAP attribute that contains the name of service attributes and their " "aliases." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1291 +#: sssd-ldap.5.xml:1329 msgid "ldap_service_port (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1294 +#: sssd-ldap.5.xml:1332 msgid "The LDAP attribute that contains the port managed by this service." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1298 +#: sssd-ldap.5.xml:1336 msgid "Default: ipServicePort" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1304 +#: sssd-ldap.5.xml:1342 msgid "ldap_service_proto (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1307 +#: sssd-ldap.5.xml:1345 msgid "" "The LDAP attribute that contains the protocols understood by this service." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1311 +#: sssd-ldap.5.xml:1349 msgid "Default: ipServiceProtocol" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1317 +#: sssd-ldap.5.xml:1355 msgid "ldap_service_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1322 +#: sssd-ldap.5.xml:1360 msgid "ldap_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1325 +#: sssd-ldap.5.xml:1363 msgid "" "Specifies the timeout (in seconds) that ldap searches are allowed to run " "before they are cancelled and cached results are returned (and offline mode " @@ -5625,7 +5858,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1331 +#: sssd-ldap.5.xml:1369 msgid "" "Note: this option is subject to change in future versions of the SSSD. It " "will likely be replaced at some point by a series of timeouts for specific " @@ -5633,12 +5866,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1343 +#: sssd-ldap.5.xml:1381 msgid "ldap_enumeration_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1346 +#: sssd-ldap.5.xml:1384 msgid "" "Specifies the timeout (in seconds) that ldap searches for user and group " "enumerations are allowed to run before they are cancelled and cached results " @@ -5646,12 +5879,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1359 +#: sssd-ldap.5.xml:1397 msgid "ldap_network_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1362 +#: sssd-ldap.5.xml:1400 msgid "" "Specifies the timeout (in seconds) after which the <citerefentry> " "<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" @@ -5662,12 +5895,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1385 +#: sssd-ldap.5.xml:1423 msgid "ldap_opt_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1388 +#: sssd-ldap.5.xml:1426 msgid "" "Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " "will abort if no response is received. Also controls the timeout when " @@ -5676,12 +5909,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1403 +#: sssd-ldap.5.xml:1441 msgid "ldap_connection_expire_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1406 +#: sssd-ldap.5.xml:1444 msgid "" "Specifies a timeout (in seconds) that a connection to an LDAP server will be " "maintained. After this time, the connection will be re-established. If used " @@ -5690,34 +5923,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1414 sssd-ldap.5.xml:2503 +#: sssd-ldap.5.xml:1452 sssd-ldap.5.xml:2572 msgid "Default: 900 (15 minutes)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1420 +#: sssd-ldap.5.xml:1458 msgid "ldap_page_size (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1423 +#: sssd-ldap.5.xml:1461 msgid "" "Specify the number of records to retrieve from LDAP in a single request. " "Some LDAP servers enforce a maximum limit per-request." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1428 +#: sssd-ldap.5.xml:1466 msgid "Default: 1000" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1434 +#: sssd-ldap.5.xml:1472 msgid "ldap_disable_paging (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1437 +#: sssd-ldap.5.xml:1475 msgid "" "Disable the LDAP paging control. This option should be used if the LDAP " "server reports that it supports the LDAP paging control in its RootDSE but " @@ -5725,14 +5958,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1443 +#: sssd-ldap.5.xml:1481 msgid "" "Example: OpenLDAP servers with the paging control module installed on the " "server but not enabled will report it in the RootDSE but be unable to use it." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1449 +#: sssd-ldap.5.xml:1487 msgid "" "Example: 389 DS has a bug where it can only support a one paging control at " "a time on a single connection. On busy clients, this can result in some " @@ -5740,17 +5973,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1461 +#: sssd-ldap.5.xml:1499 msgid "ldap_disable_range_retrieval (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1464 +#: sssd-ldap.5.xml:1502 msgid "Disable Active Directory range retrieval." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1467 +#: sssd-ldap.5.xml:1505 msgid "" "Active Directory limits the number of members to be retrieved in a single " "lookup using the MaxValRange policy (which defaults to 1500 members). If a " @@ -5760,12 +5993,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1482 +#: sssd-ldap.5.xml:1520 msgid "ldap_sasl_minssf (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1485 +#: sssd-ldap.5.xml:1523 msgid "" "When communicating with an LDAP server using SASL, specify the minimum " "security level necessary to establish the connection. The values of this " @@ -5773,17 +6006,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1491 +#: sssd-ldap.5.xml:1529 msgid "Default: Use the system default (usually specified by ldap.conf)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1498 +#: sssd-ldap.5.xml:1536 msgid "ldap_deref_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1501 +#: sssd-ldap.5.xml:1539 msgid "" "Specify the number of group members that must be missing from the internal " "cache in order to trigger a dereference lookup. If less members are missing, " @@ -5791,13 +6024,18 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1507 +#: sssd-ldap.5.xml:1545 msgid "" -"You can turn off dereference lookups completely by setting the value to 0." +"You can turn off dereference lookups completely by setting the value to 0. " +"Please note that there are some codepaths in SSSD, like the IPA HBAC " +"provider, that are only implemented using the dereference call, so even with " +"dereference explicitly disabled, those parts will still use dereference if " +"the server supports it and advertises the dereference control in the rootDSE " +"object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1511 +#: sssd-ldap.5.xml:1556 msgid "" "A dereference lookup is a means of fetching all group members in a single " "LDAP call. Different LDAP servers may implement different dereference " @@ -5806,7 +6044,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1519 +#: sssd-ldap.5.xml:1564 msgid "" "<emphasis>Note:</emphasis> If any of the search bases specifies a search " "filter, then the dereference lookup performance enhancement will be disabled " @@ -5814,26 +6052,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1532 +#: sssd-ldap.5.xml:1577 msgid "ldap_tls_reqcert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1535 +#: sssd-ldap.5.xml:1580 msgid "" "Specifies what checks to perform on server certificates in a TLS session, if " "any. It can be specified as one of the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1541 +#: sssd-ldap.5.xml:1586 msgid "" "<emphasis>never</emphasis> = The client will not request or check any server " "certificate." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1545 +#: sssd-ldap.5.xml:1590 msgid "" "<emphasis>allow</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -5841,7 +6079,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1552 +#: sssd-ldap.5.xml:1597 msgid "" "<emphasis>try</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -5849,7 +6087,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1558 +#: sssd-ldap.5.xml:1603 msgid "" "<emphasis>demand</emphasis> = The server certificate is requested. If no " "certificate is provided, or a bad certificate is provided, the session is " @@ -5857,41 +6095,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1564 +#: sssd-ldap.5.xml:1609 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1568 +#: sssd-ldap.5.xml:1613 msgid "Default: hard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1574 +#: sssd-ldap.5.xml:1619 msgid "ldap_tls_cacert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1577 +#: sssd-ldap.5.xml:1622 msgid "" "Specifies the file that contains certificates for all of the Certificate " "Authorities that <command>sssd</command> will recognize." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1582 sssd-ldap.5.xml:1600 sssd-ldap.5.xml:1641 +#: sssd-ldap.5.xml:1627 sssd-ldap.5.xml:1645 sssd-ldap.5.xml:1686 msgid "" "Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." "conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1589 +#: sssd-ldap.5.xml:1634 msgid "ldap_tls_cacertdir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1592 +#: sssd-ldap.5.xml:1637 msgid "" "Specifies the path of a directory that contains Certificate Authority " "certificates in separate individual files. Typically the file names need to " @@ -5900,32 +6138,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1607 +#: sssd-ldap.5.xml:1652 msgid "ldap_tls_cert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1610 +#: sssd-ldap.5.xml:1655 msgid "Specifies the file that contains the certificate for the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1620 +#: sssd-ldap.5.xml:1665 msgid "ldap_tls_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1623 +#: sssd-ldap.5.xml:1668 msgid "Specifies the file that contains the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1632 +#: sssd-ldap.5.xml:1677 msgid "ldap_tls_cipher_suite (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1635 +#: sssd-ldap.5.xml:1680 msgid "" "Specifies acceptable cipher suites. Typically this is a colon separated " "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " @@ -5933,24 +6171,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1648 +#: sssd-ldap.5.xml:1693 msgid "ldap_id_use_start_tls (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1651 +#: sssd-ldap.5.xml:1696 msgid "" "Specifies that the id_provider connection must also use <systemitem class=" "\"protocol\">tls</systemitem> to protect the channel." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1661 +#: sssd-ldap.5.xml:1706 msgid "ldap_id_mapping (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1664 +#: sssd-ldap.5.xml:1709 msgid "" "Specifies that SSSD should attempt to map user and group IDs from the " "ldap_user_objectsid and ldap_group_objectsid attributes instead of relying " @@ -5958,17 +6196,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1670 +#: sssd-ldap.5.xml:1715 msgid "Currently this feature supports only ActiveDirectory objectSID mapping." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1680 +#: sssd-ldap.5.xml:1725 msgid "ldap_min_id, ldap_max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1683 +#: sssd-ldap.5.xml:1728 msgid "" "In contrast to the SID based ID mapping which is used if ldap_id_mapping is " "set to true the allowed ID range for ldap_user_uid_number and " @@ -5979,29 +6217,40 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1695 +#: sssd-ldap.5.xml:1740 msgid "Default: not set (both options are set to 0)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1701 +#: sssd-ldap.5.xml:1746 msgid "ldap_sasl_mech (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1704 +#: sssd-ldap.5.xml:1749 msgid "" -"Specify the SASL mechanism to use. Currently only GSSAPI is tested and " -"supported." +"Specify the SASL mechanism to use. Currently only GSSAPI and GSS-SPNEGO are " +"tested and supported." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1753 +msgid "" +"If the backend supports sub-domains the value of ldap_sasl_mech is " +"automatically inherited to the sub-domains. If a different value is needed " +"for a sub-domain it can be overwritten by setting ldap_sasl_mech for this " +"sub-domain explicitly. Please see TRUSTED DOMAIN SECTION in " +"<citerefentry><refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" +"manvolnum></citerefentry> for details." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1714 +#: sssd-ldap.5.xml:1769 msgid "ldap_sasl_authid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ldap.5.xml:1725 +#: sssd-ldap.5.xml:1781 #, no-wrap msgid "" "hostname@REALM\n" @@ -6014,29 +6263,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1717 +#: sssd-ldap.5.xml:1772 msgid "" -"Specify the SASL authorization id to use. When GSSAPI is used, this " -"represents the Kerberos principal used for authentication to the directory. " -"This option can either contain the full principal (for example host/" -"myhost@EXAMPLE.COM) or just the principal name (for example host/myhost). By " -"default, the value is not set and the following principals are used: " -"<placeholder type=\"programlisting\" id=\"0\"/> If none of them are found, " -"the first principal in keytab is returned." +"Specify the SASL authorization id to use. When GSSAPI/GSS-SPNEGO are used, " +"this represents the Kerberos principal used for authentication to the " +"directory. This option can either contain the full principal (for example " +"host/myhost@EXAMPLE.COM) or just the principal name (for example host/" +"myhost). By default, the value is not set and the following principals are " +"used: <placeholder type=\"programlisting\" id=\"0\"/> If none of them are " +"found, the first principal in keytab is returned." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1736 +#: sssd-ldap.5.xml:1792 msgid "Default: host/hostname@REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1742 +#: sssd-ldap.5.xml:1798 msgid "ldap_sasl_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1745 +#: sssd-ldap.5.xml:1801 msgid "" "Specify the SASL realm to use. When not specified, this option defaults to " "the value of krb5_realm. If the ldap_sasl_authid contains the realm as " @@ -6044,77 +6293,78 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1751 +#: sssd-ldap.5.xml:1807 msgid "Default: the value of krb5_realm." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1757 +#: sssd-ldap.5.xml:1813 msgid "ldap_sasl_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1760 +#: sssd-ldap.5.xml:1816 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1765 +#: sssd-ldap.5.xml:1821 msgid "Default: false;" msgstr "Пешфарз: false;" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1771 +#: sssd-ldap.5.xml:1827 msgid "ldap_krb5_keytab (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1774 -msgid "Specify the keytab to use when using SASL/GSSAPI." +#: sssd-ldap.5.xml:1830 +msgid "Specify the keytab to use when using SASL/GSSAPI/GSS-SPNEGO." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1777 +#: sssd-ldap.5.xml:1834 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1783 +#: sssd-ldap.5.xml:1840 msgid "ldap_krb5_init_creds (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1786 +#: sssd-ldap.5.xml:1843 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " -"GSSAPI." +"GSSAPI or GSS-SPNEGO." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1798 +#: sssd-ldap.5.xml:1855 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1801 -msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." +#: sssd-ldap.5.xml:1858 +msgid "" +"Specifies the lifetime in seconds of the TGT if GSSAPI or GSS-SPNEGO is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1805 sssd-ad.5.xml:959 +#: sssd-ldap.5.xml:1862 sssd-ad.5.xml:978 msgid "Default: 86400 (24 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1811 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:1868 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1814 +#: sssd-ldap.5.xml:1871 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of preference. " @@ -6126,7 +6376,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1826 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:1883 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -6134,7 +6384,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1831 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1888 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " @@ -6142,39 +6392,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1840 sssd-ipa.5.xml:443 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1897 sssd-ipa.5.xml:443 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1843 -msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." +#: sssd-ldap.5.xml:1900 +msgid "Specify the Kerberos REALM (for SASL/GSSAPI/GSS-SPNEGO auth)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1846 +#: sssd-ldap.5.xml:1904 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1852 sssd-krb5.5.xml:462 +#: sssd-ldap.5.xml:1910 sssd-krb5.5.xml:462 msgid "krb5_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1855 +#: sssd-ldap.5.xml:1913 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1867 sssd-krb5.5.xml:477 +#: sssd-ldap.5.xml:1925 sssd-krb5.5.xml:477 msgid "krb5_use_kdcinfo (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1870 sssd-krb5.5.xml:480 +#: sssd-ldap.5.xml:1928 sssd-krb5.5.xml:480 msgid "" "Specifies if the SSSD should instruct the Kerberos libraries what realm and " "which KDCs to use. This option is on by default, if you disable it, you need " @@ -6184,7 +6434,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1881 sssd-krb5.5.xml:491 +#: sssd-ldap.5.xml:1939 sssd-krb5.5.xml:491 msgid "" "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more " @@ -6192,26 +6442,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1895 +#: sssd-ldap.5.xml:1953 msgid "ldap_pwd_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1898 +#: sssd-ldap.5.xml:1956 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1903 +#: sssd-ldap.5.xml:1961 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1908 +#: sssd-ldap.5.xml:1966 msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " @@ -6219,7 +6469,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1914 +#: sssd-ldap.5.xml:1972 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " @@ -6227,31 +6477,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1923 +#: sssd-ldap.5.xml:1981 msgid "" "<emphasis>Note</emphasis>: if a password policy is configured on server " "side, it always takes precedence over policy set with this option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1931 +#: sssd-ldap.5.xml:1989 msgid "ldap_referrals (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1934 +#: sssd-ldap.5.xml:1992 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1938 +#: sssd-ldap.5.xml:1996 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1943 +#: sssd-ldap.5.xml:2001 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " @@ -6260,56 +6510,56 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1957 +#: sssd-ldap.5.xml:2015 msgid "ldap_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1960 +#: sssd-ldap.5.xml:2018 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1964 +#: sssd-ldap.5.xml:2022 msgid "Default: ldap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1970 +#: sssd-ldap.5.xml:2028 msgid "ldap_chpass_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1973 +#: sssd-ldap.5.xml:2031 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1978 +#: sssd-ldap.5.xml:2036 msgid "Default: not set, i.e. service discovery is disabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1984 +#: sssd-ldap.5.xml:2042 msgid "ldap_chpass_update_last_change (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1987 +#: sssd-ldap.5.xml:2045 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1999 +#: sssd-ldap.5.xml:2057 msgid "ldap_access_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2002 +#: sssd-ldap.5.xml:2060 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -6325,12 +6575,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2022 +#: sssd-ldap.5.xml:2080 msgid "Example:" msgstr "Намуна:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:2025 +#: sssd-ldap.5.xml:2083 #, no-wrap msgid "" "access_provider = ldap\n" @@ -6339,14 +6589,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2029 +#: sssd-ldap.5.xml:2087 msgid "" "This example means that access to this host is restricted to users whose " "employeeType attribute is set to \"admin\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2034 +#: sssd-ldap.5.xml:2092 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -6355,24 +6605,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2042 sssd-ldap.5.xml:2099 +#: sssd-ldap.5.xml:2100 sssd-ldap.5.xml:2157 msgid "Default: Empty" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2048 +#: sssd-ldap.5.xml:2106 msgid "ldap_account_expire_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2051 +#: sssd-ldap.5.xml:2109 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2055 +#: sssd-ldap.5.xml:2113 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -6380,19 +6630,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2062 +#: sssd-ldap.5.xml:2120 msgid "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2065 +#: sssd-ldap.5.xml:2123 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2070 +#: sssd-ldap.5.xml:2128 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -6401,7 +6651,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2077 +#: sssd-ldap.5.xml:2135 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " @@ -6409,7 +6659,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2083 +#: sssd-ldap.5.xml:2141 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -6418,7 +6668,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2092 +#: sssd-ldap.5.xml:2150 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>expire</quote> in order for the " @@ -6426,22 +6676,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2105 +#: sssd-ldap.5.xml:2163 msgid "ldap_access_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2108 +#: sssd-ldap.5.xml:2166 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2112 +#: sssd-ldap.5.xml:2170 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2115 +#: sssd-ldap.5.xml:2173 msgid "" "<emphasis>lockout</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -6451,14 +6701,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2125 +#: sssd-ldap.5.xml:2183 msgid "" "<emphasis> Please note that this option is superseded by the <quote>ppolicy</" "quote> option and might be removed in a future release. </emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2132 +#: sssd-ldap.5.xml:2190 msgid "" "<emphasis>ppolicy</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -6471,12 +6721,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2149 +#: sssd-ldap.5.xml:2207 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2153 +#: sssd-ldap.5.xml:2211 msgid "" "<emphasis>pwd_expire_policy_reject, pwd_expire_policy_warn, " "pwd_expire_policy_renew: </emphasis> These options are useful if users are " @@ -6486,7 +6736,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2163 +#: sssd-ldap.5.xml:2221 msgid "" "The difference between these options is the action taken if user password is " "expired: pwd_expire_policy_reject - user is denied to log in, " @@ -6496,63 +6746,63 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2171 +#: sssd-ldap.5.xml:2229 msgid "" "Note If user password is expired no explicit message is prompted by SSSD." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2175 +#: sssd-ldap.5.xml:2233 msgid "" "Please note that 'access_provider = ldap' must be set for this feature to " "work. Also 'ldap_pwd_policy' must be set to an appropriate password policy." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2180 +#: sssd-ldap.5.xml:2238 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2185 +#: sssd-ldap.5.xml:2243 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2189 +#: sssd-ldap.5.xml:2247 msgid "" "<emphasis>rhost</emphasis>: use the rhost attribute to determine whether " "remote host can access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2193 +#: sssd-ldap.5.xml:2251 msgid "" "Please note, rhost field in pam is set by application, it is better to check " "what the application sends to pam, before enabling this access control option" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2198 +#: sssd-ldap.5.xml:2256 msgid "Default: filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2201 +#: sssd-ldap.5.xml:2259 msgid "" "Please note that it is a configuration error if a value is used more than " "once." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2208 +#: sssd-ldap.5.xml:2266 msgid "ldap_pwdlockout_dn (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2211 +#: sssd-ldap.5.xml:2269 msgid "" "This option specifies the DN of password policy entry on LDAP server. Please " "note that absence of this option in sssd.conf in case of enabled account " @@ -6561,74 +6811,74 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2219 +#: sssd-ldap.5.xml:2277 msgid "Example: cn=ppolicy,ou=policies,dc=example,dc=com" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2222 +#: sssd-ldap.5.xml:2280 msgid "Default: cn=ppolicy,ou=policies,$ldap_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2228 +#: sssd-ldap.5.xml:2286 msgid "ldap_deref (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2231 +#: sssd-ldap.5.xml:2289 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2236 +#: sssd-ldap.5.xml:2294 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2240 +#: sssd-ldap.5.xml:2298 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2245 +#: sssd-ldap.5.xml:2303 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2250 +#: sssd-ldap.5.xml:2308 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2255 +#: sssd-ldap.5.xml:2313 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2263 +#: sssd-ldap.5.xml:2321 msgid "ldap_rfc2307_fallback_to_local_users (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2266 +#: sssd-ldap.5.xml:2324 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2270 +#: sssd-ldap.5.xml:2328 msgid "" "In some environments where the RFC2307 schema is used, local users are made " "members of LDAP groups by adding their names to the memberUid attribute. " @@ -6639,7 +6889,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2281 +#: sssd-ldap.5.xml:2339 msgid "" "This option falls back to checking if local users are referenced, and caches " "them so that later initgroups() calls will augment the local users with the " @@ -6647,24 +6897,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2293 sssd-ifp.5.xml:136 +#: sssd-ldap.5.xml:2351 sssd-ifp.5.xml:136 msgid "wildcard_limit (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2296 +#: sssd-ldap.5.xml:2354 msgid "" "Specifies an upper limit on the number of entries that are downloaded during " "a wildcard lookup." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2300 +#: sssd-ldap.5.xml:2358 msgid "At the moment, only the InfoPipe responder supports wildcard lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2304 +#: sssd-ldap.5.xml:2362 msgid "Default: 1000 (often the size of one page)" msgstr "" @@ -6679,12 +6929,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2314 +#: sssd-ldap.5.xml:2372 msgid "SUDO OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2316 +#: sssd-ldap.5.xml:2374 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -6692,317 +6942,327 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2327 +#: sssd-ldap.5.xml:2385 msgid "ldap_sudorule_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2330 +#: sssd-ldap.5.xml:2388 msgid "The object class of a sudo rule entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2333 +#: sssd-ldap.5.xml:2391 msgid "Default: sudoRole" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2339 +#: sssd-ldap.5.xml:2397 msgid "ldap_sudorule_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2342 +#: sssd-ldap.5.xml:2400 msgid "The LDAP attribute that corresponds to the sudo rule name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2352 +#: sssd-ldap.5.xml:2410 msgid "ldap_sudorule_command (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2355 +#: sssd-ldap.5.xml:2413 msgid "The LDAP attribute that corresponds to the command name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2359 +#: sssd-ldap.5.xml:2417 msgid "Default: sudoCommand" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2365 +#: sssd-ldap.5.xml:2423 msgid "ldap_sudorule_host (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2368 +#: sssd-ldap.5.xml:2426 msgid "" "The LDAP attribute that corresponds to the host name (or host IP address, " "host IP network, or host netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2373 +#: sssd-ldap.5.xml:2431 msgid "Default: sudoHost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2379 +#: sssd-ldap.5.xml:2437 msgid "ldap_sudorule_user (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2382 +#: sssd-ldap.5.xml:2440 msgid "" "The LDAP attribute that corresponds to the user name (or UID, group name or " "user's netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2386 +#: sssd-ldap.5.xml:2444 msgid "Default: sudoUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2392 +#: sssd-ldap.5.xml:2450 msgid "ldap_sudorule_option (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2395 +#: sssd-ldap.5.xml:2453 msgid "The LDAP attribute that corresponds to the sudo options." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2399 +#: sssd-ldap.5.xml:2457 msgid "Default: sudoOption" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2405 +#: sssd-ldap.5.xml:2463 msgid "ldap_sudorule_runasuser (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2408 +#: sssd-ldap.5.xml:2466 msgid "" "The LDAP attribute that corresponds to the user name that commands may be " "run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2412 +#: sssd-ldap.5.xml:2470 msgid "Default: sudoRunAsUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2418 +#: sssd-ldap.5.xml:2476 msgid "ldap_sudorule_runasgroup (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2421 +#: sssd-ldap.5.xml:2479 msgid "" "The LDAP attribute that corresponds to the group name or group GID that " "commands may be run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2425 +#: sssd-ldap.5.xml:2483 msgid "Default: sudoRunAsGroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2431 +#: sssd-ldap.5.xml:2489 msgid "ldap_sudorule_notbefore (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2434 +#: sssd-ldap.5.xml:2492 msgid "" "The LDAP attribute that corresponds to the start date/time for when the sudo " "rule is valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2438 +#: sssd-ldap.5.xml:2496 msgid "Default: sudoNotBefore" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2444 +#: sssd-ldap.5.xml:2502 msgid "ldap_sudorule_notafter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2447 +#: sssd-ldap.5.xml:2505 msgid "" "The LDAP attribute that corresponds to the expiration date/time, after which " "the sudo rule will no longer be valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2452 +#: sssd-ldap.5.xml:2510 msgid "Default: sudoNotAfter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2458 +#: sssd-ldap.5.xml:2516 msgid "ldap_sudorule_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2461 +#: sssd-ldap.5.xml:2519 msgid "The LDAP attribute that corresponds to the ordering index of the rule." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2465 +#: sssd-ldap.5.xml:2523 msgid "Default: sudoOrder" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2471 +#: sssd-ldap.5.xml:2529 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2474 +#: sssd-ldap.5.xml:2532 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2479 +#: sssd-ldap.5.xml:2537 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </" "emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2484 +#: sssd-ldap.5.xml:2542 msgid "Default: 21600 (6 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2490 +#: sssd-ldap.5.xml:2548 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2493 +#: sssd-ldap.5.xml:2551 msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " -"rules (which downloads all rules that have USN higher than the highest USN " -"of cached rules)." +"rules (which downloads all rules that have USN higher than the highest " +"server USN value that is currently known by SSSD)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2499 +#: sssd-ldap.5.xml:2557 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:2561 +msgid "" +"<emphasis>Note:</emphasis> the highest USN value can be updated by three " +"tasks: 1) By sudo full and smart refresh (if updated rules are found), 2) by " +"enumeration of users and groups (if enabled and updated users or groups are " +"found) and 3) by reconnecting to the server (by default every 15 minutes, " +"see <emphasis>ldap_connection_expire_timeout</emphasis>)." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2509 +#: sssd-ldap.5.xml:2578 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2512 +#: sssd-ldap.5.xml:2581 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2523 +#: sssd-ldap.5.xml:2592 msgid "ldap_sudo_hostnames (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2526 +#: sssd-ldap.5.xml:2595 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2531 +#: sssd-ldap.5.xml:2600 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2536 sssd-ldap.5.xml:2559 sssd-ldap.5.xml:2577 -#: sssd-ldap.5.xml:2595 +#: sssd-ldap.5.xml:2605 sssd-ldap.5.xml:2628 sssd-ldap.5.xml:2646 +#: sssd-ldap.5.xml:2664 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</" "emphasis> then this option has no effect." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2541 sssd-ldap.5.xml:2564 +#: sssd-ldap.5.xml:2610 sssd-ldap.5.xml:2633 msgid "Default: not specified" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2547 +#: sssd-ldap.5.xml:2616 msgid "ldap_sudo_ip (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2550 +#: sssd-ldap.5.xml:2619 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2555 +#: sssd-ldap.5.xml:2624 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2570 +#: sssd-ldap.5.xml:2639 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2573 +#: sssd-ldap.5.xml:2642 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2588 +#: sssd-ldap.5.xml:2657 msgid "ldap_sudo_include_regexp (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2591 +#: sssd-ldap.5.xml:2660 msgid "" "If true then SSSD will download every rule that contains a wildcard in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><note><para> -#: sssd-ldap.5.xml:2601 +#: sssd-ldap.5.xml:2670 msgid "" "Using wildcard is an operation that is very costly to evaluate on the LDAP " "server side!" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2613 +#: sssd-ldap.5.xml:2682 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -7011,111 +7271,111 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2623 +#: sssd-ldap.5.xml:2692 msgid "AUTOFS OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2625 +#: sssd-ldap.5.xml:2694 msgid "" "Some of the defaults for the parameters below are dependent on the LDAP " "schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2631 +#: sssd-ldap.5.xml:2700 msgid "ldap_autofs_map_master_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2634 +#: sssd-ldap.5.xml:2703 msgid "The name of the automount master map in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2637 +#: sssd-ldap.5.xml:2706 msgid "Default: auto.master" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2644 +#: sssd-ldap.5.xml:2713 msgid "ldap_autofs_map_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2647 +#: sssd-ldap.5.xml:2716 msgid "The object class of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2650 +#: sssd-ldap.5.xml:2719 msgid "Default: nisMap (rfc2307, autofs_provider=ad), otherwise automountMap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2658 +#: sssd-ldap.5.xml:2727 msgid "ldap_autofs_map_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2661 +#: sssd-ldap.5.xml:2730 msgid "The name of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2664 +#: sssd-ldap.5.xml:2733 msgid "" "Default: nisMapName (rfc2307, autofs_provider=ad), otherwise automountMapName" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2672 +#: sssd-ldap.5.xml:2741 msgid "ldap_autofs_entry_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2675 +#: sssd-ldap.5.xml:2744 msgid "" "The object class of an automount entry in LDAP. The entry usually " "corresponds to a mount point." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2680 +#: sssd-ldap.5.xml:2749 msgid "Default: nisObject (rfc2307, autofs_provider=ad), otherwise automount" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2688 +#: sssd-ldap.5.xml:2757 msgid "ldap_autofs_entry_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2691 sssd-ldap.5.xml:2706 +#: sssd-ldap.5.xml:2760 sssd-ldap.5.xml:2775 msgid "" "The key of an automount entry in LDAP. The entry usually corresponds to a " "mount point." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2695 +#: sssd-ldap.5.xml:2764 msgid "Default: cn (rfc2307, autofs_provider=ad), otherwise automountKey" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2703 +#: sssd-ldap.5.xml:2772 msgid "ldap_autofs_entry_value (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2710 +#: sssd-ldap.5.xml:2779 msgid "" "Default: nisMapEntry (rfc2307, autofs_provider=ad), otherwise " "automountInformation" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2629 +#: sssd-ldap.5.xml:2698 msgid "" "<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" "\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " @@ -7124,32 +7384,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2721 +#: sssd-ldap.5.xml:2790 msgid "ADVANCED OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2728 +#: sssd-ldap.5.xml:2797 msgid "ldap_netgroup_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2733 +#: sssd-ldap.5.xml:2802 msgid "ldap_user_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2738 +#: sssd-ldap.5.xml:2807 msgid "ldap_group_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note> -#: sssd-ldap.5.xml:2743 +#: sssd-ldap.5.xml:2812 msgid "<note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note><para> -#: sssd-ldap.5.xml:2745 +#: sssd-ldap.5.xml:2814 msgid "" "If the option <quote>ldap_use_tokengroups</quote> is enabled, the searches " "against Active Directory will not be restricted and return all groups " @@ -7158,22 +7418,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist> -#: sssd-ldap.5.xml:2752 +#: sssd-ldap.5.xml:2821 msgid "</note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2754 +#: sssd-ldap.5.xml:2823 msgid "ldap_sudo_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2759 +#: sssd-ldap.5.xml:2828 msgid "ldap_autofs_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2723 +#: sssd-ldap.5.xml:2792 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -7182,14 +7442,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2774 sssd-simple.5.xml:131 sssd-ipa.5.xml:843 -#: sssd-ad.5.xml:1078 sssd-krb5.5.xml:570 sss_rpcidmapd.5.xml:98 +#: sssd-ldap.5.xml:2843 sssd-simple.5.xml:131 sssd-ipa.5.xml:843 +#: sssd-ad.5.xml:1097 sssd-krb5.5.xml:604 sss_rpcidmapd.5.xml:98 #: sssd-files.5.xml:130 sssd-session-recording.5.xml:144 msgid "EXAMPLE" msgstr "НАМУНА" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2776 +#: sssd-ldap.5.xml:2845 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -7197,7 +7457,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2782 +#: sssd-ldap.5.xml:2851 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -7210,27 +7470,27 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:2781 sssd-ldap.5.xml:2799 sssd-simple.5.xml:139 -#: sssd-ipa.5.xml:851 sssd-ad.5.xml:1086 sssd-sudo.5.xml:56 sssd-krb5.5.xml:579 +#: sssd-ldap.5.xml:2850 sssd-ldap.5.xml:2868 sssd-simple.5.xml:139 +#: sssd-ipa.5.xml:851 sssd-ad.5.xml:1105 sssd-sudo.5.xml:56 sssd-krb5.5.xml:613 #: sssd-files.5.xml:137 sssd-files.5.xml:148 sssd-session-recording.5.xml:150 #: include/ldap_id_mapping.xml:105 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2793 +#: sssd-ldap.5.xml:2862 msgid "LDAP ACCESS FILTER EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2795 +#: sssd-ldap.5.xml:2864 msgid "" "The following example assumes that SSSD is correctly configured and to use " "the ldap_access_order=lockout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2800 +#: sssd-ldap.5.xml:2869 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -7246,13 +7506,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2815 sssd_krb5_locator_plugin.8.xml:81 sssd-simple.5.xml:148 -#: sssd-ad.5.xml:1101 sssd.8.xml:257 sss_seed.8.xml:163 +#: sssd-ldap.5.xml:2884 sssd_krb5_locator_plugin.8.xml:83 sssd-simple.5.xml:148 +#: sssd-ad.5.xml:1120 sssd.8.xml:257 sss_seed.8.xml:163 msgid "NOTES" msgstr "ЭЗОҲҲО" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2817 +#: sssd-ldap.5.xml:2886 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -7465,7 +7725,7 @@ msgstr "" msgid "" "Try to use certificate based authentication, i.e. authentication with a " "Smartcard or similar devices. If a Smartcard is available and the service is " -"allowed for Smartcard authentication the use will be prompted for a PIN and " +"allowed for Smartcard authentication the user will be prompted for a PIN and " "the certificate based authentication will continue" msgstr "" @@ -7512,13 +7772,22 @@ msgid "" "<option>password</option> and <option>session</option>) are provided." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para> +#: pam_sss.8.xml:259 +msgid "" +"If SSSD's PAM responder is not running, e.g. if the PAM responder socket is " +"not available, pam_sss will return PAM_USER_UNKNOWN when called as " +"<option>account</option> module to avoid issues with users from other " +"sources during access control." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><title> -#: pam_sss.8.xml:262 +#: pam_sss.8.xml:266 msgid "FILES" msgstr "ФАЙЛҲО" #. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:263 +#: pam_sss.8.xml:267 msgid "" "If a password reset by root fails, because the corresponding SSSD provider " "does not support password resets, an individual message can be displayed. " @@ -7526,7 +7795,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:268 +#: pam_sss.8.xml:272 msgid "" "The message is read from the file <filename>pam_sss_pw_reset_message.LOC</" "filename> where LOC stands for a locale string returned by <citerefentry> " @@ -7538,7 +7807,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:278 +#: pam_sss.8.xml:282 msgid "" "These files are searched in the directory <filename>/etc/sssd/customize/" "DOMAIN_NAME/</filename>. If no matching file is present a generic message is " @@ -7588,34 +7857,44 @@ msgstr "" msgid "" "The plugin reads the information about the KDCs of a given realm from a file " "called <filename>kdcinfo.REALM</filename>. The file should contain one or " -"more IP addresses either in dotted-decimal IPv4 notation or the hexadecimal " -"IPv6 notation. An optional port number can be added to the end separated " -"with a colon, the IPv6 address has to be enclosed in squared brackets in " -"this case as usual. Valid entries are:" +"more DNS names or IP addresses either in dotted-decimal IPv4 notation or the " +"hexadecimal IPv6 notation. An optional port number can be added to the end " +"separated with a colon, the IPv6 address has to be enclosed in squared " +"brackets in this case as usual. Valid entries are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> #: sssd_krb5_locator_plugin.8.xml:58 -msgid "1.2.3.4" +msgid "kdc.example.com" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> #: sssd_krb5_locator_plugin.8.xml:59 -msgid "5.6.7.8:99" +msgid "kdc.example.com:321" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> #: sssd_krb5_locator_plugin.8.xml:60 -msgid "2001:db8:85a3::8a2e:370:7334" +msgid "1.2.3.4" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> #: sssd_krb5_locator_plugin.8.xml:61 +msgid "5.6.7.8:99" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd_krb5_locator_plugin.8.xml:62 +msgid "2001:db8:85a3::8a2e:370:7334" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd_krb5_locator_plugin.8.xml:63 msgid "[2001:db8:85a3::8a2e:370:7334]:321" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:63 +#: sssd_krb5_locator_plugin.8.xml:65 msgid "" "SSSD's krb5 auth-provider which is used by the IPA and AD providers as well " "adds the address of the current KDC or domain controller SSSD is using to " @@ -7623,7 +7902,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:68 +#: sssd_krb5_locator_plugin.8.xml:70 msgid "" "In environments with read-only and read-write KDCs where clients are " "expected to use the read-only instances for the general operations and only " @@ -7636,7 +7915,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:83 +#: sssd_krb5_locator_plugin.8.xml:85 msgid "" "Not all Kerberos implementations support the use of plugins. If " "<command>sssd_krb5_locator_plugin</command> is not available on your system " @@ -7644,20 +7923,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:89 +#: sssd_krb5_locator_plugin.8.xml:91 msgid "" "If the environment variable SSSD_KRB5_LOCATOR_DEBUG is set to any value " "debug messages will be sent to stderr." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:93 +#: sssd_krb5_locator_plugin.8.xml:95 msgid "" "If the environment variable SSSD_KRB5_LOCATOR_DISABLE is set to any value " "the plugin is disabled and will just return KRB5_PLUGIN_NO_HANDLE to the " "caller." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:100 +msgid "" +"If the environment variable SSSD_KRB5_LOCATOR_IGNORE_DNS_FAILURES is set to " +"any value plugin will try to resolve all DNS names in kdcinfo file. By " +"default plugin returns KRB5_PLUGIN_NO_HANDLE to the caller immediately on " +"first DNS resolving failure." +msgstr "" + #. type: Content of: <reference><refentry><refnamediv><refname> #: sssd-simple.5.xml:10 sssd-simple.5.xml:16 msgid "sssd-simple" @@ -8754,7 +9042,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:128 sssd-ad.5.xml:888 +#: sssd-ipa.5.xml:128 sssd-ad.5.xml:907 msgid "dyndns_update (boolean)" msgstr "" @@ -8769,7 +9057,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:140 sssd-ad.5.xml:902 +#: sssd-ipa.5.xml:140 sssd-ad.5.xml:921 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" @@ -8784,12 +9072,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:157 sssd-ad.5.xml:913 +#: sssd-ipa.5.xml:157 sssd-ad.5.xml:932 msgid "dyndns_ttl (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:160 sssd-ad.5.xml:916 +#: sssd-ipa.5.xml:160 sssd-ad.5.xml:935 msgid "" "The TTL to apply to the client DNS record when updating it. If " "dyndns_update is false this has no effect. This will override the TTL " @@ -8810,12 +9098,12 @@ msgid "Default: 1200 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:177 sssd-ad.5.xml:927 +#: sssd-ipa.5.xml:177 sssd-ad.5.xml:946 msgid "dyndns_iface (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:180 sssd-ad.5.xml:930 +#: sssd-ipa.5.xml:180 sssd-ad.5.xml:949 msgid "" "Optional. Applicable only when dyndns_update is true. Choose the interface " "or a list of interfaces whose IP addresses should be used for dynamic DNS " @@ -8839,17 +9127,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:197 sssd-ad.5.xml:941 +#: sssd-ipa.5.xml:197 sssd-ad.5.xml:960 msgid "Example: dyndns_iface = em1, vnet1, vnet2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:203 sssd-ad.5.xml:992 +#: sssd-ipa.5.xml:203 sssd-ad.5.xml:1011 msgid "dyndns_auth (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:206 sssd-ad.5.xml:995 +#: sssd-ipa.5.xml:206 sssd-ad.5.xml:1014 msgid "" "Whether the nsupdate utility should use GSS-TSIG authentication for secure " "updates with the DNS server, insecure updates can be sent by setting this " @@ -8857,7 +9145,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:212 sssd-ad.5.xml:1001 +#: sssd-ipa.5.xml:212 sssd-ad.5.xml:1020 msgid "Default: GSS-TSIG" msgstr "" @@ -8884,7 +9172,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:244 sssd-ad.5.xml:947 +#: sssd-ipa.5.xml:244 sssd-ad.5.xml:966 msgid "dyndns_refresh_interval (integer)" msgstr "" @@ -8897,12 +9185,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:260 sssd-ad.5.xml:965 +#: sssd-ipa.5.xml:260 sssd-ad.5.xml:984 msgid "dyndns_update_ptr (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:263 sssd-ad.5.xml:968 +#: sssd-ipa.5.xml:263 sssd-ad.5.xml:987 msgid "" "Whether the PTR record should also be explicitly updated when updating the " "client's DNS records. Applicable only when dyndns_update is true." @@ -8921,60 +9209,60 @@ msgid "Default: False (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:280 sssd-ad.5.xml:979 +#: sssd-ipa.5.xml:280 sssd-ad.5.xml:998 msgid "dyndns_force_tcp (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:283 sssd-ad.5.xml:982 +#: sssd-ipa.5.xml:283 sssd-ad.5.xml:1001 msgid "" "Whether the nsupdate utility should default to using TCP for communicating " "with the DNS server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:287 sssd-ad.5.xml:986 +#: sssd-ipa.5.xml:287 sssd-ad.5.xml:1005 msgid "Default: False (let nsupdate choose the protocol)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:293 sssd-ad.5.xml:1007 +#: sssd-ipa.5.xml:293 sssd-ad.5.xml:1026 msgid "dyndns_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:296 sssd-ad.5.xml:1010 +#: sssd-ipa.5.xml:296 sssd-ad.5.xml:1029 msgid "" "The DNS server to use when performing a DNS update. In most setups, it's " "recommended to leave this option unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:301 sssd-ad.5.xml:1015 +#: sssd-ipa.5.xml:301 sssd-ad.5.xml:1034 msgid "" "Setting this option makes sense for environments where the DNS server is " "different from the identity server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:306 sssd-ad.5.xml:1020 +#: sssd-ipa.5.xml:306 sssd-ad.5.xml:1039 msgid "" "Please note that this option will be only used in fallback attempt when " "previous attempt using autodetected settings failed." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:311 sssd-ad.5.xml:1025 +#: sssd-ipa.5.xml:311 sssd-ad.5.xml:1044 msgid "Default: None (let nsupdate choose the server)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:317 sssd-ad.5.xml:1031 +#: sssd-ipa.5.xml:317 sssd-ad.5.xml:1050 msgid "dyndns_update_per_family (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:320 sssd-ad.5.xml:1034 +#: sssd-ipa.5.xml:320 sssd-ad.5.xml:1053 msgid "" "DNS update is by default performed in two steps - IPv4 update and then IPv6 " "update. In some cases it might be desirable to perform IPv4 and IPv6 update " @@ -9088,26 +9376,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:458 sssd-ad.5.xml:1049 +#: sssd-ipa.5.xml:458 sssd-ad.5.xml:1068 msgid "krb5_confd_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:461 sssd-ad.5.xml:1052 +#: sssd-ipa.5.xml:461 sssd-ad.5.xml:1071 msgid "" "Absolute path of a directory where SSSD should place Kerberos configuration " "snippets." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:465 sssd-ad.5.xml:1056 +#: sssd-ipa.5.xml:465 sssd-ad.5.xml:1075 msgid "" "To disable the creation of the configuration snippets set the parameter to " "'none'." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:469 sssd-ad.5.xml:1060 +#: sssd-ipa.5.xml:469 sssd-ad.5.xml:1079 msgid "" "Default: not set (krb5.include.d subdirectory of SSSD's pubconf directory)" msgstr "" @@ -9126,7 +9414,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:486 sssd-ipa.5.xml:516 sssd-ipa.5.xml:532 sssd-ad.5.xml:452 +#: sssd-ipa.5.xml:486 sssd-ipa.5.xml:516 sssd-ipa.5.xml:532 sssd-ad.5.xml:471 msgid "Default: 5 (seconds)" msgstr "" @@ -10002,12 +10290,27 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:442 +#: sssd-ad.5.xml:441 +msgid "ad_gpo_ignore_unreadable (boolean)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:444 +msgid "" +"Normally when some group policy containers (AD object) of applicable group " +"policy objects are not readable by SSSD then users are denied access. This " +"option allows to ignore group policy containers and with them associated " +"policies if their attributes in group policy containers are not readable for " +"SSSD." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:461 msgid "ad_gpo_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:445 +#: sssd-ad.5.xml:464 msgid "" "The amount of time between lookups of GPO policy files against the AD " "server. This will reduce the latency and load on the AD server if there are " @@ -10015,12 +10318,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:458 +#: sssd-ad.5.xml:477 msgid "ad_gpo_map_interactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:461 +#: sssd-ad.5.xml:480 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the InteractiveLogonRight and " @@ -10028,14 +10331,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:467 +#: sssd-ad.5.xml:486 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on locally\" and \"Deny log on locally\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:481 +#: sssd-ad.5.xml:500 #, no-wrap msgid "" "ad_gpo_map_interactive = +my_pam_service, -login\n" @@ -10043,7 +10346,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:472 +#: sssd-ad.5.xml:491 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -10055,42 +10358,42 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:504 +#: sssd-ad.5.xml:523 msgid "gdm-fingerprint" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:524 +#: sssd-ad.5.xml:543 msgid "lightdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:529 +#: sssd-ad.5.xml:548 msgid "lxdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:534 +#: sssd-ad.5.xml:553 msgid "sddm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:539 +#: sssd-ad.5.xml:558 msgid "unity" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:544 +#: sssd-ad.5.xml:563 msgid "xdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:553 +#: sssd-ad.5.xml:572 msgid "ad_gpo_map_remote_interactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:556 +#: sssd-ad.5.xml:575 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the RemoteInteractiveLogonRight and " @@ -10098,7 +10401,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:562 +#: sssd-ad.5.xml:581 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on through Remote Desktop Services\" and \"Deny log on through Remote " @@ -10106,7 +10409,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:577 +#: sssd-ad.5.xml:596 #, no-wrap msgid "" "ad_gpo_map_remote_interactive = +my_pam_service, -sshd\n" @@ -10114,7 +10417,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:568 +#: sssd-ad.5.xml:587 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -10126,22 +10429,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:585 +#: sssd-ad.5.xml:604 msgid "sshd" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:590 +#: sssd-ad.5.xml:609 msgid "cockpit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:599 +#: sssd-ad.5.xml:618 msgid "ad_gpo_map_network (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:602 +#: sssd-ad.5.xml:621 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the NetworkLogonRight and " @@ -10149,7 +10452,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:608 +#: sssd-ad.5.xml:627 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Access " "this computer from the network\" and \"Deny access to this computer from the " @@ -10157,7 +10460,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:623 +#: sssd-ad.5.xml:642 #, no-wrap msgid "" "ad_gpo_map_network = +my_pam_service, -ftp\n" @@ -10165,7 +10468,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:614 +#: sssd-ad.5.xml:633 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -10177,22 +10480,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:631 +#: sssd-ad.5.xml:650 msgid "ftp" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:636 +#: sssd-ad.5.xml:655 msgid "samba" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:645 +#: sssd-ad.5.xml:664 msgid "ad_gpo_map_batch (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:648 +#: sssd-ad.5.xml:667 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the BatchLogonRight and DenyBatchLogonRight " @@ -10200,14 +10503,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:654 +#: sssd-ad.5.xml:673 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a batch job\" and \"Deny log on as a batch job\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:668 +#: sssd-ad.5.xml:687 #, no-wrap msgid "" "ad_gpo_map_batch = +my_pam_service, -crond\n" @@ -10215,7 +10518,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:659 +#: sssd-ad.5.xml:678 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -10227,23 +10530,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:671 +#: sssd-ad.5.xml:690 msgid "" "Note: Cron service name may differ depending on Linux distribution used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:677 +#: sssd-ad.5.xml:696 msgid "crond" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:686 +#: sssd-ad.5.xml:705 msgid "ad_gpo_map_service (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:689 +#: sssd-ad.5.xml:708 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the ServiceLogonRight and " @@ -10251,14 +10554,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:695 +#: sssd-ad.5.xml:714 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a service\" and \"Deny log on as a service\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:708 +#: sssd-ad.5.xml:727 #, no-wrap msgid "" "ad_gpo_map_service = +my_pam_service\n" @@ -10266,7 +10569,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:700 sssd-ad.5.xml:775 +#: sssd-ad.5.xml:719 sssd-ad.5.xml:794 msgid "" "It is possible to add a PAM service name to the default set by using <quote>" "+service_name</quote>. Since the default set is empty, it is not possible " @@ -10277,19 +10580,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:718 +#: sssd-ad.5.xml:737 msgid "ad_gpo_map_permit (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:721 +#: sssd-ad.5.xml:740 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always granted, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:735 +#: sssd-ad.5.xml:754 #, no-wrap msgid "" "ad_gpo_map_permit = +my_pam_service, -sudo\n" @@ -10297,7 +10600,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:726 +#: sssd-ad.5.xml:745 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -10309,29 +10612,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:743 +#: sssd-ad.5.xml:762 msgid "polkit-1" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:758 +#: sssd-ad.5.xml:777 msgid "systemd-user" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:767 +#: sssd-ad.5.xml:786 msgid "ad_gpo_map_deny (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:770 +#: sssd-ad.5.xml:789 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always denied, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:783 +#: sssd-ad.5.xml:802 #, no-wrap msgid "" "ad_gpo_map_deny = +my_pam_service\n" @@ -10339,12 +10642,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:793 +#: sssd-ad.5.xml:812 msgid "ad_gpo_default_right (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:796 +#: sssd-ad.5.xml:815 msgid "" "This option defines how access control is evaluated for PAM service names " "that are not explicitly listed in one of the ad_gpo_map_* options. This " @@ -10357,57 +10660,57 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:809 +#: sssd-ad.5.xml:828 msgid "Supported values for this option include:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:813 +#: sssd-ad.5.xml:832 msgid "interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:818 +#: sssd-ad.5.xml:837 msgid "remote_interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:823 +#: sssd-ad.5.xml:842 msgid "network" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:828 +#: sssd-ad.5.xml:847 msgid "batch" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:833 +#: sssd-ad.5.xml:852 msgid "service" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:838 +#: sssd-ad.5.xml:857 msgid "permit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:843 +#: sssd-ad.5.xml:862 msgid "deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:849 +#: sssd-ad.5.xml:868 msgid "Default: deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:855 +#: sssd-ad.5.xml:874 msgid "ad_maximum_machine_account_password_age (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:858 +#: sssd-ad.5.xml:877 msgid "" "SSSD will check once a day if the machine account password is older than the " "given age in days and try to renew it. A value of 0 will disable the renewal " @@ -10415,17 +10718,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:864 +#: sssd-ad.5.xml:883 msgid "Default: 30 days" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:870 +#: sssd-ad.5.xml:889 msgid "ad_machine_account_password_renewal_opts (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:873 +#: sssd-ad.5.xml:892 msgid "" "This option should only be used to test the machine account renewal task. " "The option expects 2 integers separated by a colon (':'). The first integer " @@ -10435,12 +10738,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:882 +#: sssd-ad.5.xml:901 msgid "Default: 86400:750 (24h and 15m)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:891 +#: sssd-ad.5.xml:910 msgid "" "Optional. This option tells SSSD to automatically update the Active " "Directory DNS server with the IP address of this client. The update is " @@ -10451,19 +10754,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:921 +#: sssd-ad.5.xml:940 msgid "Default: 3600 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:937 +#: sssd-ad.5.xml:956 msgid "" "Default: Use the IP addresses of the interface which is used for AD LDAP " "connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:950 +#: sssd-ad.5.xml:969 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -10473,12 +10776,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:973 sss_rpcidmapd.5.xml:76 +#: sssd-ad.5.xml:992 sss_rpcidmapd.5.xml:76 msgid "Default: True" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1080 +#: sssd-ad.5.xml:1099 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -10486,7 +10789,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1087 +#: sssd-ad.5.xml:1106 #, no-wrap msgid "" "[domain/EXAMPLE]\n" @@ -10501,7 +10804,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1107 +#: sssd-ad.5.xml:1126 #, no-wrap msgid "" "access_provider = ldap\n" @@ -10510,7 +10813,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1103 +#: sssd-ad.5.xml:1122 msgid "" "The AD access control provider checks if the account is expired. It has the " "same effect as the following configuration of the LDAP provider: " @@ -10518,7 +10821,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1113 +#: sssd-ad.5.xml:1132 msgid "" "However, unless the <quote>ad</quote> access control provider is explicitly " "configured, the default access provider is <quote>permit</quote>. Please " @@ -10528,7 +10831,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1121 +#: sssd-ad.5.xml:1140 msgid "" "When the autofs provider is set to <quote>ad</quote>, the RFC2307 schema " "attribute mapping (nisMap, nisObject, ...) is used, because these attributes " @@ -12012,23 +12315,61 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-krb5.5.xml:505 -msgid "krb5_use_enterprise_principal (boolean)" +msgid "krb5_kdcinfo_lookahead (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:508 msgid "" +"When krb5_use_kdcinfo is set to true, you can limit the amount of servers " +"handed to <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" +"refentrytitle> <manvolnum>8</manvolnum> </citerefentry>. This might be " +"helpful when there are too many servers discovered using SRV record." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:518 +msgid "" +"The krb5_kdcinfo_lookahead option contains two numbers seperated by a colon. " +"The first number represents number of primary servers used and the second " +"number specifies the number of backup servers." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:524 +msgid "" +"For example <emphasis>10:0</emphasis> means that up to 10 primary servers " +"will be handed to <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" +"refentrytitle> <manvolnum>8</manvolnum> </citerefentry>. but no backup " +"servers." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:533 +#, fuzzy +#| msgid "Default: 3" +msgid "Default: 3:1" +msgstr "Пешфарз: 3" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-krb5.5.xml:539 +msgid "krb5_use_enterprise_principal (boolean)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:542 +msgid "" "Specifies if the user principal should be treated as enterprise principal. " "See section 5 of RFC 6806 for more details about enterprise principals." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:514 +#: sssd-krb5.5.xml:548 msgid "Default: false (AD provider: true)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:517 +#: sssd-krb5.5.xml:551 msgid "" "The IPA provider will set to option to 'true' if it detects that the server " "is capable of handling enterprise principals and the option is not set " @@ -12036,12 +12377,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:526 +#: sssd-krb5.5.xml:560 msgid "krb5_map_user (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:529 +#: sssd-krb5.5.xml:563 msgid "" "The list of mappings is given as a comma-separated list of pairs " "<quote>username:primary</quote> where <quote>username</quote> is a UNIX user " @@ -12051,7 +12392,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-krb5.5.xml:541 +#: sssd-krb5.5.xml:575 #, no-wrap msgid "" "krb5_realm = REALM\n" @@ -12059,7 +12400,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:546 +#: sssd-krb5.5.xml:580 msgid "" "<quote>joe</quote> and <quote>dick</quote> are UNIX user names and " "<quote>juser</quote> and <quote>richard</quote> are primaries of kerberos " @@ -12079,7 +12420,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:572 +#: sssd-krb5.5.xml:606 msgid "" "The following example assumes that SSSD is correctly configured and FOO is " "one of the domains in the <replaceable>[sssd]</replaceable> section. This " @@ -12088,7 +12429,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-krb5.5.xml:580 +#: sssd-krb5.5.xml:614 #, no-wrap msgid "" "[domain/FOO]\n" @@ -16028,10 +16369,8 @@ msgstr "" #. type: Content of: <refsect1><refsect2><title> #: include/ad_modified_defaults.xml:80 -#, fuzzy -#| msgid "Configuration" msgid "NSS configuration" -msgstr "Ҷӯрсозӣ" +msgstr "" #. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> #: include/ad_modified_defaults.xml:84 diff --git a/src/man/po/uk.po b/src/man/po/uk.po index 8af4fd5d305..f3c0375a429 100644 --- a/src/man/po/uk.po +++ b/src/man/po/uk.po @@ -9,13 +9,14 @@ # Yuri Chornoivan <yurchor@ukr.net>, 2015. #zanata # Yuri Chornoivan <yurchor@ukr.net>, 2017. #zanata # Yuri Chornoivan <yurchor@ukr.net>, 2018. #zanata +# Yuri Chornoivan <yurchor@ukr.net>, 2019. #zanata msgid "" msgstr "" -"Project-Id-Version: sssd-docs 1.16.2\n" +"Project-Id-Version: sssd-docs 2.0.99\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2019-02-27 19:54+0100\n" -"PO-Revision-Date: 2018-06-09 12:25+0000\n" -"Last-Translator: Copied by Zanata <copied-by-zanata@zanata.org>\n" +"POT-Creation-Date: 2019-06-13 20:34+0200\n" +"PO-Revision-Date: 2019-06-03 03:59+0000\n" +"Last-Translator: Yuri Chornoivan <yurchor@ukr.net>\n" "Language-Team: Ukrainian (http://www.transifex.com/projects/p/sssd/language/" "uk/)\n" "Language: uk\n" @@ -359,11 +360,11 @@ msgstr "" "проігноровано." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:133 sssd.conf.5.xml:579 sssd.conf.5.xml:875 -#: sssd.conf.5.xml:1648 sssd.conf.5.xml:1678 sssd-ldap.5.xml:1792 -#: sssd-ldap.5.xml:1889 sssd-ldap.5.xml:1951 sssd-ldap.5.xml:2517 -#: sssd-ldap.5.xml:2582 sssd-ipa.5.xml:326 sssd-ad.5.xml:227 sssd-ad.5.xml:341 -#: sssd-ad.5.xml:907 sssd-ad.5.xml:1040 sssd-krb5.5.xml:499 +#: sssd.conf.5.xml:133 sssd.conf.5.xml:579 sssd.conf.5.xml:876 +#: sssd.conf.5.xml:1649 sssd.conf.5.xml:1679 sssd-ldap.5.xml:1849 +#: sssd-ldap.5.xml:1947 sssd-ldap.5.xml:2009 sssd-ldap.5.xml:2586 +#: sssd-ldap.5.xml:2651 sssd-ipa.5.xml:326 sssd-ad.5.xml:227 sssd-ad.5.xml:341 +#: sssd-ad.5.xml:926 sssd-ad.5.xml:1059 sssd-krb5.5.xml:499 #: sssd-secrets.5.xml:351 sssd-secrets.5.xml:364 msgid "Default: true" msgstr "Типове значення: true" @@ -385,16 +386,16 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:146 sssd.conf.5.xml:576 sssd.conf.5.xml:758 -#: sssd.conf.5.xml:1581 sssd.conf.5.xml:3140 sssd-ldap.5.xml:708 -#: sssd-ldap.5.xml:1655 sssd-ldap.5.xml:1674 sssd-ldap.5.xml:1861 -#: sssd-ldap.5.xml:2287 sssd-ldap.5.xml:2606 sssd-ipa.5.xml:151 +#: sssd.conf.5.xml:1582 sssd.conf.5.xml:3207 sssd-ldap.5.xml:746 +#: sssd-ldap.5.xml:1700 sssd-ldap.5.xml:1719 sssd-ldap.5.xml:1919 +#: sssd-ldap.5.xml:2345 sssd-ldap.5.xml:2675 sssd-ipa.5.xml:151 #: sssd-ipa.5.xml:238 sssd-ipa.5.xml:574 sssd-krb5.5.xml:266 #: sssd-krb5.5.xml:300 sssd-krb5.5.xml:471 msgid "Default: false" msgstr "Типове значення: false" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:2325 +#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:2383 #: sssd-systemtap.5.xml:82 sssd-systemtap.5.xml:143 sssd-systemtap.5.xml:210 #: sssd-systemtap.5.xml:248 sssd-systemtap.5.xml:304 msgid "<placeholder type=\"variablelist\" id=\"0\"/>" @@ -423,8 +424,8 @@ msgstr "" "самостійно." #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:169 sssd.conf.5.xml:1412 sssd.conf.5.xml:3156 -#: sssd-ldap.5.xml:1526 include/ldap_id_mapping.xml:264 +#: sssd.conf.5.xml:169 sssd.conf.5.xml:1413 sssd.conf.5.xml:3223 +#: sssd-ldap.5.xml:1571 include/ldap_id_mapping.xml:264 msgid "Default: 10" msgstr "Типове значення: 10" @@ -439,7 +440,7 @@ msgid "The [sssd] section" msgstr "Розділ [sssd]" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:191 sssd.conf.5.xml:3245 +#: sssd.conf.5.xml:191 sssd.conf.5.xml:3312 msgid "Section parameters" msgstr "Параметри розділу" @@ -541,7 +542,7 @@ msgstr "" "ASCII, дефісів, крапок та знаків підкреслювання." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:259 sssd.conf.5.xml:2754 +#: sssd.conf.5.xml:259 sssd.conf.5.xml:2755 msgid "re_expression (string)" msgstr "re_expression (рядок)" @@ -567,12 +568,12 @@ msgstr "" "ДОМЕНІВ." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:276 sssd.conf.5.xml:2802 +#: sssd.conf.5.xml:276 sssd.conf.5.xml:2803 msgid "full_name_format (string)" msgstr "full_name_format (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:279 sssd.conf.5.xml:2805 +#: sssd.conf.5.xml:279 sssd.conf.5.xml:2806 msgid "" "A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" "manvolnum> </citerefentry>-compatible format that describes how to compose a " @@ -584,32 +585,32 @@ msgstr "" "домену." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:290 sssd.conf.5.xml:2816 +#: sssd.conf.5.xml:290 sssd.conf.5.xml:2817 msgid "%1$s" msgstr "%1$s" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:291 sssd.conf.5.xml:2817 +#: sssd.conf.5.xml:291 sssd.conf.5.xml:2818 msgid "user name" msgstr "ім’я користувача" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:294 sssd.conf.5.xml:2820 +#: sssd.conf.5.xml:294 sssd.conf.5.xml:2821 msgid "%2$s" msgstr "%2$s" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:297 sssd.conf.5.xml:2823 +#: sssd.conf.5.xml:297 sssd.conf.5.xml:2824 msgid "domain name as specified in the SSSD config file." msgstr "назва домену у форматі, вказаному у файлі налаштувань SSSD." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:303 sssd.conf.5.xml:2829 +#: sssd.conf.5.xml:303 sssd.conf.5.xml:2830 msgid "%3$s" msgstr "%3$s" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:306 sssd.conf.5.xml:2832 +#: sssd.conf.5.xml:306 sssd.conf.5.xml:2833 msgid "" "domain flat name. Mostly usable for Active Directory domains, both directly " "configured or discovered via IPA trusts." @@ -618,7 +619,7 @@ msgstr "" "Directory, налаштованих та автоматично виявлених за зв’язками довіри IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:287 sssd.conf.5.xml:2813 +#: sssd.conf.5.xml:287 sssd.conf.5.xml:2814 msgid "" "The following expansions are supported: <placeholder type=\"variablelist\" " "id=\"0\"/>" @@ -785,10 +786,10 @@ msgstr "" "use_fully_qualified_names рівним False." #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:418 sssd.conf.5.xml:1201 sssd-ldap.5.xml:679 -#: sssd-ldap.5.xml:1260 sssd-ldap.5.xml:1614 sssd-ldap.5.xml:1626 -#: sssd-ldap.5.xml:1708 sssd-ad.5.xml:712 sssd-ad.5.xml:787 sssd.8.xml:126 -#: sssd-krb5.5.xml:410 sssd-krb5.5.xml:556 sssd-secrets.5.xml:339 +#: sssd.conf.5.xml:418 sssd.conf.5.xml:1202 sssd-ldap.5.xml:717 +#: sssd-ldap.5.xml:1298 sssd-ldap.5.xml:1659 sssd-ldap.5.xml:1671 +#: sssd-ldap.5.xml:1763 sssd-ad.5.xml:731 sssd-ad.5.xml:806 sssd.8.xml:126 +#: sssd-krb5.5.xml:410 sssd-krb5.5.xml:590 sssd-secrets.5.xml:339 #: sssd-secrets.5.xml:377 sssd-secrets.5.xml:390 sssd-secrets.5.xml:404 #: sssd-secrets.5.xml:415 include/ldap_id_mapping.xml:205 #: include/ldap_id_mapping.xml:216 @@ -886,15 +887,11 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:482 -#, fuzzy -#| msgid "" -#| "This option must be used together with " -#| "ocsp_default_responder_signing_cert." msgid "" "(NSS Version) This option must be used together with " "ocsp_default_responder_signing_cert." msgstr "" -"Цей параметр слід використовувати разом із параметром " +"(Версія з NSS) Цей параметр слід використовувати разом із параметром " "ocsp_default_responder_signing_cert." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> @@ -904,19 +901,14 @@ msgstr "ocsp_default_responder_signing_cert=НАЗВА" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:492 -#, fuzzy -#| msgid "" -#| "The nickname of the cert to trust (expected) to sign the OCSP responses. " -#| "The certificate with the given nickname must be available in the systems " -#| "NSS database." msgid "" "(NSS Version) The nickname of the cert to trust (expected) to sign the OCSP " "responses. The certificate with the given nickname must be available in the " "systems NSS database." msgstr "" -"Альтернативна назва сертифіката, якому слід довіряти (очікувано) для " -"підписування відповідей OCSP. Сертифікат із вказаною альтернативною назвою " -"має зберігатися у базі даних NSS системи." +"(Версія з NSS) Альтернативна назва сертифіката, якому слід довіряти " +"(очікувано) для підписування відповідей OCSP. Сертифікат із вказаною " +"альтернативною назвою має зберігатися у базі даних NSS системи." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:497 @@ -930,46 +922,40 @@ msgid "" "(OpenSSL version) This option is currently ignored. All needed certificates " "must be available in the PEM file given by pam_cert_db_path." msgstr "" +"(Версія з OpenSSL) У поточній версії програма ігнорує цей параметр. Усі " +"потрібні сертифікати мають бути у файлі PEM, який вказано параметром " +"pam_cert_db_path." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:507 msgid "crl_file=/PATH/TO/CRL/FILE" -msgstr "" +msgstr "crl_file=/ШЛЯХ/ДО/ФАЙЛА/CRL" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:509 -#, fuzzy -#| msgid "" -#| "<quote>ipa</quote> to load maps stored in an IPA server. See " -#| "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" -#| "manvolnum> </citerefentry> for more information on configuring IPA." msgid "" "(NSS Version) This option is ignored, please see <citerefentry> " "<refentrytitle>crlutil</refentrytitle> <manvolnum>1</manvolnum> </" "citerefentry> how to import a Certificate Revocation List (CRL) into a NSS " "database." msgstr "" -"<quote>ipa</quote> — завантажити карти, що зберігається на сервері IPA. " -"Докладніші відомості щодо налаштовування IPA викладено у довіднику з " -"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum></" -"manvolnum> </citerefentry>." +"(Версія з NSS) Цей параметр буде проігноровано, будь ласка, див. " +"<citerefentry> <refentrytitle>crlutil</refentrytitle> <manvolnum>1</" +"manvolnum> </citerefentry>, щоб дізнатися про те, як імпортувати список " +"відкликання сертифікатів (CRL) до бази даних NSS." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:518 -#, fuzzy -#| msgid "" -#| "can be used to control how the certificates are validated (see " -#| "<citerefentry><refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -#| "manvolnum></citerefentry> for details)." msgid "" "(OpenSSL Version) Use the Certificate Revocation List (CRL) from the given " "file during the verification of the certificate. The CRL must be given in " "PEM format, see <citerefentry> <refentrytitle>crl</refentrytitle> " "<manvolnum>1ssl</manvolnum> </citerefentry> for details." msgstr "" -"для керування способом встановлення чинності сертифікатів (докладніше див. " -"<citerefentry><refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum></citerefentry>)." +"(Версія з OpenSSL) Використовувати список відкликання сертифікатів (CRL) з " +"вказаного файла під час перевірки сертифіката. CRL має бути вказано у " +"форматі PEM, див. <citerefentry> <refentrytitle>crl</refentrytitle> " +"<manvolnum>1ssl</manvolnum> </citerefentry>, щоб дізнатися більше." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:451 @@ -983,12 +969,12 @@ msgstr "" "параметри: <placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:533 sssd.conf.5.xml:1397 sssd.conf.5.xml:1703 +#: sssd.conf.5.xml:533 sssd.conf.5.xml:1398 sssd.conf.5.xml:1704 msgid "This man page was generated for the NSS version." msgstr "Цю сторінку підручника було створено для версії NSS." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:536 sssd.conf.5.xml:1400 sssd.conf.5.xml:1706 +#: sssd.conf.5.xml:536 sssd.conf.5.xml:1401 sssd.conf.5.xml:1707 msgid "This man page was generated for the OpenSSL version." msgstr "Цю сторінку підручника було створено для версії OpenSSL." @@ -1102,7 +1088,7 @@ msgstr "" "різних доменах можуть бути однаковими." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:624 sssd.conf.5.xml:1424 sssd.conf.5.xml:3206 +#: sssd.conf.5.xml:624 sssd.conf.5.xml:1425 sssd.conf.5.xml:3273 #: sssd-ad.5.xml:164 sssd-ad.5.xml:302 sssd-ad.5.xml:316 msgid "Default: Not set" msgstr "Типове значення: не встановлено" @@ -1199,8 +1185,8 @@ msgstr "" "до 10 секунд." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:692 sssd.conf.5.xml:724 sssd.conf.5.xml:1006 -#: sssd.conf.5.xml:1267 sssd.conf.5.xml:1513 sssd-ldap.5.xml:1353 +#: sssd.conf.5.xml:692 sssd.conf.5.xml:724 sssd.conf.5.xml:1007 +#: sssd.conf.5.xml:1268 sssd.conf.5.xml:1514 sssd-ldap.5.xml:1391 msgid "Default: 60" msgstr "Типове значення: 60" @@ -1277,8 +1263,8 @@ msgstr "" "і якщо служби активуються за допомогою або сокетів або D-Bus." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:746 sssd.conf.5.xml:1019 sssd.conf.5.xml:1773 -#: sssd-ldap.5.xml:722 +#: sssd.conf.5.xml:746 sssd.conf.5.xml:1020 sssd.conf.5.xml:1774 +#: sssd-ldap.5.xml:760 msgid "Default: 300" msgstr "Типове значення: 300" @@ -1374,7 +1360,7 @@ msgstr "" "можливість." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:812 sssd.conf.5.xml:1602 +#: sssd.conf.5.xml:812 sssd.conf.5.xml:1603 msgid "Default: 50" msgstr "Типове значення: 50" @@ -1395,7 +1381,7 @@ msgstr "" "даних, зокрема неіснуючих) перед повторним запитом до сервера обробки." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:826 sssd.conf.5.xml:1626 +#: sssd.conf.5.xml:826 sssd.conf.5.xml:1627 msgid "Default: 15" msgstr "Типове значення: 15" @@ -1428,11 +1414,17 @@ msgstr "filter_users, filter_groups (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:848 +#, fuzzy +#| msgid "" +#| "Exclude certain users or groups from being fetched from the sss NSS " +#| "database. This is particularly useful for system accounts. This option " +#| "can also be set per-domain or include fully-qualified names to filter " +#| "only users from the particular domain." msgid "" "Exclude certain users or groups from being fetched from the sss NSS " "database. This is particularly useful for system accounts. This option can " "also be set per-domain or include fully-qualified names to filter only users " -"from the particular domain." +"from the particular domain or by a user principal name (UPN)." msgstr "" "Виключити певних користувачів або групи зі списку отримання даних з бази " "даних NSS sss. Таке виключення може бути корисним для облікових записів " @@ -1441,7 +1433,7 @@ msgstr "" "обмеження списку користувачами лише з певного домену." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:855 +#: sssd.conf.5.xml:856 msgid "" "NOTE: The filter_groups option doesn't affect inheritance of nested group " "members, since filtering happens after they are propagated for returning via " @@ -1455,17 +1447,17 @@ msgstr "" "відфільтрованої групи." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:863 +#: sssd.conf.5.xml:864 msgid "Default: root" msgstr "Типове значення: root" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:868 +#: sssd.conf.5.xml:869 msgid "filter_users_in_groups (bool)" msgstr "filter_users_in_groups (булеве значення)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:871 +#: sssd.conf.5.xml:872 msgid "" "If you want filtered user still be group members set this option to false." msgstr "" @@ -1473,12 +1465,12 @@ msgstr "" "встановіть для цього параметра значення «false»." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:882 +#: sssd.conf.5.xml:883 msgid "fallback_homedir (string)" msgstr "fallback_homedir (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:885 +#: sssd.conf.5.xml:886 msgid "" "Set a default template for a user's home directory if one is not specified " "explicitly by the domain's data provider." @@ -1487,7 +1479,7 @@ msgstr "" "каталог не вказано явним чином засобом надання даних домену." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:890 +#: sssd.conf.5.xml:891 msgid "" "The available values for this option are the same as for override_homedir." msgstr "" @@ -1495,7 +1487,7 @@ msgstr "" "для параметра override_homedir." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:896 +#: sssd.conf.5.xml:897 #, no-wrap msgid "" "fallback_homedir = /home/%u\n" @@ -1505,25 +1497,25 @@ msgstr "" " " #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:894 sssd.conf.5.xml:1334 sssd.conf.5.xml:1353 -#: sssd-krb5.5.xml:539 include/override_homedir.xml:59 +#: sssd.conf.5.xml:895 sssd.conf.5.xml:1335 sssd.conf.5.xml:1354 +#: sssd-krb5.5.xml:573 include/override_homedir.xml:59 msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "приклад: <placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:900 +#: sssd.conf.5.xml:901 msgid "Default: not set (no substitution for unset home directories)" msgstr "" "Типове значення: не встановлено (без замін для невстановлених домашніх " "каталогів)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:906 +#: sssd.conf.5.xml:907 msgid "override_shell (string)" msgstr "override_shell (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:909 +#: sssd.conf.5.xml:910 msgid "" "Override the login shell for all users. This option supersedes any other " "shell options if it takes effect and can be set either in the [nss] section " @@ -1535,19 +1527,19 @@ msgstr "" "або для кожного з доменів окремо." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:915 +#: sssd.conf.5.xml:916 msgid "Default: not set (SSSD will use the value retrieved from LDAP)" msgstr "" "Типове значення: не встановлено (SSSD використовуватиме значення, отримане " "від LDAP)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:921 +#: sssd.conf.5.xml:922 msgid "allowed_shells (string)" msgstr "allowed_shells (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:924 +#: sssd.conf.5.xml:925 msgid "" "Restrict user shell to one of the listed values. The order of evaluation is:" msgstr "" @@ -1555,13 +1547,13 @@ msgstr "" "визначення оболонки є таким:" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:927 +#: sssd.conf.5.xml:928 msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used." msgstr "" "1. Якщо оболонку вказано у <quote>/etc/shells</quote>, її буде використано." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:931 +#: sssd.conf.5.xml:932 msgid "" "2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</" "quote>, use the value of the shell_fallback parameter." @@ -1571,7 +1563,7 @@ msgstr "" "shell_fallback." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:936 +#: sssd.conf.5.xml:937 msgid "" "3. If the shell is not in the allowed_shells list and not in <quote>/etc/" "shells</quote>, a nologin shell is used." @@ -1580,14 +1572,14 @@ msgstr "" "<quote>/etc/shells</quote>, буде використано оболонку nologin." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:941 +#: sssd.conf.5.xml:942 msgid "The wildcard (*) can be used to allow any shell." msgstr "" "Для визначення будь-якої командної оболонки можна скористатися шаблоном " "заміни (*)." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:944 +#: sssd.conf.5.xml:945 msgid "" "The (*) is useful if you want to use shell_fallback in case that user's " "shell is not in <quote>/etc/shells</quote> and maintaining list of all " @@ -1599,12 +1591,12 @@ msgstr "" "справою." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:951 +#: sssd.conf.5.xml:952 msgid "An empty string for shell is passed as-is to libc." msgstr "Порожній рядок оболонки буде передано без обробки до libc." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:954 +#: sssd.conf.5.xml:955 msgid "" "The <quote>/etc/shells</quote> is only read on SSSD start up, which means " "that a restart of the SSSD is required in case a new shell is installed." @@ -1613,29 +1605,29 @@ msgstr "" "тобто у разі встановлення нової оболонки слід перезапустити SSSD." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:958 +#: sssd.conf.5.xml:959 msgid "Default: Not set. The user shell is automatically used." msgstr "" "Типове значення: не встановлено. Автоматично використовується оболонка " "користувача." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:963 +#: sssd.conf.5.xml:964 msgid "vetoed_shells (string)" msgstr "vetoed_shells (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:966 +#: sssd.conf.5.xml:967 msgid "Replace any instance of these shells with the shell_fallback" msgstr "Замінити всі записи цих оболонок на shell_fallback" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:971 +#: sssd.conf.5.xml:972 msgid "shell_fallback (string)" msgstr "shell_fallback (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:974 +#: sssd.conf.5.xml:975 msgid "" "The default shell to use if an allowed shell is not installed on the machine." msgstr "" @@ -1643,17 +1635,17 @@ msgstr "" "системі не встановлено." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:978 +#: sssd.conf.5.xml:979 msgid "Default: /bin/sh" msgstr "Типове значення: /bin/sh" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:983 +#: sssd.conf.5.xml:984 msgid "default_shell" msgstr "default_shell" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:986 +#: sssd.conf.5.xml:987 msgid "" "The default shell to use if the provider does not return one during lookup. " "This option can be specified globally in the [nss] section or per-domain." @@ -1663,7 +1655,7 @@ msgstr "" "або на загальному рівні у розділі [nss], або окремо для кожного з доменів." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:992 +#: sssd.conf.5.xml:993 msgid "" "Default: not set (Return NULL if no shell is specified and rely on libc to " "substitute something sensible when necessary, usually /bin/sh)" @@ -1673,12 +1665,12 @@ msgstr "" "зазвичай /bin/sh)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:999 sssd.conf.5.xml:1260 +#: sssd.conf.5.xml:1000 sssd.conf.5.xml:1261 msgid "get_domains_timeout (int)" msgstr "get_domains_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1002 sssd.conf.5.xml:1263 +#: sssd.conf.5.xml:1003 sssd.conf.5.xml:1264 msgid "" "Specifies time in seconds for which the list of subdomains will be " "considered valid." @@ -1687,12 +1679,12 @@ msgstr "" "чинним." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1011 +#: sssd.conf.5.xml:1012 msgid "memcache_timeout (int)" msgstr "memcache_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1014 +#: sssd.conf.5.xml:1015 msgid "" "Specifies time in seconds for which records in the in-memory cache will be " "valid. Setting this option to zero will disable the in-memory cache." @@ -1702,7 +1694,7 @@ msgstr "" "пам'яті." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1022 +#: sssd.conf.5.xml:1023 msgid "" "WARNING: Disabling the in-memory cache will have significant negative impact " "on SSSD's performance and should only be used for testing." @@ -1711,7 +1703,7 @@ msgstr "" "варто користуватися лише для тестування." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1028 +#: sssd.conf.5.xml:1029 msgid "" "NOTE: If the environment variable SSS_NSS_USE_MEMCACHE is set to \"NO\", " "client applications will not use the fast in-memory cache." @@ -1721,12 +1713,12 @@ msgstr "" "пам’яті." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1036 sssd-ifp.5.xml:74 +#: sssd.conf.5.xml:1037 sssd-ifp.5.xml:74 msgid "user_attributes (string)" msgstr "user_attributes (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1039 +#: sssd.conf.5.xml:1040 msgid "" "Some of the additional NSS responder requests can return more attributes " "than just the POSIX ones defined by the NSS interface. The list of " @@ -1743,7 +1735,7 @@ msgstr "" "manvolnum> </citerefentry>, щоб дізнатися більше), але без типових значень." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1052 +#: sssd.conf.5.xml:1053 msgid "" "To make configuration more easy the NSS responder will check the InfoPipe " "option if it is not set for the NSS responder." @@ -1752,19 +1744,19 @@ msgstr "" "на те, чи не встановлено його для відповідача NSS." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1057 +#: sssd.conf.5.xml:1058 msgid "Default: not set, fallback to InfoPipe option" msgstr "" "Типове значення: не встановлено, резервне значення визначається за " "параметром InfoPipe" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1062 +#: sssd.conf.5.xml:1063 msgid "pwfield (string)" msgstr "pwfield (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1065 +#: sssd.conf.5.xml:1066 msgid "" "The value that NSS operations that return users or groups will return for " "the <quote>password</quote> field." @@ -1773,13 +1765,13 @@ msgstr "" "груп, для поля <quote>password</quote>." #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:1070 include/override_homedir.xml:56 +#: sssd.conf.5.xml:1071 include/override_homedir.xml:56 msgid "This option can also be set per-domain." msgstr "" "Значення цього параметра можна встановлювати для кожного з доменів окремо." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1073 +#: sssd.conf.5.xml:1074 msgid "" "Default: <quote>*</quote> (remote domains) or <quote>x</quote> (the files " "domain)" @@ -1788,12 +1780,12 @@ msgstr "" "(файловий домен)" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1081 +#: sssd.conf.5.xml:1082 msgid "PAM configuration options" msgstr "Параметри налаштування PAM" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1083 +#: sssd.conf.5.xml:1084 msgid "" "These options can be used to configure the Pluggable Authentication Module " "(PAM) service." @@ -1802,12 +1794,12 @@ msgstr "" "Authentication Module (PAM або блокового модуля розпізнавання)." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1088 +#: sssd.conf.5.xml:1089 msgid "offline_credentials_expiration (integer)" msgstr "offline_credentials_expiration (ціле число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1091 +#: sssd.conf.5.xml:1092 msgid "" "If the authentication provider is offline, how long should we allow cached " "logins (in days since the last successful online login)." @@ -1817,17 +1809,17 @@ msgstr "" "входу до системи)." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1096 sssd.conf.5.xml:1109 +#: sssd.conf.5.xml:1097 sssd.conf.5.xml:1110 msgid "Default: 0 (No limit)" msgstr "Типове значення: 0 (без обмежень)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1102 +#: sssd.conf.5.xml:1103 msgid "offline_failed_login_attempts (integer)" msgstr "offline_failed_login_attempts (ціле число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1105 +#: sssd.conf.5.xml:1106 msgid "" "If the authentication provider is offline, how many failed login attempts " "are allowed." @@ -1836,12 +1828,12 @@ msgstr "" "дозволену кількість спроб входу з визначенням помилкового пароля." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1115 +#: sssd.conf.5.xml:1116 msgid "offline_failed_login_delay (integer)" msgstr "offline_failed_login_delay (ціле число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1118 +#: sssd.conf.5.xml:1119 msgid "" "The time in minutes which has to pass after offline_failed_login_attempts " "has been reached before a new login attempt is possible." @@ -1851,7 +1843,7 @@ msgstr "" "системи." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1123 +#: sssd.conf.5.xml:1124 msgid "" "If set to 0 the user cannot authenticate offline if " "offline_failed_login_attempts has been reached. Only a successful online " @@ -1863,17 +1855,17 @@ msgstr "" "увімкнути можливість автономного розпізнавання." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1129 sssd.conf.5.xml:1227 +#: sssd.conf.5.xml:1130 sssd.conf.5.xml:1228 msgid "Default: 5" msgstr "Типове значення: 5" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1135 +#: sssd.conf.5.xml:1136 msgid "pam_verbosity (integer)" msgstr "pam_verbosity (ціле число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1138 +#: sssd.conf.5.xml:1139 msgid "" "Controls what kind of messages are shown to the user during authentication. " "The higher the number to more messages are displayed." @@ -1882,43 +1874,43 @@ msgstr "" "розпізнавання. Чим більшим є значення, тим більше повідомлень буде показано." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1143 +#: sssd.conf.5.xml:1144 msgid "Currently sssd supports the following values:" msgstr "У поточній версії sssd передбачено підтримку таких значень:" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1146 +#: sssd.conf.5.xml:1147 msgid "<emphasis>0</emphasis>: do not show any message" msgstr "<emphasis>0</emphasis>: не показувати жодних повідомлень" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1149 +#: sssd.conf.5.xml:1150 msgid "<emphasis>1</emphasis>: show only important messages" msgstr "<emphasis>1</emphasis>: показувати лише важливі повідомлення" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1153 +#: sssd.conf.5.xml:1154 msgid "<emphasis>2</emphasis>: show informational messages" msgstr "<emphasis>2</emphasis>: показувати всі інформаційні повідомлення" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1156 +#: sssd.conf.5.xml:1157 msgid "<emphasis>3</emphasis>: show all messages and debug information" msgstr "" "<emphasis>3</emphasis>: показувати всі повідомлення та діагностичні дані" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1160 sssd.8.xml:63 +#: sssd.conf.5.xml:1161 sssd.8.xml:63 msgid "Default: 1" msgstr "Типове значення: 1" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1166 +#: sssd.conf.5.xml:1167 msgid "pam_response_filter (integer)" msgstr "pam_response_filter (ціле число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1169 +#: sssd.conf.5.xml:1170 msgid "" "A comma separated list of strings which allows to remove (filter) data sent " "by the PAM responder to pam_sss PAM module. There are different kind of " @@ -1932,7 +1924,7 @@ msgstr "" "встановлювати за допомогою pam_sss." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1177 +#: sssd.conf.5.xml:1178 msgid "" "While messages already can be controlled with the help of the pam_verbosity " "option this option allows to filter out other kind of responses as well." @@ -1942,37 +1934,37 @@ msgstr "" "повідомлень." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1184 +#: sssd.conf.5.xml:1185 msgid "ENV" msgstr "ENV" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1185 +#: sssd.conf.5.xml:1186 msgid "Do not send any environment variables to any service." msgstr "Не надсилати жодних змінних середовища до жодної служби." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1188 +#: sssd.conf.5.xml:1189 msgid "ENV:var_name" msgstr "ENV:назва_змінної" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1189 +#: sssd.conf.5.xml:1190 msgid "Do not send environment variable var_name to any service." msgstr "Не надсилати змінної середовища назва_змінної до жодної служби." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1193 +#: sssd.conf.5.xml:1194 msgid "ENV:var_name:service" msgstr "ENV:назва_змінної:служба" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1194 +#: sssd.conf.5.xml:1195 msgid "Do not send environment variable var_name to service." msgstr "Не надсилати змінної середовища назва_змінної до вказаної служби." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1182 +#: sssd.conf.5.xml:1183 msgid "" "Currently the following filters are supported: <placeholder type=" "\"variablelist\" id=\"0\"/>" @@ -1981,17 +1973,17 @@ msgstr "" "\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1204 +#: sssd.conf.5.xml:1205 msgid "Example: ENV:KRB5CCNAME:sudo-i" msgstr "Приклад: ENV:KRB5CCNAME:sudo-i" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1210 +#: sssd.conf.5.xml:1211 msgid "pam_id_timeout (integer)" msgstr "pam_id_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1213 +#: sssd.conf.5.xml:1214 msgid "" "For any PAM request while SSSD is online, the SSSD will attempt to " "immediately update the cached identity information for the user in order to " @@ -2002,7 +1994,7 @@ msgstr "" "що розпізнавання виконується на основі найсвіжіших даних." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1219 +#: sssd.conf.5.xml:1220 msgid "" "A complete PAM conversation may perform multiple PAM requests, such as " "account management and session opening. This option controls (on a per-" @@ -2016,18 +2008,18 @@ msgstr "" "надання даних профілів." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1233 +#: sssd.conf.5.xml:1234 msgid "pam_pwd_expiration_warning (integer)" msgstr "pam_pwd_expiration_warning (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1236 sssd.conf.5.xml:2235 +#: sssd.conf.5.xml:1237 sssd.conf.5.xml:2236 msgid "Display a warning N days before the password expires." msgstr "" "Показати попередження за вказану кількість днів перед завершенням дії пароля." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1239 +#: sssd.conf.5.xml:1240 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -2038,7 +2030,7 @@ msgstr "" "попередження." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1245 sssd.conf.5.xml:2238 +#: sssd.conf.5.xml:1246 sssd.conf.5.xml:2239 msgid "" "If zero is set, then this filter is not applied, i.e. if the expiration " "warning was received from backend server, it will automatically be displayed." @@ -2048,7 +2040,7 @@ msgstr "" "буде автоматично показано." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1250 +#: sssd.conf.5.xml:1251 msgid "" "This setting can be overridden by setting <emphasis>pwd_expiration_warning</" "emphasis> for a particular domain." @@ -2057,17 +2049,17 @@ msgstr "" "<emphasis>pwd_expiration_warning</emphasis> для окремого домену." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1255 sssd.conf.5.xml:3061 sssd.8.xml:79 +#: sssd.conf.5.xml:1256 sssd.conf.5.xml:3069 sssd.8.xml:79 msgid "Default: 0" msgstr "Типове значення: 0" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1272 +#: sssd.conf.5.xml:1273 msgid "pam_trusted_users (string)" msgstr "pam_trusted_users (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1275 +#: sssd.conf.5.xml:1276 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to run PAM conversations against trusted domains. Users not " @@ -2083,13 +2075,13 @@ msgstr "" "під час запуску системи." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1285 +#: sssd.conf.5.xml:1286 msgid "Default: All users are considered trusted by default" msgstr "" "Типове значення: типово усі користувачі вважаються надійними (довіреними)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1289 +#: sssd.conf.5.xml:1290 msgid "" "Please note that UID 0 is always allowed to access the PAM responder even in " "case it is not in the pam_trusted_users list." @@ -2098,12 +2090,12 @@ msgstr "" "відповідача PAM, навіть якщо користувача немає у списку pam_trusted_users." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1296 +#: sssd.conf.5.xml:1297 msgid "pam_public_domains (string)" msgstr "pam_public_domains (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1299 +#: sssd.conf.5.xml:1300 msgid "" "Specifies the comma-separated list of domain names that are accessible even " "to untrusted users." @@ -2112,12 +2104,12 @@ msgstr "" "отримувати навіть ненадійні користувачі." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1303 +#: sssd.conf.5.xml:1304 msgid "Two special values for pam_public_domains option are defined:" msgstr "Визначено два спеціальних значення параметра pam_public_domains:" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1307 +#: sssd.conf.5.xml:1308 msgid "" "all (Untrusted users are allowed to access all domains in PAM responder.)" msgstr "" @@ -2125,7 +2117,7 @@ msgstr "" "PAM.)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1311 +#: sssd.conf.5.xml:1312 msgid "" "none (Untrusted users are not allowed to access any domains PAM in " "responder.)" @@ -2134,19 +2126,19 @@ msgstr "" "відповідачі.)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1315 sssd.conf.5.xml:1340 sssd.conf.5.xml:1359 -#: sssd.conf.5.xml:1546 sssd.conf.5.xml:2032 sssd.conf.5.xml:2997 -#: sssd-ldap.5.xml:1920 +#: sssd.conf.5.xml:1316 sssd.conf.5.xml:1341 sssd.conf.5.xml:1360 +#: sssd.conf.5.xml:1547 sssd.conf.5.xml:2033 sssd.conf.5.xml:2998 +#: sssd-ldap.5.xml:1978 msgid "Default: none" msgstr "Типове значення: none" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1320 +#: sssd.conf.5.xml:1321 msgid "pam_account_expired_message (string)" msgstr "pam_account_expired_message (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1323 +#: sssd.conf.5.xml:1324 msgid "" "Allows a custom expiration message to be set, replacing the default " "'Permission denied' message." @@ -2155,7 +2147,7 @@ msgstr "" "замінити типове повідомлення «Доступ заборонено» («Permission denied»)." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1328 +#: sssd.conf.5.xml:1329 msgid "" "Note: Please be aware that message is only printed for the SSH service " "unless pam_verbosity is set to 3 (show all messages and debug information)." @@ -2165,7 +2157,7 @@ msgstr "" "(показувати усі повідомлення і діагностичні дані)." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1336 +#: sssd.conf.5.xml:1337 #, no-wrap msgid "" "pam_account_expired_message = Account expired, please contact help desk.\n" @@ -2175,12 +2167,12 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1345 +#: sssd.conf.5.xml:1346 msgid "pam_account_locked_message (string)" msgstr "pam_account_locked_message (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1348 +#: sssd.conf.5.xml:1349 msgid "" "Allows a custom lockout message to be set, replacing the default 'Permission " "denied' message." @@ -2189,7 +2181,7 @@ msgstr "" "типове повідомлення «Доступ заборонено» («Permission denied»)." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1355 +#: sssd.conf.5.xml:1356 #, no-wrap msgid "" "pam_account_locked_message = Account locked, please contact help desk.\n" @@ -2199,12 +2191,12 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1364 +#: sssd.conf.5.xml:1365 msgid "pam_cert_auth (bool)" msgstr "pam_cert_auth (булеве значення)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1367 +#: sssd.conf.5.xml:1368 msgid "" "Enable certificate based Smartcard authentication. Since this requires " "additional communication with the Smartcard which will delay the " @@ -2215,19 +2207,19 @@ msgstr "" "розпізнавання, типово таку сертифікацію вимкнено." #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1373 sssd.conf.5.xml:3090 sssd-ldap.5.xml:1455 -#: sssd-ldap.5.xml:1476 sssd-ldap.5.xml:1993 sssd-ad.5.xml:435 +#: sssd.conf.5.xml:1374 sssd-ldap.5.xml:1493 sssd-ldap.5.xml:1514 +#: sssd-ldap.5.xml:2051 sssd-ad.5.xml:435 sssd-ad.5.xml:453 #: include/ldap_id_mapping.xml:244 msgid "Default: False" msgstr "Типове значення: False" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1378 +#: sssd.conf.5.xml:1379 msgid "pam_cert_db_path (string)" msgstr "pam_cert_db_path (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1381 +#: sssd.conf.5.xml:1382 msgid "" "The path to the certificate database which contain the PKCS#11 modules to " "access the Smartcard." @@ -2236,17 +2228,17 @@ msgstr "" "смарткартки." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1385 sssd.conf.5.xml:1691 sssd.conf.5.xml:3441 +#: sssd.conf.5.xml:1386 sssd.conf.5.xml:1692 sssd.conf.5.xml:3509 msgid "Default:" msgstr "Типове значення:" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1387 sssd.conf.5.xml:1693 +#: sssd.conf.5.xml:1388 sssd.conf.5.xml:1694 msgid "/etc/pki/nssdb (NSS version, path to a NSS database)" msgstr "/etc/pki/nssdb (версія NSS, шлях до бази даних NSS)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1390 sssd.conf.5.xml:1696 +#: sssd.conf.5.xml:1391 sssd.conf.5.xml:1697 msgid "" "/etc/sssd/pki/sssd_auth_ca_db.pem (OpenSSL version, path to a file with " "trusted CA certificates in PEM format)" @@ -2255,24 +2247,24 @@ msgstr "" "довіреними сертифікатами служб сертифікації у форматі PEM)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1405 +#: sssd.conf.5.xml:1406 msgid "p11_child_timeout (integer)" msgstr "p11_child_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1408 +#: sssd.conf.5.xml:1409 msgid "How many seconds will pam_sss wait for p11_child to finish." msgstr "" "Час у секундах, протягом якого pam_sss очікуватиме на завершення роботи " "p11_child." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1417 +#: sssd.conf.5.xml:1418 msgid "pam_app_services (string)" msgstr "pam_app_services (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1420 +#: sssd.conf.5.xml:1421 msgid "" "Which PAM services are permitted to contact domains of type " "<quote>application</quote>" @@ -2281,49 +2273,31 @@ msgstr "" "типу <quote>application</quote>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1429 -#, fuzzy -#| msgid "max_payload_size (integer)" +#: sssd.conf.5.xml:1430 msgid "pam_p11_allowed_services (integer)" -msgstr "max_payload_size (ціле значення)" +msgstr "pam_p11_allowed_services (ціле число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1432 -#, fuzzy -#| msgid "" -#| "A comma-separated list of PAM service names for which GPO-based access is " -#| "always denied, regardless of any GPO Logon Rights." +#: sssd.conf.5.xml:1433 msgid "" "A comma-separated list of PAM service names for which it will be allowed to " "use Smartcards." msgstr "" -"Список назв служб PAM, відокремлених комами, яким завжди заборонено доступ " -"на основі GPO, незалежно від будь-яких прав входу GPO." +"Список назв служб PAM, відокремлених комами, для яких буде дозволено " +"використання смарткарток." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1447 -#, fuzzy, no-wrap -#| msgid "" -#| "ad_gpo_map_interactive = +my_pam_service, -login\n" -#| " " +#: sssd.conf.5.xml:1448 +#, no-wrap msgid "" "pam_p11_allowed_services = +my_pam_service, -login\n" " " msgstr "" -"ad_gpo_map_interactive = +my_pam_service, -login\n" +"pam_p11_allowed_services = +my_pam_service, -login\n" " " #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1436 -#, fuzzy -#| msgid "" -#| "It is possible to add another PAM service name to the default set by " -#| "using <quote>+service_name</quote> or to explicitly remove a PAM service " -#| "name from the default set by using <quote>-service_name</quote>. For " -#| "example, in order to replace a default PAM service name for this logon " -#| "right (e.g. <quote>login</quote>) with a custom pam service name (e.g. " -#| "<quote>my_pam_service</quote>), you would use the following " -#| "configuration: <placeholder type=\"programlisting\" id=\"0\"/>" +#: sssd.conf.5.xml:1437 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -2336,128 +2310,152 @@ msgstr "" "Можна додати іншу назву служби PAM до типового набору за допомогою " "конструкції «+назва_служби» або явним чином вилучити назву служби PAM з " "типового набору за допомогою конструкції «-назва_служби». Наприклад, щоб " -"замінити типову назву служби PAM для цього входу (наприклад, «login») з " -"нетиповою назвою служби pam (наприклад, «my_pam_service»), вам слід " -"скористатися такими налаштуваннями: <placeholder type=\"programlisting\" id=" -"\"0\"/>" +"замінити типову назву служби PAM для розпізнавання за смарткарткою " +"(наприклад, «login») з нетиповою назвою служби PAM (наприклад, " +"«my_pam_service»), вам слід скористатися такими налаштуваннями: <placeholder " +"type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1451 sssd-ad.5.xml:485 sssd-ad.5.xml:581 sssd-ad.5.xml:627 -#: sssd-ad.5.xml:673 sssd-ad.5.xml:739 +#: sssd.conf.5.xml:1452 sssd-ad.5.xml:504 sssd-ad.5.xml:600 sssd-ad.5.xml:646 +#: sssd-ad.5.xml:692 sssd-ad.5.xml:758 msgid "Default: the default set of PAM service names includes:" msgstr "" "Типове значення: типовий набір назв служб PAM складається з таких значень:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1456 sssd-ad.5.xml:489 +#: sssd.conf.5.xml:1457 sssd-ad.5.xml:508 msgid "login" msgstr "login" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1461 sssd-ad.5.xml:494 +#: sssd.conf.5.xml:1462 sssd-ad.5.xml:513 msgid "su" msgstr "su" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1466 sssd-ad.5.xml:499 +#: sssd.conf.5.xml:1467 sssd-ad.5.xml:518 msgid "su-l" msgstr "su-l" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1471 sssd-ad.5.xml:514 +#: sssd.conf.5.xml:1472 sssd-ad.5.xml:533 msgid "gdm-smartcard" msgstr "gdm-smartcard" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1476 sssd-ad.5.xml:509 +#: sssd.conf.5.xml:1477 sssd-ad.5.xml:528 msgid "gdm-password" msgstr "gdm-password" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1481 sssd-ad.5.xml:519 +#: sssd.conf.5.xml:1482 sssd-ad.5.xml:538 msgid "kdm" msgstr "kdm" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1486 sssd-ad.5.xml:748 +#: sssd.conf.5.xml:1487 sssd-ad.5.xml:767 msgid "sudo" msgstr "sudo" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1491 sssd-ad.5.xml:753 +#: sssd.conf.5.xml:1492 sssd-ad.5.xml:772 msgid "sudo-i" msgstr "sudo-i" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1496 +#: sssd.conf.5.xml:1497 msgid "gnome-screensaver" -msgstr "" +msgstr "gnome-screensaver" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1504 -#, fuzzy -#| msgid "p11_child_timeout (integer)" +#: sssd.conf.5.xml:1505 msgid "p11_wait_for_card_timeout (integer)" -msgstr "p11_child_timeout (ціле число)" +msgstr "p11_wait_for_card_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1507 +#: sssd.conf.5.xml:1508 msgid "" "If Smartcard authentication is required how many extra seconds in addition " "to p11_child_timeout should the PAM responder wait until a Smartcard is " "inserted." msgstr "" +"Якщо обов'язковим є розпізнавання за смарткарткою, кількість додаткових " +"секунд, які буде додано до p11_child_timeout, протягом яких відповідача PAM " +"має чекати на вставлення смарткартки." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1518 -#, fuzzy -#| msgid "proxy_url (string)" +#: sssd.conf.5.xml:1519 msgid "p11_uri (string)" -msgstr "proxy_url (рядок)" +msgstr "p11_uri (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1521 +#: sssd.conf.5.xml:1522 +#, fuzzy +#| msgid "" +#| "PKCS#11 URI (see RFC-7512 for details) which can be used to restrict the " +#| "selection of devices used for Smartcard authentication. By default SSSD's " +#| "p11_child will search for a PKCS#11 slot (reader) where the 'removable' " +#| "flags is set and read the certificates from the inserted token from the " +#| "first slot found. If multiple readers are connected p11_uri can be use to " +#| "tell p11_child to use a specific reader." msgid "" "PKCS#11 URI (see RFC-7512 for details) which can be used to restrict the " "selection of devices used for Smartcard authentication. By default SSSD's " "p11_child will search for a PKCS#11 slot (reader) where the 'removable' " "flags is set and read the certificates from the inserted token from the " -"first slot found. If multiple readers are connected p11_uri can be use to " +"first slot found. If multiple readers are connected p11_uri can be used to " "tell p11_child to use a specific reader." msgstr "" +"Адреса PKCS#11 (докладніший опис можна знайти у RFC-7512), якою можна " +"скористатися для обмеження переліку пристроїв, які використовуються для " +"розпізнавання за допомогою смарткартки. Типово, p11_child зі складу SSSD " +"виконуватиме пошук слоту PKCS#11 (зчитувача), для якого встановлено прапорці " +"«removable» («портативний») і читатиме сертифікати із першого знайденого " +"слоту вставленого ключа. Якщо з комп'ютером буде з'єднано декілька " +"зчитувачів, можна скористатися p11_uri для повідомлення p11_child про те, що " +"слід використовувати вказаний зчитувач." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1534 +#: sssd.conf.5.xml:1535 #, no-wrap msgid "" "p11_uri = slot-description=My%20Smartcar%20Reader\n" " " msgstr "" +"p11_uri = slot-description=My%20Smartcar%20Reader\n" +" " #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1538 +#: sssd.conf.5.xml:1539 #, no-wrap msgid "" "p11_uri = library-description=OpenSC%20smartcard%20framework;slot-id=2\n" " " msgstr "" +"p11_uri = library-description=OpenSC%20smartcard%20framework;slot-id=2\n" +" " #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1532 +#: sssd.conf.5.xml:1533 msgid "" "Example: <placeholder type=\"programlisting\" id=\"0\"/> or <placeholder " "type=\"programlisting\" id=\"1\"/> To find suitable URI please check the " "debug output of p11_child. As an alternative the GnuTLS utility 'p11tool' " "with e.g. the '--list-all' will show PKCS#11 URIs as well." msgstr "" +"Приклади: <placeholder type=\"programlisting\" id=\"0\"/> або <placeholder " +"type=\"programlisting\" id=\"1\"/> Для визначення відповідної адреси, " +"ознайомтеся із файлом діагностичних даних p11_child. Крім того, можна " +"скористатися програмою GnuTLS p11tool, наприклад, із параметром --list-all, " +"який покаже і адреси PKCS#11." #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1554 +#: sssd.conf.5.xml:1555 msgid "SUDO configuration options" msgstr "Параметри налаштування SUDO" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1556 +#: sssd.conf.5.xml:1557 msgid "" "These options can be used to configure the sudo service. The detailed " "instructions for configuration of <citerefentry> <refentrytitle>sudo</" @@ -2475,12 +2473,12 @@ msgstr "" "citerefentry>." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1573 +#: sssd.conf.5.xml:1574 msgid "sudo_timed (bool)" msgstr "sudo_timed (булеве значення)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1576 +#: sssd.conf.5.xml:1577 msgid "" "Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " "that implement time-dependent sudoers entries." @@ -2489,12 +2487,12 @@ msgstr "" "призначені для визначення часових обмежень для записів sudoers." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1588 +#: sssd.conf.5.xml:1589 msgid "sudo_threshold (integer)" msgstr "sudo_threshold (ціле число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1591 +#: sssd.conf.5.xml:1592 msgid "" "Maximum number of expired rules that can be refreshed at once. If number of " "expired rules is below threshold, those rules are refreshed with " @@ -2510,22 +2508,22 @@ msgstr "" "sudo IPA та групових пошуків команд." #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1610 +#: sssd.conf.5.xml:1611 msgid "AUTOFS configuration options" msgstr "Параметри налаштування AUTOFS" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1612 +#: sssd.conf.5.xml:1613 msgid "These options can be used to configure the autofs service." msgstr "Цими параметрами можна скористатися для налаштування служби autofs." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1616 +#: sssd.conf.5.xml:1617 msgid "autofs_negative_timeout (integer)" msgstr "autofs_negative_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1619 +#: sssd.conf.5.xml:1620 msgid "" "Specifies for how many seconds should the autofs responder negative cache " "hits (that is, queries for invalid map entries, like nonexistent ones) " @@ -2536,22 +2534,22 @@ msgstr "" "базі даних, зокрема неіснуючих) перед повторним запитом до сервера обробки." #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1635 +#: sssd.conf.5.xml:1636 msgid "SSH configuration options" msgstr "Параметри налаштувань SSH" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1637 +#: sssd.conf.5.xml:1638 msgid "These options can be used to configure the SSH service." msgstr "Цими параметрами можна скористатися для налаштування служби SSH." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1641 +#: sssd.conf.5.xml:1642 msgid "ssh_hash_known_hosts (bool)" msgstr "ssh_hash_known_hosts (булеве значення)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1644 +#: sssd.conf.5.xml:1645 msgid "" "Whether or not to hash host names and addresses in the managed known_hosts " "file." @@ -2559,12 +2557,12 @@ msgstr "" "Чи слід хешувати назви та адреси вузлів у керованому файлі known_hosts." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1653 +#: sssd.conf.5.xml:1654 msgid "ssh_known_hosts_timeout (integer)" msgstr "ssh_known_hosts_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1656 +#: sssd.conf.5.xml:1657 msgid "" "How many seconds to keep a host in the managed known_hosts file after its " "host keys were requested." @@ -2573,17 +2571,17 @@ msgstr "" "файлі known_hosts після надсилання запиту щодо ключів вузла." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1660 +#: sssd.conf.5.xml:1661 msgid "Default: 180" msgstr "Типове значення: 180" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1665 +#: sssd.conf.5.xml:1666 msgid "ssh_use_certificate_keys (bool)" msgstr "ssh_use_certificate_keys (булеве значення)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1668 +#: sssd.conf.5.xml:1669 msgid "" "If set to true the <command>sss_ssh_authorizedkeys</command> will return ssh " "keys derived from the public key of X.509 certificates stored in the user " @@ -2597,12 +2595,12 @@ msgstr "" "refentrytitle> <manvolnum>1</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1683 +#: sssd.conf.5.xml:1684 msgid "ca_db (string)" msgstr "ca_db (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1686 +#: sssd.conf.5.xml:1687 msgid "" "Path to a storage of trusted CA certificates. The option is used to validate " "user certificates before deriving public ssh keys from them." @@ -2611,12 +2609,12 @@ msgstr "" "перевірки сертифікатів користувачів до отримання з них відкритих ключів ssh." #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1714 +#: sssd.conf.5.xml:1715 msgid "PAC responder configuration options" msgstr "Параметри налаштування відповідача PAC" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1716 +#: sssd.conf.5.xml:1717 msgid "" "The PAC responder works together with the authorization data plugin for MIT " "Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the " @@ -2634,7 +2632,7 @@ msgstr "" "декодовано і визначено, виконуються деякі з таких дій:" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1725 +#: sssd.conf.5.xml:1726 msgid "" "If the remote user does not exist in the cache, it is created. The UID is " "determined with the help of the SID, trusted domains will have UPGs and the " @@ -2652,7 +2650,7 @@ msgstr "" "параметра default_shell." #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1733 +#: sssd.conf.5.xml:1734 msgid "" "If there are SIDs of groups from domains sssd knows about, the user will be " "added to those groups." @@ -2661,18 +2659,18 @@ msgstr "" "додано до цих груп." #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1739 +#: sssd.conf.5.xml:1740 msgid "These options can be used to configure the PAC responder." msgstr "" "Цими параметрами можна скористатися для налаштовування відповідача PAC." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1743 sssd-ifp.5.xml:50 +#: sssd.conf.5.xml:1744 sssd-ifp.5.xml:50 msgid "allowed_uids (string)" msgstr "allowed_uids (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1746 +#: sssd.conf.5.xml:1747 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to access the PAC responder. User names are resolved to UIDs at " @@ -2683,14 +2681,14 @@ msgstr "" "іменами користувачів визначатимуться під час запуску." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1752 +#: sssd.conf.5.xml:1753 msgid "Default: 0 (only the root user is allowed to access the PAC responder)" msgstr "" "Типове значення: 0 (доступ до відповідача PAC має лише адміністративний " "користувач (root))" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1756 +#: sssd.conf.5.xml:1757 msgid "" "Please note that although the UID 0 is used as the default it will be " "overwritten with this option. If you still want to allow the root user to " @@ -2704,12 +2702,12 @@ msgstr "" "запис 0." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1765 +#: sssd.conf.5.xml:1766 msgid "pac_lifetime (integer)" msgstr "pac_lifetime (ціле число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1768 +#: sssd.conf.5.xml:1769 msgid "" "Lifetime of the PAC entry in seconds. As long as the PAC is valid the PAC " "data can be used to determine the group memberships of a user." @@ -2718,12 +2716,12 @@ msgstr "" "використовувати для визначення членства користувача у групі." #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1781 +#: sssd.conf.5.xml:1782 msgid "Session recording configuration options" msgstr "Параметри налаштовування запису сеансів" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1783 +#: sssd.conf.5.xml:1784 msgid "" "Session recording works in conjunction with <citerefentry> " "<refentrytitle>tlog-rec-session</refentrytitle> <manvolnum>8</manvolnum> </" @@ -2738,32 +2736,32 @@ msgstr "" "session-recording</refentrytitle> <manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1796 +#: sssd.conf.5.xml:1797 msgid "These options can be used to configure session recording." msgstr "Цими параметрами можна скористатися для налаштовування запису сеансів." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1800 sssd-session-recording.5.xml:64 +#: sssd.conf.5.xml:1801 sssd-session-recording.5.xml:64 msgid "scope (string)" msgstr "scope (рядок)" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1807 sssd-session-recording.5.xml:71 +#: sssd.conf.5.xml:1808 sssd-session-recording.5.xml:71 msgid "\"none\"" msgstr "\"none\"" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1810 sssd-session-recording.5.xml:74 +#: sssd.conf.5.xml:1811 sssd-session-recording.5.xml:74 msgid "No users are recorded." msgstr "Користувачі не записуються." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1815 sssd-session-recording.5.xml:79 +#: sssd.conf.5.xml:1816 sssd-session-recording.5.xml:79 msgid "\"some\"" msgstr "\"some\"" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1818 sssd-session-recording.5.xml:82 +#: sssd.conf.5.xml:1819 sssd-session-recording.5.xml:82 msgid "" "Users/groups specified by <replaceable>users</replaceable> and " "<replaceable>groups</replaceable> options are recorded." @@ -2772,17 +2770,17 @@ msgstr "" "<replaceable>користувачі</replaceable> і <replaceable>групи</replaceable>." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1827 sssd-session-recording.5.xml:91 +#: sssd.conf.5.xml:1828 sssd-session-recording.5.xml:91 msgid "\"all\"" msgstr "\"all\"" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1830 sssd-session-recording.5.xml:94 +#: sssd.conf.5.xml:1831 sssd-session-recording.5.xml:94 msgid "All users are recorded." msgstr "Усі користувачі записуються." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1803 sssd-session-recording.5.xml:67 +#: sssd.conf.5.xml:1804 sssd-session-recording.5.xml:67 msgid "" "One of the following strings specifying the scope of session recording: " "<placeholder type=\"variablelist\" id=\"0\"/>" @@ -2791,17 +2789,17 @@ msgstr "" "<placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1837 sssd-session-recording.5.xml:101 +#: sssd.conf.5.xml:1838 sssd-session-recording.5.xml:101 msgid "Default: \"none\"" msgstr "Типове значення: none" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1842 sssd-session-recording.5.xml:106 +#: sssd.conf.5.xml:1843 sssd-session-recording.5.xml:106 msgid "users (string)" msgstr "users (рядок)" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1845 sssd-session-recording.5.xml:109 +#: sssd.conf.5.xml:1846 sssd-session-recording.5.xml:109 msgid "" "A comma-separated list of users which should have session recording enabled. " "Matches user names as returned by NSS. I.e. after the possible space " @@ -2813,17 +2811,17 @@ msgstr "" "тощо." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1851 sssd-session-recording.5.xml:115 +#: sssd.conf.5.xml:1852 sssd-session-recording.5.xml:115 msgid "Default: Empty. Matches no users." msgstr "Типове значення: порожнє. Не відповідає жодному користувачу." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1856 sssd-session-recording.5.xml:120 +#: sssd.conf.5.xml:1857 sssd-session-recording.5.xml:120 msgid "groups (string)" msgstr "groups (рядок)" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1859 sssd-session-recording.5.xml:123 +#: sssd.conf.5.xml:1860 sssd-session-recording.5.xml:123 msgid "" "A comma-separated list of groups, members of which should have session " "recording enabled. Matches group names as returned by NSS. I.e. after the " @@ -2835,7 +2833,7 @@ msgstr "" "символів тощо." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1865 sssd-session-recording.5.xml:129 +#: sssd.conf.5.xml:1866 sssd-session-recording.5.xml:129 msgid "" "NOTE: using this option (having it set to anything) has a considerable " "performance cost, because each uncached request for a user requires " @@ -2847,22 +2845,22 @@ msgstr "" "належить користувач." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1872 sssd-session-recording.5.xml:136 +#: sssd.conf.5.xml:1873 sssd-session-recording.5.xml:136 msgid "Default: Empty. Matches no groups." msgstr "Типове значення: порожнє. Не відповідає жодній групі." #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1882 +#: sssd.conf.5.xml:1883 msgid "DOMAIN SECTIONS" msgstr "РОЗДІЛИ ДОМЕНІВ" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1889 +#: sssd.conf.5.xml:1890 msgid "domain_type (string)" msgstr "domain_type (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1892 +#: sssd.conf.5.xml:1893 msgid "" "Specifies whether the domain is meant to be used by POSIX-aware clients such " "as the Name Service Switch or by applications that do not need POSIX data to " @@ -2875,7 +2873,7 @@ msgstr "" "з доменів POSIX." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1900 +#: sssd.conf.5.xml:1901 msgid "" "Allowed values for this option are <quote>posix</quote> and " "<quote>application</quote>." @@ -2884,7 +2882,7 @@ msgstr "" "<quote>application</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1904 +#: sssd.conf.5.xml:1905 msgid "" "POSIX domains are reachable by all services. Application domains are only " "reachable from the InfoPipe responder (see <citerefentry> " @@ -2896,7 +2894,7 @@ msgstr "" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry>) і відповідача PAM." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1912 +#: sssd.conf.5.xml:1913 msgid "" "NOTE: The application domains are currently well tested with " "<quote>id_provider=ldap</quote> only." @@ -2905,7 +2903,7 @@ msgstr "" "application з <quote>id_provider=ldap</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1916 +#: sssd.conf.5.xml:1917 msgid "" "For an easy way to configure a non-POSIX domains, please see the " "<quote>Application domains</quote> section." @@ -2914,17 +2912,17 @@ msgstr "" "ласка, ознайомтеся із розділом <quote>Домени програм</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1920 +#: sssd.conf.5.xml:1921 msgid "Default: posix" msgstr "Типове значення: posix" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1926 +#: sssd.conf.5.xml:1927 msgid "min_id,max_id (integer)" msgstr "min_id,max_id (ціле значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1929 +#: sssd.conf.5.xml:1930 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." @@ -2933,7 +2931,7 @@ msgstr "" "відповідає цим обмеженням, його буде проігноровано." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1934 +#: sssd.conf.5.xml:1935 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For non-" @@ -2946,7 +2944,7 @@ msgstr "" "основної групи і належать діапазону, буде виведено у звичайному режимі." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1941 +#: sssd.conf.5.xml:1942 msgid "" "These ID limits affect even saving entries to cache, not only returning them " "by name or ID." @@ -2955,17 +2953,17 @@ msgstr "" "лише повернення записів за назвою або ідентифікатором." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1945 +#: sssd.conf.5.xml:1946 msgid "Default: 1 for min_id, 0 (no limit) for max_id" msgstr "Типові значення: 1 для min_id, 0 (без обмежень) для max_id" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1951 +#: sssd.conf.5.xml:1952 msgid "enumerate (bool)" msgstr "enumerate (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1954 +#: sssd.conf.5.xml:1955 msgid "" "Determines if a domain can be enumerated, that is, whether the domain can " "list all the users and group it contains. Note that it is not required to " @@ -2978,22 +2976,22 @@ msgstr "" "мати такі значення:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1962 +#: sssd.conf.5.xml:1963 msgid "TRUE = Users and groups are enumerated" msgstr "TRUE = користувачі і групи нумеруються" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1965 +#: sssd.conf.5.xml:1966 msgid "FALSE = No enumerations for this domain" msgstr "FALSE = не використовувати нумерацію для цього домену" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1968 sssd.conf.5.xml:2190 sssd.conf.5.xml:2365 +#: sssd.conf.5.xml:1969 sssd.conf.5.xml:2191 sssd.conf.5.xml:2366 msgid "Default: FALSE" msgstr "Типове значення: FALSE" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1971 +#: sssd.conf.5.xml:1972 msgid "" "Enumerating a domain requires SSSD to download and store ALL user and group " "entries from the remote server." @@ -3002,7 +3000,7 @@ msgstr "" "користувачів і груп із віддаленого сервера." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1976 +#: sssd.conf.5.xml:1977 msgid "" "Note: Enabling enumeration has a moderate performance impact on SSSD while " "enumeration is running. It may take up to several minutes after SSSD startup " @@ -3025,7 +3023,7 @@ msgstr "" "<quote>sssd_be</quote> або навіть перезапуску усього засобу стеження." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1991 +#: sssd.conf.5.xml:1992 msgid "" "While the first enumeration is running, requests for the complete user or " "group lists may return no results until it completes." @@ -3035,7 +3033,7 @@ msgstr "" "завершено." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1996 +#: sssd.conf.5.xml:1997 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " @@ -3049,7 +3047,7 @@ msgstr "" "відповідного використаного засобу обробки ідентифікаторів (id_provider)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2004 +#: sssd.conf.5.xml:2005 msgid "" "For the reasons cited above, enabling enumeration is not recommended, " "especially in large environments." @@ -3058,32 +3056,32 @@ msgstr "" "об’ємних середовищах." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2012 +#: sssd.conf.5.xml:2013 msgid "subdomain_enumerate (string)" msgstr "subdomain_enumerate (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2019 +#: sssd.conf.5.xml:2020 msgid "all" msgstr "all" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2020 +#: sssd.conf.5.xml:2021 msgid "All discovered trusted domains will be enumerated" msgstr "Усі виявлені надійні домени буде пронумеровано" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2023 +#: sssd.conf.5.xml:2024 msgid "none" msgstr "none" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2024 +#: sssd.conf.5.xml:2025 msgid "No discovered trusted domains will be enumerated" msgstr "Нумерація виявлених надійних доменів не виконуватиметься" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2015 +#: sssd.conf.5.xml:2016 msgid "" "Whether any of autodetected trusted domains should be enumerated. The " "supported values are: <placeholder type=\"variablelist\" id=\"0\"/> " @@ -3096,12 +3094,12 @@ msgstr "" "доменів, для яких буде увімкнено нумерацію." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2038 +#: sssd.conf.5.xml:2039 msgid "entry_cache_timeout (integer)" msgstr "entry_cache_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2041 +#: sssd.conf.5.xml:2042 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" @@ -3110,7 +3108,7 @@ msgstr "" "надсилати повторний запит до сервера" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2045 +#: sssd.conf.5.xml:2046 msgid "" "The cache expiration timestamps are stored as attributes of individual " "objects in the cache. Therefore, changing the cache timeout only has effect " @@ -3127,17 +3125,17 @@ msgstr "" "<manvolnum>8</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2058 +#: sssd.conf.5.xml:2059 msgid "Default: 5400" msgstr "Типове значення: 5400" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2064 +#: sssd.conf.5.xml:2065 msgid "entry_cache_user_timeout (integer)" msgstr "entry_cache_user_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2067 +#: sssd.conf.5.xml:2068 msgid "" "How many seconds should nss_sss consider user entries valid before asking " "the backend again" @@ -3146,19 +3144,19 @@ msgstr "" "чинними, перш ніж надсилати повторний запит до сервера" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2071 sssd.conf.5.xml:2084 sssd.conf.5.xml:2097 -#: sssd.conf.5.xml:2110 sssd.conf.5.xml:2123 sssd.conf.5.xml:2137 -#: sssd.conf.5.xml:2151 +#: sssd.conf.5.xml:2072 sssd.conf.5.xml:2085 sssd.conf.5.xml:2098 +#: sssd.conf.5.xml:2111 sssd.conf.5.xml:2124 sssd.conf.5.xml:2138 +#: sssd.conf.5.xml:2152 msgid "Default: entry_cache_timeout" msgstr "Типове значення: entry_cache_timeout" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2077 +#: sssd.conf.5.xml:2078 msgid "entry_cache_group_timeout (integer)" msgstr "entry_cache_group_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2080 +#: sssd.conf.5.xml:2081 msgid "" "How many seconds should nss_sss consider group entries valid before asking " "the backend again" @@ -3167,12 +3165,12 @@ msgstr "" "ніж надсилати повторний запит до сервера" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2090 +#: sssd.conf.5.xml:2091 msgid "entry_cache_netgroup_timeout (integer)" msgstr "entry_cache_netgroup_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2093 +#: sssd.conf.5.xml:2094 msgid "" "How many seconds should nss_sss consider netgroup entries valid before " "asking the backend again" @@ -3181,12 +3179,12 @@ msgstr "" "чинними, перш ніж надсилати повторний запит до сервера" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2103 +#: sssd.conf.5.xml:2104 msgid "entry_cache_service_timeout (integer)" msgstr "entry_cache_service_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2106 +#: sssd.conf.5.xml:2107 msgid "" "How many seconds should nss_sss consider service entries valid before asking " "the backend again" @@ -3195,12 +3193,12 @@ msgstr "" "ніж надсилати повторний запит до сервера" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2116 +#: sssd.conf.5.xml:2117 msgid "entry_cache_sudo_timeout (integer)" msgstr "entry_cache_sudo_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2119 +#: sssd.conf.5.xml:2120 msgid "" "How many seconds should sudo consider rules valid before asking the backend " "again" @@ -3209,12 +3207,12 @@ msgstr "" "надсилати повторний запит до сервера" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2129 +#: sssd.conf.5.xml:2130 msgid "entry_cache_autofs_timeout (integer)" msgstr "entry_cache_autofs_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2132 +#: sssd.conf.5.xml:2133 msgid "" "How many seconds should the autofs service consider automounter maps valid " "before asking the backend again" @@ -3223,12 +3221,12 @@ msgstr "" "чинними, перш ніж надсилати повторний запит до сервера" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2143 +#: sssd.conf.5.xml:2144 msgid "entry_cache_ssh_host_timeout (integer)" msgstr "entry_cache_ssh_host_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2146 +#: sssd.conf.5.xml:2147 msgid "" "How many seconds to keep a host ssh key after refresh. IE how long to cache " "the host key for." @@ -3238,12 +3236,12 @@ msgstr "" "вузла у кеші." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2157 +#: sssd.conf.5.xml:2158 msgid "refresh_expired_interval (integer)" msgstr "refresh_expired_interval (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2160 +#: sssd.conf.5.xml:2161 msgid "" "Specifies how many seconds SSSD has to wait before triggering a background " "refresh task which will refresh all expired or nearly expired records." @@ -3253,7 +3251,7 @@ msgstr "" "вичерпано або майже вичерпано." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2165 +#: sssd.conf.5.xml:2166 msgid "" "The background refresh will process users, groups and netgroups in the cache." msgstr "" @@ -3261,42 +3259,42 @@ msgstr "" "груп та мережевих груп у кеші." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2169 +#: sssd.conf.5.xml:2170 msgid "You can consider setting this value to 3/4 * entry_cache_timeout." msgstr "" "Варто визначити для цього параметра значення 3/4 * entry_cache_timeout." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2173 sssd-ldap.5.xml:746 sssd-ipa.5.xml:254 +#: sssd.conf.5.xml:2174 sssd-ldap.5.xml:784 sssd-ipa.5.xml:254 msgid "Default: 0 (disabled)" msgstr "Типове значення: 0 (вимкнено)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2179 +#: sssd.conf.5.xml:2180 msgid "cache_credentials (bool)" msgstr "cache_credentials (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2182 +#: sssd.conf.5.xml:2183 msgid "Determines if user credentials are also cached in the local LDB cache" msgstr "" "Визначає, чи слід також кешувати реєстраційні дані користувача у локальному " "кеші LDB" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2186 +#: sssd.conf.5.xml:2187 msgid "User credentials are stored in a SHA512 hash, not in plaintext" msgstr "" "Реєстраційні дані користувача зберігаються у форматі хешу SHA512, а не у " "форматі звичайного тексту" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2196 +#: sssd.conf.5.xml:2197 msgid "cache_credentials_minimal_first_factor_length (int)" msgstr "cache_credentials_minimal_first_factor_length (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2199 +#: sssd.conf.5.xml:2200 msgid "" "If 2-Factor-Authentication (2FA) is used and credentials should be saved " "this value determines the minimal length the first authentication factor " @@ -3308,7 +3306,7 @@ msgstr "" "контрольної суми SHA512 у кеші." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2206 +#: sssd.conf.5.xml:2207 msgid "" "This should avoid that the short PINs of a PIN based 2FA scheme are saved in " "the cache which would make them easy targets for brute-force attacks." @@ -3318,17 +3316,17 @@ msgstr "" "мішенню атак із перебиранням паролів." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2211 +#: sssd.conf.5.xml:2212 msgid "Default: 8" msgstr "Типове значення: 8" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2217 +#: sssd.conf.5.xml:2218 msgid "account_cache_expiration (integer)" msgstr "account_cache_expiration (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2220 +#: sssd.conf.5.xml:2221 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " @@ -3341,17 +3339,17 @@ msgstr "" "offline_credentials_expiration." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2227 +#: sssd.conf.5.xml:2228 msgid "Default: 0 (unlimited)" msgstr "Типове значення: 0 (без обмежень)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2232 +#: sssd.conf.5.xml:2233 msgid "pwd_expiration_warning (integer)" msgstr "pwd_expiration_warning (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2243 +#: sssd.conf.5.xml:2244 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -3364,17 +3362,17 @@ msgstr "" "даних розпізнавання." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2250 +#: sssd.conf.5.xml:2251 msgid "Default: 7 (Kerberos), 0 (LDAP)" msgstr "Типове значення: 7 (Kerberos), 0 (LDAP)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2256 +#: sssd.conf.5.xml:2257 msgid "id_provider (string)" msgstr "id_provider (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2259 +#: sssd.conf.5.xml:2260 msgid "" "The identification provider used for the domain. Supported ID providers are:" msgstr "" @@ -3382,12 +3380,12 @@ msgstr "" "Серед підтримуваних засобів такі:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2263 +#: sssd.conf.5.xml:2264 msgid "<quote>proxy</quote>: Support a legacy NSS provider." msgstr "«proxy»: підтримка застарілого модуля надання даних NSS" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2266 +#: sssd.conf.5.xml:2267 msgid "" "<quote>local</quote>: SSSD internal provider for local users (DEPRECATED)." msgstr "" @@ -3395,7 +3393,7 @@ msgstr "" "(ЗАСТАРІЛИЙ)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2270 +#: sssd.conf.5.xml:2271 msgid "" "<quote>files</quote>: FILES provider. See <citerefentry> <refentrytitle>sssd-" "files</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -3407,7 +3405,7 @@ msgstr "" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2278 +#: sssd.conf.5.xml:2279 msgid "" "<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -3418,8 +3416,8 @@ msgstr "" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2286 sssd.conf.5.xml:2391 sssd.conf.5.xml:2446 -#: sssd.conf.5.xml:2509 +#: sssd.conf.5.xml:2287 sssd.conf.5.xml:2392 sssd.conf.5.xml:2447 +#: sssd.conf.5.xml:2510 msgid "" "<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management " "provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " @@ -3432,8 +3430,8 @@ msgstr "" "manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2295 sssd.conf.5.xml:2400 sssd.conf.5.xml:2455 -#: sssd.conf.5.xml:2518 +#: sssd.conf.5.xml:2296 sssd.conf.5.xml:2401 sssd.conf.5.xml:2456 +#: sssd.conf.5.xml:2519 msgid "" "<quote>ad</quote>: Active Directory provider. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3445,12 +3443,12 @@ msgstr "" "citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2306 +#: sssd.conf.5.xml:2307 msgid "use_fully_qualified_names (bool)" msgstr "use_fully_qualified_names (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2309 +#: sssd.conf.5.xml:2310 msgid "" "Use the full name and domain (as formatted by the domain's full_name_format) " "as the user's login name reported to NSS." @@ -3460,7 +3458,7 @@ msgstr "" "NSS." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2314 +#: sssd.conf.5.xml:2315 msgid "" "If set to TRUE, all requests to this domain must use fully qualified names. " "For example, if used in LOCAL domain that contains a \"test\" user, " @@ -3473,7 +3471,7 @@ msgstr "" "не покаже користувача, а <command>getent passwd test@LOCAL</command> покаже." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2322 +#: sssd.conf.5.xml:2323 msgid "" "NOTE: This option has no effect on netgroup lookups due to their tendency to " "include nested netgroups without qualified names. For netgroups, all domains " @@ -3484,22 +3482,22 @@ msgstr "" "груп, якщо задано неповну назву, буде виконано пошук у всіх доменах." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2329 +#: sssd.conf.5.xml:2330 msgid "Default: FALSE (TRUE if default_domain_suffix is used)" msgstr "Типове значення: FALSE (TRUE, якщо використано default_domain_suffix)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2335 +#: sssd.conf.5.xml:2336 msgid "ignore_group_members (bool)" msgstr "ignore_group_members (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2338 +#: sssd.conf.5.xml:2339 msgid "Do not return group members for group lookups." msgstr "Не повертати записи учасників груп для пошуків груп." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2341 +#: sssd.conf.5.xml:2342 msgid "" "If set to TRUE, the group membership attribute is not requested from the " "ldap server, and group members are not returned when processing group lookup " @@ -3518,7 +3516,7 @@ msgstr "" "$groupname</quote> поверне запитану групу так, наче вона була порожня." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2359 +#: sssd.conf.5.xml:2360 msgid "" "Enabling this option can also make access provider checks for group " "membership significantly faster, especially for groups containing many " @@ -3529,12 +3527,12 @@ msgstr "" "учасників." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2370 +#: sssd.conf.5.xml:2371 msgid "auth_provider (string)" msgstr "auth_provider (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2373 +#: sssd.conf.5.xml:2374 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" @@ -3543,7 +3541,7 @@ msgstr "" "служб розпізнавання:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2377 sssd.conf.5.xml:2439 +#: sssd.conf.5.xml:2378 sssd.conf.5.xml:2440 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3555,7 +3553,7 @@ msgstr "" "citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2384 +#: sssd.conf.5.xml:2385 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3567,23 +3565,23 @@ msgstr "" "citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2408 +#: sssd.conf.5.xml:2409 msgid "" "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "<quote>proxy</quote> — трансльоване розпізнавання у іншій системі PAM." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2411 +#: sssd.conf.5.xml:2412 msgid "<quote>local</quote>: SSSD internal provider for local users" msgstr "<quote>local</quote>: вбудований засіб SSSD для локальних користувачів" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2415 +#: sssd.conf.5.xml:2416 msgid "<quote>none</quote> disables authentication explicitly." msgstr "<quote>none</quote> — вимкнути розпізнавання повністю." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2418 +#: sssd.conf.5.xml:2419 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." @@ -3592,12 +3590,12 @@ msgstr "" "спосіб встановлено і можлива обробка запитів щодо розпізнавання." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2424 +#: sssd.conf.5.xml:2425 msgid "access_provider (string)" msgstr "access_provider (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2427 +#: sssd.conf.5.xml:2428 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " @@ -3608,7 +3606,7 @@ msgstr "" "Вбудованими програмами є:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2433 +#: sssd.conf.5.xml:2434 msgid "" "<quote>permit</quote> always allow access. It's the only permitted access " "provider for a local domain." @@ -3617,12 +3615,12 @@ msgstr "" "доступу для локального домену." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2436 +#: sssd.conf.5.xml:2437 msgid "<quote>deny</quote> always deny access." msgstr "<quote>deny</quote> — завжди забороняти доступ." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2463 +#: sssd.conf.5.xml:2464 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" @@ -3635,7 +3633,7 @@ msgstr "" "refentrytitle> <manvolnum>5</manvolnum></citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2470 +#: sssd.conf.5.xml:2471 msgid "" "<quote>krb5</quote>: .k5login based access control. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum></" @@ -3647,24 +3645,24 @@ msgstr "" "manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2477 +#: sssd.conf.5.xml:2478 msgid "<quote>proxy</quote> for relaying access control to another PAM module." msgstr "" "<quote>proxy</quote> — для трансляції керування доступом до іншого модуля " "PAM." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2480 +#: sssd.conf.5.xml:2481 msgid "Default: <quote>permit</quote>" msgstr "Типове значення: <quote>permit</quote>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2485 +#: sssd.conf.5.xml:2486 msgid "chpass_provider (string)" msgstr "chpass_provider (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2488 +#: sssd.conf.5.xml:2489 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" @@ -3673,7 +3671,7 @@ msgstr "" "підтримку таких систем зміни паролів:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2493 +#: sssd.conf.5.xml:2494 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -3685,7 +3683,7 @@ msgstr "" "manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2501 +#: sssd.conf.5.xml:2502 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3697,18 +3695,18 @@ msgstr "" "citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2526 +#: sssd.conf.5.xml:2527 msgid "" "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "<quote>proxy</quote> — трансльована зміна пароля у іншій системі PAM." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2530 +#: sssd.conf.5.xml:2531 msgid "<quote>none</quote> disallows password changes explicitly." msgstr "<quote>none</quote> — явно вимкнути можливість зміни пароля." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2533 +#: sssd.conf.5.xml:2534 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." @@ -3717,19 +3715,19 @@ msgstr "" "цього параметра і якщо система здатна обробляти запити щодо паролів." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2540 +#: sssd.conf.5.xml:2541 msgid "sudo_provider (string)" msgstr "sudo_provider (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2543 +#: sssd.conf.5.xml:2544 msgid "The SUDO provider used for the domain. Supported SUDO providers are:" msgstr "" "Служба SUDO, яку використано для цього домену. Серед підтримуваних служб " "SUDO:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2547 +#: sssd.conf.5.xml:2548 msgid "" "<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3741,7 +3739,7 @@ msgstr "" "citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2555 +#: sssd.conf.5.xml:2556 msgid "" "<quote>ipa</quote> the same as <quote>ldap</quote> but with IPA default " "settings." @@ -3750,7 +3748,7 @@ msgstr "" "параметрами IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2559 +#: sssd.conf.5.xml:2560 msgid "" "<quote>ad</quote> the same as <quote>ldap</quote> but with AD default " "settings." @@ -3759,20 +3757,20 @@ msgstr "" "параметрами AD." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2563 +#: sssd.conf.5.xml:2564 msgid "<quote>none</quote> disables SUDO explicitly." msgstr "<quote>none</quote> явним чином вимикає SUDO." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2566 sssd.conf.5.xml:2652 sssd.conf.5.xml:2722 -#: sssd.conf.5.xml:2747 +#: sssd.conf.5.xml:2567 sssd.conf.5.xml:2653 sssd.conf.5.xml:2723 +#: sssd.conf.5.xml:2748 msgid "Default: The value of <quote>id_provider</quote> is used if it is set." msgstr "" "Типове значення: використовується значення <quote>id_provider</quote>, якщо " "його встановлено." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2570 +#: sssd.conf.5.xml:2571 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -3791,7 +3789,7 @@ msgstr "" "citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2585 +#: sssd.conf.5.xml:2586 msgid "" "<emphasis>NOTE:</emphasis> Sudo rules are periodically downloaded in the " "background unless the sudo provider is explicitly disabled. Set " @@ -3805,12 +3803,12 @@ msgstr "" "sudo у SSSD." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2595 +#: sssd.conf.5.xml:2596 msgid "selinux_provider (string)" msgstr "selinux_provider (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2598 +#: sssd.conf.5.xml:2599 msgid "" "The provider which should handle loading of selinux settings. Note that this " "provider will be called right after access provider ends. Supported selinux " @@ -3821,7 +3819,7 @@ msgstr "" "доступу. Передбачено підтримку таких засобів надання даних SELinux:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2604 +#: sssd.conf.5.xml:2605 msgid "" "<quote>ipa</quote> to load selinux settings from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3833,14 +3831,14 @@ msgstr "" "manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2612 +#: sssd.conf.5.xml:2613 msgid "<quote>none</quote> disallows fetching selinux settings explicitly." msgstr "" "<quote>none</quote> явним чином забороняє отримання даних щодо параметрів " "SELinux." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2615 +#: sssd.conf.5.xml:2616 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "selinux loading requests." @@ -3849,12 +3847,12 @@ msgstr "" "спосіб встановлено і можлива обробка запитів щодо завантаження SELinux." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2621 +#: sssd.conf.5.xml:2622 msgid "subdomains_provider (string)" msgstr "subdomains_provider (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2624 +#: sssd.conf.5.xml:2625 msgid "" "The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider. Supported subdomain providers are:" @@ -3864,7 +3862,7 @@ msgstr "" "підтримку таких засобів надання даних піддоменів:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2630 +#: sssd.conf.5.xml:2631 msgid "" "<quote>ipa</quote> to load a list of subdomains from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3876,7 +3874,7 @@ msgstr "" "manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2639 +#: sssd.conf.5.xml:2640 msgid "" "<quote>ad</quote> to load a list of subdomains from an Active Directory " "server. See <citerefentry> <refentrytitle>sssd-ad</refentrytitle> " @@ -3889,17 +3887,17 @@ msgstr "" "налаштовування засобу надання даних AD." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2648 +#: sssd.conf.5.xml:2649 msgid "<quote>none</quote> disallows fetching subdomains explicitly." msgstr "<quote>none</quote> забороняє ячним чином отримання даних піддоменів." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2658 +#: sssd.conf.5.xml:2659 msgid "session_provider (string)" msgstr "session_provider (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2661 +#: sssd.conf.5.xml:2662 msgid "" "The provider which configures and manages user session related tasks. The " "only user session task currently provided is the integration with Fleet " @@ -3911,14 +3909,14 @@ msgstr "" "постачальники даних сеансів:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2668 +#: sssd.conf.5.xml:2669 msgid "<quote>ipa</quote> to allow performing user session related tasks." msgstr "" "<quote>ipa</quote>, щоб дозволити пов'язані із сеансами користувачів " "завдання." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2672 +#: sssd.conf.5.xml:2673 msgid "" "<quote>none</quote> does not perform any kind of user session related tasks." msgstr "" @@ -3926,7 +3924,7 @@ msgstr "" "користувачів завдань." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2676 +#: sssd.conf.5.xml:2677 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can perform " "session related tasks." @@ -3935,7 +3933,7 @@ msgstr "" "його встановлено і дозволено виконувати пов'язані із сеансами завдання." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2680 +#: sssd.conf.5.xml:2681 msgid "" "<emphasis>NOTE:</emphasis> In order to have this feature working as expected " "SSSD must be running as \"root\" and not as the unprivileged user." @@ -3945,12 +3943,12 @@ msgstr "" "непривілейованого користувача." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2688 +#: sssd.conf.5.xml:2689 msgid "autofs_provider (string)" msgstr "autofs_provider (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2691 +#: sssd.conf.5.xml:2692 msgid "" "The autofs provider used for the domain. Supported autofs providers are:" msgstr "" @@ -3958,7 +3956,7 @@ msgstr "" "autofs:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2695 +#: sssd.conf.5.xml:2696 msgid "" "<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3970,7 +3968,7 @@ msgstr "" "citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2702 +#: sssd.conf.5.xml:2703 msgid "" "<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> " "<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3982,7 +3980,7 @@ msgstr "" "manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2710 +#: sssd.conf.5.xml:2711 msgid "" "<quote>ad</quote> to load maps stored in an AD server. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3994,17 +3992,17 @@ msgstr "" "надання даних AD." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2719 +#: sssd.conf.5.xml:2720 msgid "<quote>none</quote> disables autofs explicitly." msgstr "<quote>none</quote> вимикає autofs повністю." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2729 +#: sssd.conf.5.xml:2730 msgid "hostid_provider (string)" msgstr "hostid_provider (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2732 +#: sssd.conf.5.xml:2733 msgid "" "The provider used for retrieving host identity information. Supported " "hostid providers are:" @@ -4013,7 +4011,7 @@ msgstr "" "вузла. Серед підтримуваних засобів надання hostid:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2736 +#: sssd.conf.5.xml:2737 msgid "" "<quote>ipa</quote> to load host identity stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -4025,12 +4023,12 @@ msgstr "" "manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2744 +#: sssd.conf.5.xml:2745 msgid "<quote>none</quote> disables hostid explicitly." msgstr "<quote>none</quote> вимикає hostid повністю." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2757 +#: sssd.conf.5.xml:2758 msgid "" "Regular expression for this domain that describes how to parse the string " "containing user name and domain into these components. The \"domain\" can " @@ -4044,7 +4042,7 @@ msgstr "" "IPA та доменів Active Directory, простій назві (NetBIOS) домену." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2766 +#: sssd.conf.5.xml:2767 msgid "" "Default for the AD and IPA provider: <quote>(((?P<domain>[^\\\\]+)\\" "\\(?P<name>.+$))|((?P<name>[^@]+)@(?P<domain>.+$))|(^(?" @@ -4057,22 +4055,22 @@ msgstr "" "різні стилі запису імен користувачів:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2771 +#: sssd.conf.5.xml:2772 msgid "username" msgstr "користувач" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2774 +#: sssd.conf.5.xml:2775 msgid "username@domain.name" msgstr "користувач@назва.домену" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2777 +#: sssd.conf.5.xml:2778 msgid "domain\\username" msgstr "домен\\користувач" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2780 +#: sssd.conf.5.xml:2781 msgid "" "While the first two correspond to the general default the third one is " "introduced to allow easy integration of users from Windows domains." @@ -4081,7 +4079,7 @@ msgstr "" "того, щоб полегшити інтеграцію користувачів з доменів Windows." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2785 +#: sssd.conf.5.xml:2786 msgid "" "Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " "which translates to \"the name is everything up to the <quote>@</quote> " @@ -4092,7 +4090,7 @@ msgstr "" "домену — все після цього символу." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2791 +#: sssd.conf.5.xml:2792 msgid "" "NOTE: Some Active Directory groups, typically those used for MS Exchange " "contain an <quote>@</quote> sign in the name, which clashes with the default " @@ -4100,19 +4098,25 @@ msgid "" "consider changing the re_expression value to: <quote>((?P<name>.+)@(?" "P<domain>[^@]+$))</quote>." msgstr "" +"Зауваження: у деяких групах Active Directory, типово, тих, які " +"використовуються для MS Exchange, назви містять символ <quote>@</quote>. " +"Такі назви конфліктують із типовим значенням re_expression для надавачів " +"даних AD та IPA. Щоб забезпечити підтримку таких груп, варто змінити " +"значення re_expression на таке: <quote>((?P<name>.+)@(?P<domain>" +"[^@]+$))</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2842 +#: sssd.conf.5.xml:2843 msgid "Default: <quote>%1$s@%2$s</quote>." msgstr "Типове значення: <quote>%1$s@%2$s</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2848 +#: sssd.conf.5.xml:2849 msgid "lookup_family_order (string)" msgstr "lookup_family_order (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2851 +#: sssd.conf.5.xml:2852 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." @@ -4121,48 +4125,48 @@ msgstr "" "під час виконання пошуків у DNS." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2855 +#: sssd.conf.5.xml:2856 msgid "Supported values:" msgstr "Передбачено підтримку таких значень:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2858 +#: sssd.conf.5.xml:2859 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" msgstr "" "ipv4_first: спробувати визначити адресу у форматі IPv4, у разі невдачі " "спробувати формат IPv6" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2861 +#: sssd.conf.5.xml:2862 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." msgstr "" "ipv4_only: намагатися визначити назви вузлів лише у форматі адрес IPv4." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2864 +#: sssd.conf.5.xml:2865 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" msgstr "" "ipv6_first: спробувати визначити адресу у форматі IPv6, у разі невдачі " "спробувати формат IPv4" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2867 +#: sssd.conf.5.xml:2868 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." msgstr "" "ipv6_only: намагатися визначити назви вузлів лише у форматі адрес IPv6." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2870 +#: sssd.conf.5.xml:2871 msgid "Default: ipv4_first" msgstr "Типове значення: ipv4_first" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2876 +#: sssd.conf.5.xml:2877 msgid "dns_resolver_timeout (integer)" msgstr "dns_resolver_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2879 +#: sssd.conf.5.xml:2880 msgid "" "Defines the amount of time (in seconds) to wait for a reply from the " "internal fail over service before assuming that the service is unreachable. " @@ -4175,7 +4179,7 @@ msgstr "" "роботу у автономному режимі." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2886 +#: sssd.conf.5.xml:2887 msgid "" "Please see the section <quote>FAILOVER</quote> for more information about " "the service resolution." @@ -4184,18 +4188,18 @@ msgstr "" "більше про розв'язування питань, пов'язаних із службами." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2891 sssd-ldap.5.xml:1337 sssd-ldap.5.xml:1379 -#: sssd-ldap.5.xml:1397 sssd-krb5.5.xml:248 +#: sssd.conf.5.xml:2892 sssd-ldap.5.xml:1375 sssd-ldap.5.xml:1417 +#: sssd-ldap.5.xml:1435 sssd-krb5.5.xml:248 msgid "Default: 6" msgstr "Типове значення: 6" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2897 +#: sssd.conf.5.xml:2898 msgid "dns_discovery_domain (string)" msgstr "dns_discovery_domain (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2900 +#: sssd.conf.5.xml:2901 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." @@ -4204,54 +4208,54 @@ msgstr "" "частину запиту визначення служб DNS." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2904 +#: sssd.conf.5.xml:2905 msgid "Default: Use the domain part of machine's hostname" msgstr "" "Типова поведінка: використовувати назву домену з назви вузла комп’ютера." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2910 +#: sssd.conf.5.xml:2911 msgid "override_gid (integer)" msgstr "override_gid (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2913 +#: sssd.conf.5.xml:2914 msgid "Override the primary GID value with the one specified." msgstr "Замірити значення основного GID на вказане." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2919 +#: sssd.conf.5.xml:2920 msgid "case_sensitive (string)" msgstr "case_sensitive (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2930 +#: sssd.conf.5.xml:2931 msgid "True" msgstr "True" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2933 +#: sssd.conf.5.xml:2934 msgid "Case sensitive. This value is invalid for AD provider." msgstr "" "Враховується регістр. Це значення є некоректним для засобу надання даних AD." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2939 +#: sssd.conf.5.xml:2940 msgid "False" msgstr "False" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2941 +#: sssd.conf.5.xml:2942 msgid "Case insensitive." msgstr "Без врахування регістру." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2945 +#: sssd.conf.5.xml:2946 msgid "Preserving" msgstr "Preserving" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2948 +#: sssd.conf.5.xml:2949 msgid "" "Same as False (case insensitive), but does not lowercase names in the result " "of NSS operations. Note that name aliases (and in case of services also " @@ -4263,34 +4267,30 @@ msgstr "" "буде переведено у нижній регістр." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2922 -#, fuzzy -#| msgid "" -#| "Treat user and group names as case sensitive. At the moment, this option " -#| "is not supported in the local provider. Possible option values are: " -#| "<placeholder type=\"variablelist\" id=\"0\"/>" +#: sssd.conf.5.xml:2923 msgid "" "Treat user and group names as case sensitive. <phrase condition=" "\"enable_local_provider\"> At the moment, this option is not supported in " "the local provider. </phrase> Possible option values are: <placeholder type=" "\"variablelist\" id=\"0\"/>" msgstr "" -"Враховувати регістр записів імен користувачів та назв груп. У поточній " -"версії підтримку передбачено лише для локальних надавачів даних. Можливі " -"значення параметра: <placeholder type=\"variablelist\" id=\"0\"/>" +"Враховувати регістр записів імен користувачів та назв груп. <phrase " +"condition=\"enable_local_provider\"> У поточній версії підтримку передбачено " +"лише для локальних надавачів даних. </phrase> Можливі значення параметра: " +"<placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2960 +#: sssd.conf.5.xml:2961 msgid "Default: True (False for AD provider)" msgstr "Типове значення: True (False для засобу надання даних AD)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2966 +#: sssd.conf.5.xml:2967 msgid "subdomain_inherit (string)" msgstr "subdomain_inherit (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2969 +#: sssd.conf.5.xml:2970 msgid "" "Specifies a list of configuration parameters that should be inherited by a " "subdomain. Please note that only selected parameters can be inherited. " @@ -4302,27 +4302,27 @@ msgstr "" "параметрів:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2975 +#: sssd.conf.5.xml:2976 msgid "ignore_group_members" msgstr "ignore_group_members" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2978 +#: sssd.conf.5.xml:2979 msgid "ldap_purge_cache_timeout" msgstr "ldap_purge_cache_timeout" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2981 sssd-ldap.5.xml:1061 +#: sssd.conf.5.xml:2982 sssd-ldap.5.xml:1099 msgid "ldap_use_tokengroups" msgstr "ldap_use_tokengroups" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2984 +#: sssd.conf.5.xml:2985 msgid "ldap_user_principal" msgstr "ldap_user_principal" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2987 +#: sssd.conf.5.xml:2988 msgid "" "ldap_krb5_keytab (the value of krb5_keytab will be used if ldap_krb5_keytab " "is not set explicitly)" @@ -4331,7 +4331,7 @@ msgstr "" "ldap_krb5_keytab не встановлено явним чином)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:2993 +#: sssd.conf.5.xml:2994 #, no-wrap msgid "" "subdomain_inherit = ldap_purge_cache_timeout\n" @@ -4341,33 +4341,33 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2991 sssd-secrets.5.xml:448 +#: sssd.conf.5.xml:2992 sssd-secrets.5.xml:448 msgid "Example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "Приклад: <placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3000 +#: sssd.conf.5.xml:3001 msgid "Note: This option only works with the IPA and AD provider." msgstr "" "Зауваження: цей параметр працює лише для засобів надання даних IPA і AD." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3007 +#: sssd.conf.5.xml:3008 msgid "subdomain_homedir (string)" msgstr "subdomain_homedir (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3018 +#: sssd.conf.5.xml:3019 msgid "%F" msgstr "%F" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3019 +#: sssd.conf.5.xml:3020 msgid "flat (NetBIOS) name of a subdomain." msgstr "спрощена (NetBIOS) назва піддомену." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3010 +#: sssd.conf.5.xml:3011 msgid "" "Use this homedir as default value for all subdomains within this domain in " "IPA AD trust. See <emphasis>override_homedir</emphasis> for info about " @@ -4382,7 +4382,7 @@ msgstr "" "emphasis>. <placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3024 +#: sssd.conf.5.xml:3025 msgid "" "The value can be overridden by <emphasis>override_homedir</emphasis> option." msgstr "" @@ -4390,17 +4390,17 @@ msgstr "" "emphasis>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3028 +#: sssd.conf.5.xml:3029 msgid "Default: <filename>/home/%d/%u</filename>" msgstr "Типове значення: <filename>/home/%d/%u</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3033 +#: sssd.conf.5.xml:3034 msgid "realmd_tags (string)" msgstr "realmd_tags (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3036 +#: sssd.conf.5.xml:3037 msgid "" "Various tags stored by the realmd configuration service for this domain." msgstr "" @@ -4408,28 +4408,41 @@ msgstr "" "домену." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3042 +#: sssd.conf.5.xml:3043 msgid "cached_auth_timeout (int)" msgstr "cached_auth_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3045 +#: sssd.conf.5.xml:3046 +#, fuzzy +#| msgid "" +#| "Specifies time in seconds since last successful online authentication for " +#| "which user will be authenticated using cached credentials while SSSD is " +#| "in the online mode." msgid "" "Specifies time in seconds since last successful online authentication for " "which user will be authenticated using cached credentials while SSSD is in " -"the online mode." +"the online mode. If the credentials are incorrect, SSSD falls back to online " +"authentication." msgstr "" "Визначає час у секундах з моменту останнього успішного розпізнавання у " "мережі, для якого користувача буде розпізнано за допомогою кешованих " "реєстраційних даних, доки SSSD перебуває у режимі «у мережі»." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3051 +#: sssd.conf.5.xml:3054 +msgid "" +"This option's value is inherited by all trusted domains. At the moment it is " +"not possible to set a different value per trusted domain." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3059 msgid "Special value 0 implies that this feature is disabled." msgstr "Спеціальне значення 0 означає, що цю можливість вимкнено." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3055 +#: sssd.conf.5.xml:3063 msgid "" "Please note that if <quote>cached_auth_timeout</quote> is longer than " "<quote>pam_id_timeout</quote> then the back end could be called to handle " @@ -4440,42 +4453,31 @@ msgstr "" "обробки <quote>initgroups</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3066 +#: sssd.conf.5.xml:3074 msgid "auto_private_groups (string)" msgstr "auto_private_groups (рядок)" -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3069 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3080 +msgid "true" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3083 +#, fuzzy +#| msgid "" +#| "If this option is enabled, SSSD will automatically create user private " +#| "groups based on user's UID number. The GID number is ignored in this case." msgid "" -"If this option is enabled, SSSD will automatically create user private " -"groups based on user's UID number. The GID number is ignored in this case." +"Create user's private group unconditionally from user's UID number. The GID " +"number is ignored in this case." msgstr "" "Якщо увімкнено цей параметр, SSSD автоматично створюватиме приватні групи " "користувачів на основі номера UID користувача. Номер GID у цьому випадку " "ігноруватиметься." -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3074 -msgid "" -"For POSIX subdomains, setting the option in the main domain is inherited in " -"the subdomain." -msgstr "" -"Для піддоменів POSIX встановлення для цього параметра значення головного " -"домену успадковується у піддомені." - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3078 -msgid "" -"For ID-mapping subdomains, auto_private_groups is already enabled for the " -"subdomains and setting it to false will not have any effect for the " -"subdomain." -msgstr "" -"Для піддоменів із прив'язкою за ідентифікатором auto_private_groups вже " -"увімкнено для піддоменів, встановлення для нього значення false ніяк не " -"впливатиме на піддомен." - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3083 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3087 msgid "" "NOTE: Because the GID number and the user private group are inferred from " "the UID number, it is not supported to have multiple entries with the same " @@ -4487,8 +4489,95 @@ msgstr "" "цьому параметрі не передбачено. Іншими словами, вмикання цього параметра " "примусово встановлює унікальність записів у просторі ідентифікаторів." +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3096 +#, fuzzy +#| msgid "False" +msgid "false" +msgstr "False" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3099 +msgid "" +"Always use the user's primary GID number. The GID number must refer to a " +"group object in the LDAP database." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3105 +msgid "hybrid" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3108 +msgid "" +"A primary group is autogenerated for user entries whose UID and GID numbers " +"have the same value and at the same time the GID number does not correspond " +"to a real group object in LDAP If the values are the same, but the primary " +"GID in the user entry is also used by a group object, the primary GID of the " +"user resolves to that group object." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3121 +msgid "" +"If the UID and GID of a user are different, then the GID must correspond to " +"a group entry, otherwise the GID is simply not resolvable." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3128 +msgid "" +"This feature is useful for environments that wish to stop maintaining a " +"separate group objects for the user private groups, but also wish to retain " +"the existing user private groups." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3077 +#, fuzzy +#| msgid "" +#| "The available options are: <placeholder type=\"variablelist\" id=\"0\"/>" +msgid "" +"This option takes any of three available values: <placeholder type=" +"\"variablelist\" id=\"0\"/>" +msgstr "Доступні варіанти: <placeholder type=\"variablelist\" id=\"0\"/>" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3140 +msgid "" +"For subdomains, the default value is False for subdomains that use assigned " +"POSIX IDs and True for subdomains that use automatic ID-mapping." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd.conf.5.xml:3148 +#, no-wrap +msgid "" +"[domain/forest.domain/sub.domain]\n" +"auto_private_groups = false\n" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd.conf.5.xml:3154 +#, no-wrap +msgid "" +"[domain/forest.domain]\n" +"subdomain_inherit = auto_private_groups\n" +"auto_private_groups = false\n" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3145 +msgid "" +"The value of auto_private_groups can either be set per subdomains in a " +"subsection, for example: <placeholder type=\"programlisting\" id=\"0\"/> or " +"globally for all subdomains in the main domain section using the " +"subdomain_inherit option: <placeholder type=\"programlisting\" id=\"1\"/>" +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1884 +#: sssd.conf.5.xml:1885 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called <quote>[domain/<replaceable>NAME</" @@ -4499,17 +4588,17 @@ msgstr "" "quote> <placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3102 +#: sssd.conf.5.xml:3169 msgid "proxy_pam_target (string)" msgstr "proxy_pam_target (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3105 +#: sssd.conf.5.xml:3172 msgid "The proxy target PAM proxies to." msgstr "Комп’ютер, для якого виконує проксі-сервер PAM." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3108 +#: sssd.conf.5.xml:3175 msgid "" "Default: not set by default, you have to take an existing pam configuration " "or create a new one and add the service name here." @@ -4518,12 +4607,12 @@ msgstr "" "налаштуваннями pam або створити нові і тут додати назву служби." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3116 +#: sssd.conf.5.xml:3183 msgid "proxy_lib_name (string)" msgstr "proxy_lib_name (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3119 +#: sssd.conf.5.xml:3186 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " @@ -4534,12 +4623,12 @@ msgstr "" "наприклад _nss_files_getpwent." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3129 +#: sssd.conf.5.xml:3196 msgid "proxy_fast_alias (boolean)" msgstr "proxy_fast_alias (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3132 +#: sssd.conf.5.xml:3199 msgid "" "When a user or group is looked up by name in the proxy provider, a second " "lookup by ID is performed to \"canonicalize\" the name in case the requested " @@ -4554,12 +4643,12 @@ msgstr "" "у кеші, щоб пришвидшити надання результатів." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3146 +#: sssd.conf.5.xml:3213 msgid "proxy_max_children (integer)" msgstr "proxy_max_children (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3149 +#: sssd.conf.5.xml:3216 msgid "" "This option specifies the number of pre-forked proxy children. It is useful " "for high-load SSSD environments where sssd may run out of available child " @@ -4571,7 +4660,7 @@ msgstr "" "використання черги запитів." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3098 +#: sssd.conf.5.xml:3165 msgid "" "Options valid for proxy domains. <placeholder type=\"variablelist\" id=" "\"0\"/>" @@ -4580,12 +4669,12 @@ msgstr "" "\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:3165 +#: sssd.conf.5.xml:3232 msgid "Application domains" msgstr "Домени програм (application)" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3167 +#: sssd.conf.5.xml:3234 msgid "" "SSSD, with its D-Bus interface (see <citerefentry> <refentrytitle>sssd-ifp</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry>) is appealing to " @@ -4613,7 +4702,7 @@ msgstr "" "який може успадковувати параметр з традиційного домену SSSD." #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3187 +#: sssd.conf.5.xml:3254 msgid "" "Please note that the application domain must still be explicitly enabled in " "the <quote>domains</quote> parameter so that the lookup order between the " @@ -4624,17 +4713,17 @@ msgstr "" "його доменом-близнюком у POSIX має бути встановлено належним чином." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:3193 +#: sssd.conf.5.xml:3260 msgid "Application domain parameters" msgstr "Параметри доменів програм" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3195 +#: sssd.conf.5.xml:3262 msgid "inherit_from (string)" msgstr "inherit_from (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3198 +#: sssd.conf.5.xml:3265 msgid "" "The SSSD POSIX-type domain the application domain inherits all settings " "from. The application domain can moreover add its own settings to the " @@ -4646,7 +4735,7 @@ msgstr "" "розширюють або перевизначають параметри домену-<quote>близнюка</quote>." #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3212 +#: sssd.conf.5.xml:3279 msgid "" "The following example illustrates the use of an application domain. In this " "setup, the POSIX domain is connected to an LDAP server and is used by the OS " @@ -4661,7 +4750,7 @@ msgstr "" "у кеші і робить атрибут phone доступним через інтерфейс D-Bus." #. type: Content of: <reference><refentry><refsect1><refsect2><programlisting> -#: sssd.conf.5.xml:3220 +#: sssd.conf.5.xml:3287 #, no-wrap msgid "" "[sssd]\n" @@ -4695,12 +4784,12 @@ msgstr "" "ldap_user_extra_attrs = phone:telephoneNumber\n" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:3238 +#: sssd.conf.5.xml:3305 msgid "The local domain section" msgstr "Розділ локального домену" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3240 +#: sssd.conf.5.xml:3307 msgid "" "This section contains settings for domain that stores users and groups in " "SSSD native database, that is, a domain that uses " @@ -4711,29 +4800,29 @@ msgstr "" "використовує <replaceable>id_provider=local</replaceable>." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3247 +#: sssd.conf.5.xml:3314 msgid "default_shell (string)" msgstr "default_shell (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3250 +#: sssd.conf.5.xml:3317 msgid "The default shell for users created with SSSD userspace tools." msgstr "" "Типова оболонка для записів користувачів, створених за допомогою " "інструментів простору користувачів SSSD." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3254 +#: sssd.conf.5.xml:3321 msgid "Default: <filename>/bin/bash</filename>" msgstr "Типове значення: <filename>/bin/bash</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3259 +#: sssd.conf.5.xml:3326 msgid "base_directory (string)" msgstr "base_directory (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3262 +#: sssd.conf.5.xml:3329 msgid "" "The tools append the login name to <replaceable>base_directory</replaceable> " "and use that as the home directory." @@ -4742,17 +4831,17 @@ msgstr "" "replaceable> і використовують отриману адресу як адресу домашнього каталогу." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3267 +#: sssd.conf.5.xml:3334 msgid "Default: <filename>/home</filename>" msgstr "Типове значення: <filename>/home</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3272 +#: sssd.conf.5.xml:3339 msgid "create_homedir (bool)" msgstr "create_homedir (булеве значення)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3275 +#: sssd.conf.5.xml:3342 msgid "" "Indicate if a home directory should be created by default for new users. " "Can be overridden on command line." @@ -4761,17 +4850,17 @@ msgstr "" "Може бути перевизначено з командного рядка." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3279 sssd.conf.5.xml:3291 +#: sssd.conf.5.xml:3346 sssd.conf.5.xml:3358 msgid "Default: TRUE" msgstr "Типове значення: TRUE" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3284 +#: sssd.conf.5.xml:3351 msgid "remove_homedir (bool)" msgstr "remove_homedir (булівське значення)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3287 +#: sssd.conf.5.xml:3354 msgid "" "Indicate if a home directory should be removed by default for deleted " "users. Can be overridden on command line." @@ -4780,12 +4869,12 @@ msgstr "" "користувачів. Може бути перевизначено з командного рядка." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3296 +#: sssd.conf.5.xml:3363 msgid "homedir_umask (integer)" msgstr "homedir_umask (ціле число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3299 +#: sssd.conf.5.xml:3366 msgid "" "Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " @@ -4796,17 +4885,17 @@ msgstr "" "до щойно створеного домашнього каталогу." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3307 +#: sssd.conf.5.xml:3374 msgid "Default: 077" msgstr "Типове значення: 077" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3312 +#: sssd.conf.5.xml:3379 msgid "skel_dir (string)" msgstr "skel_dir (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3315 +#: sssd.conf.5.xml:3382 msgid "" "The skeleton directory, which contains files and directories to be copied in " "the user's home directory, when the home directory is created by " @@ -4819,17 +4908,17 @@ msgstr "" "<manvolnum>8</manvolnum> </citerefentry>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3325 +#: sssd.conf.5.xml:3392 msgid "Default: <filename>/etc/skel</filename>" msgstr "Типове значення: <filename>/etc/skel</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3330 +#: sssd.conf.5.xml:3397 msgid "mail_dir (string)" msgstr "mail_dir (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3333 +#: sssd.conf.5.xml:3400 msgid "" "The mail spool directory. This is needed to manipulate the mailbox when its " "corresponding user account is modified or deleted. If not specified, a " @@ -4840,17 +4929,17 @@ msgstr "" "каталог не вказано, буде використано типове значення." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3340 +#: sssd.conf.5.xml:3407 msgid "Default: <filename>/var/mail</filename>" msgstr "Типове значення: <filename>/var/mail</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3345 +#: sssd.conf.5.xml:3412 msgid "userdel_cmd (string)" msgstr "userdel_cmd (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3348 +#: sssd.conf.5.xml:3415 msgid "" "The command that is run after a user is removed. The command us passed the " "username of the user being removed as the first and only parameter. The " @@ -4861,17 +4950,17 @@ msgstr "" "вилучається. Код виконання, повернутий програмою не обробляється." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3354 +#: sssd.conf.5.xml:3421 msgid "Default: None, no command is run" msgstr "Типове значення: None, не виконувати жодних команд" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3364 +#: sssd.conf.5.xml:3431 msgid "TRUSTED DOMAIN SECTION" msgstr "РОЗДІЛ ДОВІРЕНИХ ДОМЕНІВ" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3366 +#: sssd.conf.5.xml:3433 msgid "" "Some options used in the domain section can also be used in the trusted " "domain section, that is, in a section called <quote>[domain/" @@ -4889,52 +4978,59 @@ msgstr "" "такі параметри:" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3373 +#: sssd.conf.5.xml:3440 msgid "ldap_search_base," msgstr "ldap_search_base," #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3374 +#: sssd.conf.5.xml:3441 msgid "ldap_user_search_base," msgstr "ldap_user_search_base," #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3375 +#: sssd.conf.5.xml:3442 msgid "ldap_group_search_base," msgstr "ldap_group_search_base," #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3376 +#: sssd.conf.5.xml:3443 msgid "ldap_netgroup_search_base," msgstr "ldap_netgroup_search_base," #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3377 +#: sssd.conf.5.xml:3444 msgid "ldap_service_search_base," msgstr "ldap_service_search_base," #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3378 +#: sssd.conf.5.xml:3445 +#, fuzzy +#| msgid "ldap_sasl_mech (string)" +msgid "ldap_sasl_mech," +msgstr "ldap_sasl_mech (рядок)" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:3446 msgid "ad_server," msgstr "ad_server," #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3379 +#: sssd.conf.5.xml:3447 msgid "ad_backup_server," msgstr "ad_backup_server," #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3380 +#: sssd.conf.5.xml:3448 msgid "ad_site," msgstr "ad_site," #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3381 sssd-ipa.5.xml:797 +#: sssd.conf.5.xml:3449 sssd-ipa.5.xml:797 msgid "use_fully_qualified_names" msgstr "use_fully_qualified_names" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3383 +#: sssd.conf.5.xml:3451 msgid "" "For more details about these options see their individual description in the " "manual page." @@ -4943,14 +5039,12 @@ msgstr "" "підручника." #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3389 -#, fuzzy -#| msgid "TRUSTED DOMAIN SECTION" +#: sssd.conf.5.xml:3457 msgid "CERTIFICATE MAPPING SECTION" -msgstr "РОЗДІЛ ДОВІРЕНИХ ДОМЕНІВ" +msgstr "РОЗДІЛ ПРИВ'ЯЗКИ СЕРТИФІКАТІВ" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3391 +#: sssd.conf.5.xml:3459 msgid "" "To allow authentication with Smartcards and certificates SSSD must be able " "to map certificates to users. This can be done by adding the full " @@ -4961,157 +5055,309 @@ msgid "" "might be cumbersome or not even possible to do this for the general case " "where local services use PAM for authentication." msgstr "" +"Щоб уможливити розпізнавання за смарткартками та сертифікатами, SSSD повинна " +"мати можливість пов'язувати сертифікати із записами користувачів. " +"Забезпечити таку можливість можна додаванням повного сертифіката до об'єкта " +"LDAP користувача або локальним перевизначенням. Хоча використання повного " +"сертифіката є обов'язковим для використання можливості розпізнавання за " +"смарткарткою у (див. <citerefentry> <refentrytitle>sss_ssh_authorizedkeys</" +"refentrytitle> <manvolnum>8</manvolnum> </citerefentry>, щоб дізнатися " +"більше), додавання таких сертифікатів може бути марудною або навіть " +"неможливою справою для загального випадку, коли локальні служби " +"використовують для розпізнавання PAM." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3405 -#, fuzzy -#| msgid "" -#| "can be used to control how the certificates are validated (see " -#| "<citerefentry><refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -#| "manvolnum></citerefentry> for details)." +#: sssd.conf.5.xml:3473 msgid "" "To make the mapping more flexible mapping and matching rules were added to " "SSSD (see <citerefentry> <refentrytitle>sss-certmap</refentrytitle> " "<manvolnum>5</manvolnum> </citerefentry> for details)." msgstr "" -"для керування способом встановлення чинності сертифікатів (докладніше див. " -"<citerefentry><refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum></citerefentry>)." +"Для додавання гнучкості прив'язкам у SSSD додано правила прив'язки і " +"встановлення відповідності (докладніше про це у розділі <citerefentry> " +"<refentrytitle>sss-certmap</refentrytitle> <manvolnum>5</manvolnum> </" +"citerefentry>)." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3414 +#: sssd.conf.5.xml:3482 msgid "" "A mapping and matching rule can be added to the SSSD configuration in a " "section on its own with a name like <quote>[certmap/" "<replaceable>DOMAIN_NAME</replaceable>/<replaceable>RULE_NAME</" "replaceable>]</quote>. In this section the following options are allowed:" msgstr "" +"Правила пов'язування та відповідності можна додати до налаштувань SSSD у " +"окремий розділ із назвою, подібною до <quote>[certmap/" +"<replaceable>НАЗВА_ДОМЕНУ</replaceable>/<replaceable>НАЗВА_ПРАВИЛА</" +"replaceable>]</quote>. У цьому розділі можна використовувати такі параметри:" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3421 -#, fuzzy -#| msgid "capath (string)" +#: sssd.conf.5.xml:3489 msgid "matchrule (string)" -msgstr "capath (рядок)" +msgstr "matchrule (рядок)" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3424 +#: sssd.conf.5.xml:3492 msgid "" "Only certificates from the Smartcard which matches this rule will be " "processed, all others are ignored." msgstr "" +"Буде виконано обробку лише тих сертифікатів зі смарткартки, які відповідають " +"цьому правилу. Усі інші сертифікати буде проігноровано." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3428 +#: sssd.conf.5.xml:3496 msgid "" "Default: KRB5:<EKU>clientAuth, i.e. only certificates which have the " "Extended Key Usage <quote>clientAuth</quote>" msgstr "" +"Типове значення: KRB5:<EKU>clientAuth, тобто лише сертифікати, у яких " +"Extended Key Usage (розширене використання ключа) дорівнює " +"<quote>clientAuth</quote>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3435 -#, fuzzy -#| msgid "proxy_url (string)" +#: sssd.conf.5.xml:3503 msgid "maprule (string)" -msgstr "proxy_url (рядок)" +msgstr "maprule (рядок)" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3438 +#: sssd.conf.5.xml:3506 msgid "Defines how the user is found for a given certificate." -msgstr "" +msgstr "Визначає спосіб пошуку користувача для вказаного сертифіката." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3444 +#: sssd.conf.5.xml:3512 msgid "" "LDAP:(userCertificate;binary={cert!bin}) for LDAP based providers like " "<quote>ldap</quote>, <quote>AD</quote> or <quote>ipa</quote>." msgstr "" +"LDAP:(userCertificate;binary={cert!bin}) для заснованих на LDAP надавачів " +"даних, зокрема <quote>ldap</quote>, <quote>AD</quote> та <quote>ipa</quote>." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3450 +#: sssd.conf.5.xml:3518 msgid "" "The RULE_NAME for the <quote>files</quote> provider which tries to find a " "user with the same name." msgstr "" +"RULE_NAME для надавача даних <quote>files</quote>, який намагається знайти " +"запис користувача і такою самою назвою." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3459 -#, fuzzy -#| msgid "ad_domain (string)" +#: sssd.conf.5.xml:3527 msgid "domains (string)" -msgstr "ad_domain (рядок)" +msgstr "domains (рядок)" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3462 +#: sssd.conf.5.xml:3530 msgid "" "Comma separated list of domain names the rule should be applied. By default " "a rule is only valid in the domain configured in sssd.conf. If the provider " "supports subdomains this option can be used to add the rule to subdomains as " "well." msgstr "" +"Список відокремлених комами назв доменів, до яких слід застосовувати " +"правило. Типово, правило стосуватиметься лише домену, який налаштовано у " +"sssd.conf. Якщо для надавача даних передбачено підтримку піддоменів, цей " +"параметр можна використати і для додавання правила до піддоменів." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3469 +#: sssd.conf.5.xml:3537 msgid "Default: the configured domain in sssd.conf" -msgstr "" +msgstr "Типове значення: домен, який налаштовано у sssd.conf" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3474 -#, fuzzy -#| msgid "pam_verbosity (integer)" +#: sssd.conf.5.xml:3542 msgid "priority (integer)" -msgstr "pam_verbosity (ціле число)" +msgstr "priority (ціле число)" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3477 +#: sssd.conf.5.xml:3545 msgid "" "Unsigned integer value defining the priority of the rule. The higher the " "number the lower the priority. <quote>0</quote> stands for the highest " "priority while <quote>4294967295</quote> is the lowest." msgstr "" +"Ціле невід'ємне значення, яке визначає пріоритетність правила. Чим більшим є " +"значення, тим нижчою є пріоритетність. <quote>0</quote> — найвища " +"пріоритетність, а <quote>4294967295</quote> — найнижча." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3483 -#, fuzzy -#| msgid "Default: homeDirectory" +#: sssd.conf.5.xml:3551 msgid "Default: the lowest priority" -msgstr "Типове значення: homeDirectory" +msgstr "Типове значення: найнижча пріоритетність" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3489 +#: sssd.conf.5.xml:3557 msgid "" "To make the configuration simple and reduce the amount of configuration " "options the <quote>files</quote> provider has some special properties:" msgstr "" +"Щоб спростити налаштовування із зменшити кількість параметрів " +"налаштовування, у надавачі даних <quote>files</quote> передбачено декілька " +"спеціальних властивостей:" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3495 +#: sssd.conf.5.xml:3563 msgid "" "if maprule is not set the RULE_NAME name is assumed to be the name of the " "matching user" msgstr "" +"якщо не встановлено maprule, припускається, що значенням RULE_NAME є назва " +"відповідного облікового запису користувача" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3501 +#: sssd.conf.5.xml:3569 msgid "" "if a maprule is used both a single user name or a template like " "<quote>{subject_rfc822_name.short_name}</quote> must be in braces like e.g. " "<quote>(username)</quote> or <quote>({subject_rfc822_name.short_name})</" "quote>" msgstr "" +"якщо maprule використовує обидва, назву облікового запису окремого " +"користувача або шаблон, подібний до <quote>{назва_об'єкта_rfc822." +"коротка_назва}</quote>, слід брати у дужки, наприклад <quote>(користувач)</" +"quote> або <quote>({назва_об'єкта_rfc822.коротка_назва})</quote>" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3510 +#: sssd.conf.5.xml:3578 msgid "the <quote>domains</quote> option is ignored" +msgstr "параметр <quote>domains</quote> буде проігноровано" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sssd.conf.5.xml:3586 +#, fuzzy +#| msgid "CONFIGURATION OPTIONS" +msgid "PROMPTING CONFIGURATION SECTION" +msgstr "ПАРАМЕТРИ НАЛАШТУВАННЯ" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:3588 +msgid "" +"If a special file (<filename>/var/lib/sss/pubconf/pam_preauth_available</" +"filename>) exists SSSD's PAM module pam_sss will ask SSSD to figure out " +"which authentication methods are available for the user trying to log in. " +"Based on the results pam_sss will prompt the user for appropriate " +"credentials." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:3596 +msgid "" +"With the growing number of authentication methods and the possibility that " +"there are multiple ones for a single user the heuristic used by pam_sss to " +"select the prompting might not be suitable for all use cases. To following " +"options should provide a better flexibility here." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3608 +msgid "[prompting/password]" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3611 +#, fuzzy +#| msgid "password" +msgid "password_prompt" +msgstr "password" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3612 +msgid "to change the string of the password prompt" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3610 +#, fuzzy +#| msgid "" +#| "The available options are: <placeholder type=\"variablelist\" id=\"0\"/>" +msgid "" +"to configure password prompting, allowed options are: <placeholder type=" +"\"variablelist\" id=\"0\"/>" +msgstr "Доступні варіанти: <placeholder type=\"variablelist\" id=\"0\"/>" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3620 +msgid "[prompting/2fa]" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3624 +msgid "first_prompt" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3625 +msgid "to change the string of the prompt for the first factor" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3628 +msgid "second_prompt" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3629 +msgid "to change the string of the prompt for the second factor" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3632 +msgid "single_prompt" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3633 +msgid "" +"boolean value, if True there will be only a single prompt using the value of " +"first_prompt where it is expected that both factor are entered as a single " +"string" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3622 +#, fuzzy +#| msgid "" +#| "The available options are: <placeholder type=\"variablelist\" id=\"0\"/>" +msgid "" +"to configure two-factor authentication prompting, allowed options are: " +"<placeholder type=\"variablelist\" id=\"0\"/>" +msgstr "Доступні варіанти: <placeholder type=\"variablelist\" id=\"0\"/>" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:3603 +#, fuzzy +#| msgid "" +#| "These options are supported by LDAP domains, but they should be used with " +#| "caution. Please include them in your configuration only if you know what " +#| "you are doing. <placeholder type=\"variablelist\" id=\"0\"/> " +#| "<placeholder type=\"variablelist\" id=\"1\"/>" +msgid "" +"Each supported authentication method has it's own configuration sub-section " +"under <quote>[prompting/...]</quote>. Currently there are: <placeholder type=" +"\"variablelist\" id=\"0\"/> <placeholder type=\"variablelist\" id=\"1\"/>" +msgstr "" +"Підтримку цих параметрів передбачено доменами LDAP, але користуватися ними " +"слід обережно. Будь ласка, використовуйте їх у налаштуваннях, лише якщо вам " +"відомі наслідки ваших дій. <placeholder type=\"variablelist\" id=\"0\"/> " +"<placeholder type=\"variablelist\" id=\"1\"/>" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:3645 +msgid "" +"It is possible to add a sub-section for specific PAM services like e.g. " +"<quote>[prompting/password/sshd]</quote> to individual change the prompting " +"for this service." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3518 idmap_sss.8.xml:43 +#: sssd.conf.5.xml:3652 idmap_sss.8.xml:43 msgid "EXAMPLES" msgstr "ПРИКЛАДИ" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3524 +#: sssd.conf.5.xml:3658 #, no-wrap msgid "" "[sssd]\n" @@ -5165,7 +5411,7 @@ msgstr "" "enumerate = False\n" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3520 +#: sssd.conf.5.xml:3654 msgid "" "1. The following example shows a typical SSSD config. It does not describe " "configuration of the domains themselves - refer to documentation on " @@ -5178,7 +5424,7 @@ msgstr "" "\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3557 +#: sssd.conf.5.xml:3691 #, no-wrap msgid "" "[domain/ipa.com/child.ad.com]\n" @@ -5188,7 +5434,7 @@ msgstr "" "use_fully_qualified_names = false\n" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3551 +#: sssd.conf.5.xml:3685 msgid "" "2. The following example shows configuration of IPA AD trust where the AD " "forest consists of two domains in a parent-child structure. Suppose IPA " @@ -5205,7 +5451,7 @@ msgstr "" "\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3571 +#: sssd.conf.5.xml:3705 #, no-wrap msgid "" "[certmap/my.domain/rule_name]\n" @@ -5217,9 +5463,17 @@ msgid "" "[certmap/files/myname]\n" "matchrule = <ISSUER>^CN=My-CA,DC=MY,DC=DOMAIN$<SUBJECT>^CN=User.Name,DC=MY,DC=DOMAIN$\n" msgstr "" +"[certmap/my.domain/rule_name]\n" +"matchrule = <ISSUER>^CN=My-CA,DC=MY,DC=DOMAIN$\n" +"maprule = (userCertificate;binary={cert!bin})\n" +"domains = my.domain, your.domain\n" +"priority = 10\n" +"\n" +"[certmap/files/myname]\n" +"matchrule = <ISSUER>^CN=My-CA,DC=MY,DC=DOMAIN$<SUBJECT>^CN=User.Name,DC=MY,DC=DOMAIN$\n" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3562 +#: sssd.conf.5.xml:3696 msgid "" "3. The following example shows the configuration for two certificate mapping " "rules. The first is valid for the configured domain <quote>my.domain</quote> " @@ -5229,6 +5483,14 @@ msgid "" "for this domain and contains a matching rule for the local user " "<quote>myname</quote>. <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" +"3. У наведеному нижче прикладі показано налаштування для двох правил " +"пов'язування сертифікатів. Перше є чинним для налаштованого домену <quote>my." +"domain</quote> і, додатково, для піддоменів <quote>your.domain</quote> і " +"використовує повний сертифікат у фільтрі пошуку. Другий приклад є чинним для " +"домену <quote>files</quote>, де припускається, що для цього домену " +"використовується засіб надання даних файлів, і містить правило відповідності " +"для локального користувача <quote>myname</quote>. <placeholder type=" +"\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refnamediv><refname> #: sssd-ldap.5.xml:10 sssd-ldap.5.xml:16 @@ -5404,7 +5666,7 @@ msgstr "" "специфікації http://www.ietf.org/rfc/rfc2254.txt" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:662 sssd-ad.5.xml:286 +#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:700 sssd-ad.5.xml:286 #: sss_override.8.xml:137 sss_override.8.xml:234 msgid "Examples:" msgstr "Приклади:" @@ -5523,53 +5785,98 @@ msgstr "Типове значення: rfc2307" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:209 +#, fuzzy +#| msgid "ldap_group_modify_timestamp (string)" +msgid "ldap_pwmodify_mode (string)" +msgstr "ldap_group_modify_timestamp (рядок)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:212 +msgid "Specify the operation that is used to modify user password." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:216 +#, fuzzy +#| msgid "Four schema types are currently supported:" +msgid "Two modes are currently supported:" +msgstr "У поточній версії передбачено підтримку чотирьох типів схем:" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ldap.5.xml:220 +msgid "exop - Password Modify Extended Operation (RFC 3062)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ldap.5.xml:226 +msgid "ldap_modify - Direct modification of userPassword (not recommended)." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:233 +msgid "" +"Note: First, a new connection is established to verify current password by " +"binding as the user that requested password change. If successful, this " +"connection is used to change the password therefore the user must have write " +"access to userPassword attribute." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:241 +#, fuzzy +#| msgid "Default: gecos" +msgid "Default: exop" +msgstr "Типове значення: gecos" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:247 msgid "ldap_default_bind_dn (string)" msgstr "ldap_default_bind_dn (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:212 +#: sssd-ldap.5.xml:250 msgid "The default bind DN to use for performing LDAP operations." msgstr "" "Типова назва домену прив’язки, яку слід використовувати для виконання дій " "LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:219 +#: sssd-ldap.5.xml:257 msgid "ldap_default_authtok_type (string)" msgstr "ldap_default_authtok_type (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:222 +#: sssd-ldap.5.xml:260 msgid "The type of the authentication token of the default bind DN." msgstr "Тип розпізнавання для типової назви сервера прив’язки." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:226 +#: sssd-ldap.5.xml:264 msgid "The two mechanisms currently supported are:" msgstr "У поточній версії передбачено підтримку двох механізмів:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:229 +#: sssd-ldap.5.xml:267 msgid "password" msgstr "password" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:232 +#: sssd-ldap.5.xml:270 msgid "obfuscated_password" msgstr "obfuscated_password" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:235 +#: sssd-ldap.5.xml:273 msgid "Default: password" msgstr "Типове значення: password" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:241 +#: sssd-ldap.5.xml:279 msgid "ldap_default_authtok (string)" msgstr "ldap_default_authtok (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:244 +#: sssd-ldap.5.xml:282 msgid "" "The authentication token of the default bind DN. Only clear text passwords " "are currently supported." @@ -5578,72 +5885,72 @@ msgstr "" "передбачено підтримку лише паролів у форматі звичайного тексту." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:251 +#: sssd-ldap.5.xml:289 msgid "ldap_user_object_class (string)" msgstr "ldap_user_object_class (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:254 +#: sssd-ldap.5.xml:292 msgid "The object class of a user entry in LDAP." msgstr "Клас об’єктів запису користувача у LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:257 +#: sssd-ldap.5.xml:295 msgid "Default: posixAccount" msgstr "Типове значення: posixAccount" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:263 +#: sssd-ldap.5.xml:301 msgid "ldap_user_name (string)" msgstr "ldap_user_name (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:266 +#: sssd-ldap.5.xml:304 msgid "The LDAP attribute that corresponds to the user's login name." msgstr "Атрибут LDAP, що відповідає назві облікового запису користувача." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:270 +#: sssd-ldap.5.xml:308 msgid "Default: uid (rfc2307, rfc2307bis and IPA), sAMAccountName (AD)" msgstr "Типове значення: uid (rfc2307, rfc2307bis і IPA), sAMAccountName (AD)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:277 +#: sssd-ldap.5.xml:315 msgid "ldap_user_uid_number (string)" msgstr "ldap_user_uid_number (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:280 +#: sssd-ldap.5.xml:318 msgid "The LDAP attribute that corresponds to the user's id." msgstr "Атрибут LDAP, що відповідає ідентифікатору користувача." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:284 +#: sssd-ldap.5.xml:322 msgid "Default: uidNumber" msgstr "Типове значення: uidNumber" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:290 +#: sssd-ldap.5.xml:328 msgid "ldap_user_gid_number (string)" msgstr "ldap_user_gid_number (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:293 +#: sssd-ldap.5.xml:331 msgid "The LDAP attribute that corresponds to the user's primary group id." msgstr "Атрибут LDAP, що відповідає ідентифікатору основної групи користувача." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:297 sssd-ldap.5.xml:929 +#: sssd-ldap.5.xml:335 sssd-ldap.5.xml:967 msgid "Default: gidNumber" msgstr "Типове значення: gidNumber" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:303 +#: sssd-ldap.5.xml:341 msgid "ldap_user_primary_group (string)" msgstr "ldap_user_primary_group (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:306 +#: sssd-ldap.5.xml:344 msgid "" "Active Directory primary group attribute for ID-mapping. Note that this " "attribute should only be set manually if you are running the <quote>ldap</" @@ -5655,68 +5962,68 @@ msgstr "" "до ідентифікаторів." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:312 +#: sssd-ldap.5.xml:350 msgid "Default: unset (LDAP), primaryGroupID (AD)" msgstr "Типове значення: unset (LDAP), primaryGroupID (AD)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:318 +#: sssd-ldap.5.xml:356 msgid "ldap_user_gecos (string)" msgstr "ldap_user_gecos (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:321 +#: sssd-ldap.5.xml:359 msgid "The LDAP attribute that corresponds to the user's gecos field." msgstr "Атрибут LDAP, що відповідає полю gecos користувача." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:325 +#: sssd-ldap.5.xml:363 msgid "Default: gecos" msgstr "Типове значення: gecos" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:331 +#: sssd-ldap.5.xml:369 msgid "ldap_user_home_directory (string)" msgstr "ldap_user_home_directory (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:334 +#: sssd-ldap.5.xml:372 msgid "The LDAP attribute that contains the name of the user's home directory." msgstr "Атрибут LDAP, що містить назву домашнього каталогу користувача." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:338 +#: sssd-ldap.5.xml:376 msgid "Default: homeDirectory" msgstr "Типове значення: homeDirectory" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:344 +#: sssd-ldap.5.xml:382 msgid "ldap_user_shell (string)" msgstr "ldap_user_shell (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:347 +#: sssd-ldap.5.xml:385 msgid "The LDAP attribute that contains the path to the user's default shell." msgstr "" "Атрибут LDAP, що містить шлях до типової командної оболонки користувача." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:351 +#: sssd-ldap.5.xml:389 msgid "Default: loginShell" msgstr "Типове значення: loginShell" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:357 +#: sssd-ldap.5.xml:395 msgid "ldap_user_uuid (string)" msgstr "ldap_user_uuid (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:360 +#: sssd-ldap.5.xml:398 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object." msgstr "Атрибут LDAP, що містить UUID/GUID об’єкта користувача LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:364 sssd-ldap.5.xml:955 +#: sssd-ldap.5.xml:402 sssd-ldap.5.xml:993 msgid "" "Default: not set in the general case, objectGUID for AD and ipaUniqueID for " "IPA" @@ -5725,12 +6032,12 @@ msgstr "" "ipaUniqueID для IPA" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:371 +#: sssd-ldap.5.xml:409 msgid "ldap_user_objectsid (string)" msgstr "ldap_user_objectsid (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:374 +#: sssd-ldap.5.xml:412 msgid "" "The LDAP attribute that contains the objectSID of an LDAP user object. This " "is usually only necessary for ActiveDirectory servers." @@ -5739,19 +6046,19 @@ msgstr "" "потрібен лише для серверів ActiveDirectory." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:379 sssd-ldap.5.xml:970 +#: sssd-ldap.5.xml:417 sssd-ldap.5.xml:1008 msgid "Default: objectSid for ActiveDirectory, not set for other servers." msgstr "" "Типове значення: objectSid для ActiveDirectory, не встановлено для інших " "серверів." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:386 +#: sssd-ldap.5.xml:424 msgid "ldap_user_modify_timestamp (string)" msgstr "ldap_user_modify_timestamp (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:389 sssd-ldap.5.xml:980 sssd-ldap.5.xml:1144 +#: sssd-ldap.5.xml:427 sssd-ldap.5.xml:1018 sssd-ldap.5.xml:1182 msgid "" "The LDAP attribute that contains timestamp of the last modification of the " "parent object." @@ -5760,17 +6067,17 @@ msgstr "" "об’єкта." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:393 sssd-ldap.5.xml:984 sssd-ldap.5.xml:1151 +#: sssd-ldap.5.xml:431 sssd-ldap.5.xml:1022 sssd-ldap.5.xml:1189 msgid "Default: modifyTimestamp" msgstr "Типове значення: modifyTimestamp" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:399 +#: sssd-ldap.5.xml:437 msgid "ldap_user_shadow_last_change (string)" msgstr "ldap_user_shadow_last_change (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:402 +#: sssd-ldap.5.xml:440 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -5783,17 +6090,17 @@ msgstr "" "citerefentry> (дати останньої зміни пароля)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:412 +#: sssd-ldap.5.xml:450 msgid "Default: shadowLastChange" msgstr "Типове значення: shadowLastChange" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:418 +#: sssd-ldap.5.xml:456 msgid "ldap_user_shadow_min (string)" msgstr "ldap_user_shadow_min (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:421 +#: sssd-ldap.5.xml:459 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -5806,17 +6113,17 @@ msgstr "" "citerefentry> (мінімального віку пароля)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:430 +#: sssd-ldap.5.xml:468 msgid "Default: shadowMin" msgstr "Типове значення: shadowMin" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:436 +#: sssd-ldap.5.xml:474 msgid "ldap_user_shadow_max (string)" msgstr "ldap_user_shadow_max (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:439 +#: sssd-ldap.5.xml:477 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -5829,17 +6136,17 @@ msgstr "" "citerefentry> (максимального віку пароля)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:448 +#: sssd-ldap.5.xml:486 msgid "Default: shadowMax" msgstr "Типове значення: shadowMax" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:454 +#: sssd-ldap.5.xml:492 msgid "ldap_user_shadow_warning (string)" msgstr "ldap_user_shadow_warning (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:457 +#: sssd-ldap.5.xml:495 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -5852,17 +6159,17 @@ msgstr "" "citerefentry> (проміжку попередження щодо пароля)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:467 +#: sssd-ldap.5.xml:505 msgid "Default: shadowWarning" msgstr "Типове значення: shadowWarning" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:473 +#: sssd-ldap.5.xml:511 msgid "ldap_user_shadow_inactive (string)" msgstr "ldap_user_shadow_inactive (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:476 +#: sssd-ldap.5.xml:514 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -5875,17 +6182,17 @@ msgstr "" "citerefentry> (тривалості періоду невикористання пароля)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:486 +#: sssd-ldap.5.xml:524 msgid "Default: shadowInactive" msgstr "Типове значення: shadowInactive" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:492 +#: sssd-ldap.5.xml:530 msgid "ldap_user_shadow_expire (string)" msgstr "ldap_user_shadow_expire (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:495 +#: sssd-ldap.5.xml:533 msgid "" "When using ldap_pwd_policy=shadow or ldap_account_expire_policy=shadow, this " "parameter contains the name of an LDAP attribute corresponding to its " @@ -5899,17 +6206,17 @@ msgstr "" "строку дії пароля)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:505 +#: sssd-ldap.5.xml:543 msgid "Default: shadowExpire" msgstr "Типове значення: shadowExpire" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:511 +#: sssd-ldap.5.xml:549 msgid "ldap_user_krb_last_pwd_change (string)" msgstr "ldap_user_krb_last_pwd_change (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:514 +#: sssd-ldap.5.xml:552 msgid "" "When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " "an LDAP attribute storing the date and time of last password change in " @@ -5920,17 +6227,17 @@ msgstr "" "у kerberos." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:520 +#: sssd-ldap.5.xml:558 msgid "Default: krbLastPwdChange" msgstr "Типове значення: krbLastPwdChange" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:526 +#: sssd-ldap.5.xml:564 msgid "ldap_user_krb_password_expiration (string)" msgstr "ldap_user_krb_password_expiration (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:529 +#: sssd-ldap.5.xml:567 msgid "" "When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " "an LDAP attribute storing the date and time when current password expires." @@ -5940,17 +6247,17 @@ msgstr "" "поточного пароля." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:535 +#: sssd-ldap.5.xml:573 msgid "Default: krbPasswordExpiration" msgstr "Типове значення: krbPasswordExpiration" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:541 +#: sssd-ldap.5.xml:579 msgid "ldap_user_ad_account_expires (string)" msgstr "ldap_user_ad_account_expires (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:544 +#: sssd-ldap.5.xml:582 msgid "" "When using ldap_account_expire_policy=ad, this parameter contains the name " "of an LDAP attribute storing the expiration time of the account." @@ -5960,17 +6267,17 @@ msgstr "" "облікового запису." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:549 +#: sssd-ldap.5.xml:587 msgid "Default: accountExpires" msgstr "Типове значення: accountExpires" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:555 +#: sssd-ldap.5.xml:593 msgid "ldap_user_ad_user_account_control (string)" msgstr "ldap_user_ad_user_account_control (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:558 +#: sssd-ldap.5.xml:596 msgid "" "When using ldap_account_expire_policy=ad, this parameter contains the name " "of an LDAP attribute storing the user account control bit field." @@ -5980,17 +6287,17 @@ msgstr "" "облікового запису користувача." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:563 +#: sssd-ldap.5.xml:601 msgid "Default: userAccountControl" msgstr "Типове значення: userAccountControl" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:569 +#: sssd-ldap.5.xml:607 msgid "ldap_ns_account_lock (string)" msgstr "ldap_ns_account_lock (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:572 +#: sssd-ldap.5.xml:610 msgid "" "When using ldap_account_expire_policy=rhds or equivalent, this parameter " "determines if access is allowed or not." @@ -5999,17 +6306,17 @@ msgstr "" "цей параметр визначає, заборонено чи дозволено доступ." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:577 +#: sssd-ldap.5.xml:615 msgid "Default: nsAccountLock" msgstr "Типове значення: nsAccountLock" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:583 +#: sssd-ldap.5.xml:621 msgid "ldap_user_nds_login_disabled (string)" msgstr "ldap_user_nds_login_disabled (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:586 +#: sssd-ldap.5.xml:624 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines if " "access is allowed or not." @@ -6018,17 +6325,17 @@ msgstr "" "чи заборонено доступ." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:590 sssd-ldap.5.xml:604 +#: sssd-ldap.5.xml:628 sssd-ldap.5.xml:642 msgid "Default: loginDisabled" msgstr "Типове значення: loginDisabled" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:596 +#: sssd-ldap.5.xml:634 msgid "ldap_user_nds_login_expiration_time (string)" msgstr "ldap_user_nds_login_expiration_time (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:599 +#: sssd-ldap.5.xml:637 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines until " "which date access is granted." @@ -6037,12 +6344,12 @@ msgstr "" "якої надано доступ." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:610 +#: sssd-ldap.5.xml:648 msgid "ldap_user_nds_login_allowed_time_map (string)" msgstr "ldap_user_nds_login_allowed_time_map (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:613 +#: sssd-ldap.5.xml:651 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines the " "hours of a day in a week when access is granted." @@ -6051,17 +6358,17 @@ msgstr "" "тижня, коли надається доступ." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:618 +#: sssd-ldap.5.xml:656 msgid "Default: loginAllowedTimeMap" msgstr "Типове значення: loginAllowedTimeMap" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:624 +#: sssd-ldap.5.xml:662 msgid "ldap_user_principal (string)" msgstr "ldap_user_principal (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:627 +#: sssd-ldap.5.xml:665 msgid "" "The LDAP attribute that contains the user's Kerberos User Principal Name " "(UPN)." @@ -6069,17 +6376,17 @@ msgstr "" "Атрибут LDAP, що містить Kerberos User Principal Name (UPN) користувача." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:631 +#: sssd-ldap.5.xml:669 msgid "Default: krbPrincipalName" msgstr "Типове значення: krbPrincipalName" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:637 +#: sssd-ldap.5.xml:675 msgid "ldap_user_extra_attrs (string)" msgstr "ldap_user_extra_attrs (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:640 +#: sssd-ldap.5.xml:678 msgid "" "Comma-separated list of LDAP attributes that SSSD would fetch along with the " "usual set of user attributes." @@ -6088,7 +6395,7 @@ msgstr "" "звичайним набором атрибутів запису користувача." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:645 +#: sssd-ldap.5.xml:683 msgid "" "The list can either contain LDAP attribute names only, or colon-separated " "tuples of SSSD cache attribute name and LDAP attribute name. In case only " @@ -6103,7 +6410,7 @@ msgstr "" "де налаштовано декілька доменів SSSD з різними схемами LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:655 +#: sssd-ldap.5.xml:693 msgid "" "Please note that several attribute names are reserved by SSSD, notably the " "<quote>name</quote> attribute. SSSD would report an error if any of the " @@ -6114,12 +6421,12 @@ msgstr "" "назв атрибутів використано як назву додаткового атрибута." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:665 +#: sssd-ldap.5.xml:703 msgid "ldap_user_extra_attrs = telephoneNumber" msgstr "ldap_user_extra_attrs = telephoneNumber" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:668 +#: sssd-ldap.5.xml:706 msgid "" "Save the <quote>telephoneNumber</quote> attribute from LDAP as " "<quote>telephoneNumber</quote> to the cache." @@ -6127,39 +6434,39 @@ msgstr "" "Зберегти атрибут «telephoneNumber» з LDAP як «telephoneNumber» до кешу." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:672 +#: sssd-ldap.5.xml:710 msgid "ldap_user_extra_attrs = phone:telephoneNumber" msgstr "ldap_user_extra_attrs = phone:telephoneNumber" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:675 +#: sssd-ldap.5.xml:713 msgid "" "Save the <quote>telephoneNumber</quote> attribute from LDAP as <quote>phone</" "quote> to the cache." msgstr "Зберегти атрибут «telephoneNumber» з LDAP як «phone» до кешу." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:685 +#: sssd-ldap.5.xml:723 msgid "ldap_user_ssh_public_key (string)" msgstr "ldap_user_ssh_public_key (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:688 +#: sssd-ldap.5.xml:726 msgid "The LDAP attribute that contains the user's SSH public keys." msgstr "Атрибут LDAP, який містить відкриті ключі SSH користувача." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:692 sssd-ldap.5.xml:1247 +#: sssd-ldap.5.xml:730 sssd-ldap.5.xml:1285 msgid "Default: sshPublicKey" msgstr "Типове значення: sshPublicKey" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:698 +#: sssd-ldap.5.xml:736 msgid "ldap_force_upper_case_realm (boolean)" msgstr "ldap_force_upper_case_realm (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:701 +#: sssd-ldap.5.xml:739 msgid "" "Some directory servers, for example Active Directory, might deliver the " "realm part of the UPN in lower case, which might cause the authentication to " @@ -6173,12 +6480,12 @@ msgstr "" "області у верхньому регістрі." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:714 +#: sssd-ldap.5.xml:752 msgid "ldap_enumeration_refresh_timeout (integer)" msgstr "ldap_enumeration_refresh_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:717 +#: sssd-ldap.5.xml:755 msgid "" "Specifies how many seconds SSSD has to wait before refreshing its cache of " "enumerated records." @@ -6187,12 +6494,12 @@ msgstr "" "свого кешу нумерованих записів." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:728 +#: sssd-ldap.5.xml:766 msgid "ldap_purge_cache_timeout (integer)" msgstr "ldap_purge_cache_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:731 +#: sssd-ldap.5.xml:769 msgid "" "Determine how often to check the cache for inactive entries (such as groups " "with no members and users who have never logged in) and remove them to save " @@ -6203,7 +6510,7 @@ msgstr "" "цих записів з метою економії місця." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:737 +#: sssd-ldap.5.xml:775 msgid "" "Setting this option to zero will disable the cache cleanup operation. Please " "note that if enumeration is enabled, the cleanup task is required in order " @@ -6217,43 +6524,43 @@ msgstr "" "кожні 3 години." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:752 +#: sssd-ldap.5.xml:790 msgid "ldap_user_fullname (string)" msgstr "ldap_user_fullname (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:755 +#: sssd-ldap.5.xml:793 msgid "The LDAP attribute that corresponds to the user's full name." msgstr "Атрибут LDAP, що відповідає повному імені користувача." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:759 sssd-ldap.5.xml:1102 sssd-ldap.5.xml:1176 -#: sssd-ldap.5.xml:1285 sssd-ldap.5.xml:2346 sssd-ipa.5.xml:622 +#: sssd-ldap.5.xml:797 sssd-ldap.5.xml:1140 sssd-ldap.5.xml:1214 +#: sssd-ldap.5.xml:1323 sssd-ldap.5.xml:2404 sssd-ipa.5.xml:622 msgid "Default: cn" msgstr "Типове значення: cn" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:765 +#: sssd-ldap.5.xml:803 msgid "ldap_user_member_of (string)" msgstr "ldap_user_member_of (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:768 +#: sssd-ldap.5.xml:806 msgid "The LDAP attribute that lists the user's group memberships." msgstr "Атрибут LDAP зі списком груп, у яких бере участь користувач." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:772 sssd-ldap.5.xml:1215 +#: sssd-ldap.5.xml:810 sssd-ldap.5.xml:1253 msgid "Default: memberOf" msgstr "Типове значення: memberOf" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:778 +#: sssd-ldap.5.xml:816 msgid "ldap_user_authorized_service (string)" msgstr "ldap_user_authorized_service (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:781 +#: sssd-ldap.5.xml:819 msgid "" "If access_provider=ldap and ldap_access_order=authorized_service, SSSD will " "use the presence of the authorizedService attribute in the user's LDAP entry " @@ -6264,7 +6571,7 @@ msgstr "" "LDAP для визначення прав доступу." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:788 +#: sssd-ldap.5.xml:826 msgid "" "An explicit deny (!svc) is resolved first. Second, SSSD searches for " "explicit allow (svc) and finally for allow_all (*)." @@ -6273,7 +6580,7 @@ msgstr "" "(svc) і нарешті загальні дозволи або allow_all (*)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:793 +#: sssd-ldap.5.xml:831 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>authorized_service</quote> in order for the " @@ -6284,17 +6591,17 @@ msgstr "" "система змогла скористатися параметром ldap_user_authorized_service." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:800 +#: sssd-ldap.5.xml:838 msgid "Default: authorizedService" msgstr "Типове значення: authorizedService" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:806 +#: sssd-ldap.5.xml:844 msgid "ldap_user_authorized_host (string)" msgstr "ldap_user_authorized_host (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:809 +#: sssd-ldap.5.xml:847 msgid "" "If access_provider=ldap and ldap_access_order=host, SSSD will use the " "presence of the host attribute in the user's LDAP entry to determine access " @@ -6305,7 +6612,7 @@ msgstr "" "доступу." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:815 +#: sssd-ldap.5.xml:853 msgid "" "An explicit deny (!host) is resolved first. Second, SSSD searches for " "explicit allow (host) and finally for allow_all (*)." @@ -6314,7 +6621,7 @@ msgstr "" "(host) і нарешті загальні дозволи або allow_all (*)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:820 +#: sssd-ldap.5.xml:858 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>host</quote> in order for the " @@ -6325,17 +6632,17 @@ msgstr "" "скористатися параметром ldap_user_authorized_host." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:827 +#: sssd-ldap.5.xml:865 msgid "Default: host" msgstr "Типове значення: host" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:833 +#: sssd-ldap.5.xml:871 msgid "ldap_user_authorized_rhost (string)" msgstr "ldap_user_authorized_rhost (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:836 +#: sssd-ldap.5.xml:874 msgid "" "If access_provider=ldap and ldap_access_order=rhost, SSSD will use the " "presence of the rhost attribute in the user's LDAP entry to determine access " @@ -6346,7 +6653,7 @@ msgstr "" "доступу. Те саме стосується і процесу перевірки вузла." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:843 +#: sssd-ldap.5.xml:881 msgid "" "An explicit deny (!rhost) is resolved first. Second, SSSD searches for " "explicit allow (rhost) and finally for allow_all (*)." @@ -6355,7 +6662,7 @@ msgstr "" "(rhost) і нарешті загальні дозволи або allow_all (*)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:848 +#: sssd-ldap.5.xml:886 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>rhost</quote> in order for the " @@ -6366,38 +6673,38 @@ msgstr "" "скористатися параметром ldap_user_authorized_rhost." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:855 +#: sssd-ldap.5.xml:893 msgid "Default: rhost" msgstr "Типове значення: rhost" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:861 +#: sssd-ldap.5.xml:899 msgid "ldap_user_certificate (string)" msgstr "ldap_user_certificate (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:864 +#: sssd-ldap.5.xml:902 msgid "Name of the LDAP attribute containing the X509 certificate of the user." msgstr "Назва атрибута LDAP, що містить сертифікат X509 користувача." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:868 +#: sssd-ldap.5.xml:906 msgid "Default: userCertificate;binary" msgstr "Типове значення: userCertificate;binary" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:874 +#: sssd-ldap.5.xml:912 msgid "ldap_user_email (string)" msgstr "ldap_user_email (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:877 +#: sssd-ldap.5.xml:915 msgid "Name of the LDAP attribute containing the email address of the user." msgstr "" "Назва атрибута LDAP, який містить адресу електронної пошти користувача." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:881 +#: sssd-ldap.5.xml:919 msgid "" "Note: If an email address of a user conflicts with an email address or fully " "qualified name of another user, then SSSD will not be able to serve those " @@ -6413,82 +6720,82 @@ msgstr "" "вхід до системи за адресою електронної пошти." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:890 +#: sssd-ldap.5.xml:928 msgid "Default: mail" msgstr "Типове значення: mail" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:896 +#: sssd-ldap.5.xml:934 msgid "ldap_group_object_class (string)" msgstr "ldap_group_object_class (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:899 +#: sssd-ldap.5.xml:937 msgid "The object class of a group entry in LDAP." msgstr "Клас об’єктів запису групи у LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:902 +#: sssd-ldap.5.xml:940 msgid "Default: posixGroup" msgstr "Типове значення: posixGroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:908 +#: sssd-ldap.5.xml:946 msgid "ldap_group_name (string)" msgstr "ldap_group_name (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:911 +#: sssd-ldap.5.xml:949 msgid "The LDAP attribute that corresponds to the group name." msgstr "Атрибут LDAP, що відповідає назві групи." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:915 +#: sssd-ldap.5.xml:953 msgid "Default: cn (rfc2307, rfc2307bis and IPA), sAMAccountName (AD)" msgstr "Типове значення: cn (rfc2307, rfc2307bis і IPA), sAMAccountName (AD)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:922 +#: sssd-ldap.5.xml:960 msgid "ldap_group_gid_number (string)" msgstr "ldap_group_gid_number (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:925 +#: sssd-ldap.5.xml:963 msgid "The LDAP attribute that corresponds to the group's id." msgstr "Атрибут LDAP, що відповідає ідентифікатору групи." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:935 +#: sssd-ldap.5.xml:973 msgid "ldap_group_member (string)" msgstr "ldap_group_member (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:938 +#: sssd-ldap.5.xml:976 msgid "The LDAP attribute that contains the names of the group's members." msgstr "Атрибут LDAP, у якому містяться імена учасників групи." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:942 +#: sssd-ldap.5.xml:980 msgid "Default: memberuid (rfc2307) / member (rfc2307bis)" msgstr "Типове значення: memberuid (rfc2307) / member (rfc2307bis)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:948 +#: sssd-ldap.5.xml:986 msgid "ldap_group_uuid (string)" msgstr "ldap_group_uuid (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:951 +#: sssd-ldap.5.xml:989 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object." msgstr "Атрибут LDAP, що містить UUID/GUID об’єкта групи LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:962 +#: sssd-ldap.5.xml:1000 msgid "ldap_group_objectsid (string)" msgstr "ldap_group_objectsid (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:965 +#: sssd-ldap.5.xml:1003 msgid "" "The LDAP attribute that contains the objectSID of an LDAP group object. This " "is usually only necessary for ActiveDirectory servers." @@ -6497,17 +6804,17 @@ msgstr "" "лише для серверів ActiveDirectory." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:977 +#: sssd-ldap.5.xml:1015 msgid "ldap_group_modify_timestamp (string)" msgstr "ldap_group_modify_timestamp (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:990 +#: sssd-ldap.5.xml:1028 msgid "ldap_group_type (integer)" msgstr "ldap_group_type (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:993 +#: sssd-ldap.5.xml:1031 msgid "" "The LDAP attribute that contains an integer value indicating the type of the " "group and maybe other flags." @@ -6516,7 +6823,7 @@ msgstr "" "можливо, інші прапорці." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:998 +#: sssd-ldap.5.xml:1036 msgid "" "This attribute is currently only used by the AD provider to determine if a " "group is a domain local groups and has to be filtered out for trusted " @@ -6527,19 +6834,19 @@ msgstr "" "відфільтровано у списку надійних (довірених) доменів." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1004 +#: sssd-ldap.5.xml:1042 msgid "Default: groupType in the AD provider, otherwise not set" msgstr "" "Типове значення: groupType у засобі надання даних AD, у інших засобах не " "встановлено" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1011 +#: sssd-ldap.5.xml:1049 msgid "ldap_group_external_member (string)" msgstr "ldap_group_external_member (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1014 +#: sssd-ldap.5.xml:1052 msgid "" "The LDAP attribute that references group members that are defined in an " "external domain. At the moment, only IPA's external members are supported." @@ -6549,19 +6856,19 @@ msgstr "" "записів учасників IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1020 +#: sssd-ldap.5.xml:1058 msgid "Default: ipaExternalMember in the IPA provider, otherwise unset." msgstr "" "Типове значення: ipaExternalMember у засобі надання даних IPA, у інших " "засобах не визначено." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1027 +#: sssd-ldap.5.xml:1065 msgid "ldap_group_nesting_level (integer)" msgstr "ldap_group_nesting_level (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1030 +#: sssd-ldap.5.xml:1068 msgid "" "If ldap_schema is set to a schema format that supports nested groups (e.g. " "RFC2307bis), then this option controls how many levels of nesting SSSD will " @@ -6573,7 +6880,7 @@ msgstr "" "параметра буде проігноровано, якщо використано схему RFC2307." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1037 +#: sssd-ldap.5.xml:1075 msgid "" "Note: This option specifies the guaranteed level of nested groups to be " "processed for any lookup. However, nested groups beyond this limit " @@ -6589,7 +6896,7 @@ msgstr "" "початкового пошуку, якщо запити щодо пошуку надходять повторно." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1046 +#: sssd-ldap.5.xml:1084 msgid "" "If ldap_group_nesting_level is set to 0 then no nested groups are processed " "at all. However, when connected to Active-Directory Server 2008 and later " @@ -6605,12 +6912,12 @@ msgstr "" "обмеження вкладеності у групах." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1055 +#: sssd-ldap.5.xml:1093 msgid "Default: 2" msgstr "Типове значення: 2" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1064 +#: sssd-ldap.5.xml:1102 msgid "" "This options enables or disables use of Token-Groups attribute when " "performing initgroup for users from Active Directory Server 2008 and later." @@ -6620,168 +6927,168 @@ msgstr "" "Directory Server 2008 та новіших версій." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1069 +#: sssd-ldap.5.xml:1107 msgid "Default: True for AD and IPA otherwise False." msgstr "Типове значення: True для AD і IPA, інакше False." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1075 +#: sssd-ldap.5.xml:1113 msgid "ldap_netgroup_object_class (string)" msgstr "ldap_netgroup_object_class (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1078 +#: sssd-ldap.5.xml:1116 msgid "The object class of a netgroup entry in LDAP." msgstr "Клас об’єктів запису мережевої групи (netgroup) у LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1081 +#: sssd-ldap.5.xml:1119 msgid "In IPA provider, ipa_netgroup_object_class should be used instead." msgstr "У надавачі даних IPA має бути використано ipa_netgroup_object_class." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1085 +#: sssd-ldap.5.xml:1123 msgid "Default: nisNetgroup" msgstr "Типове значення: nisNetgroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1091 +#: sssd-ldap.5.xml:1129 msgid "ldap_netgroup_name (string)" msgstr "ldap_netgroup_name (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1094 +#: sssd-ldap.5.xml:1132 msgid "The LDAP attribute that corresponds to the netgroup name." msgstr "Атрибут LDAP, що відповідає назві мережевої групи (netgroup)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1098 +#: sssd-ldap.5.xml:1136 msgid "In IPA provider, ipa_netgroup_name should be used instead." msgstr "У надавачі даних IPA має бути використано ipa_netgroup_name." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1108 +#: sssd-ldap.5.xml:1146 msgid "ldap_netgroup_member (string)" msgstr "ldap_netgroup_member (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1111 +#: sssd-ldap.5.xml:1149 msgid "The LDAP attribute that contains the names of the netgroup's members." msgstr "" "Атрибут LDAP, у якому містяться імена учасників мережевої групи (netgroup)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1115 +#: sssd-ldap.5.xml:1153 msgid "In IPA provider, ipa_netgroup_member should be used instead." msgstr "У надавачі даних IPA має бути використано ipa_netgroup_member." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1119 +#: sssd-ldap.5.xml:1157 msgid "Default: memberNisNetgroup" msgstr "Типове значення: memberNisNetgroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1125 +#: sssd-ldap.5.xml:1163 msgid "ldap_netgroup_triple (string)" msgstr "ldap_netgroup_triple (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1128 +#: sssd-ldap.5.xml:1166 msgid "" "The LDAP attribute that contains the (host, user, domain) netgroup triples." msgstr "" "Атрибут LDAP, що містить трійки мережевої групи (вузол, користувач, домен)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1132 sssd-ldap.5.xml:1148 +#: sssd-ldap.5.xml:1170 sssd-ldap.5.xml:1186 msgid "This option is not available in IPA provider." msgstr "Цим параметром не можна скористатися у надавачі даних IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1135 +#: sssd-ldap.5.xml:1173 msgid "Default: nisNetgroupTriple" msgstr "Типове значення: nisNetgroupTriple" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1141 +#: sssd-ldap.5.xml:1179 msgid "ldap_netgroup_modify_timestamp (string)" msgstr "ldap_netgroup_modify_timestamp (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1157 +#: sssd-ldap.5.xml:1195 msgid "ldap_host_object_class (string)" msgstr "ldap_host_object_class (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1160 +#: sssd-ldap.5.xml:1198 msgid "The object class of a host entry in LDAP." msgstr "Клас об’єктів запису вузла у LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1163 sssd-ldap.5.xml:1272 +#: sssd-ldap.5.xml:1201 sssd-ldap.5.xml:1310 msgid "Default: ipService" msgstr "Типове значення: ipService" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1169 +#: sssd-ldap.5.xml:1207 msgid "ldap_host_name (string)" msgstr "ldap_host_name (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1172 sssd-ldap.5.xml:1198 +#: sssd-ldap.5.xml:1210 sssd-ldap.5.xml:1236 msgid "The LDAP attribute that corresponds to the host's name." msgstr "Атрибут LDAP, що відповідає назві вузла." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1182 +#: sssd-ldap.5.xml:1220 msgid "ldap_host_fqdn (string)" msgstr "ldap_host_fqdn (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1185 +#: sssd-ldap.5.xml:1223 msgid "" "The LDAP attribute that corresponds to the host's fully-qualified domain " "name." msgstr "Атрибут LDAP, що відповідає повній назві вузла." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1189 +#: sssd-ldap.5.xml:1227 msgid "Default: fqdn" msgstr "Типове значення: fqdn" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1195 +#: sssd-ldap.5.xml:1233 msgid "ldap_host_serverhostname (string)" msgstr "ldap_host_serverhostname (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1202 +#: sssd-ldap.5.xml:1240 msgid "Default: serverHostname" msgstr "Типове значення: serverHostname" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1208 +#: sssd-ldap.5.xml:1246 msgid "ldap_host_member_of (string)" msgstr "ldap_host_member_of (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1211 +#: sssd-ldap.5.xml:1249 msgid "The LDAP attribute that lists the host's group memberships." msgstr "Атрибут LDAP зі списком груп, у яких бере участь вузол." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1221 +#: sssd-ldap.5.xml:1259 msgid "ldap_host_search_base (string)" msgstr "ldap_host_search_base (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1224 +#: sssd-ldap.5.xml:1262 msgid "Optional. Use the given string as search base for host objects." msgstr "" "Необов’язковий. Використати вказаний рядок як основу пошуку об’єктів вузлів." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1228 sssd-ipa.5.xml:374 sssd-ipa.5.xml:393 +#: sssd-ldap.5.xml:1266 sssd-ipa.5.xml:374 sssd-ipa.5.xml:393 #: sssd-ipa.5.xml:412 sssd-ipa.5.xml:431 msgid "" "See <quote>ldap_search_base</quote> for information about configuring " @@ -6791,47 +7098,47 @@ msgstr "" "налаштування декількох основ пошуку." #. type: Content of: <listitem><para> -#: sssd-ldap.5.xml:1233 sssd-ipa.5.xml:379 include/ldap_search_bases.xml:27 +#: sssd-ldap.5.xml:1271 sssd-ipa.5.xml:379 include/ldap_search_bases.xml:27 msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" msgstr "Типове значення: значення <emphasis>ldap_search_base</emphasis>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1240 +#: sssd-ldap.5.xml:1278 msgid "ldap_host_ssh_public_key (string)" msgstr "ldap_host_ssh_public_key (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1243 +#: sssd-ldap.5.xml:1281 msgid "The LDAP attribute that contains the host's SSH public keys." msgstr "Атрибут LDAP, який містить відкриті ключі SSH вузла." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1253 +#: sssd-ldap.5.xml:1291 msgid "ldap_host_uuid (string)" msgstr "ldap_host_uuid (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1256 +#: sssd-ldap.5.xml:1294 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP host object." msgstr "Атрибут LDAP, що містить UUID/GUID об’єкта вузла LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1266 +#: sssd-ldap.5.xml:1304 msgid "ldap_service_object_class (string)" msgstr "ldap_service_object_class (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1269 +#: sssd-ldap.5.xml:1307 msgid "The object class of a service entry in LDAP." msgstr "Клас об’єктів запису служби у LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1278 +#: sssd-ldap.5.xml:1316 msgid "ldap_service_name (string)" msgstr "ldap_service_name (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1281 +#: sssd-ldap.5.xml:1319 msgid "" "The LDAP attribute that contains the name of service attributes and their " "aliases." @@ -6839,48 +7146,48 @@ msgstr "" "Атрибут LDAP, що містить назву атрибутів служби та замінників цих атрибутів." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1291 +#: sssd-ldap.5.xml:1329 msgid "ldap_service_port (string)" msgstr "ldap_service_port (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1294 +#: sssd-ldap.5.xml:1332 msgid "The LDAP attribute that contains the port managed by this service." msgstr "Атрибут LDAP, що містить номер порту, яким керує ця служба." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1298 +#: sssd-ldap.5.xml:1336 msgid "Default: ipServicePort" msgstr "Типове значення: ipServicePort" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1304 +#: sssd-ldap.5.xml:1342 msgid "ldap_service_proto (string)" msgstr "ldap_service_proto (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1307 +#: sssd-ldap.5.xml:1345 msgid "" "The LDAP attribute that contains the protocols understood by this service." msgstr "Атрибут LDAP, що містить протоколи, за яким може працювати ця служба." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1311 +#: sssd-ldap.5.xml:1349 msgid "Default: ipServiceProtocol" msgstr "Типове значення: ipServiceProtocol" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1317 +#: sssd-ldap.5.xml:1355 msgid "ldap_service_search_base (string)" msgstr "ldap_service_search_base (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1322 +#: sssd-ldap.5.xml:1360 msgid "ldap_search_timeout (integer)" msgstr "ldap_search_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1325 +#: sssd-ldap.5.xml:1363 msgid "" "Specifies the timeout (in seconds) that ldap searches are allowed to run " "before they are cancelled and cached results are returned (and offline mode " @@ -6891,7 +7198,7 @@ msgstr "" "автономного режиму роботи)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1331 +#: sssd-ldap.5.xml:1369 msgid "" "Note: this option is subject to change in future versions of the SSSD. It " "will likely be replaced at some point by a series of timeouts for specific " @@ -6902,12 +7209,12 @@ msgstr "" "окремих типів пошуків." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1343 +#: sssd-ldap.5.xml:1381 msgid "ldap_enumeration_search_timeout (integer)" msgstr "ldap_enumeration_search_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1346 +#: sssd-ldap.5.xml:1384 msgid "" "Specifies the timeout (in seconds) that ldap searches for user and group " "enumerations are allowed to run before they are cancelled and cached results " @@ -6918,12 +7225,12 @@ msgstr "" "кешованих даних (і переходом до автономного режиму роботи)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1359 +#: sssd-ldap.5.xml:1397 msgid "ldap_network_timeout (integer)" msgstr "ldap_network_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1362 +#: sssd-ldap.5.xml:1400 msgid "" "Specifies the timeout (in seconds) after which the <citerefentry> " "<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" @@ -6940,12 +7247,12 @@ msgstr "" "citerefentry> повертається до стану бездіяльності." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1385 +#: sssd-ldap.5.xml:1423 msgid "ldap_opt_timeout (integer)" msgstr "ldap_opt_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1388 +#: sssd-ldap.5.xml:1426 msgid "" "Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " "will abort if no response is received. Also controls the timeout when " @@ -6959,12 +7266,12 @@ msgstr "" "розширеної операції зі зміни пароля та дії StartTLS." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1403 +#: sssd-ldap.5.xml:1441 msgid "ldap_connection_expire_timeout (integer)" msgstr "ldap_connection_expire_timeout (ціле значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1406 +#: sssd-ldap.5.xml:1444 msgid "" "Specifies a timeout (in seconds) that a connection to an LDAP server will be " "maintained. After this time, the connection will be re-established. If used " @@ -6978,17 +7285,17 @@ msgstr "" "дії TGT)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1414 sssd-ldap.5.xml:2503 +#: sssd-ldap.5.xml:1452 sssd-ldap.5.xml:2572 msgid "Default: 900 (15 minutes)" msgstr "Типове значення: 900 (15 хвилин)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1420 +#: sssd-ldap.5.xml:1458 msgid "ldap_page_size (integer)" msgstr "ldap_page_size (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1423 +#: sssd-ldap.5.xml:1461 msgid "" "Specify the number of records to retrieve from LDAP in a single request. " "Some LDAP servers enforce a maximum limit per-request." @@ -6998,17 +7305,17 @@ msgstr "" "один запит." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1428 +#: sssd-ldap.5.xml:1466 msgid "Default: 1000" msgstr "Типове значення: 1000" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1434 +#: sssd-ldap.5.xml:1472 msgid "ldap_disable_paging (boolean)" msgstr "ldap_disable_paging (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1437 +#: sssd-ldap.5.xml:1475 msgid "" "Disable the LDAP paging control. This option should be used if the LDAP " "server reports that it supports the LDAP paging control in its RootDSE but " @@ -7019,7 +7326,7 @@ msgstr "" "RootDSE, але цю підтримку не увімкнено або вона не працює належним чином." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1443 +#: sssd-ldap.5.xml:1481 msgid "" "Example: OpenLDAP servers with the paging control module installed on the " "server but not enabled will report it in the RootDSE but be unable to use it." @@ -7029,7 +7336,7 @@ msgstr "" "підтримкою не можна скористатися." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1449 +#: sssd-ldap.5.xml:1487 msgid "" "Example: 389 DS has a bug where it can only support a one paging control at " "a time on a single connection. On busy clients, this can result in some " @@ -7040,17 +7347,17 @@ msgstr "" "це може призвести до відмови у виконанні запитів." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1461 +#: sssd-ldap.5.xml:1499 msgid "ldap_disable_range_retrieval (boolean)" msgstr "ldap_disable_range_retrieval (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1464 +#: sssd-ldap.5.xml:1502 msgid "Disable Active Directory range retrieval." msgstr "Вимкнути отримання діапазону Active Directory." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1467 +#: sssd-ldap.5.xml:1505 msgid "" "Active Directory limits the number of members to be retrieved in a single " "lookup using the MaxValRange policy (which defaults to 1500 members). If a " @@ -7066,12 +7373,12 @@ msgstr "" "буде представлено як такі, у яких немає учасників." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1482 +#: sssd-ldap.5.xml:1520 msgid "ldap_sasl_minssf (integer)" msgstr "ldap_sasl_minssf (ціле значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1485 +#: sssd-ldap.5.xml:1523 msgid "" "When communicating with an LDAP server using SASL, specify the minimum " "security level necessary to establish the connection. The values of this " @@ -7082,19 +7389,19 @@ msgstr "" "параметра визначається OpenLDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1491 +#: sssd-ldap.5.xml:1529 msgid "Default: Use the system default (usually specified by ldap.conf)" msgstr "" "Типове значення: типове для системи значення (зазвичай, визначається у ldap." "conf)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1498 +#: sssd-ldap.5.xml:1536 msgid "ldap_deref_threshold (integer)" msgstr "ldap_deref_threshold (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1501 +#: sssd-ldap.5.xml:1539 msgid "" "Specify the number of group members that must be missing from the internal " "cache in order to trigger a dereference lookup. If less members are missing, " @@ -7106,15 +7413,18 @@ msgstr "" "виконуватиметься окремо." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1507 +#: sssd-ldap.5.xml:1545 msgid "" -"You can turn off dereference lookups completely by setting the value to 0." +"You can turn off dereference lookups completely by setting the value to 0. " +"Please note that there are some codepaths in SSSD, like the IPA HBAC " +"provider, that are only implemented using the dereference call, so even with " +"dereference explicitly disabled, those parts will still use dereference if " +"the server supports it and advertises the dereference control in the rootDSE " +"object." msgstr "" -"Ви можете повністю вимкнути пошуки з отриманням значення об’єкта " -"(розіменуванням), якщо вкажете значення 0." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1511 +#: sssd-ldap.5.xml:1556 msgid "" "A dereference lookup is a means of fetching all group members in a single " "LDAP call. Different LDAP servers may implement different dereference " @@ -7127,7 +7437,7 @@ msgstr "" "OpenLDAP та Active Directory." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1519 +#: sssd-ldap.5.xml:1564 msgid "" "<emphasis>Note:</emphasis> If any of the search bases specifies a search " "filter, then the dereference lookup performance enhancement will be disabled " @@ -7138,12 +7448,12 @@ msgstr "" "незалежно від використання цього параметра." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1532 +#: sssd-ldap.5.xml:1577 msgid "ldap_tls_reqcert (string)" msgstr "ldap_tls_reqcert (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1535 +#: sssd-ldap.5.xml:1580 msgid "" "Specifies what checks to perform on server certificates in a TLS session, if " "any. It can be specified as one of the following values:" @@ -7153,7 +7463,7 @@ msgstr "" "таких значень:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1541 +#: sssd-ldap.5.xml:1586 msgid "" "<emphasis>never</emphasis> = The client will not request or check any server " "certificate." @@ -7162,7 +7472,7 @@ msgstr "" "жодних сертифікатів сервера." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1545 +#: sssd-ldap.5.xml:1590 msgid "" "<emphasis>allow</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -7174,7 +7484,7 @@ msgstr "" "режимі." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1552 +#: sssd-ldap.5.xml:1597 msgid "" "<emphasis>try</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -7185,7 +7495,7 @@ msgstr "" "надано помилковий сертифікат, негайно перервати сеанс." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1558 +#: sssd-ldap.5.xml:1603 msgid "" "<emphasis>demand</emphasis> = The server certificate is requested. If no " "certificate is provided, or a bad certificate is provided, the session is " @@ -7196,22 +7506,22 @@ msgstr "" "перервати сеанс." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1564 +#: sssd-ldap.5.xml:1609 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" msgstr "<emphasis>hard</emphasis> = те саме, що і <quote>demand</quote>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1568 +#: sssd-ldap.5.xml:1613 msgid "Default: hard" msgstr "Типове значення: hard" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1574 +#: sssd-ldap.5.xml:1619 msgid "ldap_tls_cacert (string)" msgstr "ldap_tls_cacert (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1577 +#: sssd-ldap.5.xml:1622 msgid "" "Specifies the file that contains certificates for all of the Certificate " "Authorities that <command>sssd</command> will recognize." @@ -7220,7 +7530,7 @@ msgstr "" "розпізнаються <command>sssd</command>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1582 sssd-ldap.5.xml:1600 sssd-ldap.5.xml:1641 +#: sssd-ldap.5.xml:1627 sssd-ldap.5.xml:1645 sssd-ldap.5.xml:1686 msgid "" "Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." "conf</filename>" @@ -7229,12 +7539,12 @@ msgstr "" "у <filename>/etc/openldap/ldap.conf</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1589 +#: sssd-ldap.5.xml:1634 msgid "ldap_tls_cacertdir (string)" msgstr "ldap_tls_cacertdir (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1592 +#: sssd-ldap.5.xml:1637 msgid "" "Specifies the path of a directory that contains Certificate Authority " "certificates in separate individual files. Typically the file names need to " @@ -7247,32 +7557,32 @@ msgstr "" "<command>cacertdir_rehash</command>, якщо ця програма є доступною." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1607 +#: sssd-ldap.5.xml:1652 msgid "ldap_tls_cert (string)" msgstr "ldap_tls_cert (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1610 +#: sssd-ldap.5.xml:1655 msgid "Specifies the file that contains the certificate for the client's key." msgstr "Визначає файл, який містить сертифікат для ключа клієнта." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1620 +#: sssd-ldap.5.xml:1665 msgid "ldap_tls_key (string)" msgstr "ldap_tls_key (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1623 +#: sssd-ldap.5.xml:1668 msgid "Specifies the file that contains the client's key." msgstr "Визначає файл, у якому міститься ключ клієнта." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1632 +#: sssd-ldap.5.xml:1677 msgid "ldap_tls_cipher_suite (string)" msgstr "ldap_tls_cipher_suite (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1635 +#: sssd-ldap.5.xml:1680 msgid "" "Specifies acceptable cipher suites. Typically this is a colon separated " "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " @@ -7284,12 +7594,12 @@ msgstr "" "<manvolnum>5</manvolnum></citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1648 +#: sssd-ldap.5.xml:1693 msgid "ldap_id_use_start_tls (boolean)" msgstr "ldap_id_use_start_tls (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1651 +#: sssd-ldap.5.xml:1696 msgid "" "Specifies that the id_provider connection must also use <systemitem class=" "\"protocol\">tls</systemitem> to protect the channel." @@ -7298,12 +7608,12 @@ msgstr "" "class=\"protocol\">tls</systemitem> для захисту каналу." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1661 +#: sssd-ldap.5.xml:1706 msgid "ldap_id_mapping (boolean)" msgstr "ldap_id_mapping (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1664 +#: sssd-ldap.5.xml:1709 msgid "" "Specifies that SSSD should attempt to map user and group IDs from the " "ldap_user_objectsid and ldap_group_objectsid attributes instead of relying " @@ -7315,19 +7625,19 @@ msgstr "" "ldap_group_gid_number." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1670 +#: sssd-ldap.5.xml:1715 msgid "Currently this feature supports only ActiveDirectory objectSID mapping." msgstr "" "У поточній версії у цій можливості передбачено підтримку лише встановлення " "відповідності objectSID у ActiveDirectory." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1680 +#: sssd-ldap.5.xml:1725 msgid "ldap_min_id, ldap_max_id (integer)" msgstr "ldap_min_id, ldap_max_id (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1683 +#: sssd-ldap.5.xml:1728 msgid "" "In contrast to the SID based ID mapping which is used if ldap_id_mapping is " "set to true the allowed ID range for ldap_user_uid_number and " @@ -7347,32 +7657,47 @@ msgstr "" "ідентифікаторів." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1695 +#: sssd-ldap.5.xml:1740 msgid "Default: not set (both options are set to 0)" msgstr "" "Типове значення: не встановлено (обидва параметри встановлено у значення 0)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1701 +#: sssd-ldap.5.xml:1746 msgid "ldap_sasl_mech (string)" msgstr "ldap_sasl_mech (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1704 +#: sssd-ldap.5.xml:1749 +#, fuzzy +#| msgid "" +#| "Specify the SASL mechanism to use. Currently only GSSAPI is tested and " +#| "supported." msgid "" -"Specify the SASL mechanism to use. Currently only GSSAPI is tested and " -"supported." +"Specify the SASL mechanism to use. Currently only GSSAPI and GSS-SPNEGO are " +"tested and supported." msgstr "" "Визначає механізм SASL, який слід використовувати. У поточній версії " "перевірено і підтримується лише механізм GSSAPI." +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1753 +msgid "" +"If the backend supports sub-domains the value of ldap_sasl_mech is " +"automatically inherited to the sub-domains. If a different value is needed " +"for a sub-domain it can be overwritten by setting ldap_sasl_mech for this " +"sub-domain explicitly. Please see TRUSTED DOMAIN SECTION in " +"<citerefentry><refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" +"manvolnum></citerefentry> for details." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1714 +#: sssd-ldap.5.xml:1769 msgid "ldap_sasl_authid (string)" msgstr "ldap_sasl_authid (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ldap.5.xml:1725 +#: sssd-ldap.5.xml:1781 #, no-wrap msgid "" "hostname@REALM\n" @@ -7383,44 +7708,55 @@ msgid "" "host/*\n" " " msgstr "" +"hostname@REALM\n" +"netbiosname$@REALM\n" +"host/hostname@REALM\n" +"*$@REALM\n" +"host/*@REALM\n" +"host/*\n" +" " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1717 +#: sssd-ldap.5.xml:1772 #, fuzzy #| msgid "" #| "Specify the SASL authorization id to use. When GSSAPI is used, this " #| "represents the Kerberos principal used for authentication to the " #| "directory. This option can either contain the full principal (for " #| "example host/myhost@EXAMPLE.COM) or just the principal name (for example " -#| "host/myhost)." -msgid "" -"Specify the SASL authorization id to use. When GSSAPI is used, this " -"represents the Kerberos principal used for authentication to the directory. " -"This option can either contain the full principal (for example host/" -"myhost@EXAMPLE.COM) or just the principal name (for example host/myhost). By " -"default, the value is not set and the following principals are used: " -"<placeholder type=\"programlisting\" id=\"0\"/> If none of them are found, " -"the first principal in keytab is returned." -msgstr "" -"Визначає ідентифікатор уповноваження SASL, який слід використовувати. Якщо " -"використано GSSAPI, відповідає реєстраційному запису Kerberos, який " -"використовується для розпізнавання під час доступу до каталогу. У цьому " -"параметрів можуть зберігатися або реєстраційні дані повністю (наприклад host/" -"myhost@EXAMPLE.COM) або лише назва реєстраційного запису (наприклад host/" -"myhost)." - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1736 +#| "host/myhost). By default, the value is not set and the following " +#| "principals are used: <placeholder type=\"programlisting\" id=\"0\"/> If " +#| "none of them are found, the first principal in keytab is returned." +msgid "" +"Specify the SASL authorization id to use. When GSSAPI/GSS-SPNEGO are used, " +"this represents the Kerberos principal used for authentication to the " +"directory. This option can either contain the full principal (for example " +"host/myhost@EXAMPLE.COM) or just the principal name (for example host/" +"myhost). By default, the value is not set and the following principals are " +"used: <placeholder type=\"programlisting\" id=\"0\"/> If none of them are " +"found, the first principal in keytab is returned." +msgstr "" +"Визначає ідентифікатор уповноваження SASL, яким слід скористатися. Якщо " +"використовується GSSAPI, цим ідентифікатором є реєстраційні дані Kerberos, " +"які використовуються для розпізнавання при доступі до каталогу. Цей параметр " +"може містити або повні реєстраційні дані (наприклад host/myhost@EXAMPLE.COM) " +"або просто назву реєстраційного запису (наприклад host/myhost). Типово, " +"значення не встановлено і використовуються такі реєстраційні записи: " +"<placeholder type=\"programlisting\" id=\"0\"/> Якщо жоден з них не буде " +"знайдено, буде повернуто перший реєстраційний запис у таблиці ключів." + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1792 msgid "Default: host/hostname@REALM" msgstr "Типове значення: вузол/назва_вузла@ОБЛАСТЬ" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1742 +#: sssd-ldap.5.xml:1798 msgid "ldap_sasl_realm (string)" msgstr "ldap_sasl_realm (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1745 +#: sssd-ldap.5.xml:1801 msgid "" "Specify the SASL realm to use. When not specified, this option defaults to " "the value of krb5_realm. If the ldap_sasl_authid contains the realm as " @@ -7432,17 +7768,17 @@ msgstr "" "проігноровано." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1751 +#: sssd-ldap.5.xml:1807 msgid "Default: the value of krb5_realm." msgstr "Типове значення: значення krb5_realm." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1757 +#: sssd-ldap.5.xml:1813 msgid "ldap_sasl_canonicalize (boolean)" msgstr "ldap_sasl_canonicalize (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1760 +#: sssd-ldap.5.xml:1816 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." @@ -7452,65 +7788,75 @@ msgstr "" "SASL." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1765 +#: sssd-ldap.5.xml:1821 msgid "Default: false;" msgstr "Типове значення: false;" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1771 +#: sssd-ldap.5.xml:1827 msgid "ldap_krb5_keytab (string)" msgstr "ldap_krb5_keytab (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1774 -msgid "Specify the keytab to use when using SASL/GSSAPI." +#: sssd-ldap.5.xml:1830 +#, fuzzy +#| msgid "Specify the keytab to use when using SASL/GSSAPI." +msgid "Specify the keytab to use when using SASL/GSSAPI/GSS-SPNEGO." msgstr "Визначає таблицю ключів, яку слід використовувати разом з SASL/GSSAPI." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1777 +#: sssd-ldap.5.xml:1834 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" "Типове значення: системна таблиця ключів, зазвичай <filename>/etc/krb5." "keytab</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1783 +#: sssd-ldap.5.xml:1840 msgid "ldap_krb5_init_creds (boolean)" msgstr "ldap_krb5_init_creds (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1786 +#: sssd-ldap.5.xml:1843 +#, fuzzy +#| msgid "" +#| "Specifies that the id_provider should init Kerberos credentials (TGT). " +#| "This action is performed only if SASL is used and the mechanism selected " +#| "is GSSAPI." msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " -"GSSAPI." +"GSSAPI or GSS-SPNEGO." msgstr "" "Визначає, що id_provider має ініціалізувати реєстраційні дані Kerberos " "(TGT). Цю дію буде виконано, лише якщо використовується SASL і вибрано " "механізм GSSAPI." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1798 +#: sssd-ldap.5.xml:1855 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "ldap_krb5_ticket_lifetime (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1801 -msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." +#: sssd-ldap.5.xml:1858 +#, fuzzy +#| msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." +msgid "" +"Specifies the lifetime in seconds of the TGT if GSSAPI or GSS-SPNEGO is used." msgstr "Визначає строк дії (у секундах) TGT, якщо використовується GSSAPI." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1805 sssd-ad.5.xml:959 +#: sssd-ldap.5.xml:1862 sssd-ad.5.xml:978 msgid "Default: 86400 (24 hours)" msgstr "Типове значення: 86400 (24 години)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1811 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:1868 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "krb5_server, krb5_backup_server (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1814 +#: sssd-ldap.5.xml:1871 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of preference. " @@ -7529,7 +7875,7 @@ msgstr "" "про виявлення служб можна дізнатися з розділу «ПОШУК СЛУЖБ»." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1826 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:1883 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -7541,7 +7887,7 @@ msgstr "" "вдасться знайти." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1831 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1888 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " @@ -7552,29 +7898,31 @@ msgstr "" "варто перейти на використання «krb5_server» у файлах налаштувань." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1840 sssd-ipa.5.xml:443 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1897 sssd-ipa.5.xml:443 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "krb5_realm (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1843 -msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." +#: sssd-ldap.5.xml:1900 +#, fuzzy +#| msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." +msgid "Specify the Kerberos REALM (for SASL/GSSAPI/GSS-SPNEGO auth)." msgstr "Вказати область Kerberos (для розпізнавання за SASL/GSSAPI)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1846 +#: sssd-ldap.5.xml:1904 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" "Типове значення: типове значення системи, див. <filename>/etc/krb5.conf</" "filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1852 sssd-krb5.5.xml:462 +#: sssd-ldap.5.xml:1910 sssd-krb5.5.xml:462 msgid "krb5_canonicalize (boolean)" msgstr "krb5_canonicalize (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1855 +#: sssd-ldap.5.xml:1913 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" @@ -7584,12 +7932,12 @@ msgstr "" "версії MIT Kerberos >= 1.7" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1867 sssd-krb5.5.xml:477 +#: sssd-ldap.5.xml:1925 sssd-krb5.5.xml:477 msgid "krb5_use_kdcinfo (boolean)" msgstr "krb5_use_kdcinfo (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1870 sssd-krb5.5.xml:480 +#: sssd-ldap.5.xml:1928 sssd-krb5.5.xml:480 msgid "" "Specifies if the SSSD should instruct the Kerberos libraries what realm and " "which KDCs to use. This option is on by default, if you disable it, you need " @@ -7604,7 +7952,7 @@ msgstr "" "<manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1881 sssd-krb5.5.xml:491 +#: sssd-ldap.5.xml:1939 sssd-krb5.5.xml:491 msgid "" "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more " @@ -7615,12 +7963,12 @@ msgstr "" "manvolnum> </citerefentry>, щоб дізнатися більше про додаток пошуку." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1895 +#: sssd-ldap.5.xml:1953 msgid "ldap_pwd_policy (string)" msgstr "ldap_pwd_policy (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1898 +#: sssd-ldap.5.xml:1956 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" @@ -7629,7 +7977,7 @@ msgstr "" "використовувати такі значення:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1903 +#: sssd-ldap.5.xml:1961 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." @@ -7638,7 +7986,7 @@ msgstr "" "разі використання цього варіанта перевірку на боці сервера вимкнено не буде." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1908 +#: sssd-ldap.5.xml:1966 msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " @@ -7649,7 +7997,7 @@ msgstr "" "manvolnum></citerefentry> для визначення того, чи чинним є пароль." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1914 +#: sssd-ldap.5.xml:1972 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " @@ -7660,7 +8008,7 @@ msgstr "" "скористайтеся chpass_provider=krb5 для оновлення цих атрибутів." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1923 +#: sssd-ldap.5.xml:1981 msgid "" "<emphasis>Note</emphasis>: if a password policy is configured on server " "side, it always takes precedence over policy set with this option." @@ -7670,18 +8018,18 @@ msgstr "" "встановленими за допомогою цього параметра." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1931 +#: sssd-ldap.5.xml:1989 msgid "ldap_referrals (boolean)" msgstr "ldap_referrals (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1934 +#: sssd-ldap.5.xml:1992 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "" "Визначає, чи має бути увімкнено автоматичне визначення напрямків пошуку." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1938 +#: sssd-ldap.5.xml:1996 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." @@ -7690,7 +8038,7 @@ msgstr "" "з версією OpenLDAP 2.4.13 або новішою версією." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1943 +#: sssd-ldap.5.xml:2001 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " @@ -7704,28 +8052,28 @@ msgstr "" "«false» може значно пришвидшити роботу." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1957 +#: sssd-ldap.5.xml:2015 msgid "ldap_dns_service_name (string)" msgstr "ldap_dns_service_name (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1960 +#: sssd-ldap.5.xml:2018 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" "Визначає назву служби, яку буде використано у разі вмикання визначення служб." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1964 +#: sssd-ldap.5.xml:2022 msgid "Default: ldap" msgstr "Типове значення: ldap" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1970 +#: sssd-ldap.5.xml:2028 msgid "ldap_chpass_dns_service_name (string)" msgstr "ldap_chpass_dns_service_name (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1973 +#: sssd-ldap.5.xml:2031 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." @@ -7734,17 +8082,17 @@ msgstr "" "уможливлює зміну паролів, у разі вмикання визначення служб." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1978 +#: sssd-ldap.5.xml:2036 msgid "Default: not set, i.e. service discovery is disabled" msgstr "Типове значення: не встановлено, тобто пошук служб вимкнено" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1984 +#: sssd-ldap.5.xml:2042 msgid "ldap_chpass_update_last_change (bool)" msgstr "ldap_chpass_update_last_change (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1987 +#: sssd-ldap.5.xml:2045 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." @@ -7753,12 +8101,12 @@ msgstr "" "щодо кількості днів з часу виконання дії зі зміни пароля." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1999 +#: sssd-ldap.5.xml:2057 msgid "ldap_access_filter (string)" msgstr "ldap_access_filter (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2002 +#: sssd-ldap.5.xml:2060 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -7787,12 +8135,12 @@ msgstr "" "refentrytitle><manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2022 +#: sssd-ldap.5.xml:2080 msgid "Example:" msgstr "Приклад:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:2025 +#: sssd-ldap.5.xml:2083 #, no-wrap msgid "" "access_provider = ldap\n" @@ -7804,7 +8152,7 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2029 +#: sssd-ldap.5.xml:2087 msgid "" "This example means that access to this host is restricted to users whose " "employeeType attribute is set to \"admin\"." @@ -7813,7 +8161,7 @@ msgstr "" "employeeType встановлено у значення «admin»." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2034 +#: sssd-ldap.5.xml:2092 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -7827,17 +8175,17 @@ msgstr "" "таких прав не було надано, у автономному режимі їх також не буде надано." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2042 sssd-ldap.5.xml:2099 +#: sssd-ldap.5.xml:2100 sssd-ldap.5.xml:2157 msgid "Default: Empty" msgstr "Типове значення: порожній рядок" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2048 +#: sssd-ldap.5.xml:2106 msgid "ldap_account_expire_policy (string)" msgstr "ldap_account_expire_policy (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2051 +#: sssd-ldap.5.xml:2109 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." @@ -7846,7 +8194,7 @@ msgstr "" "керування доступом на боці клієнта." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2055 +#: sssd-ldap.5.xml:2113 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -7857,12 +8205,12 @@ msgstr "" "з відповідним кодом помилки, навіть якщо вказано правильний пароль." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2062 +#: sssd-ldap.5.xml:2120 msgid "The following values are allowed:" msgstr "Можна використовувати такі значення:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2065 +#: sssd-ldap.5.xml:2123 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." @@ -7871,7 +8219,7 @@ msgstr "" "визначити, чи завершено строк дії облікового запису." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2070 +#: sssd-ldap.5.xml:2128 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -7884,7 +8232,7 @@ msgstr "" "Також буде перевірено, чи не вичерпано строк дії облікового запису." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2077 +#: sssd-ldap.5.xml:2135 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " @@ -7895,7 +8243,7 @@ msgstr "" "ldap_ns_account_lock." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2083 +#: sssd-ldap.5.xml:2141 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -7908,7 +8256,7 @@ msgstr "" "атрибутів, надати доступ." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2092 +#: sssd-ldap.5.xml:2150 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>expire</quote> in order for the " @@ -7919,24 +8267,24 @@ msgstr "" "користуватися параметром ldap_account_expire_policy." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2105 +#: sssd-ldap.5.xml:2163 msgid "ldap_access_order (string)" msgstr "ldap_access_order (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2108 +#: sssd-ldap.5.xml:2166 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" "Список відокремлених комами параметрів керування доступом. Можливі значення " "списку:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2112 +#: sssd-ldap.5.xml:2170 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "<emphasis>filter</emphasis>: використовувати ldap_access_filter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2115 +#: sssd-ldap.5.xml:2173 msgid "" "<emphasis>lockout</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -7951,7 +8299,7 @@ msgstr "" "для працездатності цієї можливості слід встановити «access_provider = ldap»." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2125 +#: sssd-ldap.5.xml:2183 msgid "" "<emphasis> Please note that this option is superseded by the <quote>ppolicy</" "quote> option and might be removed in a future release. </emphasis>" @@ -7961,7 +8309,7 @@ msgstr "" "emphasis>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2132 +#: sssd-ldap.5.xml:2190 msgid "" "<emphasis>ppolicy</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -7984,13 +8332,13 @@ msgstr "" "параметра слід встановити значення «access_provider = ldap»." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2149 +#: sssd-ldap.5.xml:2207 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "" "<emphasis>expire</emphasis>: використовувати ldap_account_expire_policy" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2153 +#: sssd-ldap.5.xml:2211 msgid "" "<emphasis>pwd_expire_policy_reject, pwd_expire_policy_warn, " "pwd_expire_policy_renew: </emphasis> These options are useful if users are " @@ -8005,7 +8353,7 @@ msgstr "" "наприклад на ключах SSH." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2163 +#: sssd-ldap.5.xml:2221 msgid "" "The difference between these options is the action taken if user password is " "expired: pwd_expire_policy_reject - user is denied to log in, " @@ -8020,7 +8368,7 @@ msgstr "" "негайно змінити пароль." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2171 +#: sssd-ldap.5.xml:2229 msgid "" "Note If user password is expired no explicit message is prompted by SSSD." msgstr "" @@ -8028,7 +8376,7 @@ msgstr "" "від SSSD не надходитиме." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2175 +#: sssd-ldap.5.xml:2233 msgid "" "Please note that 'access_provider = ldap' must be set for this feature to " "work. Also 'ldap_pwd_policy' must be set to an appropriate password policy." @@ -8038,7 +8386,7 @@ msgstr "" "параметра «ldap_pwd_policy» відповідні правила поводження із паролями." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2180 +#: sssd-ldap.5.xml:2238 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" @@ -8047,14 +8395,14 @@ msgstr "" "можливості доступу атрибут authorizedService" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2185 +#: sssd-ldap.5.xml:2243 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" "<emphasis>host</emphasis>: за допомогою цього атрибута вузла можна визначити " "права доступу" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2189 +#: sssd-ldap.5.xml:2247 msgid "" "<emphasis>rhost</emphasis>: use the rhost attribute to determine whether " "remote host can access" @@ -8063,7 +8411,7 @@ msgstr "" "того, чи матиме віддалений вузол доступ" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2193 +#: sssd-ldap.5.xml:2251 msgid "" "Please note, rhost field in pam is set by application, it is better to check " "what the application sends to pam, before enabling this access control option" @@ -8073,12 +8421,12 @@ msgstr "" "керування доступом." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2198 +#: sssd-ldap.5.xml:2256 msgid "Default: filter" msgstr "Типове значення: filter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2201 +#: sssd-ldap.5.xml:2259 msgid "" "Please note that it is a configuration error if a value is used more than " "once." @@ -8087,12 +8435,12 @@ msgstr "" "використано декілька разів." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2208 +#: sssd-ldap.5.xml:2266 msgid "ldap_pwdlockout_dn (string)" msgstr "ldap_pwdlockout_dn (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2211 +#: sssd-ldap.5.xml:2269 msgid "" "This option specifies the DN of password policy entry on LDAP server. Please " "note that absence of this option in sssd.conf in case of enabled account " @@ -8106,22 +8454,22 @@ msgstr "" "можна буде перевірити належним чином." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2219 +#: sssd-ldap.5.xml:2277 msgid "Example: cn=ppolicy,ou=policies,dc=example,dc=com" msgstr "Приклад: cn=ppolicy,ou=policies,dc=example,dc=com" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2222 +#: sssd-ldap.5.xml:2280 msgid "Default: cn=ppolicy,ou=policies,$ldap_search_base" msgstr "Типове значення: cn=ppolicy,ou=policies,$ldap_search_base" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2228 +#: sssd-ldap.5.xml:2286 msgid "ldap_deref (string)" msgstr "ldap_deref (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2231 +#: sssd-ldap.5.xml:2289 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" @@ -8130,13 +8478,13 @@ msgstr "" "пошуку. Можливі такі варіанти:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2236 +#: sssd-ldap.5.xml:2294 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "" "<emphasis>never</emphasis>: ніколи не виконувати розіменування псевдонімів." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2240 +#: sssd-ldap.5.xml:2298 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." @@ -8146,7 +8494,7 @@ msgstr "" "пошуку." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2245 +#: sssd-ldap.5.xml:2303 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." @@ -8155,7 +8503,7 @@ msgstr "" "під час визначення місця основного об’єкта пошуку." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2250 +#: sssd-ldap.5.xml:2308 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." @@ -8164,7 +8512,7 @@ msgstr "" "час пошуку, так і під час визначення місця основного об’єкта пошуку." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2255 +#: sssd-ldap.5.xml:2313 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" @@ -8173,12 +8521,12 @@ msgstr "" "сценарієм <emphasis>never</emphasis>)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2263 +#: sssd-ldap.5.xml:2321 msgid "ldap_rfc2307_fallback_to_local_users (boolean)" msgstr "ldap_rfc2307_fallback_to_local_users (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2266 +#: sssd-ldap.5.xml:2324 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." @@ -8187,7 +8535,7 @@ msgstr "" "серверів, у яких використовується схема RFC2307." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2270 +#: sssd-ldap.5.xml:2328 msgid "" "In some environments where the RFC2307 schema is used, local users are made " "members of LDAP groups by adding their names to the memberUid attribute. " @@ -8205,7 +8553,7 @@ msgstr "" "користувачів за допомогою виклику getpw*() або initgroups()." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2281 +#: sssd-ldap.5.xml:2339 msgid "" "This option falls back to checking if local users are referenced, and caches " "them so that later initgroups() calls will augment the local users with the " @@ -8217,12 +8565,12 @@ msgstr "" "групами LDAP." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2293 sssd-ifp.5.xml:136 +#: sssd-ldap.5.xml:2351 sssd-ifp.5.xml:136 msgid "wildcard_limit (integer)" msgstr "wildcard_limit (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2296 +#: sssd-ldap.5.xml:2354 msgid "" "Specifies an upper limit on the number of entries that are downloaded during " "a wildcard lookup." @@ -8231,14 +8579,14 @@ msgstr "" "пошуку з використанням символів-замінників." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2300 +#: sssd-ldap.5.xml:2358 msgid "At the moment, only the InfoPipe responder supports wildcard lookups." msgstr "" "У поточній версії пошук із використанням символів-замінників передбачено " "лише для відповідача InfoPipe." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2304 +#: sssd-ldap.5.xml:2362 msgid "Default: 1000 (often the size of one page)" msgstr "Типове значення: 1000 (часто розмір однієї сторінки)" @@ -8258,12 +8606,12 @@ msgstr "" "<placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2314 +#: sssd-ldap.5.xml:2372 msgid "SUDO OPTIONS" msgstr "ПАРАМЕТРИ SUDO" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2316 +#: sssd-ldap.5.xml:2374 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -8274,52 +8622,52 @@ msgstr "" "<manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2327 +#: sssd-ldap.5.xml:2385 msgid "ldap_sudorule_object_class (string)" msgstr "ldap_sudorule_object_class (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2330 +#: sssd-ldap.5.xml:2388 msgid "The object class of a sudo rule entry in LDAP." msgstr "Клас об’єктів запису правила sudo у LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2333 +#: sssd-ldap.5.xml:2391 msgid "Default: sudoRole" msgstr "Типове значення: sudoRole" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2339 +#: sssd-ldap.5.xml:2397 msgid "ldap_sudorule_name (string)" msgstr "ldap_sudorule_name (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2342 +#: sssd-ldap.5.xml:2400 msgid "The LDAP attribute that corresponds to the sudo rule name." msgstr "Атрибут LDAP, що відповідає назві правила sudo." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2352 +#: sssd-ldap.5.xml:2410 msgid "ldap_sudorule_command (string)" msgstr "ldap_sudorule_command (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2355 +#: sssd-ldap.5.xml:2413 msgid "The LDAP attribute that corresponds to the command name." msgstr "Атрибут LDAP, що відповідає назві команди." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2359 +#: sssd-ldap.5.xml:2417 msgid "Default: sudoCommand" msgstr "Типове значення: sudoCommand" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2365 +#: sssd-ldap.5.xml:2423 msgid "ldap_sudorule_host (string)" msgstr "ldap_sudorule_host (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2368 +#: sssd-ldap.5.xml:2426 msgid "" "The LDAP attribute that corresponds to the host name (or host IP address, " "host IP network, or host netgroup)" @@ -8328,17 +8676,17 @@ msgstr "" "вузла, мережевій групі вузла)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2373 +#: sssd-ldap.5.xml:2431 msgid "Default: sudoHost" msgstr "Типове значення: sudoHost" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2379 +#: sssd-ldap.5.xml:2437 msgid "ldap_sudorule_user (string)" msgstr "ldap_sudorule_user (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2382 +#: sssd-ldap.5.xml:2440 msgid "" "The LDAP attribute that corresponds to the user name (or UID, group name or " "user's netgroup)" @@ -8347,32 +8695,32 @@ msgstr "" "або назві мережевої групи користувача)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2386 +#: sssd-ldap.5.xml:2444 msgid "Default: sudoUser" msgstr "Типове значення: sudoUser" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2392 +#: sssd-ldap.5.xml:2450 msgid "ldap_sudorule_option (string)" msgstr "ldap_sudorule_option (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2395 +#: sssd-ldap.5.xml:2453 msgid "The LDAP attribute that corresponds to the sudo options." msgstr "Атрибут LDAP, що відповідає параметрам sudo." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2399 +#: sssd-ldap.5.xml:2457 msgid "Default: sudoOption" msgstr "Типове значення: sudoOption" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2405 +#: sssd-ldap.5.xml:2463 msgid "ldap_sudorule_runasuser (string)" msgstr "ldap_sudorule_runasuser (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2408 +#: sssd-ldap.5.xml:2466 msgid "" "The LDAP attribute that corresponds to the user name that commands may be " "run as." @@ -8381,17 +8729,17 @@ msgstr "" "команди." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2412 +#: sssd-ldap.5.xml:2470 msgid "Default: sudoRunAsUser" msgstr "Типове значення: sudoRunAsUser" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2418 +#: sssd-ldap.5.xml:2476 msgid "ldap_sudorule_runasgroup (string)" msgstr "ldap_sudorule_runasgroup (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2421 +#: sssd-ldap.5.xml:2479 msgid "" "The LDAP attribute that corresponds to the group name or group GID that " "commands may be run as." @@ -8400,17 +8748,17 @@ msgstr "" "виконувати команди." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2425 +#: sssd-ldap.5.xml:2483 msgid "Default: sudoRunAsGroup" msgstr "Типове значення: sudoRunAsGroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2431 +#: sssd-ldap.5.xml:2489 msgid "ldap_sudorule_notbefore (string)" msgstr "ldap_sudorule_notbefore (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2434 +#: sssd-ldap.5.xml:2492 msgid "" "The LDAP attribute that corresponds to the start date/time for when the sudo " "rule is valid." @@ -8418,49 +8766,49 @@ msgstr "" "Атрибут LDAP, що відповідає даті і часу набуття чинності правилом sudo." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2438 +#: sssd-ldap.5.xml:2496 msgid "Default: sudoNotBefore" msgstr "Типове значення: sudoNotBefore" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2444 +#: sssd-ldap.5.xml:2502 msgid "ldap_sudorule_notafter (string)" msgstr "ldap_sudorule_notafter (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2447 +#: sssd-ldap.5.xml:2505 msgid "" "The LDAP attribute that corresponds to the expiration date/time, after which " "the sudo rule will no longer be valid." msgstr "Атрибут LDAP, що відповідає даті і часу втрати чинності правилом sudo." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2452 +#: sssd-ldap.5.xml:2510 msgid "Default: sudoNotAfter" msgstr "Типове значення: sudoNotAfter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2458 +#: sssd-ldap.5.xml:2516 msgid "ldap_sudorule_order (string)" msgstr "ldap_sudorule_order (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2461 +#: sssd-ldap.5.xml:2519 msgid "The LDAP attribute that corresponds to the ordering index of the rule." msgstr "Атрибут LDAP, що відповідає порядковому номеру правила." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2465 +#: sssd-ldap.5.xml:2523 msgid "Default: sudoOrder" msgstr "Типове значення: sudoOrder" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2471 +#: sssd-ldap.5.xml:2529 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "ldap_sudo_full_refresh_interval (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2474 +#: sssd-ldap.5.xml:2532 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." @@ -8470,7 +8818,7 @@ msgstr "" "набір правил, що зберігаються на сервері." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2479 +#: sssd-ldap.5.xml:2537 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </" "emphasis>" @@ -8479,28 +8827,33 @@ msgstr "" "<emphasis>ldap_sudo_smart_refresh_interval </emphasis>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2484 +#: sssd-ldap.5.xml:2542 msgid "Default: 21600 (6 hours)" msgstr "Типове значення: 21600 (6 годин)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2490 +#: sssd-ldap.5.xml:2548 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "ldap_sudo_smart_refresh_interval (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2493 +#: sssd-ldap.5.xml:2551 +#, fuzzy +#| msgid "" +#| "How many seconds SSSD has to wait before executing a smart refresh of " +#| "sudo rules (which downloads all rules that have USN higher than the " +#| "highest USN of cached rules)." msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " -"rules (which downloads all rules that have USN higher than the highest USN " -"of cached rules)." +"rules (which downloads all rules that have USN higher than the highest " +"server USN value that is currently known by SSSD)." msgstr "" "Проміжок часу у секундах між послідовними кмітливими оновленнями правил sudo " "SSSD у автоматичному режимі. Під час таких оновлень буде отримано всі дані " "правил, USN яких перевищує найбільше значення USN у кешованих правилах." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2499 +#: sssd-ldap.5.xml:2557 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." @@ -8508,13 +8861,23 @@ msgstr "" "Якщо підтримки атрибутів USN на сервері не передбачено, буде використано " "дані атрибута modifyTimestamp." +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:2561 +msgid "" +"<emphasis>Note:</emphasis> the highest USN value can be updated by three " +"tasks: 1) By sudo full and smart refresh (if updated rules are found), 2) by " +"enumeration of users and groups (if enabled and updated users or groups are " +"found) and 3) by reconnecting to the server (by default every 15 minutes, " +"see <emphasis>ldap_connection_expire_timeout</emphasis>)." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2509 +#: sssd-ldap.5.xml:2578 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "ldap_sudo_use_host_filter (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2512 +#: sssd-ldap.5.xml:2581 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." @@ -8524,12 +8887,12 @@ msgstr "" "назв вузлів)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2523 +#: sssd-ldap.5.xml:2592 msgid "ldap_sudo_hostnames (string)" msgstr "ldap_sudo_hostnames (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2526 +#: sssd-ldap.5.xml:2595 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." @@ -8538,7 +8901,7 @@ msgstr "" "фільтрування списку правил." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2531 +#: sssd-ldap.5.xml:2600 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." @@ -8547,8 +8910,8 @@ msgstr "" "назву вузла та повну назву комп’ютера у домені у автоматичному режимі." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2536 sssd-ldap.5.xml:2559 sssd-ldap.5.xml:2577 -#: sssd-ldap.5.xml:2595 +#: sssd-ldap.5.xml:2605 sssd-ldap.5.xml:2628 sssd-ldap.5.xml:2646 +#: sssd-ldap.5.xml:2664 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</" "emphasis> then this option has no effect." @@ -8557,17 +8920,17 @@ msgstr "" "<emphasis>false</emphasis>, цей параметр ні на що не впливатиме." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2541 sssd-ldap.5.xml:2564 +#: sssd-ldap.5.xml:2610 sssd-ldap.5.xml:2633 msgid "Default: not specified" msgstr "Типове значення: не вказано" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2547 +#: sssd-ldap.5.xml:2616 msgid "ldap_sudo_ip (string)" msgstr "ldap_sudo_ip (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2550 +#: sssd-ldap.5.xml:2619 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." @@ -8576,7 +8939,7 @@ msgstr "" "правил." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2555 +#: sssd-ldap.5.xml:2624 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." @@ -8585,12 +8948,12 @@ msgstr "" "адресу у автоматичному режимі." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2570 +#: sssd-ldap.5.xml:2639 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "ldap_sudo_include_netgroups (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2573 +#: sssd-ldap.5.xml:2642 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." @@ -8599,12 +8962,12 @@ msgstr "" "мережеву групу (netgroup) у атрибуті sudoHost." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2588 +#: sssd-ldap.5.xml:2657 msgid "ldap_sudo_include_regexp (boolean)" msgstr "ldap_sudo_include_regexp (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2591 +#: sssd-ldap.5.xml:2660 msgid "" "If true then SSSD will download every rule that contains a wildcard in " "sudoHost attribute." @@ -8613,14 +8976,16 @@ msgstr "" "заміни у атрибуті sudoHost." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><note><para> -#: sssd-ldap.5.xml:2601 +#: sssd-ldap.5.xml:2670 msgid "" "Using wildcard is an operation that is very costly to evaluate on the LDAP " "server side!" msgstr "" +"Використання символів-замінників є дуже обчислювально вартісною операцією " +"для сервера LDAP!" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2613 +#: sssd-ldap.5.xml:2682 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -8633,12 +8998,12 @@ msgstr "" "refentrytitle><manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2623 +#: sssd-ldap.5.xml:2692 msgid "AUTOFS OPTIONS" msgstr "ПАРАМЕТРИ AUTOFS" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2625 +#: sssd-ldap.5.xml:2694 msgid "" "Some of the defaults for the parameters below are dependent on the LDAP " "schema." @@ -8647,49 +9012,49 @@ msgstr "" "LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2631 +#: sssd-ldap.5.xml:2700 msgid "ldap_autofs_map_master_name (string)" msgstr "ldap_autofs_map_master_name (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2634 +#: sssd-ldap.5.xml:2703 msgid "The name of the automount master map in LDAP." msgstr "Назва основної карти автоматичного монтування у LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2637 +#: sssd-ldap.5.xml:2706 msgid "Default: auto.master" msgstr "Типове значення: auto.master" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2644 +#: sssd-ldap.5.xml:2713 msgid "ldap_autofs_map_object_class (string)" msgstr "ldap_autofs_map_object_class (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2647 +#: sssd-ldap.5.xml:2716 msgid "The object class of an automount map entry in LDAP." msgstr "Клас об’єктів запису карти автоматичного монтування у LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2650 +#: sssd-ldap.5.xml:2719 msgid "Default: nisMap (rfc2307, autofs_provider=ad), otherwise automountMap" msgstr "" "Типове значення: nisMap (rfc2307, autofs_provider=ad), у інших випадках " "automountMap" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2658 +#: sssd-ldap.5.xml:2727 msgid "ldap_autofs_map_name (string)" msgstr "ldap_autofs_map_name (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2661 +#: sssd-ldap.5.xml:2730 msgid "The name of an automount map entry in LDAP." msgstr "Назва запису карти автоматичного монтування у LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2664 +#: sssd-ldap.5.xml:2733 msgid "" "Default: nisMapName (rfc2307, autofs_provider=ad), otherwise automountMapName" msgstr "" @@ -8697,12 +9062,12 @@ msgstr "" "automountMapName" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2672 +#: sssd-ldap.5.xml:2741 msgid "ldap_autofs_entry_object_class (string)" msgstr "ldap_autofs_entry_object_class (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2675 +#: sssd-ldap.5.xml:2744 msgid "" "The object class of an automount entry in LDAP. The entry usually " "corresponds to a mount point." @@ -8711,19 +9076,19 @@ msgstr "" "точні монтування." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2680 +#: sssd-ldap.5.xml:2749 msgid "Default: nisObject (rfc2307, autofs_provider=ad), otherwise automount" msgstr "" "Типове значення: nisObject (rfc2307, autofs_provider=ad), у інших випадках " "automount" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2688 +#: sssd-ldap.5.xml:2757 msgid "ldap_autofs_entry_key (string)" msgstr "ldap_autofs_entry_key (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2691 sssd-ldap.5.xml:2706 +#: sssd-ldap.5.xml:2760 sssd-ldap.5.xml:2775 msgid "" "The key of an automount entry in LDAP. The entry usually corresponds to a " "mount point." @@ -8732,19 +9097,19 @@ msgstr "" "точні монтування." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2695 +#: sssd-ldap.5.xml:2764 msgid "Default: cn (rfc2307, autofs_provider=ad), otherwise automountKey" msgstr "" "Типове значення: cn (rfc2307, autofs_provider=ad), у інших випадках " "automountKey" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2703 +#: sssd-ldap.5.xml:2772 msgid "ldap_autofs_entry_value (string)" msgstr "ldap_autofs_entry_value (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2710 +#: sssd-ldap.5.xml:2779 msgid "" "Default: nisMapEntry (rfc2307, autofs_provider=ad), otherwise " "automountInformation" @@ -8753,7 +9118,7 @@ msgstr "" "automountInformation" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2629 +#: sssd-ldap.5.xml:2698 msgid "" "<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" "\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " @@ -8766,32 +9131,32 @@ msgstr "" "\"variablelist\" id=\"4\"/> <placeholder type=\"variablelist\" id=\"5\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2721 +#: sssd-ldap.5.xml:2790 msgid "ADVANCED OPTIONS" msgstr "ДОДАТКОВІ ПАРАМЕТРИ" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2728 +#: sssd-ldap.5.xml:2797 msgid "ldap_netgroup_search_base (string)" msgstr "ldap_netgroup_search_base (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2733 +#: sssd-ldap.5.xml:2802 msgid "ldap_user_search_base (string)" msgstr "ldap_user_search_base (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2738 +#: sssd-ldap.5.xml:2807 msgid "ldap_group_search_base (string)" msgstr "ldap_group_search_base (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note> -#: sssd-ldap.5.xml:2743 +#: sssd-ldap.5.xml:2812 msgid "<note>" msgstr "<note>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note><para> -#: sssd-ldap.5.xml:2745 +#: sssd-ldap.5.xml:2814 msgid "" "If the option <quote>ldap_use_tokengroups</quote> is enabled, the searches " "against Active Directory will not be restricted and return all groups " @@ -8804,22 +9169,22 @@ msgstr "" "груп показуються неправильно." #. type: Content of: <reference><refentry><refsect1><para><variablelist> -#: sssd-ldap.5.xml:2752 +#: sssd-ldap.5.xml:2821 msgid "</note>" msgstr "</note>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2754 +#: sssd-ldap.5.xml:2823 msgid "ldap_sudo_search_base (string)" msgstr "ldap_sudo_search_base (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2759 +#: sssd-ldap.5.xml:2828 msgid "ldap_autofs_search_base (string)" msgstr "ldap_autofs_search_base (рядок)" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2723 +#: sssd-ldap.5.xml:2792 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -8832,14 +9197,14 @@ msgstr "" "<placeholder type=\"variablelist\" id=\"1\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2774 sssd-simple.5.xml:131 sssd-ipa.5.xml:843 -#: sssd-ad.5.xml:1078 sssd-krb5.5.xml:570 sss_rpcidmapd.5.xml:98 +#: sssd-ldap.5.xml:2843 sssd-simple.5.xml:131 sssd-ipa.5.xml:843 +#: sssd-ad.5.xml:1097 sssd-krb5.5.xml:604 sss_rpcidmapd.5.xml:98 #: sssd-files.5.xml:130 sssd-session-recording.5.xml:144 msgid "EXAMPLE" msgstr "ПРИКЛАД" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2776 +#: sssd-ldap.5.xml:2845 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -8850,7 +9215,7 @@ msgstr "" "<replaceable>[domains]</replaceable>." #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2782 +#: sssd-ldap.5.xml:2851 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -8870,20 +9235,20 @@ msgstr "" "cache_credentials = true\n" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:2781 sssd-ldap.5.xml:2799 sssd-simple.5.xml:139 -#: sssd-ipa.5.xml:851 sssd-ad.5.xml:1086 sssd-sudo.5.xml:56 sssd-krb5.5.xml:579 +#: sssd-ldap.5.xml:2850 sssd-ldap.5.xml:2868 sssd-simple.5.xml:139 +#: sssd-ipa.5.xml:851 sssd-ad.5.xml:1105 sssd-sudo.5.xml:56 sssd-krb5.5.xml:613 #: sssd-files.5.xml:137 sssd-files.5.xml:148 sssd-session-recording.5.xml:150 #: include/ldap_id_mapping.xml:105 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "<placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2793 +#: sssd-ldap.5.xml:2862 msgid "LDAP ACCESS FILTER EXAMPLE" msgstr "ПРИКЛАД ФІЛЬТРА ДОСТУПУ LDAP" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2795 +#: sssd-ldap.5.xml:2864 msgid "" "The following example assumes that SSSD is correctly configured and to use " "the ldap_access_order=lockout." @@ -8892,7 +9257,7 @@ msgstr "" "чином і використано ldap_access_order=lockout." #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2800 +#: sssd-ldap.5.xml:2869 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -8918,13 +9283,13 @@ msgstr "" "cache_credentials = true\n" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2815 sssd_krb5_locator_plugin.8.xml:81 sssd-simple.5.xml:148 -#: sssd-ad.5.xml:1101 sssd.8.xml:257 sss_seed.8.xml:163 +#: sssd-ldap.5.xml:2884 sssd_krb5_locator_plugin.8.xml:83 sssd-simple.5.xml:148 +#: sssd-ad.5.xml:1120 sssd.8.xml:257 sss_seed.8.xml:163 msgid "NOTES" msgstr "ЗАУВАЖЕННЯ" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2817 +#: sssd-ldap.5.xml:2886 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -8948,19 +9313,6 @@ msgstr "модуль PAM для SSSD" #. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> #: pam_sss.8.xml:22 -#, fuzzy -#| msgid "" -#| "<command>pam_sss.so</command> <arg choice='opt'> <replaceable>quiet</" -#| "replaceable> </arg> <arg choice='opt'> <replaceable>forward_pass</" -#| "replaceable> </arg> <arg choice='opt'> <replaceable>use_first_pass</" -#| "replaceable> </arg> <arg choice='opt'> <replaceable>use_authtok</" -#| "replaceable> </arg> <arg choice='opt'> <replaceable>retry=N</replaceable> " -#| "</arg> <arg choice='opt'> <replaceable>ignore_unknown_user</replaceable> " -#| "</arg> <arg choice='opt'> <replaceable>ignore_authinfo_unavail</" -#| "replaceable> </arg> <arg choice='opt'> <replaceable>domains=X</" -#| "replaceable> </arg> <arg choice='opt'> <replaceable>allow_missing_name</" -#| "replaceable> </arg> <arg choice='opt'> <replaceable>prompt_always</" -#| "replaceable> </arg>" msgid "" "<command>pam_sss.so</command> <arg choice='opt'> <replaceable>quiet</" "replaceable> </arg> <arg choice='opt'> <replaceable>forward_pass</" @@ -8984,7 +9336,9 @@ msgstr "" "arg> <arg choice='opt'> <replaceable>ignore_authinfo_unavail</replaceable> </" "arg> <arg choice='opt'> <replaceable>domains=X</replaceable> </arg> <arg " "choice='opt'> <replaceable>allow_missing_name</replaceable> </arg> <arg " -"choice='opt'> <replaceable>prompt_always</replaceable> </arg>" +"choice='opt'> <replaceable>prompt_always</replaceable> </arg> <arg " +"choice='opt'> <replaceable>try_cert_auth</replaceable> </arg> <arg " +"choice='opt'> <replaceable>require_cert_auth</replaceable> </arg>" #. type: Content of: <reference><refentry><refsect1><para> #: pam_sss.8.xml:64 @@ -9204,19 +9558,28 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: pam_sss.8.xml:211 -#, fuzzy -#| msgid "<option>use_authtok</option>" msgid "<option>try_cert_auth</option>" -msgstr "<option>use_authtok</option>" +msgstr "<option>try_cert_auth</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: pam_sss.8.xml:215 +#, fuzzy +#| msgid "" +#| "Try to use certificate based authentication, i.e. authentication with a " +#| "Smartcard or similar devices. If a Smartcard is available and the service " +#| "is allowed for Smartcard authentication the use will be prompted for a " +#| "PIN and the certificate based authentication will continue" msgid "" "Try to use certificate based authentication, i.e. authentication with a " "Smartcard or similar devices. If a Smartcard is available and the service is " -"allowed for Smartcard authentication the use will be prompted for a PIN and " +"allowed for Smartcard authentication the user will be prompted for a PIN and " "the certificate based authentication will continue" msgstr "" +"Спробувати скористатися розпізнаванням на основі сертифікатів, тобто " +"розпізнаванням за допомогою смарткартки або подібного пристрою. Якщо " +"доступною є смарткартка і уможливлено розпізнавання за смарткарткою для " +"служби, система надішле запит щодо пін-коду і буде продовжено процедуру " +"розпізнавання за сертифікатом." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: pam_sss.8.xml:223 @@ -9224,13 +9587,13 @@ msgid "" "If no Smartcard is available or certificate based authentication is not " "allowed for the current service PAM_AUTHINFO_UNAVAIL is returned." msgstr "" +"Якщо смарткартка виявиться недоступною або розпізнавання за сертифікатом " +"буде заборонено для поточної служби, буде повернуто PAM_AUTHINFO_UNAVAIL." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: pam_sss.8.xml:231 -#, fuzzy -#| msgid "<option>quiet</option>" msgid "<option>require_cert_auth</option>" -msgstr "<option>quiet</option>" +msgstr "<option>require_cert_auth</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: pam_sss.8.xml:235 @@ -9242,6 +9605,13 @@ msgid "" "<citerefentry><refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" "manvolnum></citerefentry> for details." msgstr "" +"Виконати розпізнавання на основі сертифікатів, тобто розпізнавання за " +"допомогою смарткартки або подібного пристрою. Якщо смарткартка виявиться " +"недоступною, система попросить користувача вставити її. SSSD чекатиме на " +"смарткартку, аж доки не завершиться час очікування, визначений переданим " +"значенням p11_wait_for_card_timeout. Див. <citerefentry><refentrytitle>sssd." +"conf</refentrytitle> <manvolnum>5</manvolnum></citerefentry>, щоб дізнатися " +"більше." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: pam_sss.8.xml:245 @@ -9250,6 +9620,9 @@ msgid "" "authentication is not allowed for the current service PAM_AUTHINFO_UNAVAIL " "is returned." msgstr "" +"Якщо смарткартка виявиться недоступною на момент завершення часу очікування " +"або розпізнавання за сертифікатом буде заборонено для поточної служби, буде " +"повернуто PAM_AUTHINFO_UNAVAIL." #. type: Content of: <reference><refentry><refsect1><title> #: pam_sss.8.xml:255 @@ -9265,13 +9638,22 @@ msgstr "" "Передбачено всі типи модулів (<option>account</option>, <option>auth</" "option>, <option>password</option> і <option>session</option>)." +#. type: Content of: <reference><refentry><refsect1><para> +#: pam_sss.8.xml:259 +msgid "" +"If SSSD's PAM responder is not running, e.g. if the PAM responder socket is " +"not available, pam_sss will return PAM_USER_UNKNOWN when called as " +"<option>account</option> module to avoid issues with users from other " +"sources during access control." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><title> -#: pam_sss.8.xml:262 +#: pam_sss.8.xml:266 msgid "FILES" msgstr "ФАЙЛИ" #. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:263 +#: pam_sss.8.xml:267 msgid "" "If a password reset by root fails, because the corresponding SSSD provider " "does not support password resets, an individual message can be displayed. " @@ -9283,7 +9665,7 @@ msgstr "" "повідомленні, наприклад, можуть міститися настанови щодо скидання пароля." #. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:268 +#: pam_sss.8.xml:272 msgid "" "The message is read from the file <filename>pam_sss_pw_reset_message.LOC</" "filename> where LOC stands for a locale string returned by <citerefentry> " @@ -9303,7 +9685,7 @@ msgstr "" "іншим користувачам може бути надано лише право читання файлів." #. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:278 +#: pam_sss.8.xml:282 msgid "" "These files are searched in the directory <filename>/etc/sssd/customize/" "DOMAIN_NAME/</filename>. If no matching file is present a generic message is " @@ -9335,6 +9717,15 @@ msgid "" "unexpected authentication failures and maybe even account lockings it would " "be good to talk to a single KDC as long as possible." msgstr "" +"Для пошуку KDC для вказаної області Kerberos libkrb5 використовує додаток " +"пошуку Kerberos <command>sssd_krb5_locator_plugin</command>. SSSD надає " +"такий додаток для спрямовування усіх клієнтів Kerberos у системі до єдиного " +"KDC. Загалом, немає значення, з яким KDC клієнт обмінюється даними. Втім, " +"бувають випадки, наприклад, після зміни пароля, коли не усі KDC перебувають " +"в одному стані, оскільки нові дані має бути спочатку відтворено на усіх " +"серверах. Щоб уникнути неочікуваних помилок під час розпізнавання або навіть " +"блокування облікових записів, варто примусово обмежувати обмін даними до " +"одного KDC якомога довше." #. type: Content of: <reference><refentry><refsect1><para> #: sssd_krb5_locator_plugin.8.xml:34 @@ -9350,48 +9741,87 @@ msgid "" "plugin. With this the plugin is still called but will provide no data to the " "caller so that libkrb5 can fall back to other methods defined in krb5.conf." msgstr "" +"libkrb5 шукатиме додаток пошуку у підкаталозі libkrb5 каталогу додатків " +"Kerberos, див. plugin_base_dir у <citerefentry> <refentrytitle>krb5.conf</" +"refentrytitle> <manvolnum>5</manvolnum> </citerefentry>, щоб дізнатися " +"більше. Додаток можна вимкнути лише вилученням файла додатка. У " +"налаштуваннях Kerberos не передбачено пунктів для його вимикання. Втім, для " +"вимикання додатка для окремих команд можна скористатися змінною середовища " +"SSSD_KRB5_LOCATOR_DISABLE. Крім того, можна скористатися параметром SSSD " +"krb5_use_kdcinfo=False з метою заборони створення даних, які потрібні для " +"роботи додатка. Якщо визначити цю змінну, додаток викликатиметься, але не " +"надаватиме дані функції виклику, отже libkrb5 зможе повернутися до інших " +"методів, які визначено у krb5.conf." #. type: Content of: <reference><refentry><refsect1><para> #: sssd_krb5_locator_plugin.8.xml:50 +#, fuzzy +#| msgid "" +#| "The plugin reads the information about the KDCs of a given realm from a " +#| "file called <filename>kdcinfo.REALM</filename>. The file should contain " +#| "one or more IP addresses either in dotted-decimal IPv4 notation or the " +#| "hexadecimal IPv6 notation. An optional port number can be added to the " +#| "end separated with a colon, the IPv6 address has to be enclosed in " +#| "squared brackets in this case as usual. Valid entries are:" msgid "" "The plugin reads the information about the KDCs of a given realm from a file " "called <filename>kdcinfo.REALM</filename>. The file should contain one or " -"more IP addresses either in dotted-decimal IPv4 notation or the hexadecimal " -"IPv6 notation. An optional port number can be added to the end separated " -"with a colon, the IPv6 address has to be enclosed in squared brackets in " -"this case as usual. Valid entries are:" -msgstr "" +"more DNS names or IP addresses either in dotted-decimal IPv4 notation or the " +"hexadecimal IPv6 notation. An optional port number can be added to the end " +"separated with a colon, the IPv6 address has to be enclosed in squared " +"brackets in this case as usual. Valid entries are:" +msgstr "" +"Додаток читає дані щодо KDC вказаної області з файла із назвою " +"<filename>kdcinfo.REALM</filename>. Цей файл має містити одну або декілька " +"IP-адрес або у форматі чисел, які відокремлено крапками, IPv4, або у " +"шістнадцятковому форматі IPv6. Можна додати необов'язковий номер порту " +"наприкінці, відокремивши його від решти запису двокрапкою. У цьому випадку, " +"як завжди, адресу IPv6 слід взяти у квадратні дужки. Коректними вважаються " +"такі записи:" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> #: sssd_krb5_locator_plugin.8.xml:58 -msgid "1.2.3.4" +msgid "kdc.example.com" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> #: sssd_krb5_locator_plugin.8.xml:59 -msgid "5.6.7.8:99" +msgid "kdc.example.com:321" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> #: sssd_krb5_locator_plugin.8.xml:60 -msgid "2001:db8:85a3::8a2e:370:7334" -msgstr "" +msgid "1.2.3.4" +msgstr "1.2.3.4" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> #: sssd_krb5_locator_plugin.8.xml:61 +msgid "5.6.7.8:99" +msgstr "5.6.7.8:99" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd_krb5_locator_plugin.8.xml:62 +msgid "2001:db8:85a3::8a2e:370:7334" +msgstr "2001:db8:85a3::8a2e:370:7334" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd_krb5_locator_plugin.8.xml:63 msgid "[2001:db8:85a3::8a2e:370:7334]:321" -msgstr "" +msgstr "[2001:db8:85a3::8a2e:370:7334]:321" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:63 +#: sssd_krb5_locator_plugin.8.xml:65 msgid "" "SSSD's krb5 auth-provider which is used by the IPA and AD providers as well " "adds the address of the current KDC or domain controller SSSD is using to " "this file." msgstr "" +"Надавач даних розпізнавання krb5 SSSD, який використовується також " +"надавачами даних IPA та AD, додає до цього файла адресу поточного KDC або " +"контролера домену, який використовує SSSD." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:68 +#: sssd_krb5_locator_plugin.8.xml:70 msgid "" "In environments with read-only and read-write KDCs where clients are " "expected to use the read-only instances for the general operations and only " @@ -9402,9 +9832,19 @@ msgid "" "MIT Kerberos specific master KDC. If the address contains a port number the " "default KDC port 88 will be used for the latter." msgstr "" +"У середовищах із придатними лише для читання або для читання запису KDC, де, " +"як очікується, клієнти використовуватимуть придатні лише для читання " +"екземпляри для виконання загальних завдань і користуватиметься призначеними " +"для запису KDC лише для внесення змін до налаштувань, зокрема зміни паролів, " +"<filename>kpasswdinfo.REALM</filename> також використовується для визначення " +"придатних до читання і запису KDC. Якщо цей файл існує для вказаної області, " +"його вміст буде використано додатком для надання відповідей на запити щодо " +"сервера kpasswd або kadmin чи щодо певного основного KDC MIT Kerberos. Якщо " +"адреса містить номер порту, для останньої мети використовуватиметься типовий " +"порт KDC 88." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:83 +#: sssd_krb5_locator_plugin.8.xml:85 msgid "" "Not all Kerberos implementations support the use of plugins. If " "<command>sssd_krb5_locator_plugin</command> is not available on your system " @@ -9416,7 +9856,7 @@ msgstr "" "Kerberos." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:89 +#: sssd_krb5_locator_plugin.8.xml:91 msgid "" "If the environment variable SSSD_KRB5_LOCATOR_DEBUG is set to any value " "debug messages will be sent to stderr." @@ -9425,7 +9865,7 @@ msgstr "" "SSSD_KRB5_LOCATOR_DEBUG, діагностичні повідомлення надсилатимуться до stderr." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:93 +#: sssd_krb5_locator_plugin.8.xml:95 msgid "" "If the environment variable SSSD_KRB5_LOCATOR_DISABLE is set to any value " "the plugin is disabled and will just return KRB5_PLUGIN_NO_HANDLE to the " @@ -9435,6 +9875,23 @@ msgstr "" "SSSD_KRB5_LOCATOR_DISABLE, додаток буде вимкнено і поверне функції виклику " "лише KRB5_PLUGIN_NO_HANDLE." +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:100 +#, fuzzy +#| msgid "" +#| "If the environment variable SSSD_KRB5_LOCATOR_DISABLE is set to any value " +#| "the plugin is disabled and will just return KRB5_PLUGIN_NO_HANDLE to the " +#| "caller." +msgid "" +"If the environment variable SSSD_KRB5_LOCATOR_IGNORE_DNS_FAILURES is set to " +"any value plugin will try to resolve all DNS names in kdcinfo file. By " +"default plugin returns KRB5_PLUGIN_NO_HANDLE to the caller immediately on " +"first DNS resolving failure." +msgstr "" +"Якщо встановлено будь-яке значення для змінної середовища " +"SSSD_KRB5_LOCATOR_DISABLE, додаток буде вимкнено і поверне функції виклику " +"лише KRB5_PLUGIN_NO_HANDLE." + #. type: Content of: <reference><refentry><refnamediv><refname> #: sssd-simple.5.xml:10 sssd-simple.5.xml:16 msgid "sssd-simple" @@ -10781,7 +11238,7 @@ msgstr "" "цього вузла. Назву вузла слід вказувати повністю." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:128 sssd-ad.5.xml:888 +#: sssd-ipa.5.xml:128 sssd-ad.5.xml:907 msgid "dyndns_update (boolean)" msgstr "dyndns_update (булеве значення)" @@ -10801,7 +11258,7 @@ msgstr "" "допомогою параметра «dyndns_iface»." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:140 sssd-ad.5.xml:902 +#: sssd-ipa.5.xml:140 sssd-ad.5.xml:921 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" @@ -10822,12 +11279,12 @@ msgstr "" "назву, <emphasis>dyndns_update</emphasis>, у файлі налаштувань." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:157 sssd-ad.5.xml:913 +#: sssd-ipa.5.xml:157 sssd-ad.5.xml:932 msgid "dyndns_ttl (integer)" msgstr "dyndns_ttl (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:160 sssd-ad.5.xml:916 +#: sssd-ipa.5.xml:160 sssd-ad.5.xml:935 msgid "" "The TTL to apply to the client DNS record when updating it. If " "dyndns_update is false this has no effect. This will override the TTL " @@ -10854,12 +11311,12 @@ msgid "Default: 1200 (seconds)" msgstr "Типове значення: 1200 (секунд)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:177 sssd-ad.5.xml:927 +#: sssd-ipa.5.xml:177 sssd-ad.5.xml:946 msgid "dyndns_iface (string)" msgstr "dyndns_iface (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:180 sssd-ad.5.xml:930 +#: sssd-ipa.5.xml:180 sssd-ad.5.xml:949 msgid "" "Optional. Applicable only when dyndns_update is true. Choose the interface " "or a list of interfaces whose IP addresses should be used for dynamic DNS " @@ -10892,17 +11349,17 @@ msgstr "" "для з’єднання LDAP IPA" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:197 sssd-ad.5.xml:941 +#: sssd-ipa.5.xml:197 sssd-ad.5.xml:960 msgid "Example: dyndns_iface = em1, vnet1, vnet2" msgstr "Приклад: dyndns_iface = em1, vnet1, vnet2" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:203 sssd-ad.5.xml:992 +#: sssd-ipa.5.xml:203 sssd-ad.5.xml:1011 msgid "dyndns_auth (string)" msgstr "dyndns_auth (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:206 sssd-ad.5.xml:995 +#: sssd-ipa.5.xml:206 sssd-ad.5.xml:1014 msgid "" "Whether the nsupdate utility should use GSS-TSIG authentication for secure " "updates with the DNS server, insecure updates can be sent by setting this " @@ -10913,7 +11370,7 @@ msgstr "" "можна надсилати встановленням для цього параметра значення «none»." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:212 sssd-ad.5.xml:1001 +#: sssd-ipa.5.xml:212 sssd-ad.5.xml:1020 msgid "Default: GSS-TSIG" msgstr "Типове значення: GSS-TSIG" @@ -10948,7 +11405,7 @@ msgstr "" "вважатимуться резервними серверами." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:244 sssd-ad.5.xml:947 +#: sssd-ipa.5.xml:244 sssd-ad.5.xml:966 msgid "dyndns_refresh_interval (integer)" msgstr "dyndns_refresh_interval (ціле число)" @@ -10965,12 +11422,12 @@ msgstr "" "є обов’язкоми, його застосовують, лише якщо dyndns_update має значення true." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:260 sssd-ad.5.xml:965 +#: sssd-ipa.5.xml:260 sssd-ad.5.xml:984 msgid "dyndns_update_ptr (bool)" msgstr "dyndns_update_ptr (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:263 sssd-ad.5.xml:968 +#: sssd-ipa.5.xml:263 sssd-ad.5.xml:987 msgid "" "Whether the PTR record should also be explicitly updated when updating the " "client's DNS records. Applicable only when dyndns_update is true." @@ -10994,12 +11451,12 @@ msgid "Default: False (disabled)" msgstr "Типове значення: False (вимкнено)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:280 sssd-ad.5.xml:979 +#: sssd-ipa.5.xml:280 sssd-ad.5.xml:998 msgid "dyndns_force_tcp (bool)" msgstr "dyndns_force_tcp (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:283 sssd-ad.5.xml:982 +#: sssd-ipa.5.xml:283 sssd-ad.5.xml:1001 msgid "" "Whether the nsupdate utility should default to using TCP for communicating " "with the DNS server." @@ -11008,17 +11465,17 @@ msgstr "" "даними з сервером DNS." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:287 sssd-ad.5.xml:986 +#: sssd-ipa.5.xml:287 sssd-ad.5.xml:1005 msgid "Default: False (let nsupdate choose the protocol)" msgstr "Типове значення: False (надати змогу nsupdate вибирати протокол)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:293 sssd-ad.5.xml:1007 +#: sssd-ipa.5.xml:293 sssd-ad.5.xml:1026 msgid "dyndns_server (string)" msgstr "dyndns_server (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:296 sssd-ad.5.xml:1010 +#: sssd-ipa.5.xml:296 sssd-ad.5.xml:1029 msgid "" "The DNS server to use when performing a DNS update. In most setups, it's " "recommended to leave this option unset." @@ -11028,7 +11485,7 @@ msgstr "" "параметра." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:301 sssd-ad.5.xml:1015 +#: sssd-ipa.5.xml:301 sssd-ad.5.xml:1034 msgid "" "Setting this option makes sense for environments where the DNS server is " "different from the identity server." @@ -11037,7 +11494,7 @@ msgstr "" "DNS відрізняється від сервера профілів." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:306 sssd-ad.5.xml:1020 +#: sssd-ipa.5.xml:306 sssd-ad.5.xml:1039 msgid "" "Please note that this option will be only used in fallback attempt when " "previous attempt using autodetected settings failed." @@ -11047,24 +11504,24 @@ msgstr "" "невдало." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:311 sssd-ad.5.xml:1025 +#: sssd-ipa.5.xml:311 sssd-ad.5.xml:1044 msgid "Default: None (let nsupdate choose the server)" msgstr "Типове значення: немає (надати nsupdate змогу вибирати сервер)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:317 sssd-ad.5.xml:1031 -#, fuzzy -#| msgid "dyndns_update (boolean)" +#: sssd-ipa.5.xml:317 sssd-ad.5.xml:1050 msgid "dyndns_update_per_family (boolean)" -msgstr "dyndns_update (булеве значення)" +msgstr "dyndns_update_per_family (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:320 sssd-ad.5.xml:1034 +#: sssd-ipa.5.xml:320 sssd-ad.5.xml:1053 msgid "" "DNS update is by default performed in two steps - IPv4 update and then IPv6 " "update. In some cases it might be desirable to perform IPv4 and IPv6 update " "in single step." msgstr "" +"Оновлення DNS, типово, виконується у два кроки — оновлення IPv4, а потім " +"оновлення IPv6. Іноді бажаним є виконання оновлення IPv4 і IPv6 за один крок." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:332 @@ -11190,12 +11647,12 @@ msgstr "" "перетворено у основний DN для виконання дій LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:458 sssd-ad.5.xml:1049 +#: sssd-ipa.5.xml:458 sssd-ad.5.xml:1068 msgid "krb5_confd_path (string)" msgstr "krb5_confd_path (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:461 sssd-ad.5.xml:1052 +#: sssd-ipa.5.xml:461 sssd-ad.5.xml:1071 msgid "" "Absolute path of a directory where SSSD should place Kerberos configuration " "snippets." @@ -11204,7 +11661,7 @@ msgstr "" "налаштувань Kerberos." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:465 sssd-ad.5.xml:1056 +#: sssd-ipa.5.xml:465 sssd-ad.5.xml:1075 msgid "" "To disable the creation of the configuration snippets set the parameter to " "'none'." @@ -11213,7 +11670,7 @@ msgstr "" "значення «none»." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:469 sssd-ad.5.xml:1060 +#: sssd-ipa.5.xml:469 sssd-ad.5.xml:1079 msgid "" "Default: not set (krb5.include.d subdirectory of SSSD's pubconf directory)" msgstr "" @@ -11238,7 +11695,7 @@ msgstr "" "щодо профілів станції." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:486 sssd-ipa.5.xml:516 sssd-ipa.5.xml:532 sssd-ad.5.xml:452 +#: sssd-ipa.5.xml:486 sssd-ipa.5.xml:516 sssd-ipa.5.xml:532 sssd-ad.5.xml:471 msgid "Default: 5 (seconds)" msgstr "Типове значення: 5 (секунд)" @@ -11583,10 +12040,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><title> #: sssd-ipa.5.xml:747 -#, fuzzy -#| msgid "TRUSTED DOMAIN SECTION" msgid "TRUSTED DOMAINS CONFIGURATION" -msgstr "РОЗДІЛ ДОВІРЕНИХ ДОМЕНІВ" +msgstr "НАЛАШТОВУВАННЯ ДОВІРЕНИХ ДОМЕНІВ" #. type: Content of: <reference><refentry><refsect1><para><programlisting> #: sssd-ipa.5.xml:753 @@ -11595,39 +12050,33 @@ msgid "" "[domain/ipa.domain.com/ad.domain.com]\n" "ad_server = dc.ad.domain.com\n" msgstr "" +"[domain/ipa.domain.com/ad.domain.com]\n" +"ad_server = dc.ad.domain.com\n" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ipa.5.xml:749 -#, fuzzy -#| msgid "" -#| "These configuration options can be present in a domain configuration " -#| "section, that is, in a section called <quote>[domain/<replaceable>NAME</" -#| "replaceable>]</quote> <placeholder type=\"variablelist\" id=\"0\"/>" msgid "" "Some configuration options can be also set for a trusted domain. A trusted " "domain configuration can either be done using a subsection, for example: " "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" -"Ці параметри налаштування може бути вказано у розділі налаштування домену, " -"тобто у розділі з назвою <quote>[domain/<replaceable>НАЗВА</replaceable>]</" -"quote> <placeholder type=\"variablelist\" id=\"0\"/>" +"Для довіреного домену можна також встановити деякі параметри налаштовування. " +"Налаштовування довіреного домену можна виконати за допомогою підрозділу, " +"приклад: <placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ipa.5.xml:758 -#, fuzzy -#| msgid "" -#| "Please refer to the <quote>dns_discovery_domain</quote> parameter in the " -#| "<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -#| "manvolnum> </citerefentry> manual page for more details." msgid "" "In addition, some options can be set in the parent domain and inherited by " "the trusted domain using the <quote>subdomain_inherit</quote> option. For " "more details, see the <citerefentry> <refentrytitle>sssd.conf</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page." msgstr "" -"З докладнішими відомостями щодо параметра «dns_discovery_domain» можна " -"ознайомитися на сторінці підручника (man) <citerefentry> <refentrytitle>sssd." -"conf</refentrytitle> <manvolnum>5</manvolnum> </citerefentry>." +"Крім того, деякі параметри можна встановити у батьківському домені і " +"успадкувати для довіреного домену за допомогою параметра " +"<quote>subdomain_inherit</quote>. Щоб дізнатися більше, ознайомтеся зі " +"сторінкою підручника <citerefentry> <refentrytitle>sssd.conf</refentrytitle> " +"<manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ipa.5.xml:768 @@ -11635,70 +12084,61 @@ msgid "" "Different configuration options are tunable for a trusted domain depending " "on whether you are configuring SSSD on an IPA server or an IPA client." msgstr "" +"Перелік параметрів налаштовування для довіреного домену залежить від того, " +"як ви налаштували SSSD на сервері IPA або клієнт IPA." #. type: Content of: <reference><refentry><refsect1><refsect2><title> #: sssd-ipa.5.xml:773 msgid "OPTIONS TUNABLE ON IPA MASTERS" -msgstr "" +msgstr "ПАРАМЕТРИ, ЯКІ МОЖНА НАЛАШТУВАТИ НА ОСНОВНИХ СЕРВЕРАХ IPA" #. type: Content of: <reference><refentry><refsect1><refsect2><para> #: sssd-ipa.5.xml:775 msgid "" "The following options can be set in a subdomain section on an IPA master:" msgstr "" +"У розділі піддомену на основному сервері IPA можна вказати такі параметри:" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> #: sssd-ipa.5.xml:779 sssd-ipa.5.xml:809 -#, fuzzy -#| msgid "ad_server," msgid "ad_server" -msgstr "ad_server," +msgstr "ad_server" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> #: sssd-ipa.5.xml:782 -#, fuzzy -#| msgid "ad_backup_server," msgid "ad_backup_server" -msgstr "ad_backup_server," +msgstr "ad_backup_server" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> #: sssd-ipa.5.xml:785 sssd-ipa.5.xml:812 -#, fuzzy -#| msgid "ad_site," msgid "ad_site" -msgstr "ad_site," +msgstr "ad_site" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> #: sssd-ipa.5.xml:788 -#, fuzzy -#| msgid "ldap_search_base," msgid "ldap_search_base" -msgstr "ldap_search_base," +msgstr "ldap_search_base" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> #: sssd-ipa.5.xml:791 -#, fuzzy -#| msgid "ldap_user_search_base," msgid "ldap_user_search_base" -msgstr "ldap_user_search_base," +msgstr "ldap_user_search_base" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> #: sssd-ipa.5.xml:794 -#, fuzzy -#| msgid "ldap_group_search_base," msgid "ldap_group_search_base" -msgstr "ldap_group_search_base," +msgstr "ldap_group_search_base" #. type: Content of: <reference><refentry><refsect1><refsect2><title> #: sssd-ipa.5.xml:803 msgid "OPTIONS TUNABLE ON IPA CLIENTS" -msgstr "" +msgstr "ПАРАМЕТРИ, ЯКІ МОЖНА НАЛАШТУВАТИ НА КЛІЄНТАХ IPA" #. type: Content of: <reference><refentry><refsect1><refsect2><para> #: sssd-ipa.5.xml:805 msgid "" "The following options can be set in a subdomain section on an IPA client:" -msgstr "" +msgstr "У розділі піддомену на клієнті IPA можна вказати такі параметри:" #. type: Content of: <reference><refentry><refsect1><refsect2><para> #: sssd-ipa.5.xml:817 @@ -11706,6 +12146,8 @@ msgid "" "Note that if both options are set, only <quote>ad_server</quote> is " "evaluated." msgstr "" +"Зауважте, що якщо встановлено обидва параметри, буде враховано лише " +"<quote>ad_server</quote>." #. type: Content of: <reference><refentry><refsect1><refsect2><para> #: sssd-ipa.5.xml:821 @@ -11720,6 +12162,15 @@ msgid "" "<manvolnum>8</manvolnum> </citerefentry> manual page for more details on the " "Kerberos locator plugin." msgstr "" +"Оскільки будь-який запит щодо ідентифікації користувача або групи від " +"довіреного домену, який започатковано клієнтом IPA, обробляється сервером " +"IPA, параметри <quote>ad_server</quote> і <quote>ad_site</quote> впливають " +"лише на те, який з DC AD виконуватиме процедуру розпізнавання. Зокрема, " +"адреси, які визначено за цими списками, буде записано до файлів " +"<quote>kdcinfo</quote>, читання яких виконуватиметься додатком пошуку " +"Kerberos. Будь ласка, зверніться до сторінки підручника щодо <citerefentry> " +"<refentrytitle>sssd_krb5_locator_plugin</refentrytitle> <manvolnum>8</" +"manvolnum> </citerefentry>, щоб дізнатися більше про додаток пошуку Kerberos." #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ipa.5.xml:845 @@ -12367,10 +12818,8 @@ msgstr "Типове значення: enforcing" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ad.5.xml:421 -#, fuzzy -#| msgid "ad_gpo_map_deny (string)" msgid "ad_gpo_implicit_deny (boolean)" -msgstr "ad_gpo_map_deny (рядок)" +msgstr "ad_gpo_implicit_deny (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:424 @@ -12382,14 +12831,39 @@ msgid "" "because it can deny access even to users in the built-in Administrators " "group if no GPO rules apply to them." msgstr "" +"Зазвичай, якщо не буде знайдено відповідних GPO, користувачам буде надано " +"доступ. Якщо для цього параметра встановлено значення True, доступ " +"користувачам надаватиметься, лише якщо його явним чином дозволено правилом " +"GPO. Якщо ж такого дозвільного правила не буде виявлено, доступ буде " +"заборонено. Цим можна скористатися для підвищення рівня захисту, але слід " +"бути обережним із використанням цього параметра, оскільки за його допомогою " +"можна заборонити доступ навіть користувачам у вбудованій групі " +"Administrators, якщо немає правил GPO, якими надається такий доступ." + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:441 +#, fuzzy +#| msgid "ad_enable_gc (boolean)" +msgid "ad_gpo_ignore_unreadable (boolean)" +msgstr "ad_enable_gc (булеве значення)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:444 +msgid "" +"Normally when some group policy containers (AD object) of applicable group " +"policy objects are not readable by SSSD then users are denied access. This " +"option allows to ignore group policy containers and with them associated " +"policies if their attributes in group policy containers are not readable for " +"SSSD." +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:442 +#: sssd-ad.5.xml:461 msgid "ad_gpo_cache_timeout (integer)" msgstr "ad_gpo_cache_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:445 +#: sssd-ad.5.xml:464 msgid "" "The amount of time between lookups of GPO policy files against the AD " "server. This will reduce the latency and load on the AD server if there are " @@ -12400,12 +12874,12 @@ msgstr "" "короткого періоду часу надходить багато запитів щодо керування доступом." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:458 +#: sssd-ad.5.xml:477 msgid "ad_gpo_map_interactive (string)" msgstr "ad_gpo_map_interactive (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:461 +#: sssd-ad.5.xml:480 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the InteractiveLogonRight and " @@ -12416,7 +12890,7 @@ msgstr "" "InteractiveLogonRight і DenyInteractiveLogonRight." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:467 +#: sssd-ad.5.xml:486 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on locally\" and \"Deny log on locally\"." @@ -12426,7 +12900,7 @@ msgstr "" "вхід» («Deny log on locally»)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:481 +#: sssd-ad.5.xml:500 #, no-wrap msgid "" "ad_gpo_map_interactive = +my_pam_service, -login\n" @@ -12436,7 +12910,7 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:472 +#: sssd-ad.5.xml:491 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -12455,42 +12929,42 @@ msgstr "" "\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:504 +#: sssd-ad.5.xml:523 msgid "gdm-fingerprint" msgstr "gdm-fingerprint" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:524 +#: sssd-ad.5.xml:543 msgid "lightdm" msgstr "lightdm" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:529 +#: sssd-ad.5.xml:548 msgid "lxdm" msgstr "lxdm" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:534 +#: sssd-ad.5.xml:553 msgid "sddm" msgstr "sddm" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:539 +#: sssd-ad.5.xml:558 msgid "unity" msgstr "unity" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:544 +#: sssd-ad.5.xml:563 msgid "xdm" msgstr "xdm" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:553 +#: sssd-ad.5.xml:572 msgid "ad_gpo_map_remote_interactive (string)" msgstr "ad_gpo_map_remote_interactive (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:556 +#: sssd-ad.5.xml:575 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the RemoteInteractiveLogonRight and " @@ -12501,7 +12975,7 @@ msgstr "" "DenyRemoteInteractiveLogonRight." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:562 +#: sssd-ad.5.xml:581 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on through Remote Desktop Services\" and \"Deny log on through Remote " @@ -12513,7 +12987,7 @@ msgstr "" "служб віддаленої стільниці» («Deny log on through Remote Desktop Services»)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:577 +#: sssd-ad.5.xml:596 #, no-wrap msgid "" "ad_gpo_map_remote_interactive = +my_pam_service, -sshd\n" @@ -12523,7 +12997,7 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:568 +#: sssd-ad.5.xml:587 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -12542,22 +13016,22 @@ msgstr "" "\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:585 +#: sssd-ad.5.xml:604 msgid "sshd" msgstr "sshd" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:590 +#: sssd-ad.5.xml:609 msgid "cockpit" msgstr "cockpit" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:599 +#: sssd-ad.5.xml:618 msgid "ad_gpo_map_network (string)" msgstr "ad_gpo_map_network (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:602 +#: sssd-ad.5.xml:621 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the NetworkLogonRight and " @@ -12568,7 +13042,7 @@ msgstr "" "DenyNetworkLogonRight." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:608 +#: sssd-ad.5.xml:627 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Access " "this computer from the network\" and \"Deny access to this computer from the " @@ -12580,7 +13054,7 @@ msgstr "" "мережі» (Deny access to this computer from the network»)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:623 +#: sssd-ad.5.xml:642 #, no-wrap msgid "" "ad_gpo_map_network = +my_pam_service, -ftp\n" @@ -12590,7 +13064,7 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:614 +#: sssd-ad.5.xml:633 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -12609,22 +13083,22 @@ msgstr "" "\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:631 +#: sssd-ad.5.xml:650 msgid "ftp" msgstr "ftp" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:636 +#: sssd-ad.5.xml:655 msgid "samba" msgstr "samba" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:645 +#: sssd-ad.5.xml:664 msgid "ad_gpo_map_batch (string)" msgstr "ad_gpo_map_batch (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:648 +#: sssd-ad.5.xml:667 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the BatchLogonRight and DenyBatchLogonRight " @@ -12635,7 +13109,7 @@ msgstr "" "DenyBatchLogonRight." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:654 +#: sssd-ad.5.xml:673 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a batch job\" and \"Deny log on as a batch job\"." @@ -12645,7 +13119,7 @@ msgstr "" "job») і «Заборонити вхід як пакетне завдання» («Deny log on as a batch job»)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:668 +#: sssd-ad.5.xml:687 #, no-wrap msgid "" "ad_gpo_map_batch = +my_pam_service, -crond\n" @@ -12655,7 +13129,7 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:659 +#: sssd-ad.5.xml:678 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -12674,23 +13148,24 @@ msgstr "" "\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:671 +#: sssd-ad.5.xml:690 msgid "" "Note: Cron service name may differ depending on Linux distribution used." msgstr "" +"Зауваження: назва служби cron у різних дистрибутивах Linux може бути різною." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:677 +#: sssd-ad.5.xml:696 msgid "crond" msgstr "crond" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:686 +#: sssd-ad.5.xml:705 msgid "ad_gpo_map_service (string)" msgstr "ad_gpo_map_service (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:689 +#: sssd-ad.5.xml:708 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the ServiceLogonRight and " @@ -12701,7 +13176,7 @@ msgstr "" "DenyServiceLogonRight." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:695 +#: sssd-ad.5.xml:714 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a service\" and \"Deny log on as a service\"." @@ -12711,7 +13186,7 @@ msgstr "" "«Заборонити вхід як службу» («Deny log on as a service»)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:708 +#: sssd-ad.5.xml:727 #, no-wrap msgid "" "ad_gpo_map_service = +my_pam_service\n" @@ -12721,7 +13196,7 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:700 sssd-ad.5.xml:775 +#: sssd-ad.5.xml:719 sssd-ad.5.xml:794 msgid "" "It is possible to add a PAM service name to the default set by using <quote>" "+service_name</quote>. Since the default set is empty, it is not possible " @@ -12738,12 +13213,12 @@ msgstr "" "\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:718 +#: sssd-ad.5.xml:737 msgid "ad_gpo_map_permit (string)" msgstr "ad_gpo_map_permit (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:721 +#: sssd-ad.5.xml:740 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always granted, regardless of any GPO Logon Rights." @@ -12752,7 +13227,7 @@ msgstr "" "основі GPO, незалежно від будь-яких прав входу GPO." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:735 +#: sssd-ad.5.xml:754 #, no-wrap msgid "" "ad_gpo_map_permit = +my_pam_service, -sudo\n" @@ -12762,7 +13237,7 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:726 +#: sssd-ad.5.xml:745 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -12781,22 +13256,22 @@ msgstr "" "type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:743 +#: sssd-ad.5.xml:762 msgid "polkit-1" msgstr "polkit-1" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:758 +#: sssd-ad.5.xml:777 msgid "systemd-user" msgstr "systemd-user" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:767 +#: sssd-ad.5.xml:786 msgid "ad_gpo_map_deny (string)" msgstr "ad_gpo_map_deny (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:770 +#: sssd-ad.5.xml:789 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always denied, regardless of any GPO Logon Rights." @@ -12805,7 +13280,7 @@ msgstr "" "на основі GPO, незалежно від будь-яких прав входу GPO." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:783 +#: sssd-ad.5.xml:802 #, no-wrap msgid "" "ad_gpo_map_deny = +my_pam_service\n" @@ -12815,12 +13290,12 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:793 +#: sssd-ad.5.xml:812 msgid "ad_gpo_default_right (string)" msgstr "ad_gpo_default_right (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:796 +#: sssd-ad.5.xml:815 msgid "" "This option defines how access control is evaluated for PAM service names " "that are not explicitly listed in one of the ad_gpo_map_* options. This " @@ -12842,57 +13317,57 @@ msgstr "" "забороняла доступ для непов’язаних назв служб PAM." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:809 +#: sssd-ad.5.xml:828 msgid "Supported values for this option include:" msgstr "Передбачені значення для цього параметра:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:813 +#: sssd-ad.5.xml:832 msgid "interactive" msgstr "interactive" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:818 +#: sssd-ad.5.xml:837 msgid "remote_interactive" msgstr "remote_interactive" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:823 +#: sssd-ad.5.xml:842 msgid "network" msgstr "network" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:828 +#: sssd-ad.5.xml:847 msgid "batch" msgstr "batch" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:833 +#: sssd-ad.5.xml:852 msgid "service" msgstr "service" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:838 +#: sssd-ad.5.xml:857 msgid "permit" msgstr "permit" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:843 +#: sssd-ad.5.xml:862 msgid "deny" msgstr "deny" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:849 +#: sssd-ad.5.xml:868 msgid "Default: deny" msgstr "Типове значення: deny" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:855 +#: sssd-ad.5.xml:874 msgid "ad_maximum_machine_account_password_age (integer)" msgstr "ad_maximum_machine_account_password_age (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:858 +#: sssd-ad.5.xml:877 msgid "" "SSSD will check once a day if the machine account password is older than the " "given age in days and try to renew it. A value of 0 will disable the renewal " @@ -12903,17 +13378,17 @@ msgstr "" "Значення 0 вимкне спроби оновлення." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:864 +#: sssd-ad.5.xml:883 msgid "Default: 30 days" msgstr "Типове значення: 30 днів" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:870 +#: sssd-ad.5.xml:889 msgid "ad_machine_account_password_renewal_opts (string)" msgstr "ad_machine_account_password_renewal_opts (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:873 +#: sssd-ad.5.xml:892 msgid "" "This option should only be used to test the machine account renewal task. " "The option expects 2 integers separated by a colon (':'). The first integer " @@ -12928,12 +13403,12 @@ msgstr "" "— визначає початковий час очікування на перший запуск завдання." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:882 +#: sssd-ad.5.xml:901 msgid "Default: 86400:750 (24h and 15m)" msgstr "Типове значення: 86400:750 (24 годин і 15 хвилин)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:891 +#: sssd-ad.5.xml:910 msgid "" "Optional. This option tells SSSD to automatically update the Active " "Directory DNS server with the IP address of this client. The update is " @@ -12950,12 +13425,12 @@ msgstr "" "якщо цю адресу не було змінено за допомогою параметра «dyndns_iface»." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:921 +#: sssd-ad.5.xml:940 msgid "Default: 3600 (seconds)" msgstr "Типове значення: 3600 (секунд)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:937 +#: sssd-ad.5.xml:956 msgid "" "Default: Use the IP addresses of the interface which is used for AD LDAP " "connection" @@ -12964,7 +13439,7 @@ msgstr "" "для з’єднання LDAP AD" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:950 +#: sssd-ad.5.xml:969 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -12981,12 +13456,12 @@ msgstr "" "значення." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:973 sss_rpcidmapd.5.xml:76 +#: sssd-ad.5.xml:992 sss_rpcidmapd.5.xml:76 msgid "Default: True" msgstr "Типове значення: True" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1080 +#: sssd-ad.5.xml:1099 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -12997,7 +13472,7 @@ msgstr "" "У прикладі продемонстровано лише параметри доступу, специфічні для засобу AD." #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1087 +#: sssd-ad.5.xml:1106 #, no-wrap msgid "" "[domain/EXAMPLE]\n" @@ -13021,7 +13496,7 @@ msgstr "" "ad_domain = example.com\n" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1107 +#: sssd-ad.5.xml:1126 #, no-wrap msgid "" "access_provider = ldap\n" @@ -13033,7 +13508,7 @@ msgstr "" "ldap_account_expire_policy = ad\n" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1103 +#: sssd-ad.5.xml:1122 msgid "" "The AD access control provider checks if the account is expired. It has the " "same effect as the following configuration of the LDAP provider: " @@ -13045,7 +13520,7 @@ msgstr "" "\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1113 +#: sssd-ad.5.xml:1132 msgid "" "However, unless the <quote>ad</quote> access control provider is explicitly " "configured, the default access provider is <quote>permit</quote>. Please " @@ -13060,7 +13535,7 @@ msgstr "" "шифрування) вручну." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1121 +#: sssd-ad.5.xml:1140 msgid "" "When the autofs provider is set to <quote>ad</quote>, the RFC2307 schema " "attribute mapping (nisMap, nisObject, ...) is used, because these attributes " @@ -13420,7 +13895,7 @@ msgstr "" "також систему придатних для під’єднання модулів для встановлення з’єднання з " "декількома різними джерелами даних щодо облікових записів та інтерфейс D-" "Bus. <command>SSSD</command> також є основою для систем перевірки " -"клієнтських систем та служб обслуговування правил доступу для проектів, " +"клієнтських систем та служб обслуговування правил доступу для проєктів, " "подібних до FreeIPA. <command>SSSD</command> надає стійкішу базу даних для " "збереження записів локальних користувачів, а також додаткових даних щодо " "користувачів." @@ -13582,10 +14057,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd.8.xml:169 -#, fuzzy -#| msgid "<option>-c</option>,<option>--config</option>" msgid "<option>-g</option>,<option>--genconf</option>" -msgstr "<option>-c</option>,<option>--config</option>" +msgstr "<option>-g</option>,<option>--genconf</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.8.xml:173 @@ -13593,13 +14066,13 @@ msgid "" "Do not start the SSSD, but refresh the configuration database from the " "contents of <filename>/etc/sssd/sssd.conf</filename> and exit." msgstr "" +"Не запускати SSSD, а лише оновити базу даних налаштувань на основі вмісту " +"<filename>/etc/sssd/sssd.conf</filename> і завершити роботу." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd.8.xml:181 -#, fuzzy -#| msgid "<option>-s</option>,<option>--stdin</option>" msgid "<option>-s</option>,<option>--genconf-section</option>" -msgstr "<option>-s</option>,<option>--stdin</option>" +msgstr "<option>-s</option>,<option>--genconf-section</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.8.xml:185 @@ -13609,6 +14082,11 @@ msgid "" "systemd unit files to allow socket-activated responders to refresh their " "configuration without requiring the administrator to restart the whole SSSD." msgstr "" +"Подібний до <quote>--genconf</quote>, але наказує програмі освіжити лише " +"окремий розділу на основі файла налаштувань. Цей параметр корисний, в " +"основному, для виклику з файлів модулів systemd з метою дозволити " +"відповідачам, які активуються з сокетів, освіжати налаштування без потреби у " +"перезапуску адміністратором усього SSSD." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd.8.xml:197 @@ -14969,11 +15447,67 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-krb5.5.xml:505 +#, fuzzy +#| msgid "krb5_confd_path (string)" +msgid "krb5_kdcinfo_lookahead (string)" +msgstr "krb5_confd_path (рядок)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:508 +#, fuzzy +#| msgid "" +#| "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" +#| "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for " +#| "more information on the locator plugin." +msgid "" +"When krb5_use_kdcinfo is set to true, you can limit the amount of servers " +"handed to <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" +"refentrytitle> <manvolnum>8</manvolnum> </citerefentry>. This might be " +"helpful when there are too many servers discovered using SRV record." +msgstr "" +"Див. сторінку підручника (man) <citerefentry> " +"<refentrytitle>sssd_krb5_locator_plugin</refentrytitle> <manvolnum>8</" +"manvolnum> </citerefentry>, щоб дізнатися більше про додаток пошуку." + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:518 +msgid "" +"The krb5_kdcinfo_lookahead option contains two numbers seperated by a colon. " +"The first number represents number of primary servers used and the second " +"number specifies the number of backup servers." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:524 +#, fuzzy +#| msgid "" +#| "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" +#| "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for " +#| "more information on the locator plugin." +msgid "" +"For example <emphasis>10:0</emphasis> means that up to 10 primary servers " +"will be handed to <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" +"refentrytitle> <manvolnum>8</manvolnum> </citerefentry>. but no backup " +"servers." +msgstr "" +"Див. сторінку підручника (man) <citerefentry> " +"<refentrytitle>sssd_krb5_locator_plugin</refentrytitle> <manvolnum>8</" +"manvolnum> </citerefentry>, щоб дізнатися більше про додаток пошуку." + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:533 +#, fuzzy +#| msgid "Default: 3" +msgid "Default: 3:1" +msgstr "Типове значення: 3" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-krb5.5.xml:539 msgid "krb5_use_enterprise_principal (boolean)" msgstr "krb5_use_enterprise_principal (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:508 +#: sssd-krb5.5.xml:542 msgid "" "Specifies if the user principal should be treated as enterprise principal. " "See section 5 of RFC 6806 for more details about enterprise principals." @@ -14983,12 +15517,12 @@ msgstr "" "реєстраційні дані." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:514 +#: sssd-krb5.5.xml:548 msgid "Default: false (AD provider: true)" msgstr "Типове значення: false (надається AD: true)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:517 +#: sssd-krb5.5.xml:551 msgid "" "The IPA provider will set to option to 'true' if it detects that the server " "is capable of handling enterprise principals and the option is not set " @@ -14999,12 +15533,12 @@ msgstr "" "параметр на встановлено явним чином у файлі налаштувань." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:526 +#: sssd-krb5.5.xml:560 msgid "krb5_map_user (string)" msgstr "krb5_map_user (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:529 +#: sssd-krb5.5.xml:563 msgid "" "The list of mappings is given as a comma-separated list of pairs " "<quote>username:primary</quote> where <quote>username</quote> is a UNIX user " @@ -15018,7 +15552,7 @@ msgstr "" "користувач проходить розпізнавання із використанням «auth_provider = krb5»." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-krb5.5.xml:541 +#: sssd-krb5.5.xml:575 #, no-wrap msgid "" "krb5_realm = REALM\n" @@ -15028,7 +15562,7 @@ msgstr "" "krb5_map_user = joe:juser,dick:richard\n" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:546 +#: sssd-krb5.5.xml:580 msgid "" "<quote>joe</quote> and <quote>dick</quote> are UNIX user names and " "<quote>juser</quote> and <quote>richard</quote> are primaries of kerberos " @@ -15058,7 +15592,7 @@ msgstr "" "про налаштування домену SSSD. <placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:572 +#: sssd-krb5.5.xml:606 msgid "" "The following example assumes that SSSD is correctly configured and FOO is " "one of the domains in the <replaceable>[sssd]</replaceable> section. This " @@ -15071,7 +15605,7 @@ msgstr "" "Kerberos, там не вказано інструменту обробки профілів." #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-krb5.5.xml:580 +#: sssd-krb5.5.xml:614 #, no-wrap msgid "" "[domain/FOO]\n" @@ -16552,21 +17086,14 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_ssh_knownhostsproxy.1.xml:89 -#, fuzzy -#| msgid "<option>-k</option>,<option>--kick</option>" msgid "<option>-k</option>,<option>--pubkey</option>" -msgstr "<option>-k</option>,<option>--kick</option>" +msgstr "<option>-k</option>,<option>--pubkey</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_ssh_knownhostsproxy.1.xml:93 -#, fuzzy -#| msgid "" -#| "Search for host public keys in SSSD domain <replaceable>DOMAIN</" -#| "replaceable>." msgid "" "Print the host ssh public keys for host <replaceable>HOST</replaceable>." -msgstr "" -"Шукати відкриті ключі вузлів у домені SSSD <replaceable>ДОМЕН</replaceable>." +msgstr "Вивести відкриті ключі SSH для вузла <replaceable>HOST</replaceable>." #. type: Content of: <reference><refentry><refnamediv><refname> #: idmap_sss.8.xml:10 idmap_sss.8.xml:15 @@ -16616,15 +17143,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><programlisting> #: idmap_sss.8.xml:50 -#, fuzzy, no-wrap -#| msgid "" -#| "[global]\n" -#| "security = domain\n" -#| "workgroup = MAIN\n" -#| "\n" -#| "idmap config * : backend = sss\n" -#| "idmap config * : range = 200000-2147483647\n" -#| " " +#, no-wrap msgid "" "[global]\n" "security = ads\n" @@ -16638,11 +17157,14 @@ msgid "" " " msgstr "" "[global]\n" -"security = domain\n" -"workgroup = MAIN\n" +"security = ads\n" +"workgroup = <AD-DOMAIN-SHORTNAME>\n" "\n" -"idmap config * : backend = sss\n" -"idmap config * : range = 200000-2147483647\n" +"idmap config <AD-DOMAIN-SHORTNAME> : backend = sss\n" +"idmap config <AD-DOMAIN-SHORTNAME> : range = 200000-2147483647\n" +"\n" +"idmap config * : backend = tdb\n" +"idmap config * : range = 100000-199999\n" " " #. type: Content of: <reference><refentry><refsect1><para> @@ -16653,6 +17175,10 @@ msgid "" "<literal>idmap config</literal> line with <literal>backend = sss</literal> " "and a line with a suitable <literal>range</literal>." msgstr "" +"Будь ласка, замініть <AD-DOMAIN-SHORTNAME> на назву домену у NetBIOS " +"домену AD. Якщо має бути використано декілька доменів AD, для кожного домену " +"потрібен рядок <literal>idmap config</literal> із <literal>backend = sss</" +"literal> і рядок із відповідним <literal>range</literal>." #. type: Content of: <reference><refentry><refsect1><para> #: idmap_sss.8.xml:69 @@ -16660,6 +17186,9 @@ msgid "" "Since Winbind requires a writeable default backend and idmap_sss is read-" "only the example includes <literal>backend = tdb</literal> as default." msgstr "" +"Оскільки для Winbind потрібен придатний до запису типовий модуль, а " +"idmap_sss є придатним лише для читання, до прикладу включено як типовий " +"модуль <literal>backend = tdb</literal>." #. type: Content of: <reference><refentry><refnamediv><refname> #: sssctl.8.xml:10 sssctl.8.xml:15 @@ -16761,23 +17290,21 @@ msgstr "" msgid "" "Another reason is to provide efficient caching of local users and groups." msgstr "" +"Іншою причиною може бути потреба у забезпеченні ефективного кешування даних " +"локальних користувачів і груп." #. type: Content of: <reference><refentry><refsect1><para> #: sssd-files.5.xml:58 -#, fuzzy -#| msgid "" -#| "The detailed instructions for configuration of sudo_provider are in the " -#| "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " -#| "<manvolnum>5</manvolnum> </citerefentry>." msgid "" "Please note that some distributions enable the files domain automatically, " "prepending the domain before any explicitly configured domains. See " "enable_files_domain in <citerefentry> <refentrytitle>sssd.conf</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry>." msgstr "" -"Докладні настанов щодо налаштовування sudo_provider можна знайти на сторінці " -"довідника (man) <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " -"<manvolnum>5</manvolnum> </citerefentry>." +"Будь ласка, зауважте, що у деяких дистрибутивах домен files увімкнено " +"автоматично, оскільки цей домен додано до будь-якого із явно визначених " +"доменів. Див. enable_files_domain у <citerefentry> <refentrytitle>sssd.conf</" +"refentrytitle> <manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para> #: sssd-files.5.xml:67 @@ -16786,6 +17313,9 @@ msgid "" "GID 0 is not handled by SSSD. Such requests are passed to next NSS module " "(usually files)." msgstr "" +"SSSD ніколи не виконує визначення для користувача або групи «root». Крім " +"того, SSSD не обробляє запити щодо визначення UID/GID 0. Такі запити " +"передаються наступному модулю NSS (зазвичай, files)." #. type: Content of: <reference><refentry><refsect1><para> #: sssd-files.5.xml:72 @@ -16793,6 +17323,8 @@ msgid "" "When SSSD is not running or responding, nss_sss returns the UNAVAIL code " "which causes the request to be passed to the next module." msgstr "" +"Якщо SSSD не запущено або програма не відповідає, nss_sss повертає код " +"UNAVAIL, що спричиняє передавання запиту наступному модулю." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-files.5.xml:96 @@ -16840,14 +17372,6 @@ msgstr "Типове значення: /etc/group" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-files.5.xml:80 -#, fuzzy -#| msgid "" -#| "In addition to the options listed below, generic SSSD domain options can " -#| "be set where applicable. Refer to the section <quote>DOMAIN SECTIONS</" -#| "quote> of the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> " -#| "<manvolnum>5</manvolnum> </citerefentry> manual page for details on the " -#| "configuration of an SSSD domain. <placeholder type=\"variablelist\" id=" -#| "\"0\"/>" msgid "" "In addition to the options listed below, generic SSSD domain options can be " "set where applicable. Refer to the section <quote>DOMAIN SECTIONS</quote> " @@ -16860,13 +17384,18 @@ msgid "" "no effect on the files domain unless explicitly specified per-domain. " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" -"Окрім параметрів із наведеного нижче списку, засіб надання даних файлів не " -"має власних специфічних параметрів. Втім, можна використовувати загальні " -"параметри доменів SSSD там, де це є доречним. Зверніться до розділу «РОЗДІЛИ " -"ДОМЕНІВ» сторінки довідника (man) <citerefentry> <refentrytitle>sssd.conf</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry>, щоб дізнатися " -"більше про налаштування домену SSSD. <placeholder type=\"variablelist\" id=" -"\"0\"/>" +"Окрім параметрів із наведеного нижче списку, можна встановлювати, де це є " +"відповідним, загальні параметри домену SSSD. Зверніться до розділу " +"<quote>РОЗДІЛИ ДОМЕНІВ</quote> сторінки підручника <citerefentry> " +"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </" +"citerefentry>, щоб дізнатися більше про налаштовування домені SSSD. Втім, " +"призначенням надавача даних files є надання тих самих даних, які " +"встановлюються для файлів UNIX, просто за допомогою інтерфейсів SSSD. Тому " +"передбачено підтримку не усіх загальних параметрів доменів. Так само, деякі " +"загальні параметри, зокрема перевизначення командної оболонки у розділі " +"<quote>nss</quote> для усіх доменів, ні на що не впливають у домені files, " +"якщо їх не вказано явним чином для окремих доменів. <placeholder type=" +"\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-files.5.xml:132 @@ -16894,6 +17423,9 @@ msgid "" "To leverage caching of local users and groups by SSSD nss_sss module must be " "listed before nss_files module in /etc/nsswitch.conf." msgstr "" +"Для балансування кешування даних локальних користувачів та груп у SSSD " +"модуль nss_sss має перебувати у списку файла /etc/nsswitch.conf вище за " +"модуль nss_files." #. type: Content of: <reference><refentry><refsect1><para><programlisting> #: sssd-files.5.xml:149 @@ -16902,6 +17434,8 @@ msgid "" "passwd: sss files\n" "group: sss files\n" msgstr "" +"passwd: sss files\n" +"group: sss files\n" #. type: Content of: <reference><refentry><refnamediv><refname> #: sssd-secrets.5.xml:10 sssd-secrets.5.xml:16 @@ -16958,7 +17492,7 @@ msgid "" "them transparently routed to a local or a remote key management store like " "IPA Vault for storage, escrow and recovery." msgstr "" -"Проект <ulink url=\"https://github.com/latchset/custodia\">custodia</ulink> " +"Проєкт <ulink url=\"https://github.com/latchset/custodia\">custodia</ulink> " "було створено для урегулювання цієї проблеми у хмароподібних середовищах, " "але нам ця ідея здалася вартою уваги навіть на рівні окремої ізольованої " "системи. Як служба захисту, SSSD є ідеальним місцем для реалізації такої " @@ -18039,7 +18573,7 @@ msgstr "" "На цій сторінці підручника описано налаштування засобу керування кешем " "Kerberos SSSD (Kerberos Cache Manager або KCM). KCM є процесом, який " "зберігає, стежить і керує кешем реєстраційних даних Kerberos. Ідея створення " -"засобу походить із проекту Heimdal Kerberos, хоча у бібліотеці Kerberos MIT " +"засобу походить із проєкту Heimdal Kerberos, хоча у бібліотеці Kerberos MIT " "також надається підтримка з боку клієнта для кешу реєстраційних даних KCM " "(докладніше про це нижче)." @@ -18214,11 +18748,14 @@ msgid "" "or group entries. The database is typically located at <quote>/var/lib/sss/" "secrets</quote>." msgstr "" +"Кеші реєстраційних даних зберігаються у базі даних, дуже подібно до кешів " +"записів користувачів і груп SSSD. Типово, база даних зберігається у <quote>/" +"var/lib/sss/secrets</quote>." #. type: Content of: <reference><refentry><refsect1><title> #: sssd-kcm.8.xml:131 msgid "OBTAINING DEBUG LOGS" -msgstr "" +msgstr "ОТРИМАННЯ ДІАГНОСТИЧНОГО ЖУРНАЛУ" #. type: Content of: <reference><refentry><refsect1><para><programlisting> #: sssd-kcm.8.xml:142 @@ -18228,20 +18765,18 @@ msgid "" "debug_level = 10\n" " " msgstr "" +"[kcm]\n" +"debug_level = 10\n" +" " #. type: Content of: <reference><refentry><refsect1><para><programlisting> #: sssd-kcm.8.xml:147 -#, fuzzy, no-wrap -#| msgid "" -#| "systemctl start sssd-kcm.socket\n" -#| "systemctl enable sssd-kcm.socket\n" -#| " " +#, no-wrap msgid "" "systemctl restart sssd-kcm.service\n" " " msgstr "" -"systemctl start sssd-kcm.socket\n" -"systemctl enable sssd-kcm.socket\n" +"systemctl restart sssd-kcm.service\n" " " #. type: Content of: <reference><refentry><refsect1><para> @@ -18259,6 +18794,18 @@ msgid "" "logs when you no longer need the debugging to be enabled as the sssd-kcm " "service can generate quite a large amount of debugging information." msgstr "" +"Типово, служба sssd-kcm активує крізь сокет <citerefentry> " +"<refentrytitle>systemd</refentrytitle> <manvolnum>1</manvolnum> </" +"citerefentry>. Для створення діагностичних журналів додайте вказані нижче " +"рядки або безпосередньо до файла <filename>/etc/sssd/sssd.conf</filename>, " +"або як фрагмент налаштувань до каталогу <filename>/etc/sssd/conf.d/</" +"filename>: <placeholder type=\"programlisting\" id=\"0\"/> Далі, " +"перезапустіть службу sssd-kcm: <placeholder type=\"programlisting\" id=\"1\"/" +"> Нарешті, виконайте дії, які не призводять до бажаних для вас наслідків. " +"Журнал KCM буде записано до <filename>/var/log/sssd/sssd_kcm.log</filename>. " +"Рекомендуємо вимкнути ведення діагностичного журналу, якщо вам не потрібні " +"діагностичні дані, оскільки служба sssd-kcm може породжувати доволі великий " +"обсяг діагностичних даних." #. type: Content of: <reference><refentry><refsect1><para> #: sssd-kcm.8.xml:157 @@ -18267,6 +18814,9 @@ msgid "" "if the main configuration file at <filename>/etc/sssd/sssd.conf</filename> " "exists at all." msgstr "" +"Будь ласка, зауважте, що у поточній версії фрагменти налаштувань буде " +"оброблено, лише якщо взагалі існує основний файл налаштувань <filename>/etc/" +"sssd/sssd.conf</filename>." #. type: Content of: <reference><refentry><refsect1><para> #: sssd-kcm.8.xml:166 @@ -19798,54 +20348,6 @@ msgstr "" #. type: Content of: <refsect1><para> #: include/seealso.xml:4 -#, fuzzy -#| msgid "" -#| "<citerefentry> <refentrytitle>sssd</refentrytitle><manvolnum>8</" -#| "manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd.conf</" -#| "refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -#| "<refentrytitle>sssd-ldap</refentrytitle><manvolnum>5</manvolnum> </" -#| "citerefentry>, <citerefentry> <refentrytitle>sssd-krb5</" -#| "refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -#| "<refentrytitle>sssd-simple</refentrytitle><manvolnum>5</manvolnum> </" -#| "citerefentry>, <citerefentry> <refentrytitle>sssd-ipa</" -#| "refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -#| "<refentrytitle>sssd-ad</refentrytitle><manvolnum>5</manvolnum> </" -#| "citerefentry>, <phrase condition=\"with_sudo\"> <citerefentry> " -#| "<refentrytitle>sssd-sudo</refentrytitle> <manvolnum>5</manvolnum> </" -#| "citerefentry>, </phrase> <phrase condition=\"with_secrets\"> " -#| "<citerefentry> <refentrytitle>sssd-secrets</refentrytitle> <manvolnum>5</" -#| "manvolnum> </citerefentry>, </phrase> <citerefentry> <refentrytitle>sssd-" -#| "session-recording</refentrytitle> <manvolnum>5</manvolnum> </" -#| "citerefentry>, <citerefentry> <refentrytitle>sss_cache</" -#| "refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -#| "<refentrytitle>sss_debuglevel</refentrytitle><manvolnum>8</manvolnum> </" -#| "citerefentry>, <citerefentry> <refentrytitle>sss_groupadd</" -#| "refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -#| "<refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</manvolnum> </" -#| "citerefentry>, <citerefentry> <refentrytitle>sss_groupshow</" -#| "refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -#| "<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> </" -#| "citerefentry>, <citerefentry> <refentrytitle>sss_useradd</" -#| "refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -#| "<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -#| "citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -#| "refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -#| "<refentrytitle>sss_obfuscate</refentrytitle><manvolnum>8</manvolnum> </" -#| "citerefentry>, <citerefentry> <refentrytitle>sss_seed</" -#| "refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -#| "<refentrytitle>sssd_krb5_locator_plugin</refentrytitle><manvolnum>8</" -#| "manvolnum> </citerefentry>, <phrase condition=\"with_ssh\"> " -#| "<citerefentry> <refentrytitle>sss_ssh_authorizedkeys</refentrytitle> " -#| "<manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -#| "<refentrytitle>sss_ssh_knownhostsproxy</refentrytitle> <manvolnum>8</" -#| "manvolnum> </citerefentry>, </phrase> <phrase condition=\"with_ifp\"> " -#| "<citerefentry> <refentrytitle>sssd-ifp</refentrytitle> <manvolnum>5</" -#| "manvolnum> </citerefentry>, </phrase> <citerefentry> " -#| "<refentrytitle>pam_sss</refentrytitle><manvolnum>8</manvolnum> </" -#| "citerefentry>. <citerefentry> <refentrytitle>sss_rpcidmapd</" -#| "refentrytitle> <manvolnum>5</manvolnum> </citerefentry> <phrase condition=" -#| "\"with_stap\"> <citerefentry> <refentrytitle>sssd-systemtap</" -#| "refentrytitle> <manvolnum>5</manvolnum> </citerefentry> </phrase>" msgid "" "<citerefentry> <refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </" "citerefentry>, <citerefentry> <refentrytitle>sssd.conf</" @@ -19905,15 +20407,17 @@ msgstr "" "citerefentry>, <citerefentry> <refentrytitle>sssd-ipa</" "refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle><manvolnum>5</manvolnum> </" -"citerefentry>, <phrase condition=\"with_sudo\"> <citerefentry> " -"<refentrytitle>sssd-sudo</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry>, </phrase> <phrase condition=\"with_secrets\"> <citerefentry> " -"<refentrytitle>sssd-secrets</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry>, </phrase> <citerefentry> <refentrytitle>sssd-session-" -"recording</refentrytitle> <manvolnum>5</manvolnum> </citerefentry>, " -"<citerefentry> <refentrytitle>sss_cache</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_debuglevel</" +"citerefentry>, <citerefentry> <refentrytitle>sssd-files</" +"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <phrase condition=" +"\"with_sudo\"> <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " +"<manvolnum>5</manvolnum> </citerefentry>, </phrase> <phrase condition=" +"\"with_secrets\"> <citerefentry> <refentrytitle>sssd-secrets</refentrytitle> " +"<manvolnum>5</manvolnum> </citerefentry>, </phrase> <citerefentry> " +"<refentrytitle>sssd-session-recording</refentrytitle> <manvolnum>5</" +"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_cache</" "refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " +"<refentrytitle>sss_debuglevel</refentrytitle><manvolnum>8</manvolnum> </" +"citerefentry>, <phrase condition=\"enable_local_provider\"> <citerefentry> " "<refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</manvolnum> </" "citerefentry>, <citerefentry> <refentrytitle>sss_groupdel</" "refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " @@ -19924,7 +20428,7 @@ msgstr "" "citerefentry>, <citerefentry> <refentrytitle>sss_userdel</" "refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " "<refentrytitle>sss_usermod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_obfuscate</" +"citerefentry>, </phrase> <citerefentry> <refentrytitle>sss_obfuscate</" "refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " "<refentrytitle>sss_seed</refentrytitle><manvolnum>8</manvolnum> </" "citerefentry>, <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" @@ -20223,21 +20727,13 @@ msgstr "" #. type: Content of: <refsect1><refsect2><title> #: include/ad_modified_defaults.xml:80 -#, fuzzy -#| msgid "NSS configuration options" msgid "NSS configuration" -msgstr "Параметри налаштування NSS" +msgstr "Налаштування NSS" #. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> #: include/ad_modified_defaults.xml:84 -#, fuzzy -#| msgid "" -#| "fallback_homedir = /home/%u\n" -#| " " msgid "fallback_homedir = /home/%d/%u" -msgstr "" -"fallback_homedir = /home/%u\n" -" " +msgstr "fallback_homedir = /home/%d/%u" #. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> #: include/ad_modified_defaults.xml:87 @@ -20248,6 +20744,11 @@ msgid "" "and you want to avoid this fallback behavior, you can explicitly set " "\"fallback_homedir = %o\"." msgstr "" +"Засіб надання даних AD автоматично встановлює «fallback_homedir = /home/%d/" +"%u» для надання особистих домашніх каталогів для записів користувачів без " +"атрибута homeDirectory. Якщо ваш домен AD належним чином заповнено щодо " +"атрибутів Posix і ви хочете уникнути такої резервної поведінки, ви можете " +"явним чином вказати «fallback_homedir = %o»." #. type: Content of: <refsect1><para> #: include/ipa_modified_defaults.xml:4 @@ -20357,141 +20858,23 @@ msgid "ldap_group_external_member = ipaExternalMember" msgstr "ldap_group_external_member = ipaExternalMember" #~ msgid "" -#~ "PLEASE NOTE: the support for non-unique named subpatterns is not " -#~ "available on all platforms (e.g. RHEL5 and SLES10). Only platforms with " -#~ "libpcre version 7 or higher can support non-unique named subpatterns." -#~ msgstr "" -#~ "Будь ласка, зауважте: підтримку неунікальних назв підшаблонів передбачено " -#~ "не для всіх платформ (наприклад, нею не можна скористатися у RHEL5 і " -#~ "SLES10). Підтримкою неунікальних назв підшаблонів можна скористатися лише " -#~ "на платформах з версією libpcre 7." - -#~ msgid "" -#~ "PLEASE NOTE ALSO: older version of libpcre only support the Python syntax " -#~ "(?P<name>) to label subpatterns." -#~ msgstr "" -#~ "Додаткове зауваження: у застарілих версіях libpcre передбачено підтримку " -#~ "лише синтаксичних конструкцій Python (?P<name>) для позначення " -#~ "підшаблонів." - -#~ msgid "ldap_groups_use_matching_rule_in_chain" -#~ msgstr "ldap_groups_use_matching_rule_in_chain" - -#~ msgid "" -#~ "This option tells SSSD to take advantage of an Active Directory-specific " -#~ "feature which may speed up group lookup operations on deployments with " -#~ "complex or deep nested groups." -#~ msgstr "" -#~ "За допомогою цього параметра можна наказати SSSD скористатися перевагами " -#~ "специфічної для Active Directory можливості, яка надає змогу пришвидшити " -#~ "дії з пошуку груп у мережах зі складною системою груп або системою груп з " -#~ "високим рівнем вкладеності." - -#~ msgid "" -#~ "In most common cases, it is best to leave this option disabled. It " -#~ "generally only provides a performance increase on very complex nestings." -#~ msgstr "" -#~ "Здебільшого, не варто вмикати цю можливість. Пришвидшення за її допомогою " -#~ "можна буде спостерігати лише у дуже складних випадках вкладеності груп." - -#~ msgid "" -#~ "If this option is enabled, SSSD will use it if it detects that the server " -#~ "supports it during initial connection. So \"True\" here essentially means " -#~ "\"auto-detect\"." -#~ msgstr "" -#~ "Якщо увімкнено цей параметр, SSSD використовуватиме можливість, якщо під " -#~ "час початкового сеансу з’єднання виявить, що на сервері передбачено " -#~ "підтримку можливості. Отже, насправді значення «True» означає «визначити " -#~ "автоматично»." - -#~ msgid "" -#~ "Note: This feature is currently known to work only with Active Directory " -#~ "2008 R1 and later. See <ulink url=\"http://msdn.microsoft.com/en-us/" -#~ "library/windows/desktop/aa746475%28v=vs.85%29.aspx\"> MSDN(TM) " -#~ "documentation</ulink> for more details." -#~ msgstr "" -#~ "Зауваження: відомо, що у поточній версії цією можливістю можна " -#~ "скористатися лише для Active Directory 2008 R1 та пізніших версій. " -#~ "Докладніше про це можна дізнатися з <ulink url=\"http://msdn.microsoft." -#~ "com/en-us/library/windows/desktop/aa746475%28v=vs.85%29.aspx" -#~ "\">документації MSDN(TM)</ulink>." - -#~ msgid "ldap_initgroups_use_matching_rule_in_chain" -#~ msgstr "ldap_initgroups_use_matching_rule_in_chain" - -#~ msgid "" -#~ "This option tells SSSD to take advantage of an Active Directory-specific " -#~ "feature which might speed up initgroups operations (most notably when " -#~ "dealing with complex or deep nested groups)." -#~ msgstr "" -#~ "За допомогою цього параметра можна наказати SSSD скористатися перевагами " -#~ "специфічної для Active Directory можливості, яка може пришвидшити дії з " -#~ "початковими групами (initgroups). Особливо помітним таке пришвидшення є у " -#~ "системах зі складною системою груп або системою груп з високим рівнем " -#~ "вкладеності." - -#~ msgid "" -#~ "The Kerberos locator plugin <command>sssd_krb5_locator_plugin</command> " -#~ "is used by the Kerberos provider of <citerefentry> <refentrytitle>sssd</" -#~ "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> to tell the " -#~ "Kerberos libraries what Realm and which KDC to use. Typically this is " -#~ "done in <citerefentry> <refentrytitle>krb5.conf</refentrytitle> " -#~ "<manvolnum>5</manvolnum> </citerefentry> which is always read by the " -#~ "Kerberos libraries. To simplify the configuration the Realm and the KDC " -#~ "can be defined in <citerefentry> <refentrytitle>sssd.conf</refentrytitle> " -#~ "<manvolnum>5</manvolnum> </citerefentry> as described in <citerefentry> " -#~ "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" -#~ "citerefentry>" -#~ msgstr "" -#~ "Додаток пошуку Kerberos <command>sssd_krb5_locator_plugin</command> " -#~ "використовується засобом обробки Kerberos <citerefentry> " -#~ "<refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> </" -#~ "citerefentry> для сповіщення бібліотек Kerberos яку область і KDC слід " -#~ "використовувати. Типово, таке сповіщення виконується за допомогою " -#~ "<citerefentry> <refentrytitle>krb5.conf</refentrytitle> <manvolnum>5</" -#~ "manvolnum> </citerefentry>, файла, читання якого завжди виконується " -#~ "бібліотеками Kerberos. Щоб спростити налаштування, область та KDC можна " -#~ "визначити у <citerefentry> <refentrytitle>sssd.conf</refentrytitle> " -#~ "<manvolnum>5</manvolnum> </citerefentry> у спосіб, описаний на сторінці " -#~ "довідки <citerefentry> <refentrytitle>sssd-krb5</refentrytitle> " -#~ "<manvolnum>5</manvolnum> </citerefentry>" - -#~ msgid "" -#~ "<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</" -#~ "manvolnum> </citerefentry> puts the Realm and the name or IP address of " -#~ "the KDC into the environment variables SSSD_KRB5_REALM and SSSD_KRB5_KDC " -#~ "respectively. When <command>sssd_krb5_locator_plugin</command> is called " -#~ "by the kerberos libraries it reads and evaluates these variables and " -#~ "returns them to the libraries." +#~ "For POSIX subdomains, setting the option in the main domain is inherited " +#~ "in the subdomain." #~ msgstr "" -#~ "<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</" -#~ "manvolnum> </citerefentry> зберігає область і назву або IP-адресу KDC у " -#~ "змінних середовища SSSD_KRB5_REALM і SSSD_KRB5_KDC, відповідно. Якщо " -#~ "програма <command>sssd_krb5_locator_plugin</command> викликається " -#~ "бібліотеками kerberos, ця програма читає і визначає ці змінні і повертає " -#~ "їхні значення бібліотекам." +#~ "Для піддоменів POSIX встановлення для цього параметра значення головного " +#~ "домену успадковується у піддомені." #~ msgid "" -#~ "systemctl start sssd-secrets.socket\n" -#~ "systemctl enable sssd-secrets.socket\n" -#~ " " +#~ "For ID-mapping subdomains, auto_private_groups is already enabled for the " +#~ "subdomains and setting it to false will not have any effect for the " +#~ "subdomain." #~ msgstr "" -#~ "systemctl start sssd-secrets.socket\n" -#~ "systemctl enable sssd-secrets.socket\n" -#~ " " +#~ "Для піддоменів із прив'язкою за ідентифікатором auto_private_groups вже " +#~ "увімкнено для піддоменів, встановлення для нього значення false ніяк не " +#~ "впливатиме на піддомен." #~ msgid "" -#~ "The credential caches are stored in the SSSD secrets service (see " -#~ "<citerefentry> <refentrytitle>sssd-secrets</refentrytitle><manvolnum>5</" -#~ "manvolnum> </citerefentry> for more details). Therefore it is important " -#~ "that also the sssd-secrets service is enabled and its socket is started: " -#~ "<placeholder type=\"programlisting\" id=\"0\"/> Your distribution should " -#~ "already set the dependencies between the services." +#~ "You can turn off dereference lookups completely by setting the value to 0." #~ msgstr "" -#~ "Кеші реєстраційних даних зберігаються у сховищі служби реєстраційних " -#~ "даних SSSD (докладніший опис наведено на сторінці підручника " -#~ "<citerefentry> <refentrytitle>sssd-secrets</refentrytitle><manvolnum>5</" -#~ "manvolnum> </citerefentry>). Тому важливо, щоб було увімкнено службу sssd-" -#~ "secrets, а її сокет був доступним: <placeholder type=\"programlisting\" " -#~ "id=\"0\"/> Відповідні залежності між цими службами вже мало бути " -#~ "встановлено засобами вашого дистрибутива." +#~ "Ви можете повністю вимкнути пошуки з отриманням значення об’єкта " +#~ "(розіменуванням), якщо вкажете значення 0." diff --git a/src/man/po/zh_CN.po b/src/man/po/zh_CN.po index ca80b0c57bb..97c89d1dcdd 100644 --- a/src/man/po/zh_CN.po +++ b/src/man/po/zh_CN.po @@ -6,9 +6,9 @@ # Christopher Meng <cickumqt@gmail.com>, 2012 msgid "" msgstr "" -"Project-Id-Version: sssd-docs 1.16.2\n" +"Project-Id-Version: sssd-docs 2.0.99\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2019-02-27 19:54+0100\n" +"POT-Creation-Date: 2019-06-13 20:34+0200\n" "PO-Revision-Date: 2014-12-15 12:16+0000\n" "Last-Translator: Copied by Zanata <copied-by-zanata@zanata.org>\n" "Language-Team: Chinese (China) (http://www.transifex.com/projects/p/sssd/" @@ -299,11 +299,11 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:133 sssd.conf.5.xml:579 sssd.conf.5.xml:875 -#: sssd.conf.5.xml:1648 sssd.conf.5.xml:1678 sssd-ldap.5.xml:1792 -#: sssd-ldap.5.xml:1889 sssd-ldap.5.xml:1951 sssd-ldap.5.xml:2517 -#: sssd-ldap.5.xml:2582 sssd-ipa.5.xml:326 sssd-ad.5.xml:227 sssd-ad.5.xml:341 -#: sssd-ad.5.xml:907 sssd-ad.5.xml:1040 sssd-krb5.5.xml:499 +#: sssd.conf.5.xml:133 sssd.conf.5.xml:579 sssd.conf.5.xml:876 +#: sssd.conf.5.xml:1649 sssd.conf.5.xml:1679 sssd-ldap.5.xml:1849 +#: sssd-ldap.5.xml:1947 sssd-ldap.5.xml:2009 sssd-ldap.5.xml:2586 +#: sssd-ldap.5.xml:2651 sssd-ipa.5.xml:326 sssd-ad.5.xml:227 sssd-ad.5.xml:341 +#: sssd-ad.5.xml:926 sssd-ad.5.xml:1059 sssd-krb5.5.xml:499 #: sssd-secrets.5.xml:351 sssd-secrets.5.xml:364 msgid "Default: true" msgstr "" @@ -322,16 +322,16 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:146 sssd.conf.5.xml:576 sssd.conf.5.xml:758 -#: sssd.conf.5.xml:1581 sssd.conf.5.xml:3140 sssd-ldap.5.xml:708 -#: sssd-ldap.5.xml:1655 sssd-ldap.5.xml:1674 sssd-ldap.5.xml:1861 -#: sssd-ldap.5.xml:2287 sssd-ldap.5.xml:2606 sssd-ipa.5.xml:151 +#: sssd.conf.5.xml:1582 sssd.conf.5.xml:3207 sssd-ldap.5.xml:746 +#: sssd-ldap.5.xml:1700 sssd-ldap.5.xml:1719 sssd-ldap.5.xml:1919 +#: sssd-ldap.5.xml:2345 sssd-ldap.5.xml:2675 sssd-ipa.5.xml:151 #: sssd-ipa.5.xml:238 sssd-ipa.5.xml:574 sssd-krb5.5.xml:266 #: sssd-krb5.5.xml:300 sssd-krb5.5.xml:471 msgid "Default: false" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:2325 +#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:2383 #: sssd-systemtap.5.xml:82 sssd-systemtap.5.xml:143 sssd-systemtap.5.xml:210 #: sssd-systemtap.5.xml:248 sssd-systemtap.5.xml:304 msgid "<placeholder type=\"variablelist\" id=\"0\"/>" @@ -356,8 +356,8 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:169 sssd.conf.5.xml:1412 sssd.conf.5.xml:3156 -#: sssd-ldap.5.xml:1526 include/ldap_id_mapping.xml:264 +#: sssd.conf.5.xml:169 sssd.conf.5.xml:1413 sssd.conf.5.xml:3223 +#: sssd-ldap.5.xml:1571 include/ldap_id_mapping.xml:264 msgid "Default: 10" msgstr "" @@ -372,7 +372,7 @@ msgid "The [sssd] section" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:191 sssd.conf.5.xml:3245 +#: sssd.conf.5.xml:191 sssd.conf.5.xml:3312 msgid "Section parameters" msgstr "" @@ -452,7 +452,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:259 sssd.conf.5.xml:2754 +#: sssd.conf.5.xml:259 sssd.conf.5.xml:2755 msgid "re_expression (string)" msgstr "" @@ -472,12 +472,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:276 sssd.conf.5.xml:2802 +#: sssd.conf.5.xml:276 sssd.conf.5.xml:2803 msgid "full_name_format (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:279 sssd.conf.5.xml:2805 +#: sssd.conf.5.xml:279 sssd.conf.5.xml:2806 msgid "" "A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" "manvolnum> </citerefentry>-compatible format that describes how to compose a " @@ -485,39 +485,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:290 sssd.conf.5.xml:2816 +#: sssd.conf.5.xml:290 sssd.conf.5.xml:2817 msgid "%1$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:291 sssd.conf.5.xml:2817 +#: sssd.conf.5.xml:291 sssd.conf.5.xml:2818 msgid "user name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:294 sssd.conf.5.xml:2820 +#: sssd.conf.5.xml:294 sssd.conf.5.xml:2821 msgid "%2$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:297 sssd.conf.5.xml:2823 +#: sssd.conf.5.xml:297 sssd.conf.5.xml:2824 msgid "domain name as specified in the SSSD config file." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:303 sssd.conf.5.xml:2829 +#: sssd.conf.5.xml:303 sssd.conf.5.xml:2830 msgid "%3$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:306 sssd.conf.5.xml:2832 +#: sssd.conf.5.xml:306 sssd.conf.5.xml:2833 msgid "" "domain flat name. Mostly usable for Active Directory domains, both directly " "configured or discovered via IPA trusts." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:287 sssd.conf.5.xml:2813 +#: sssd.conf.5.xml:287 sssd.conf.5.xml:2814 msgid "" "The following expansions are supported: <placeholder type=\"variablelist\" " "id=\"0\"/>" @@ -641,10 +641,10 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:418 sssd.conf.5.xml:1201 sssd-ldap.5.xml:679 -#: sssd-ldap.5.xml:1260 sssd-ldap.5.xml:1614 sssd-ldap.5.xml:1626 -#: sssd-ldap.5.xml:1708 sssd-ad.5.xml:712 sssd-ad.5.xml:787 sssd.8.xml:126 -#: sssd-krb5.5.xml:410 sssd-krb5.5.xml:556 sssd-secrets.5.xml:339 +#: sssd.conf.5.xml:418 sssd.conf.5.xml:1202 sssd-ldap.5.xml:717 +#: sssd-ldap.5.xml:1298 sssd-ldap.5.xml:1659 sssd-ldap.5.xml:1671 +#: sssd-ldap.5.xml:1763 sssd-ad.5.xml:731 sssd-ad.5.xml:806 sssd.8.xml:126 +#: sssd-krb5.5.xml:410 sssd-krb5.5.xml:590 sssd-secrets.5.xml:339 #: sssd-secrets.5.xml:377 sssd-secrets.5.xml:390 sssd-secrets.5.xml:404 #: sssd-secrets.5.xml:415 include/ldap_id_mapping.xml:205 #: include/ldap_id_mapping.xml:216 @@ -787,12 +787,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:533 sssd.conf.5.xml:1397 sssd.conf.5.xml:1703 +#: sssd.conf.5.xml:533 sssd.conf.5.xml:1398 sssd.conf.5.xml:1704 msgid "This man page was generated for the NSS version." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:536 sssd.conf.5.xml:1400 sssd.conf.5.xml:1706 +#: sssd.conf.5.xml:536 sssd.conf.5.xml:1401 sssd.conf.5.xml:1707 msgid "This man page was generated for the OpenSSL version." msgstr "" @@ -876,7 +876,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:624 sssd.conf.5.xml:1424 sssd.conf.5.xml:3206 +#: sssd.conf.5.xml:624 sssd.conf.5.xml:1425 sssd.conf.5.xml:3273 #: sssd-ad.5.xml:164 sssd-ad.5.xml:302 sssd-ad.5.xml:316 msgid "Default: Not set" msgstr "" @@ -952,8 +952,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:692 sssd.conf.5.xml:724 sssd.conf.5.xml:1006 -#: sssd.conf.5.xml:1267 sssd.conf.5.xml:1513 sssd-ldap.5.xml:1353 +#: sssd.conf.5.xml:692 sssd.conf.5.xml:724 sssd.conf.5.xml:1007 +#: sssd.conf.5.xml:1268 sssd.conf.5.xml:1514 sssd-ldap.5.xml:1391 msgid "Default: 60" msgstr "" @@ -1013,8 +1013,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:746 sssd.conf.5.xml:1019 sssd.conf.5.xml:1773 -#: sssd-ldap.5.xml:722 +#: sssd.conf.5.xml:746 sssd.conf.5.xml:1020 sssd.conf.5.xml:1774 +#: sssd-ldap.5.xml:760 msgid "Default: 300" msgstr "" @@ -1091,7 +1091,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:812 sssd.conf.5.xml:1602 +#: sssd.conf.5.xml:812 sssd.conf.5.xml:1603 msgid "Default: 50" msgstr "" @@ -1109,7 +1109,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:826 sssd.conf.5.xml:1626 +#: sssd.conf.5.xml:826 sssd.conf.5.xml:1627 msgid "Default: 15" msgstr "" @@ -1142,11 +1142,11 @@ msgid "" "Exclude certain users or groups from being fetched from the sss NSS " "database. This is particularly useful for system accounts. This option can " "also be set per-domain or include fully-qualified names to filter only users " -"from the particular domain." +"from the particular domain or by a user principal name (UPN)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:855 +#: sssd.conf.5.xml:856 msgid "" "NOTE: The filter_groups option doesn't affect inheritance of nested group " "members, since filtering happens after they are propagated for returning via " @@ -1155,41 +1155,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:863 +#: sssd.conf.5.xml:864 msgid "Default: root" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:868 +#: sssd.conf.5.xml:869 msgid "filter_users_in_groups (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:871 +#: sssd.conf.5.xml:872 msgid "" "If you want filtered user still be group members set this option to false." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:882 +#: sssd.conf.5.xml:883 msgid "fallback_homedir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:885 +#: sssd.conf.5.xml:886 msgid "" "Set a default template for a user's home directory if one is not specified " "explicitly by the domain's data provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:890 +#: sssd.conf.5.xml:891 msgid "" "The available values for this option are the same as for override_homedir." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:896 +#: sssd.conf.5.xml:897 #, no-wrap msgid "" "fallback_homedir = /home/%u\n" @@ -1197,23 +1197,23 @@ msgid "" msgstr "" #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:894 sssd.conf.5.xml:1334 sssd.conf.5.xml:1353 -#: sssd-krb5.5.xml:539 include/override_homedir.xml:59 +#: sssd.conf.5.xml:895 sssd.conf.5.xml:1335 sssd.conf.5.xml:1354 +#: sssd-krb5.5.xml:573 include/override_homedir.xml:59 msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:900 +#: sssd.conf.5.xml:901 msgid "Default: not set (no substitution for unset home directories)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:906 +#: sssd.conf.5.xml:907 msgid "override_shell (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:909 +#: sssd.conf.5.xml:910 msgid "" "Override the login shell for all users. This option supersedes any other " "shell options if it takes effect and can be set either in the [nss] section " @@ -1221,47 +1221,47 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:915 +#: sssd.conf.5.xml:916 msgid "Default: not set (SSSD will use the value retrieved from LDAP)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:921 +#: sssd.conf.5.xml:922 msgid "allowed_shells (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:924 +#: sssd.conf.5.xml:925 msgid "" "Restrict user shell to one of the listed values. The order of evaluation is:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:927 +#: sssd.conf.5.xml:928 msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:931 +#: sssd.conf.5.xml:932 msgid "" "2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</" "quote>, use the value of the shell_fallback parameter." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:936 +#: sssd.conf.5.xml:937 msgid "" "3. If the shell is not in the allowed_shells list and not in <quote>/etc/" "shells</quote>, a nologin shell is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:941 +#: sssd.conf.5.xml:942 msgid "The wildcard (*) can be used to allow any shell." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:944 +#: sssd.conf.5.xml:945 msgid "" "The (*) is useful if you want to use shell_fallback in case that user's " "shell is not in <quote>/etc/shells</quote> and maintaining list of all " @@ -1269,112 +1269,112 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:951 +#: sssd.conf.5.xml:952 msgid "An empty string for shell is passed as-is to libc." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:954 +#: sssd.conf.5.xml:955 msgid "" "The <quote>/etc/shells</quote> is only read on SSSD start up, which means " "that a restart of the SSSD is required in case a new shell is installed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:958 +#: sssd.conf.5.xml:959 msgid "Default: Not set. The user shell is automatically used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:963 +#: sssd.conf.5.xml:964 msgid "vetoed_shells (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:966 +#: sssd.conf.5.xml:967 msgid "Replace any instance of these shells with the shell_fallback" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:971 +#: sssd.conf.5.xml:972 msgid "shell_fallback (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:974 +#: sssd.conf.5.xml:975 msgid "" "The default shell to use if an allowed shell is not installed on the machine." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:978 +#: sssd.conf.5.xml:979 msgid "Default: /bin/sh" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:983 +#: sssd.conf.5.xml:984 msgid "default_shell" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:986 +#: sssd.conf.5.xml:987 msgid "" "The default shell to use if the provider does not return one during lookup. " "This option can be specified globally in the [nss] section or per-domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:992 +#: sssd.conf.5.xml:993 msgid "" "Default: not set (Return NULL if no shell is specified and rely on libc to " "substitute something sensible when necessary, usually /bin/sh)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:999 sssd.conf.5.xml:1260 +#: sssd.conf.5.xml:1000 sssd.conf.5.xml:1261 msgid "get_domains_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1002 sssd.conf.5.xml:1263 +#: sssd.conf.5.xml:1003 sssd.conf.5.xml:1264 msgid "" "Specifies time in seconds for which the list of subdomains will be " "considered valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1011 +#: sssd.conf.5.xml:1012 msgid "memcache_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1014 +#: sssd.conf.5.xml:1015 msgid "" "Specifies time in seconds for which records in the in-memory cache will be " "valid. Setting this option to zero will disable the in-memory cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1022 +#: sssd.conf.5.xml:1023 msgid "" "WARNING: Disabling the in-memory cache will have significant negative impact " "on SSSD's performance and should only be used for testing." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1028 +#: sssd.conf.5.xml:1029 msgid "" "NOTE: If the environment variable SSS_NSS_USE_MEMCACHE is set to \"NO\", " "client applications will not use the fast in-memory cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1036 sssd-ifp.5.xml:74 +#: sssd.conf.5.xml:1037 sssd-ifp.5.xml:74 msgid "user_attributes (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1039 +#: sssd.conf.5.xml:1040 msgid "" "Some of the additional NSS responder requests can return more attributes " "than just the POSIX ones defined by the NSS interface. The list of " @@ -1385,96 +1385,96 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1052 +#: sssd.conf.5.xml:1053 msgid "" "To make configuration more easy the NSS responder will check the InfoPipe " "option if it is not set for the NSS responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1057 +#: sssd.conf.5.xml:1058 msgid "Default: not set, fallback to InfoPipe option" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1062 +#: sssd.conf.5.xml:1063 msgid "pwfield (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1065 +#: sssd.conf.5.xml:1066 msgid "" "The value that NSS operations that return users or groups will return for " "the <quote>password</quote> field." msgstr "" #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:1070 include/override_homedir.xml:56 +#: sssd.conf.5.xml:1071 include/override_homedir.xml:56 msgid "This option can also be set per-domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1073 +#: sssd.conf.5.xml:1074 msgid "" "Default: <quote>*</quote> (remote domains) or <quote>x</quote> (the files " "domain)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1081 +#: sssd.conf.5.xml:1082 msgid "PAM configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1083 +#: sssd.conf.5.xml:1084 msgid "" "These options can be used to configure the Pluggable Authentication Module " "(PAM) service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1088 +#: sssd.conf.5.xml:1089 msgid "offline_credentials_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1091 +#: sssd.conf.5.xml:1092 msgid "" "If the authentication provider is offline, how long should we allow cached " "logins (in days since the last successful online login)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1096 sssd.conf.5.xml:1109 +#: sssd.conf.5.xml:1097 sssd.conf.5.xml:1110 msgid "Default: 0 (No limit)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1102 +#: sssd.conf.5.xml:1103 msgid "offline_failed_login_attempts (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1105 +#: sssd.conf.5.xml:1106 msgid "" "If the authentication provider is offline, how many failed login attempts " "are allowed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1115 +#: sssd.conf.5.xml:1116 msgid "offline_failed_login_delay (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1118 +#: sssd.conf.5.xml:1119 msgid "" "The time in minutes which has to pass after offline_failed_login_attempts " "has been reached before a new login attempt is possible." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1123 +#: sssd.conf.5.xml:1124 msgid "" "If set to 0 the user cannot authenticate offline if " "offline_failed_login_attempts has been reached. Only a successful online " @@ -1482,59 +1482,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1129 sssd.conf.5.xml:1227 +#: sssd.conf.5.xml:1130 sssd.conf.5.xml:1228 msgid "Default: 5" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1135 +#: sssd.conf.5.xml:1136 msgid "pam_verbosity (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1138 +#: sssd.conf.5.xml:1139 msgid "" "Controls what kind of messages are shown to the user during authentication. " "The higher the number to more messages are displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1143 +#: sssd.conf.5.xml:1144 msgid "Currently sssd supports the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1146 +#: sssd.conf.5.xml:1147 msgid "<emphasis>0</emphasis>: do not show any message" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1149 +#: sssd.conf.5.xml:1150 msgid "<emphasis>1</emphasis>: show only important messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1153 +#: sssd.conf.5.xml:1154 msgid "<emphasis>2</emphasis>: show informational messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1156 +#: sssd.conf.5.xml:1157 msgid "<emphasis>3</emphasis>: show all messages and debug information" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1160 sssd.8.xml:63 +#: sssd.conf.5.xml:1161 sssd.8.xml:63 msgid "Default: 1" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1166 +#: sssd.conf.5.xml:1167 msgid "pam_response_filter (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1169 +#: sssd.conf.5.xml:1170 msgid "" "A comma separated list of strings which allows to remove (filter) data sent " "by the PAM responder to pam_sss PAM module. There are different kind of " @@ -1543,61 +1543,61 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1177 +#: sssd.conf.5.xml:1178 msgid "" "While messages already can be controlled with the help of the pam_verbosity " "option this option allows to filter out other kind of responses as well." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1184 +#: sssd.conf.5.xml:1185 msgid "ENV" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1185 +#: sssd.conf.5.xml:1186 msgid "Do not send any environment variables to any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1188 +#: sssd.conf.5.xml:1189 msgid "ENV:var_name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1189 +#: sssd.conf.5.xml:1190 msgid "Do not send environment variable var_name to any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1193 +#: sssd.conf.5.xml:1194 msgid "ENV:var_name:service" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1194 +#: sssd.conf.5.xml:1195 msgid "Do not send environment variable var_name to service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1182 +#: sssd.conf.5.xml:1183 msgid "" "Currently the following filters are supported: <placeholder type=" "\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1204 +#: sssd.conf.5.xml:1205 msgid "Example: ENV:KRB5CCNAME:sudo-i" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1210 +#: sssd.conf.5.xml:1211 msgid "pam_id_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1213 +#: sssd.conf.5.xml:1214 msgid "" "For any PAM request while SSSD is online, the SSSD will attempt to " "immediately update the cached identity information for the user in order to " @@ -1605,7 +1605,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1219 +#: sssd.conf.5.xml:1220 msgid "" "A complete PAM conversation may perform multiple PAM requests, such as " "account management and session opening. This option controls (on a per-" @@ -1614,17 +1614,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1233 +#: sssd.conf.5.xml:1234 msgid "pam_pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1236 sssd.conf.5.xml:2235 +#: sssd.conf.5.xml:1237 sssd.conf.5.xml:2236 msgid "Display a warning N days before the password expires." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1239 +#: sssd.conf.5.xml:1240 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -1632,31 +1632,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1245 sssd.conf.5.xml:2238 +#: sssd.conf.5.xml:1246 sssd.conf.5.xml:2239 msgid "" "If zero is set, then this filter is not applied, i.e. if the expiration " "warning was received from backend server, it will automatically be displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1250 +#: sssd.conf.5.xml:1251 msgid "" "This setting can be overridden by setting <emphasis>pwd_expiration_warning</" "emphasis> for a particular domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1255 sssd.conf.5.xml:3061 sssd.8.xml:79 +#: sssd.conf.5.xml:1256 sssd.conf.5.xml:3069 sssd.8.xml:79 msgid "Default: 0" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1272 +#: sssd.conf.5.xml:1273 msgid "pam_trusted_users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1275 +#: sssd.conf.5.xml:1276 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to run PAM conversations against trusted domains. Users not " @@ -1666,75 +1666,75 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1285 +#: sssd.conf.5.xml:1286 msgid "Default: All users are considered trusted by default" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1289 +#: sssd.conf.5.xml:1290 msgid "" "Please note that UID 0 is always allowed to access the PAM responder even in " "case it is not in the pam_trusted_users list." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1296 +#: sssd.conf.5.xml:1297 msgid "pam_public_domains (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1299 +#: sssd.conf.5.xml:1300 msgid "" "Specifies the comma-separated list of domain names that are accessible even " "to untrusted users." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1303 +#: sssd.conf.5.xml:1304 msgid "Two special values for pam_public_domains option are defined:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1307 +#: sssd.conf.5.xml:1308 msgid "" "all (Untrusted users are allowed to access all domains in PAM responder.)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1311 +#: sssd.conf.5.xml:1312 msgid "" "none (Untrusted users are not allowed to access any domains PAM in " "responder.)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1315 sssd.conf.5.xml:1340 sssd.conf.5.xml:1359 -#: sssd.conf.5.xml:1546 sssd.conf.5.xml:2032 sssd.conf.5.xml:2997 -#: sssd-ldap.5.xml:1920 +#: sssd.conf.5.xml:1316 sssd.conf.5.xml:1341 sssd.conf.5.xml:1360 +#: sssd.conf.5.xml:1547 sssd.conf.5.xml:2033 sssd.conf.5.xml:2998 +#: sssd-ldap.5.xml:1978 msgid "Default: none" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1320 +#: sssd.conf.5.xml:1321 msgid "pam_account_expired_message (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1323 +#: sssd.conf.5.xml:1324 msgid "" "Allows a custom expiration message to be set, replacing the default " "'Permission denied' message." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1328 +#: sssd.conf.5.xml:1329 msgid "" "Note: Please be aware that message is only printed for the SSH service " "unless pam_verbosity is set to 3 (show all messages and debug information)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1336 +#: sssd.conf.5.xml:1337 #, no-wrap msgid "" "pam_account_expired_message = Account expired, please contact help desk.\n" @@ -1742,19 +1742,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1345 +#: sssd.conf.5.xml:1346 msgid "pam_account_locked_message (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1348 +#: sssd.conf.5.xml:1349 msgid "" "Allows a custom lockout message to be set, replacing the default 'Permission " "denied' message." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1355 +#: sssd.conf.5.xml:1356 #, no-wrap msgid "" "pam_account_locked_message = Account locked, please contact help desk.\n" @@ -1762,12 +1762,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1364 +#: sssd.conf.5.xml:1365 msgid "pam_cert_auth (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1367 +#: sssd.conf.5.xml:1368 msgid "" "Enable certificate based Smartcard authentication. Since this requires " "additional communication with the Smartcard which will delay the " @@ -1775,77 +1775,77 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1373 sssd.conf.5.xml:3090 sssd-ldap.5.xml:1455 -#: sssd-ldap.5.xml:1476 sssd-ldap.5.xml:1993 sssd-ad.5.xml:435 +#: sssd.conf.5.xml:1374 sssd-ldap.5.xml:1493 sssd-ldap.5.xml:1514 +#: sssd-ldap.5.xml:2051 sssd-ad.5.xml:435 sssd-ad.5.xml:453 #: include/ldap_id_mapping.xml:244 msgid "Default: False" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1378 +#: sssd.conf.5.xml:1379 msgid "pam_cert_db_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1381 +#: sssd.conf.5.xml:1382 msgid "" "The path to the certificate database which contain the PKCS#11 modules to " "access the Smartcard." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1385 sssd.conf.5.xml:1691 sssd.conf.5.xml:3441 +#: sssd.conf.5.xml:1386 sssd.conf.5.xml:1692 sssd.conf.5.xml:3509 msgid "Default:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1387 sssd.conf.5.xml:1693 +#: sssd.conf.5.xml:1388 sssd.conf.5.xml:1694 msgid "/etc/pki/nssdb (NSS version, path to a NSS database)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1390 sssd.conf.5.xml:1696 +#: sssd.conf.5.xml:1391 sssd.conf.5.xml:1697 msgid "" "/etc/sssd/pki/sssd_auth_ca_db.pem (OpenSSL version, path to a file with " "trusted CA certificates in PEM format)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1405 +#: sssd.conf.5.xml:1406 msgid "p11_child_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1408 +#: sssd.conf.5.xml:1409 msgid "How many seconds will pam_sss wait for p11_child to finish." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1417 +#: sssd.conf.5.xml:1418 msgid "pam_app_services (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1420 +#: sssd.conf.5.xml:1421 msgid "" "Which PAM services are permitted to contact domains of type " "<quote>application</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1429 +#: sssd.conf.5.xml:1430 msgid "pam_p11_allowed_services (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1432 +#: sssd.conf.5.xml:1433 msgid "" "A comma-separated list of PAM service names for which it will be allowed to " "use Smartcards." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1447 +#: sssd.conf.5.xml:1448 #, no-wrap msgid "" "pam_p11_allowed_services = +my_pam_service, -login\n" @@ -1853,7 +1853,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1436 +#: sssd.conf.5.xml:1437 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -1865,63 +1865,63 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1451 sssd-ad.5.xml:485 sssd-ad.5.xml:581 sssd-ad.5.xml:627 -#: sssd-ad.5.xml:673 sssd-ad.5.xml:739 +#: sssd.conf.5.xml:1452 sssd-ad.5.xml:504 sssd-ad.5.xml:600 sssd-ad.5.xml:646 +#: sssd-ad.5.xml:692 sssd-ad.5.xml:758 msgid "Default: the default set of PAM service names includes:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1456 sssd-ad.5.xml:489 +#: sssd.conf.5.xml:1457 sssd-ad.5.xml:508 msgid "login" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1461 sssd-ad.5.xml:494 +#: sssd.conf.5.xml:1462 sssd-ad.5.xml:513 msgid "su" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1466 sssd-ad.5.xml:499 +#: sssd.conf.5.xml:1467 sssd-ad.5.xml:518 msgid "su-l" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1471 sssd-ad.5.xml:514 +#: sssd.conf.5.xml:1472 sssd-ad.5.xml:533 msgid "gdm-smartcard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1476 sssd-ad.5.xml:509 +#: sssd.conf.5.xml:1477 sssd-ad.5.xml:528 msgid "gdm-password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1481 sssd-ad.5.xml:519 +#: sssd.conf.5.xml:1482 sssd-ad.5.xml:538 msgid "kdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1486 sssd-ad.5.xml:748 +#: sssd.conf.5.xml:1487 sssd-ad.5.xml:767 msgid "sudo" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1491 sssd-ad.5.xml:753 +#: sssd.conf.5.xml:1492 sssd-ad.5.xml:772 msgid "sudo-i" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1496 +#: sssd.conf.5.xml:1497 msgid "gnome-screensaver" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1504 +#: sssd.conf.5.xml:1505 msgid "p11_wait_for_card_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1507 +#: sssd.conf.5.xml:1508 msgid "" "If Smartcard authentication is required how many extra seconds in addition " "to p11_child_timeout should the PAM responder wait until a Smartcard is " @@ -1929,23 +1929,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1518 +#: sssd.conf.5.xml:1519 msgid "p11_uri (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1521 +#: sssd.conf.5.xml:1522 msgid "" "PKCS#11 URI (see RFC-7512 for details) which can be used to restrict the " "selection of devices used for Smartcard authentication. By default SSSD's " "p11_child will search for a PKCS#11 slot (reader) where the 'removable' " "flags is set and read the certificates from the inserted token from the " -"first slot found. If multiple readers are connected p11_uri can be use to " +"first slot found. If multiple readers are connected p11_uri can be used to " "tell p11_child to use a specific reader." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1534 +#: sssd.conf.5.xml:1535 #, no-wrap msgid "" "p11_uri = slot-description=My%20Smartcar%20Reader\n" @@ -1953,7 +1953,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1538 +#: sssd.conf.5.xml:1539 #, no-wrap msgid "" "p11_uri = library-description=OpenSC%20smartcard%20framework;slot-id=2\n" @@ -1961,7 +1961,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1532 +#: sssd.conf.5.xml:1533 msgid "" "Example: <placeholder type=\"programlisting\" id=\"0\"/> or <placeholder " "type=\"programlisting\" id=\"1\"/> To find suitable URI please check the " @@ -1970,12 +1970,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1554 +#: sssd.conf.5.xml:1555 msgid "SUDO configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1556 +#: sssd.conf.5.xml:1557 msgid "" "These options can be used to configure the sudo service. The detailed " "instructions for configuration of <citerefentry> <refentrytitle>sudo</" @@ -1986,24 +1986,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1573 +#: sssd.conf.5.xml:1574 msgid "sudo_timed (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1576 +#: sssd.conf.5.xml:1577 msgid "" "Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " "that implement time-dependent sudoers entries." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1588 +#: sssd.conf.5.xml:1589 msgid "sudo_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1591 +#: sssd.conf.5.xml:1592 msgid "" "Maximum number of expired rules that can be refreshed at once. If number of " "expired rules is below threshold, those rules are refreshed with " @@ -2013,22 +2013,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1610 +#: sssd.conf.5.xml:1611 msgid "AUTOFS configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1612 +#: sssd.conf.5.xml:1613 msgid "These options can be used to configure the autofs service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1616 +#: sssd.conf.5.xml:1617 msgid "autofs_negative_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1619 +#: sssd.conf.5.xml:1620 msgid "" "Specifies for how many seconds should the autofs responder negative cache " "hits (that is, queries for invalid map entries, like nonexistent ones) " @@ -2036,51 +2036,51 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1635 +#: sssd.conf.5.xml:1636 msgid "SSH configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1637 +#: sssd.conf.5.xml:1638 msgid "These options can be used to configure the SSH service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1641 +#: sssd.conf.5.xml:1642 msgid "ssh_hash_known_hosts (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1644 +#: sssd.conf.5.xml:1645 msgid "" "Whether or not to hash host names and addresses in the managed known_hosts " "file." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1653 +#: sssd.conf.5.xml:1654 msgid "ssh_known_hosts_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1656 +#: sssd.conf.5.xml:1657 msgid "" "How many seconds to keep a host in the managed known_hosts file after its " "host keys were requested." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1660 +#: sssd.conf.5.xml:1661 msgid "Default: 180" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1665 +#: sssd.conf.5.xml:1666 msgid "ssh_use_certificate_keys (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1668 +#: sssd.conf.5.xml:1669 msgid "" "If set to true the <command>sss_ssh_authorizedkeys</command> will return ssh " "keys derived from the public key of X.509 certificates stored in the user " @@ -2089,24 +2089,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1683 +#: sssd.conf.5.xml:1684 msgid "ca_db (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1686 +#: sssd.conf.5.xml:1687 msgid "" "Path to a storage of trusted CA certificates. The option is used to validate " "user certificates before deriving public ssh keys from them." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1714 +#: sssd.conf.5.xml:1715 msgid "PAC responder configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1716 +#: sssd.conf.5.xml:1717 msgid "" "The PAC responder works together with the authorization data plugin for MIT " "Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the " @@ -2117,7 +2117,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1725 +#: sssd.conf.5.xml:1726 msgid "" "If the remote user does not exist in the cache, it is created. The UID is " "determined with the help of the SID, trusted domains will have UPGs and the " @@ -2128,24 +2128,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1733 +#: sssd.conf.5.xml:1734 msgid "" "If there are SIDs of groups from domains sssd knows about, the user will be " "added to those groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1739 +#: sssd.conf.5.xml:1740 msgid "These options can be used to configure the PAC responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1743 sssd-ifp.5.xml:50 +#: sssd.conf.5.xml:1744 sssd-ifp.5.xml:50 msgid "allowed_uids (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1746 +#: sssd.conf.5.xml:1747 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to access the PAC responder. User names are resolved to UIDs at " @@ -2153,12 +2153,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1752 +#: sssd.conf.5.xml:1753 msgid "Default: 0 (only the root user is allowed to access the PAC responder)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1756 +#: sssd.conf.5.xml:1757 msgid "" "Please note that although the UID 0 is used as the default it will be " "overwritten with this option. If you still want to allow the root user to " @@ -2167,24 +2167,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1765 +#: sssd.conf.5.xml:1766 msgid "pac_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1768 +#: sssd.conf.5.xml:1769 msgid "" "Lifetime of the PAC entry in seconds. As long as the PAC is valid the PAC " "data can be used to determine the group memberships of a user." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1781 +#: sssd.conf.5.xml:1782 msgid "Session recording configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1783 +#: sssd.conf.5.xml:1784 msgid "" "Session recording works in conjunction with <citerefentry> " "<refentrytitle>tlog-rec-session</refentrytitle> <manvolnum>8</manvolnum> </" @@ -2194,66 +2194,66 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1796 +#: sssd.conf.5.xml:1797 msgid "These options can be used to configure session recording." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1800 sssd-session-recording.5.xml:64 +#: sssd.conf.5.xml:1801 sssd-session-recording.5.xml:64 msgid "scope (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1807 sssd-session-recording.5.xml:71 +#: sssd.conf.5.xml:1808 sssd-session-recording.5.xml:71 msgid "\"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1810 sssd-session-recording.5.xml:74 +#: sssd.conf.5.xml:1811 sssd-session-recording.5.xml:74 msgid "No users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1815 sssd-session-recording.5.xml:79 +#: sssd.conf.5.xml:1816 sssd-session-recording.5.xml:79 msgid "\"some\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1818 sssd-session-recording.5.xml:82 +#: sssd.conf.5.xml:1819 sssd-session-recording.5.xml:82 msgid "" "Users/groups specified by <replaceable>users</replaceable> and " "<replaceable>groups</replaceable> options are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1827 sssd-session-recording.5.xml:91 +#: sssd.conf.5.xml:1828 sssd-session-recording.5.xml:91 msgid "\"all\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1830 sssd-session-recording.5.xml:94 +#: sssd.conf.5.xml:1831 sssd-session-recording.5.xml:94 msgid "All users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1803 sssd-session-recording.5.xml:67 +#: sssd.conf.5.xml:1804 sssd-session-recording.5.xml:67 msgid "" "One of the following strings specifying the scope of session recording: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1837 sssd-session-recording.5.xml:101 +#: sssd.conf.5.xml:1838 sssd-session-recording.5.xml:101 msgid "Default: \"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1842 sssd-session-recording.5.xml:106 +#: sssd.conf.5.xml:1843 sssd-session-recording.5.xml:106 msgid "users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1845 sssd-session-recording.5.xml:109 +#: sssd.conf.5.xml:1846 sssd-session-recording.5.xml:109 msgid "" "A comma-separated list of users which should have session recording enabled. " "Matches user names as returned by NSS. I.e. after the possible space " @@ -2261,17 +2261,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1851 sssd-session-recording.5.xml:115 +#: sssd.conf.5.xml:1852 sssd-session-recording.5.xml:115 msgid "Default: Empty. Matches no users." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1856 sssd-session-recording.5.xml:120 +#: sssd.conf.5.xml:1857 sssd-session-recording.5.xml:120 msgid "groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1859 sssd-session-recording.5.xml:123 +#: sssd.conf.5.xml:1860 sssd-session-recording.5.xml:123 msgid "" "A comma-separated list of groups, members of which should have session " "recording enabled. Matches group names as returned by NSS. I.e. after the " @@ -2279,7 +2279,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1865 sssd-session-recording.5.xml:129 +#: sssd.conf.5.xml:1866 sssd-session-recording.5.xml:129 msgid "" "NOTE: using this option (having it set to anything) has a considerable " "performance cost, because each uncached request for a user requires " @@ -2287,22 +2287,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1872 sssd-session-recording.5.xml:136 +#: sssd.conf.5.xml:1873 sssd-session-recording.5.xml:136 msgid "Default: Empty. Matches no groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1882 +#: sssd.conf.5.xml:1883 msgid "DOMAIN SECTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1889 +#: sssd.conf.5.xml:1890 msgid "domain_type (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1892 +#: sssd.conf.5.xml:1893 msgid "" "Specifies whether the domain is meant to be used by POSIX-aware clients such " "as the Name Service Switch or by applications that do not need POSIX data to " @@ -2311,14 +2311,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1900 +#: sssd.conf.5.xml:1901 msgid "" "Allowed values for this option are <quote>posix</quote> and " "<quote>application</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1904 +#: sssd.conf.5.xml:1905 msgid "" "POSIX domains are reachable by all services. Application domains are only " "reachable from the InfoPipe responder (see <citerefentry> " @@ -2327,38 +2327,38 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1912 +#: sssd.conf.5.xml:1913 msgid "" "NOTE: The application domains are currently well tested with " "<quote>id_provider=ldap</quote> only." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1916 +#: sssd.conf.5.xml:1917 msgid "" "For an easy way to configure a non-POSIX domains, please see the " "<quote>Application domains</quote> section." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1920 +#: sssd.conf.5.xml:1921 msgid "Default: posix" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1926 +#: sssd.conf.5.xml:1927 msgid "min_id,max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1929 +#: sssd.conf.5.xml:1930 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1934 +#: sssd.conf.5.xml:1935 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For non-" @@ -2367,24 +2367,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1941 +#: sssd.conf.5.xml:1942 msgid "" "These ID limits affect even saving entries to cache, not only returning them " "by name or ID." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1945 +#: sssd.conf.5.xml:1946 msgid "Default: 1 for min_id, 0 (no limit) for max_id" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1951 +#: sssd.conf.5.xml:1952 msgid "enumerate (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1954 +#: sssd.conf.5.xml:1955 msgid "" "Determines if a domain can be enumerated, that is, whether the domain can " "list all the users and group it contains. Note that it is not required to " @@ -2393,29 +2393,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1962 +#: sssd.conf.5.xml:1963 msgid "TRUE = Users and groups are enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1965 +#: sssd.conf.5.xml:1966 msgid "FALSE = No enumerations for this domain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1968 sssd.conf.5.xml:2190 sssd.conf.5.xml:2365 +#: sssd.conf.5.xml:1969 sssd.conf.5.xml:2191 sssd.conf.5.xml:2366 msgid "Default: FALSE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1971 +#: sssd.conf.5.xml:1972 msgid "" "Enumerating a domain requires SSSD to download and store ALL user and group " "entries from the remote server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1976 +#: sssd.conf.5.xml:1977 msgid "" "Note: Enabling enumeration has a moderate performance impact on SSSD while " "enumeration is running. It may take up to several minutes after SSSD startup " @@ -2429,14 +2429,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1991 +#: sssd.conf.5.xml:1992 msgid "" "While the first enumeration is running, requests for the complete user or " "group lists may return no results until it completes." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1996 +#: sssd.conf.5.xml:1997 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " @@ -2445,39 +2445,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2004 +#: sssd.conf.5.xml:2005 msgid "" "For the reasons cited above, enabling enumeration is not recommended, " "especially in large environments." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2012 +#: sssd.conf.5.xml:2013 msgid "subdomain_enumerate (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2019 +#: sssd.conf.5.xml:2020 msgid "all" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2020 +#: sssd.conf.5.xml:2021 msgid "All discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2023 +#: sssd.conf.5.xml:2024 msgid "none" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2024 +#: sssd.conf.5.xml:2025 msgid "No discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2015 +#: sssd.conf.5.xml:2016 msgid "" "Whether any of autodetected trusted domains should be enumerated. The " "supported values are: <placeholder type=\"variablelist\" id=\"0\"/> " @@ -2486,19 +2486,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2038 +#: sssd.conf.5.xml:2039 msgid "entry_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2041 +#: sssd.conf.5.xml:2042 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2045 +#: sssd.conf.5.xml:2046 msgid "" "The cache expiration timestamps are stored as attributes of individual " "objects in the cache. Therefore, changing the cache timeout only has effect " @@ -2509,151 +2509,151 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2058 +#: sssd.conf.5.xml:2059 msgid "Default: 5400" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2064 +#: sssd.conf.5.xml:2065 msgid "entry_cache_user_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2067 +#: sssd.conf.5.xml:2068 msgid "" "How many seconds should nss_sss consider user entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2071 sssd.conf.5.xml:2084 sssd.conf.5.xml:2097 -#: sssd.conf.5.xml:2110 sssd.conf.5.xml:2123 sssd.conf.5.xml:2137 -#: sssd.conf.5.xml:2151 +#: sssd.conf.5.xml:2072 sssd.conf.5.xml:2085 sssd.conf.5.xml:2098 +#: sssd.conf.5.xml:2111 sssd.conf.5.xml:2124 sssd.conf.5.xml:2138 +#: sssd.conf.5.xml:2152 msgid "Default: entry_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2077 +#: sssd.conf.5.xml:2078 msgid "entry_cache_group_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2080 +#: sssd.conf.5.xml:2081 msgid "" "How many seconds should nss_sss consider group entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2090 +#: sssd.conf.5.xml:2091 msgid "entry_cache_netgroup_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2093 +#: sssd.conf.5.xml:2094 msgid "" "How many seconds should nss_sss consider netgroup entries valid before " "asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2103 +#: sssd.conf.5.xml:2104 msgid "entry_cache_service_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2106 +#: sssd.conf.5.xml:2107 msgid "" "How many seconds should nss_sss consider service entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2116 +#: sssd.conf.5.xml:2117 msgid "entry_cache_sudo_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2119 +#: sssd.conf.5.xml:2120 msgid "" "How many seconds should sudo consider rules valid before asking the backend " "again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2129 +#: sssd.conf.5.xml:2130 msgid "entry_cache_autofs_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2132 +#: sssd.conf.5.xml:2133 msgid "" "How many seconds should the autofs service consider automounter maps valid " "before asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2143 +#: sssd.conf.5.xml:2144 msgid "entry_cache_ssh_host_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2146 +#: sssd.conf.5.xml:2147 msgid "" "How many seconds to keep a host ssh key after refresh. IE how long to cache " "the host key for." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2157 +#: sssd.conf.5.xml:2158 msgid "refresh_expired_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2160 +#: sssd.conf.5.xml:2161 msgid "" "Specifies how many seconds SSSD has to wait before triggering a background " "refresh task which will refresh all expired or nearly expired records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2165 +#: sssd.conf.5.xml:2166 msgid "" "The background refresh will process users, groups and netgroups in the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2169 +#: sssd.conf.5.xml:2170 msgid "You can consider setting this value to 3/4 * entry_cache_timeout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2173 sssd-ldap.5.xml:746 sssd-ipa.5.xml:254 +#: sssd.conf.5.xml:2174 sssd-ldap.5.xml:784 sssd-ipa.5.xml:254 msgid "Default: 0 (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2179 +#: sssd.conf.5.xml:2180 msgid "cache_credentials (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2182 +#: sssd.conf.5.xml:2183 msgid "Determines if user credentials are also cached in the local LDB cache" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2186 +#: sssd.conf.5.xml:2187 msgid "User credentials are stored in a SHA512 hash, not in plaintext" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2196 +#: sssd.conf.5.xml:2197 msgid "cache_credentials_minimal_first_factor_length (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2199 +#: sssd.conf.5.xml:2200 msgid "" "If 2-Factor-Authentication (2FA) is used and credentials should be saved " "this value determines the minimal length the first authentication factor " @@ -2661,24 +2661,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2206 +#: sssd.conf.5.xml:2207 msgid "" "This should avoid that the short PINs of a PIN based 2FA scheme are saved in " "the cache which would make them easy targets for brute-force attacks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2211 +#: sssd.conf.5.xml:2212 msgid "Default: 8" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2217 +#: sssd.conf.5.xml:2218 msgid "account_cache_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2220 +#: sssd.conf.5.xml:2221 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " @@ -2687,17 +2687,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2227 +#: sssd.conf.5.xml:2228 msgid "Default: 0 (unlimited)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2232 +#: sssd.conf.5.xml:2233 msgid "pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2243 +#: sssd.conf.5.xml:2244 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -2706,34 +2706,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2250 +#: sssd.conf.5.xml:2251 msgid "Default: 7 (Kerberos), 0 (LDAP)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2256 +#: sssd.conf.5.xml:2257 msgid "id_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2259 +#: sssd.conf.5.xml:2260 msgid "" "The identification provider used for the domain. Supported ID providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2263 +#: sssd.conf.5.xml:2264 msgid "<quote>proxy</quote>: Support a legacy NSS provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2266 +#: sssd.conf.5.xml:2267 msgid "" "<quote>local</quote>: SSSD internal provider for local users (DEPRECATED)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2270 +#: sssd.conf.5.xml:2271 msgid "" "<quote>files</quote>: FILES provider. See <citerefentry> <refentrytitle>sssd-" "files</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -2741,7 +2741,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2278 +#: sssd.conf.5.xml:2279 msgid "" "<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -2749,8 +2749,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2286 sssd.conf.5.xml:2391 sssd.conf.5.xml:2446 -#: sssd.conf.5.xml:2509 +#: sssd.conf.5.xml:2287 sssd.conf.5.xml:2392 sssd.conf.5.xml:2447 +#: sssd.conf.5.xml:2510 msgid "" "<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management " "provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " @@ -2759,8 +2759,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2295 sssd.conf.5.xml:2400 sssd.conf.5.xml:2455 -#: sssd.conf.5.xml:2518 +#: sssd.conf.5.xml:2296 sssd.conf.5.xml:2401 sssd.conf.5.xml:2456 +#: sssd.conf.5.xml:2519 msgid "" "<quote>ad</quote>: Active Directory provider. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2768,19 +2768,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2306 +#: sssd.conf.5.xml:2307 msgid "use_fully_qualified_names (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2309 +#: sssd.conf.5.xml:2310 msgid "" "Use the full name and domain (as formatted by the domain's full_name_format) " "as the user's login name reported to NSS." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2314 +#: sssd.conf.5.xml:2315 msgid "" "If set to TRUE, all requests to this domain must use fully qualified names. " "For example, if used in LOCAL domain that contains a \"test\" user, " @@ -2789,7 +2789,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2322 +#: sssd.conf.5.xml:2323 msgid "" "NOTE: This option has no effect on netgroup lookups due to their tendency to " "include nested netgroups without qualified names. For netgroups, all domains " @@ -2797,22 +2797,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2329 +#: sssd.conf.5.xml:2330 msgid "Default: FALSE (TRUE if default_domain_suffix is used)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2335 +#: sssd.conf.5.xml:2336 msgid "ignore_group_members (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2338 +#: sssd.conf.5.xml:2339 msgid "Do not return group members for group lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2341 +#: sssd.conf.5.xml:2342 msgid "" "If set to TRUE, the group membership attribute is not requested from the " "ldap server, and group members are not returned when processing group lookup " @@ -2824,7 +2824,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2359 +#: sssd.conf.5.xml:2360 msgid "" "Enabling this option can also make access provider checks for group " "membership significantly faster, especially for groups containing many " @@ -2832,19 +2832,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2370 +#: sssd.conf.5.xml:2371 msgid "auth_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2373 +#: sssd.conf.5.xml:2374 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2377 sssd.conf.5.xml:2439 +#: sssd.conf.5.xml:2378 sssd.conf.5.xml:2440 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2852,7 +2852,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2384 +#: sssd.conf.5.xml:2385 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2860,35 +2860,35 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2408 +#: sssd.conf.5.xml:2409 msgid "" "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2411 +#: sssd.conf.5.xml:2412 msgid "<quote>local</quote>: SSSD internal provider for local users" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2415 +#: sssd.conf.5.xml:2416 msgid "<quote>none</quote> disables authentication explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2418 +#: sssd.conf.5.xml:2419 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2424 +#: sssd.conf.5.xml:2425 msgid "access_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2427 +#: sssd.conf.5.xml:2428 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " @@ -2896,19 +2896,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2433 +#: sssd.conf.5.xml:2434 msgid "" "<quote>permit</quote> always allow access. It's the only permitted access " "provider for a local domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2436 +#: sssd.conf.5.xml:2437 msgid "<quote>deny</quote> always deny access." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2463 +#: sssd.conf.5.xml:2464 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" @@ -2917,7 +2917,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2470 +#: sssd.conf.5.xml:2471 msgid "" "<quote>krb5</quote>: .k5login based access control. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum></" @@ -2925,29 +2925,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2477 +#: sssd.conf.5.xml:2478 msgid "<quote>proxy</quote> for relaying access control to another PAM module." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2480 +#: sssd.conf.5.xml:2481 msgid "Default: <quote>permit</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2485 +#: sssd.conf.5.xml:2486 msgid "chpass_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2488 +#: sssd.conf.5.xml:2489 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2493 +#: sssd.conf.5.xml:2494 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -2955,7 +2955,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2501 +#: sssd.conf.5.xml:2502 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2963,35 +2963,35 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2526 +#: sssd.conf.5.xml:2527 msgid "" "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2530 +#: sssd.conf.5.xml:2531 msgid "<quote>none</quote> disallows password changes explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2533 +#: sssd.conf.5.xml:2534 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2540 +#: sssd.conf.5.xml:2541 msgid "sudo_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2543 +#: sssd.conf.5.xml:2544 msgid "The SUDO provider used for the domain. Supported SUDO providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2547 +#: sssd.conf.5.xml:2548 msgid "" "<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2999,32 +2999,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2555 +#: sssd.conf.5.xml:2556 msgid "" "<quote>ipa</quote> the same as <quote>ldap</quote> but with IPA default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2559 +#: sssd.conf.5.xml:2560 msgid "" "<quote>ad</quote> the same as <quote>ldap</quote> but with AD default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2563 +#: sssd.conf.5.xml:2564 msgid "<quote>none</quote> disables SUDO explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2566 sssd.conf.5.xml:2652 sssd.conf.5.xml:2722 -#: sssd.conf.5.xml:2747 +#: sssd.conf.5.xml:2567 sssd.conf.5.xml:2653 sssd.conf.5.xml:2723 +#: sssd.conf.5.xml:2748 msgid "Default: The value of <quote>id_provider</quote> is used if it is set." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2570 +#: sssd.conf.5.xml:2571 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -3035,7 +3035,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2585 +#: sssd.conf.5.xml:2586 msgid "" "<emphasis>NOTE:</emphasis> Sudo rules are periodically downloaded in the " "background unless the sudo provider is explicitly disabled. Set " @@ -3044,12 +3044,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2595 +#: sssd.conf.5.xml:2596 msgid "selinux_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2598 +#: sssd.conf.5.xml:2599 msgid "" "The provider which should handle loading of selinux settings. Note that this " "provider will be called right after access provider ends. Supported selinux " @@ -3057,7 +3057,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2604 +#: sssd.conf.5.xml:2605 msgid "" "<quote>ipa</quote> to load selinux settings from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3065,31 +3065,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2612 +#: sssd.conf.5.xml:2613 msgid "<quote>none</quote> disallows fetching selinux settings explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2615 +#: sssd.conf.5.xml:2616 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "selinux loading requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2621 +#: sssd.conf.5.xml:2622 msgid "subdomains_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2624 +#: sssd.conf.5.xml:2625 msgid "" "The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider. Supported subdomain providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2630 +#: sssd.conf.5.xml:2631 msgid "" "<quote>ipa</quote> to load a list of subdomains from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3097,7 +3097,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2639 +#: sssd.conf.5.xml:2640 msgid "" "<quote>ad</quote> to load a list of subdomains from an Active Directory " "server. See <citerefentry> <refentrytitle>sssd-ad</refentrytitle> " @@ -3106,17 +3106,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2648 +#: sssd.conf.5.xml:2649 msgid "<quote>none</quote> disallows fetching subdomains explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2658 +#: sssd.conf.5.xml:2659 msgid "session_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2661 +#: sssd.conf.5.xml:2662 msgid "" "The provider which configures and manages user session related tasks. The " "only user session task currently provided is the integration with Fleet " @@ -3124,43 +3124,43 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2668 +#: sssd.conf.5.xml:2669 msgid "<quote>ipa</quote> to allow performing user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2672 +#: sssd.conf.5.xml:2673 msgid "" "<quote>none</quote> does not perform any kind of user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2676 +#: sssd.conf.5.xml:2677 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can perform " "session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2680 +#: sssd.conf.5.xml:2681 msgid "" "<emphasis>NOTE:</emphasis> In order to have this feature working as expected " "SSSD must be running as \"root\" and not as the unprivileged user." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2688 +#: sssd.conf.5.xml:2689 msgid "autofs_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2691 +#: sssd.conf.5.xml:2692 msgid "" "The autofs provider used for the domain. Supported autofs providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2695 +#: sssd.conf.5.xml:2696 msgid "" "<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3168,7 +3168,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2702 +#: sssd.conf.5.xml:2703 msgid "" "<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> " "<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3176,7 +3176,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2710 +#: sssd.conf.5.xml:2711 msgid "" "<quote>ad</quote> to load maps stored in an AD server. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3184,24 +3184,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2719 +#: sssd.conf.5.xml:2720 msgid "<quote>none</quote> disables autofs explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2729 +#: sssd.conf.5.xml:2730 msgid "hostid_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2732 +#: sssd.conf.5.xml:2733 msgid "" "The provider used for retrieving host identity information. Supported " "hostid providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2736 +#: sssd.conf.5.xml:2737 msgid "" "<quote>ipa</quote> to load host identity stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3209,12 +3209,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2744 +#: sssd.conf.5.xml:2745 msgid "<quote>none</quote> disables hostid explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2757 +#: sssd.conf.5.xml:2758 msgid "" "Regular expression for this domain that describes how to parse the string " "containing user name and domain into these components. The \"domain\" can " @@ -3224,7 +3224,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2766 +#: sssd.conf.5.xml:2767 msgid "" "Default for the AD and IPA provider: <quote>(((?P<domain>[^\\\\]+)\\" "\\(?P<name>.+$))|((?P<name>[^@]+)@(?P<domain>.+$))|(^(?" @@ -3233,29 +3233,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2771 +#: sssd.conf.5.xml:2772 msgid "username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2774 +#: sssd.conf.5.xml:2775 msgid "username@domain.name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2777 +#: sssd.conf.5.xml:2778 msgid "domain\\username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2780 +#: sssd.conf.5.xml:2781 msgid "" "While the first two correspond to the general default the third one is " "introduced to allow easy integration of users from Windows domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2785 +#: sssd.conf.5.xml:2786 msgid "" "Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " "which translates to \"the name is everything up to the <quote>@</quote> " @@ -3263,7 +3263,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2791 +#: sssd.conf.5.xml:2792 msgid "" "NOTE: Some Active Directory groups, typically those used for MS Exchange " "contain an <quote>@</quote> sign in the name, which clashes with the default " @@ -3273,59 +3273,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2842 +#: sssd.conf.5.xml:2843 msgid "Default: <quote>%1$s@%2$s</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2848 +#: sssd.conf.5.xml:2849 msgid "lookup_family_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2851 +#: sssd.conf.5.xml:2852 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2855 +#: sssd.conf.5.xml:2856 msgid "Supported values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2858 +#: sssd.conf.5.xml:2859 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2861 +#: sssd.conf.5.xml:2862 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2864 +#: sssd.conf.5.xml:2865 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2867 +#: sssd.conf.5.xml:2868 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2870 +#: sssd.conf.5.xml:2871 msgid "Default: ipv4_first" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2876 +#: sssd.conf.5.xml:2877 msgid "dns_resolver_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2879 +#: sssd.conf.5.xml:2880 msgid "" "Defines the amount of time (in seconds) to wait for a reply from the " "internal fail over service before assuming that the service is unreachable. " @@ -3334,77 +3334,77 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2886 +#: sssd.conf.5.xml:2887 msgid "" "Please see the section <quote>FAILOVER</quote> for more information about " "the service resolution." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2891 sssd-ldap.5.xml:1337 sssd-ldap.5.xml:1379 -#: sssd-ldap.5.xml:1397 sssd-krb5.5.xml:248 +#: sssd.conf.5.xml:2892 sssd-ldap.5.xml:1375 sssd-ldap.5.xml:1417 +#: sssd-ldap.5.xml:1435 sssd-krb5.5.xml:248 msgid "Default: 6" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2897 +#: sssd.conf.5.xml:2898 msgid "dns_discovery_domain (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2900 +#: sssd.conf.5.xml:2901 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2904 +#: sssd.conf.5.xml:2905 msgid "Default: Use the domain part of machine's hostname" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2910 +#: sssd.conf.5.xml:2911 msgid "override_gid (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2913 +#: sssd.conf.5.xml:2914 msgid "Override the primary GID value with the one specified." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2919 +#: sssd.conf.5.xml:2920 msgid "case_sensitive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2930 +#: sssd.conf.5.xml:2931 msgid "True" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2933 +#: sssd.conf.5.xml:2934 msgid "Case sensitive. This value is invalid for AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2939 +#: sssd.conf.5.xml:2940 msgid "False" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2941 +#: sssd.conf.5.xml:2942 msgid "Case insensitive." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2945 +#: sssd.conf.5.xml:2946 msgid "Preserving" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2948 +#: sssd.conf.5.xml:2949 msgid "" "Same as False (case insensitive), but does not lowercase names in the result " "of NSS operations. Note that name aliases (and in case of services also " @@ -3412,7 +3412,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2922 +#: sssd.conf.5.xml:2923 msgid "" "Treat user and group names as case sensitive. <phrase condition=" "\"enable_local_provider\"> At the moment, this option is not supported in " @@ -3421,17 +3421,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2960 +#: sssd.conf.5.xml:2961 msgid "Default: True (False for AD provider)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2966 +#: sssd.conf.5.xml:2967 msgid "subdomain_inherit (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2969 +#: sssd.conf.5.xml:2970 msgid "" "Specifies a list of configuration parameters that should be inherited by a " "subdomain. Please note that only selected parameters can be inherited. " @@ -3439,34 +3439,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2975 +#: sssd.conf.5.xml:2976 msgid "ignore_group_members" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2978 +#: sssd.conf.5.xml:2979 msgid "ldap_purge_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2981 sssd-ldap.5.xml:1061 +#: sssd.conf.5.xml:2982 sssd-ldap.5.xml:1099 msgid "ldap_use_tokengroups" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2984 +#: sssd.conf.5.xml:2985 msgid "ldap_user_principal" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2987 +#: sssd.conf.5.xml:2988 msgid "" "ldap_krb5_keytab (the value of krb5_keytab will be used if ldap_krb5_keytab " "is not set explicitly)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:2993 +#: sssd.conf.5.xml:2994 #, no-wrap msgid "" "subdomain_inherit = ldap_purge_cache_timeout\n" @@ -3474,32 +3474,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2991 sssd-secrets.5.xml:448 +#: sssd.conf.5.xml:2992 sssd-secrets.5.xml:448 msgid "Example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3000 +#: sssd.conf.5.xml:3001 msgid "Note: This option only works with the IPA and AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3007 +#: sssd.conf.5.xml:3008 msgid "subdomain_homedir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3018 +#: sssd.conf.5.xml:3019 msgid "%F" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3019 +#: sssd.conf.5.xml:3020 msgid "flat (NetBIOS) name of a subdomain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3010 +#: sssd.conf.5.xml:3011 msgid "" "Use this homedir as default value for all subdomains within this domain in " "IPA AD trust. See <emphasis>override_homedir</emphasis> for info about " @@ -3509,47 +3509,55 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3024 +#: sssd.conf.5.xml:3025 msgid "" "The value can be overridden by <emphasis>override_homedir</emphasis> option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3028 +#: sssd.conf.5.xml:3029 msgid "Default: <filename>/home/%d/%u</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3033 +#: sssd.conf.5.xml:3034 msgid "realmd_tags (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3036 +#: sssd.conf.5.xml:3037 msgid "" "Various tags stored by the realmd configuration service for this domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3042 +#: sssd.conf.5.xml:3043 msgid "cached_auth_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3045 +#: sssd.conf.5.xml:3046 msgid "" "Specifies time in seconds since last successful online authentication for " "which user will be authenticated using cached credentials while SSSD is in " -"the online mode." +"the online mode. If the credentials are incorrect, SSSD falls back to online " +"authentication." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3051 +#: sssd.conf.5.xml:3054 +msgid "" +"This option's value is inherited by all trusted domains. At the moment it is " +"not possible to set a different value per trusted domain." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3059 msgid "Special value 0 implies that this feature is disabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3055 +#: sssd.conf.5.xml:3063 msgid "" "Please note that if <quote>cached_auth_timeout</quote> is longer than " "<quote>pam_id_timeout</quote> then the back end could be called to handle " @@ -3557,43 +3565,115 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3066 +#: sssd.conf.5.xml:3074 msgid "auto_private_groups (string)" msgstr "" -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3069 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3080 +msgid "true" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3083 +msgid "" +"Create user's private group unconditionally from user's UID number. The GID " +"number is ignored in this case." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3087 +msgid "" +"NOTE: Because the GID number and the user private group are inferred from " +"the UID number, it is not supported to have multiple entries with the same " +"UID or GID number with this option. In other words, enabling this option " +"enforces uniqueness across the ID space." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3096 +msgid "false" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3099 +msgid "" +"Always use the user's primary GID number. The GID number must refer to a " +"group object in the LDAP database." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3105 +msgid "hybrid" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3108 +msgid "" +"A primary group is autogenerated for user entries whose UID and GID numbers " +"have the same value and at the same time the GID number does not correspond " +"to a real group object in LDAP If the values are the same, but the primary " +"GID in the user entry is also used by a group object, the primary GID of the " +"user resolves to that group object." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3121 msgid "" -"If this option is enabled, SSSD will automatically create user private " -"groups based on user's UID number. The GID number is ignored in this case." +"If the UID and GID of a user are different, then the GID must correspond to " +"a group entry, otherwise the GID is simply not resolvable." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3128 +msgid "" +"This feature is useful for environments that wish to stop maintaining a " +"separate group objects for the user private groups, but also wish to retain " +"the existing user private groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3074 +#: sssd.conf.5.xml:3077 msgid "" -"For POSIX subdomains, setting the option in the main domain is inherited in " -"the subdomain." +"This option takes any of three available values: <placeholder type=" +"\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3078 +#: sssd.conf.5.xml:3140 +msgid "" +"For subdomains, the default value is False for subdomains that use assigned " +"POSIX IDs and True for subdomains that use automatic ID-mapping." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd.conf.5.xml:3148 +#, no-wrap +msgid "" +"[domain/forest.domain/sub.domain]\n" +"auto_private_groups = false\n" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd.conf.5.xml:3154 +#, no-wrap msgid "" -"For ID-mapping subdomains, auto_private_groups is already enabled for the " -"subdomains and setting it to false will not have any effect for the " -"subdomain." +"[domain/forest.domain]\n" +"subdomain_inherit = auto_private_groups\n" +"auto_private_groups = false\n" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3083 +#: sssd.conf.5.xml:3145 msgid "" -"NOTE: Because the GID number and the user private group are inferred from " -"the UID number, it is not supported to have multiple entries with the same " -"UID or GID number with this option. In other words, enabling this option " -"enforces uniqueness across the ID space." +"The value of auto_private_groups can either be set per subdomains in a " +"subsection, for example: <placeholder type=\"programlisting\" id=\"0\"/> or " +"globally for all subdomains in the main domain section using the " +"subdomain_inherit option: <placeholder type=\"programlisting\" id=\"1\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1884 +#: sssd.conf.5.xml:1885 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called <quote>[domain/<replaceable>NAME</" @@ -3601,29 +3681,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3102 +#: sssd.conf.5.xml:3169 msgid "proxy_pam_target (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3105 +#: sssd.conf.5.xml:3172 msgid "The proxy target PAM proxies to." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3108 +#: sssd.conf.5.xml:3175 msgid "" "Default: not set by default, you have to take an existing pam configuration " "or create a new one and add the service name here." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3116 +#: sssd.conf.5.xml:3183 msgid "proxy_lib_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3119 +#: sssd.conf.5.xml:3186 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " @@ -3631,12 +3711,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3129 +#: sssd.conf.5.xml:3196 msgid "proxy_fast_alias (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3132 +#: sssd.conf.5.xml:3199 msgid "" "When a user or group is looked up by name in the proxy provider, a second " "lookup by ID is performed to \"canonicalize\" the name in case the requested " @@ -3645,12 +3725,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3146 +#: sssd.conf.5.xml:3213 msgid "proxy_max_children (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3149 +#: sssd.conf.5.xml:3216 msgid "" "This option specifies the number of pre-forked proxy children. It is useful " "for high-load SSSD environments where sssd may run out of available child " @@ -3658,19 +3738,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3098 +#: sssd.conf.5.xml:3165 msgid "" "Options valid for proxy domains. <placeholder type=\"variablelist\" id=" "\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:3165 +#: sssd.conf.5.xml:3232 msgid "Application domains" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3167 +#: sssd.conf.5.xml:3234 msgid "" "SSSD, with its D-Bus interface (see <citerefentry> <refentrytitle>sssd-ifp</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry>) is appealing to " @@ -3687,7 +3767,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3187 +#: sssd.conf.5.xml:3254 msgid "" "Please note that the application domain must still be explicitly enabled in " "the <quote>domains</quote> parameter so that the lookup order between the " @@ -3695,17 +3775,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:3193 +#: sssd.conf.5.xml:3260 msgid "Application domain parameters" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3195 +#: sssd.conf.5.xml:3262 msgid "inherit_from (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3198 +#: sssd.conf.5.xml:3265 msgid "" "The SSSD POSIX-type domain the application domain inherits all settings " "from. The application domain can moreover add its own settings to the " @@ -3714,7 +3794,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3212 +#: sssd.conf.5.xml:3279 msgid "" "The following example illustrates the use of an application domain. In this " "setup, the POSIX domain is connected to an LDAP server and is used by the OS " @@ -3724,7 +3804,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><programlisting> -#: sssd.conf.5.xml:3220 +#: sssd.conf.5.xml:3287 #, no-wrap msgid "" "[sssd]\n" @@ -3744,12 +3824,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:3238 +#: sssd.conf.5.xml:3305 msgid "The local domain section" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3240 +#: sssd.conf.5.xml:3307 msgid "" "This section contains settings for domain that stores users and groups in " "SSSD native database, that is, a domain that uses " @@ -3757,73 +3837,73 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3247 +#: sssd.conf.5.xml:3314 msgid "default_shell (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3250 +#: sssd.conf.5.xml:3317 msgid "The default shell for users created with SSSD userspace tools." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3254 +#: sssd.conf.5.xml:3321 msgid "Default: <filename>/bin/bash</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3259 +#: sssd.conf.5.xml:3326 msgid "base_directory (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3262 +#: sssd.conf.5.xml:3329 msgid "" "The tools append the login name to <replaceable>base_directory</replaceable> " "and use that as the home directory." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3267 +#: sssd.conf.5.xml:3334 msgid "Default: <filename>/home</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3272 +#: sssd.conf.5.xml:3339 msgid "create_homedir (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3275 +#: sssd.conf.5.xml:3342 msgid "" "Indicate if a home directory should be created by default for new users. " "Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3279 sssd.conf.5.xml:3291 +#: sssd.conf.5.xml:3346 sssd.conf.5.xml:3358 msgid "Default: TRUE" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3284 +#: sssd.conf.5.xml:3351 msgid "remove_homedir (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3287 +#: sssd.conf.5.xml:3354 msgid "" "Indicate if a home directory should be removed by default for deleted " "users. Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3296 +#: sssd.conf.5.xml:3363 msgid "homedir_umask (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3299 +#: sssd.conf.5.xml:3366 msgid "" "Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " @@ -3831,17 +3911,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3307 +#: sssd.conf.5.xml:3374 msgid "Default: 077" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3312 +#: sssd.conf.5.xml:3379 msgid "skel_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3315 +#: sssd.conf.5.xml:3382 msgid "" "The skeleton directory, which contains files and directories to be copied in " "the user's home directory, when the home directory is created by " @@ -3850,17 +3930,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3325 +#: sssd.conf.5.xml:3392 msgid "Default: <filename>/etc/skel</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3330 +#: sssd.conf.5.xml:3397 msgid "mail_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3333 +#: sssd.conf.5.xml:3400 msgid "" "The mail spool directory. This is needed to manipulate the mailbox when its " "corresponding user account is modified or deleted. If not specified, a " @@ -3868,17 +3948,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3340 +#: sssd.conf.5.xml:3407 msgid "Default: <filename>/var/mail</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3345 +#: sssd.conf.5.xml:3412 msgid "userdel_cmd (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3348 +#: sssd.conf.5.xml:3415 msgid "" "The command that is run after a user is removed. The command us passed the " "username of the user being removed as the first and only parameter. The " @@ -3886,17 +3966,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3354 +#: sssd.conf.5.xml:3421 msgid "Default: None, no command is run" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3364 +#: sssd.conf.5.xml:3431 msgid "TRUSTED DOMAIN SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3366 +#: sssd.conf.5.xml:3433 msgid "" "Some options used in the domain section can also be used in the trusted " "domain section, that is, in a section called <quote>[domain/" @@ -3907,64 +3987,69 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3373 +#: sssd.conf.5.xml:3440 msgid "ldap_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3374 +#: sssd.conf.5.xml:3441 msgid "ldap_user_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3375 +#: sssd.conf.5.xml:3442 msgid "ldap_group_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3376 +#: sssd.conf.5.xml:3443 msgid "ldap_netgroup_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3377 +#: sssd.conf.5.xml:3444 msgid "ldap_service_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3378 +#: sssd.conf.5.xml:3445 +msgid "ldap_sasl_mech," +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:3446 msgid "ad_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3379 +#: sssd.conf.5.xml:3447 msgid "ad_backup_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3380 +#: sssd.conf.5.xml:3448 msgid "ad_site," msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3381 sssd-ipa.5.xml:797 +#: sssd.conf.5.xml:3449 sssd-ipa.5.xml:797 msgid "use_fully_qualified_names" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3383 +#: sssd.conf.5.xml:3451 msgid "" "For more details about these options see their individual description in the " "manual page." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3389 +#: sssd.conf.5.xml:3457 msgid "CERTIFICATE MAPPING SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3391 +#: sssd.conf.5.xml:3459 msgid "" "To allow authentication with Smartcards and certificates SSSD must be able " "to map certificates to users. This can be done by adding the full " @@ -3977,7 +4062,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3405 +#: sssd.conf.5.xml:3473 msgid "" "To make the mapping more flexible mapping and matching rules were added to " "SSSD (see <citerefentry> <refentrytitle>sss-certmap</refentrytitle> " @@ -3985,7 +4070,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3414 +#: sssd.conf.5.xml:3482 msgid "" "A mapping and matching rule can be added to the SSSD configuration in a " "section on its own with a name like <quote>[certmap/" @@ -3994,55 +4079,55 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3421 +#: sssd.conf.5.xml:3489 msgid "matchrule (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3424 +#: sssd.conf.5.xml:3492 msgid "" "Only certificates from the Smartcard which matches this rule will be " "processed, all others are ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3428 +#: sssd.conf.5.xml:3496 msgid "" "Default: KRB5:<EKU>clientAuth, i.e. only certificates which have the " "Extended Key Usage <quote>clientAuth</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3435 +#: sssd.conf.5.xml:3503 msgid "maprule (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3438 +#: sssd.conf.5.xml:3506 msgid "Defines how the user is found for a given certificate." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3444 +#: sssd.conf.5.xml:3512 msgid "" "LDAP:(userCertificate;binary={cert!bin}) for LDAP based providers like " "<quote>ldap</quote>, <quote>AD</quote> or <quote>ipa</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3450 +#: sssd.conf.5.xml:3518 msgid "" "The RULE_NAME for the <quote>files</quote> provider which tries to find a " "user with the same name." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3459 +#: sssd.conf.5.xml:3527 msgid "domains (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3462 +#: sssd.conf.5.xml:3530 msgid "" "Comma separated list of domain names the rule should be applied. By default " "a rule is only valid in the domain configured in sssd.conf. If the provider " @@ -4051,17 +4136,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3469 +#: sssd.conf.5.xml:3537 msgid "Default: the configured domain in sssd.conf" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3474 +#: sssd.conf.5.xml:3542 msgid "priority (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3477 +#: sssd.conf.5.xml:3545 msgid "" "Unsigned integer value defining the priority of the rule. The higher the " "number the lower the priority. <quote>0</quote> stands for the highest " @@ -4069,26 +4154,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3483 +#: sssd.conf.5.xml:3551 msgid "Default: the lowest priority" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3489 +#: sssd.conf.5.xml:3557 msgid "" "To make the configuration simple and reduce the amount of configuration " "options the <quote>files</quote> provider has some special properties:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3495 +#: sssd.conf.5.xml:3563 msgid "" "if maprule is not set the RULE_NAME name is assumed to be the name of the " "matching user" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3501 +#: sssd.conf.5.xml:3569 msgid "" "if a maprule is used both a single user name or a template like " "<quote>{subject_rfc822_name.short_name}</quote> must be in braces like e.g. " @@ -4097,17 +4182,124 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3510 +#: sssd.conf.5.xml:3578 msgid "the <quote>domains</quote> option is ignored" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3518 idmap_sss.8.xml:43 +#: sssd.conf.5.xml:3586 +msgid "PROMPTING CONFIGURATION SECTION" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:3588 +msgid "" +"If a special file (<filename>/var/lib/sss/pubconf/pam_preauth_available</" +"filename>) exists SSSD's PAM module pam_sss will ask SSSD to figure out " +"which authentication methods are available for the user trying to log in. " +"Based on the results pam_sss will prompt the user for appropriate " +"credentials." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:3596 +msgid "" +"With the growing number of authentication methods and the possibility that " +"there are multiple ones for a single user the heuristic used by pam_sss to " +"select the prompting might not be suitable for all use cases. To following " +"options should provide a better flexibility here." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3608 +msgid "[prompting/password]" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3611 +msgid "password_prompt" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3612 +msgid "to change the string of the password prompt" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3610 +msgid "" +"to configure password prompting, allowed options are: <placeholder type=" +"\"variablelist\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3620 +msgid "[prompting/2fa]" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3624 +msgid "first_prompt" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3625 +msgid "to change the string of the prompt for the first factor" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3628 +msgid "second_prompt" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3629 +msgid "to change the string of the prompt for the second factor" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3632 +msgid "single_prompt" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3633 +msgid "" +"boolean value, if True there will be only a single prompt using the value of " +"first_prompt where it is expected that both factor are entered as a single " +"string" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3622 +msgid "" +"to configure two-factor authentication prompting, allowed options are: " +"<placeholder type=\"variablelist\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:3603 +msgid "" +"Each supported authentication method has it's own configuration sub-section " +"under <quote>[prompting/...]</quote>. Currently there are: <placeholder type=" +"\"variablelist\" id=\"0\"/> <placeholder type=\"variablelist\" id=\"1\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:3645 +msgid "" +"It is possible to add a sub-section for specific PAM services like e.g. " +"<quote>[prompting/password/sshd]</quote> to individual change the prompting " +"for this service." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sssd.conf.5.xml:3652 idmap_sss.8.xml:43 msgid "EXAMPLES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3524 +#: sssd.conf.5.xml:3658 #, no-wrap msgid "" "[sssd]\n" @@ -4137,7 +4329,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3520 +#: sssd.conf.5.xml:3654 msgid "" "1. The following example shows a typical SSSD config. It does not describe " "configuration of the domains themselves - refer to documentation on " @@ -4146,7 +4338,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3557 +#: sssd.conf.5.xml:3691 #, no-wrap msgid "" "[domain/ipa.com/child.ad.com]\n" @@ -4154,7 +4346,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3551 +#: sssd.conf.5.xml:3685 msgid "" "2. The following example shows configuration of IPA AD trust where the AD " "forest consists of two domains in a parent-child structure. Suppose IPA " @@ -4165,7 +4357,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3571 +#: sssd.conf.5.xml:3705 #, no-wrap msgid "" "[certmap/my.domain/rule_name]\n" @@ -4179,7 +4371,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3562 +#: sssd.conf.5.xml:3696 msgid "" "3. The following example shows the configuration for two certificate mapping " "rules. The first is valid for the configured domain <quote>my.domain</quote> " @@ -4329,7 +4521,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:662 sssd-ad.5.xml:286 +#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:700 sssd-ad.5.xml:286 #: sss_override.8.xml:137 sss_override.8.xml:234 msgid "Examples:" msgstr "" @@ -4424,123 +4616,164 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:209 -msgid "ldap_default_bind_dn (string)" +msgid "ldap_pwmodify_mode (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:212 +msgid "Specify the operation that is used to modify user password." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:216 +msgid "Two modes are currently supported:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ldap.5.xml:220 +msgid "exop - Password Modify Extended Operation (RFC 3062)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ldap.5.xml:226 +msgid "ldap_modify - Direct modification of userPassword (not recommended)." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:233 +msgid "" +"Note: First, a new connection is established to verify current password by " +"binding as the user that requested password change. If successful, this " +"connection is used to change the password therefore the user must have write " +"access to userPassword attribute." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:241 +#, fuzzy +#| msgid "Default: 3" +msgid "Default: exop" +msgstr "默认: 3" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:247 +msgid "ldap_default_bind_dn (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:250 msgid "The default bind DN to use for performing LDAP operations." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:219 +#: sssd-ldap.5.xml:257 msgid "ldap_default_authtok_type (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:222 +#: sssd-ldap.5.xml:260 msgid "The type of the authentication token of the default bind DN." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:226 +#: sssd-ldap.5.xml:264 msgid "The two mechanisms currently supported are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:229 +#: sssd-ldap.5.xml:267 msgid "password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:232 +#: sssd-ldap.5.xml:270 msgid "obfuscated_password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:235 +#: sssd-ldap.5.xml:273 msgid "Default: password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:241 +#: sssd-ldap.5.xml:279 msgid "ldap_default_authtok (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:244 +#: sssd-ldap.5.xml:282 msgid "" "The authentication token of the default bind DN. Only clear text passwords " "are currently supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:251 +#: sssd-ldap.5.xml:289 msgid "ldap_user_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:254 +#: sssd-ldap.5.xml:292 msgid "The object class of a user entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:257 +#: sssd-ldap.5.xml:295 msgid "Default: posixAccount" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:263 +#: sssd-ldap.5.xml:301 msgid "ldap_user_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:266 +#: sssd-ldap.5.xml:304 msgid "The LDAP attribute that corresponds to the user's login name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:270 +#: sssd-ldap.5.xml:308 msgid "Default: uid (rfc2307, rfc2307bis and IPA), sAMAccountName (AD)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:277 +#: sssd-ldap.5.xml:315 msgid "ldap_user_uid_number (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:280 +#: sssd-ldap.5.xml:318 msgid "The LDAP attribute that corresponds to the user's id." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:284 +#: sssd-ldap.5.xml:322 msgid "Default: uidNumber" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:290 +#: sssd-ldap.5.xml:328 msgid "ldap_user_gid_number (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:293 +#: sssd-ldap.5.xml:331 msgid "The LDAP attribute that corresponds to the user's primary group id." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:297 sssd-ldap.5.xml:929 +#: sssd-ldap.5.xml:335 sssd-ldap.5.xml:967 msgid "Default: gidNumber" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:303 +#: sssd-ldap.5.xml:341 msgid "ldap_user_primary_group (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:306 +#: sssd-ldap.5.xml:344 msgid "" "Active Directory primary group attribute for ID-mapping. Note that this " "attribute should only be set manually if you are running the <quote>ldap</" @@ -4548,113 +4781,113 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:312 +#: sssd-ldap.5.xml:350 msgid "Default: unset (LDAP), primaryGroupID (AD)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:318 +#: sssd-ldap.5.xml:356 msgid "ldap_user_gecos (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:321 +#: sssd-ldap.5.xml:359 msgid "The LDAP attribute that corresponds to the user's gecos field." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:325 +#: sssd-ldap.5.xml:363 msgid "Default: gecos" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:331 +#: sssd-ldap.5.xml:369 msgid "ldap_user_home_directory (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:334 +#: sssd-ldap.5.xml:372 msgid "The LDAP attribute that contains the name of the user's home directory." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:338 +#: sssd-ldap.5.xml:376 msgid "Default: homeDirectory" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:344 +#: sssd-ldap.5.xml:382 msgid "ldap_user_shell (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:347 +#: sssd-ldap.5.xml:385 msgid "The LDAP attribute that contains the path to the user's default shell." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:351 +#: sssd-ldap.5.xml:389 msgid "Default: loginShell" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:357 +#: sssd-ldap.5.xml:395 msgid "ldap_user_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:360 +#: sssd-ldap.5.xml:398 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:364 sssd-ldap.5.xml:955 +#: sssd-ldap.5.xml:402 sssd-ldap.5.xml:993 msgid "" "Default: not set in the general case, objectGUID for AD and ipaUniqueID for " "IPA" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:371 +#: sssd-ldap.5.xml:409 msgid "ldap_user_objectsid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:374 +#: sssd-ldap.5.xml:412 msgid "" "The LDAP attribute that contains the objectSID of an LDAP user object. This " "is usually only necessary for ActiveDirectory servers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:379 sssd-ldap.5.xml:970 +#: sssd-ldap.5.xml:417 sssd-ldap.5.xml:1008 msgid "Default: objectSid for ActiveDirectory, not set for other servers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:386 +#: sssd-ldap.5.xml:424 msgid "ldap_user_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:389 sssd-ldap.5.xml:980 sssd-ldap.5.xml:1144 +#: sssd-ldap.5.xml:427 sssd-ldap.5.xml:1018 sssd-ldap.5.xml:1182 msgid "" "The LDAP attribute that contains timestamp of the last modification of the " "parent object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:393 sssd-ldap.5.xml:984 sssd-ldap.5.xml:1151 +#: sssd-ldap.5.xml:431 sssd-ldap.5.xml:1022 sssd-ldap.5.xml:1189 msgid "Default: modifyTimestamp" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:399 +#: sssd-ldap.5.xml:437 msgid "ldap_user_shadow_last_change (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:402 +#: sssd-ldap.5.xml:440 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -4663,17 +4896,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:412 +#: sssd-ldap.5.xml:450 msgid "Default: shadowLastChange" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:418 +#: sssd-ldap.5.xml:456 msgid "ldap_user_shadow_min (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:421 +#: sssd-ldap.5.xml:459 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -4682,17 +4915,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:430 +#: sssd-ldap.5.xml:468 msgid "Default: shadowMin" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:436 +#: sssd-ldap.5.xml:474 msgid "ldap_user_shadow_max (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:439 +#: sssd-ldap.5.xml:477 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -4701,17 +4934,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:448 +#: sssd-ldap.5.xml:486 msgid "Default: shadowMax" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:454 +#: sssd-ldap.5.xml:492 msgid "ldap_user_shadow_warning (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:457 +#: sssd-ldap.5.xml:495 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -4720,17 +4953,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:467 +#: sssd-ldap.5.xml:505 msgid "Default: shadowWarning" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:473 +#: sssd-ldap.5.xml:511 msgid "ldap_user_shadow_inactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:476 +#: sssd-ldap.5.xml:514 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -4739,17 +4972,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:486 +#: sssd-ldap.5.xml:524 msgid "Default: shadowInactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:492 +#: sssd-ldap.5.xml:530 msgid "ldap_user_shadow_expire (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:495 +#: sssd-ldap.5.xml:533 msgid "" "When using ldap_pwd_policy=shadow or ldap_account_expire_policy=shadow, this " "parameter contains the name of an LDAP attribute corresponding to its " @@ -4758,17 +4991,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:505 +#: sssd-ldap.5.xml:543 msgid "Default: shadowExpire" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:511 +#: sssd-ldap.5.xml:549 msgid "ldap_user_krb_last_pwd_change (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:514 +#: sssd-ldap.5.xml:552 msgid "" "When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " "an LDAP attribute storing the date and time of last password change in " @@ -4776,155 +5009,155 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:520 +#: sssd-ldap.5.xml:558 msgid "Default: krbLastPwdChange" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:526 +#: sssd-ldap.5.xml:564 msgid "ldap_user_krb_password_expiration (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:529 +#: sssd-ldap.5.xml:567 msgid "" "When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " "an LDAP attribute storing the date and time when current password expires." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:535 +#: sssd-ldap.5.xml:573 msgid "Default: krbPasswordExpiration" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:541 +#: sssd-ldap.5.xml:579 msgid "ldap_user_ad_account_expires (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:544 +#: sssd-ldap.5.xml:582 msgid "" "When using ldap_account_expire_policy=ad, this parameter contains the name " "of an LDAP attribute storing the expiration time of the account." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:549 +#: sssd-ldap.5.xml:587 msgid "Default: accountExpires" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:555 +#: sssd-ldap.5.xml:593 msgid "ldap_user_ad_user_account_control (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:558 +#: sssd-ldap.5.xml:596 msgid "" "When using ldap_account_expire_policy=ad, this parameter contains the name " "of an LDAP attribute storing the user account control bit field." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:563 +#: sssd-ldap.5.xml:601 msgid "Default: userAccountControl" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:569 +#: sssd-ldap.5.xml:607 msgid "ldap_ns_account_lock (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:572 +#: sssd-ldap.5.xml:610 msgid "" "When using ldap_account_expire_policy=rhds or equivalent, this parameter " "determines if access is allowed or not." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:577 +#: sssd-ldap.5.xml:615 msgid "Default: nsAccountLock" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:583 +#: sssd-ldap.5.xml:621 msgid "ldap_user_nds_login_disabled (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:586 +#: sssd-ldap.5.xml:624 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines if " "access is allowed or not." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:590 sssd-ldap.5.xml:604 +#: sssd-ldap.5.xml:628 sssd-ldap.5.xml:642 msgid "Default: loginDisabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:596 +#: sssd-ldap.5.xml:634 msgid "ldap_user_nds_login_expiration_time (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:599 +#: sssd-ldap.5.xml:637 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines until " "which date access is granted." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:610 +#: sssd-ldap.5.xml:648 msgid "ldap_user_nds_login_allowed_time_map (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:613 +#: sssd-ldap.5.xml:651 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines the " "hours of a day in a week when access is granted." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:618 +#: sssd-ldap.5.xml:656 msgid "Default: loginAllowedTimeMap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:624 +#: sssd-ldap.5.xml:662 msgid "ldap_user_principal (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:627 +#: sssd-ldap.5.xml:665 msgid "" "The LDAP attribute that contains the user's Kerberos User Principal Name " "(UPN)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:631 +#: sssd-ldap.5.xml:669 msgid "Default: krbPrincipalName" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:637 +#: sssd-ldap.5.xml:675 msgid "ldap_user_extra_attrs (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:640 +#: sssd-ldap.5.xml:678 msgid "" "Comma-separated list of LDAP attributes that SSSD would fetch along with the " "usual set of user attributes." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:645 +#: sssd-ldap.5.xml:683 msgid "" "The list can either contain LDAP attribute names only, or colon-separated " "tuples of SSSD cache attribute name and LDAP attribute name. In case only " @@ -4934,7 +5167,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:655 +#: sssd-ldap.5.xml:693 msgid "" "Please note that several attribute names are reserved by SSSD, notably the " "<quote>name</quote> attribute. SSSD would report an error if any of the " @@ -4942,51 +5175,51 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:665 +#: sssd-ldap.5.xml:703 msgid "ldap_user_extra_attrs = telephoneNumber" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:668 +#: sssd-ldap.5.xml:706 msgid "" "Save the <quote>telephoneNumber</quote> attribute from LDAP as " "<quote>telephoneNumber</quote> to the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:672 +#: sssd-ldap.5.xml:710 msgid "ldap_user_extra_attrs = phone:telephoneNumber" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:675 +#: sssd-ldap.5.xml:713 msgid "" "Save the <quote>telephoneNumber</quote> attribute from LDAP as <quote>phone</" "quote> to the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:685 +#: sssd-ldap.5.xml:723 msgid "ldap_user_ssh_public_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:688 +#: sssd-ldap.5.xml:726 msgid "The LDAP attribute that contains the user's SSH public keys." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:692 sssd-ldap.5.xml:1247 +#: sssd-ldap.5.xml:730 sssd-ldap.5.xml:1285 msgid "Default: sshPublicKey" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:698 +#: sssd-ldap.5.xml:736 msgid "ldap_force_upper_case_realm (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:701 +#: sssd-ldap.5.xml:739 msgid "" "Some directory servers, for example Active Directory, might deliver the " "realm part of the UPN in lower case, which might cause the authentication to " @@ -4995,24 +5228,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:714 +#: sssd-ldap.5.xml:752 msgid "ldap_enumeration_refresh_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:717 +#: sssd-ldap.5.xml:755 msgid "" "Specifies how many seconds SSSD has to wait before refreshing its cache of " "enumerated records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:728 +#: sssd-ldap.5.xml:766 msgid "ldap_purge_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:731 +#: sssd-ldap.5.xml:769 msgid "" "Determine how often to check the cache for inactive entries (such as groups " "with no members and users who have never logged in) and remove them to save " @@ -5020,7 +5253,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:737 +#: sssd-ldap.5.xml:775 msgid "" "Setting this option to zero will disable the cache cleanup operation. Please " "note that if enumeration is enabled, the cleanup task is required in order " @@ -5029,43 +5262,43 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:752 +#: sssd-ldap.5.xml:790 msgid "ldap_user_fullname (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:755 +#: sssd-ldap.5.xml:793 msgid "The LDAP attribute that corresponds to the user's full name." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:759 sssd-ldap.5.xml:1102 sssd-ldap.5.xml:1176 -#: sssd-ldap.5.xml:1285 sssd-ldap.5.xml:2346 sssd-ipa.5.xml:622 +#: sssd-ldap.5.xml:797 sssd-ldap.5.xml:1140 sssd-ldap.5.xml:1214 +#: sssd-ldap.5.xml:1323 sssd-ldap.5.xml:2404 sssd-ipa.5.xml:622 msgid "Default: cn" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:765 +#: sssd-ldap.5.xml:803 msgid "ldap_user_member_of (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:768 +#: sssd-ldap.5.xml:806 msgid "The LDAP attribute that lists the user's group memberships." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:772 sssd-ldap.5.xml:1215 +#: sssd-ldap.5.xml:810 sssd-ldap.5.xml:1253 msgid "Default: memberOf" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:778 +#: sssd-ldap.5.xml:816 msgid "ldap_user_authorized_service (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:781 +#: sssd-ldap.5.xml:819 msgid "" "If access_provider=ldap and ldap_access_order=authorized_service, SSSD will " "use the presence of the authorizedService attribute in the user's LDAP entry " @@ -5073,14 +5306,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:788 +#: sssd-ldap.5.xml:826 msgid "" "An explicit deny (!svc) is resolved first. Second, SSSD searches for " "explicit allow (svc) and finally for allow_all (*)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:793 +#: sssd-ldap.5.xml:831 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>authorized_service</quote> in order for the " @@ -5088,17 +5321,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:800 +#: sssd-ldap.5.xml:838 msgid "Default: authorizedService" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:806 +#: sssd-ldap.5.xml:844 msgid "ldap_user_authorized_host (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:809 +#: sssd-ldap.5.xml:847 msgid "" "If access_provider=ldap and ldap_access_order=host, SSSD will use the " "presence of the host attribute in the user's LDAP entry to determine access " @@ -5106,14 +5339,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:815 +#: sssd-ldap.5.xml:853 msgid "" "An explicit deny (!host) is resolved first. Second, SSSD searches for " "explicit allow (host) and finally for allow_all (*)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:820 +#: sssd-ldap.5.xml:858 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>host</quote> in order for the " @@ -5121,17 +5354,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:827 +#: sssd-ldap.5.xml:865 msgid "Default: host" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:833 +#: sssd-ldap.5.xml:871 msgid "ldap_user_authorized_rhost (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:836 +#: sssd-ldap.5.xml:874 msgid "" "If access_provider=ldap and ldap_access_order=rhost, SSSD will use the " "presence of the rhost attribute in the user's LDAP entry to determine access " @@ -5139,14 +5372,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:843 +#: sssd-ldap.5.xml:881 msgid "" "An explicit deny (!rhost) is resolved first. Second, SSSD searches for " "explicit allow (rhost) and finally for allow_all (*)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:848 +#: sssd-ldap.5.xml:886 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>rhost</quote> in order for the " @@ -5154,37 +5387,37 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:855 +#: sssd-ldap.5.xml:893 msgid "Default: rhost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:861 +#: sssd-ldap.5.xml:899 msgid "ldap_user_certificate (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:864 +#: sssd-ldap.5.xml:902 msgid "Name of the LDAP attribute containing the X509 certificate of the user." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:868 +#: sssd-ldap.5.xml:906 msgid "Default: userCertificate;binary" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:874 +#: sssd-ldap.5.xml:912 msgid "ldap_user_email (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:877 +#: sssd-ldap.5.xml:915 msgid "Name of the LDAP attribute containing the email address of the user." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:881 +#: sssd-ldap.5.xml:919 msgid "" "Note: If an email address of a user conflicts with an email address or fully " "qualified name of another user, then SSSD will not be able to serve those " @@ -5194,106 +5427,106 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:890 +#: sssd-ldap.5.xml:928 msgid "Default: mail" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:896 +#: sssd-ldap.5.xml:934 msgid "ldap_group_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:899 +#: sssd-ldap.5.xml:937 msgid "The object class of a group entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:902 +#: sssd-ldap.5.xml:940 msgid "Default: posixGroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:908 +#: sssd-ldap.5.xml:946 msgid "ldap_group_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:911 +#: sssd-ldap.5.xml:949 msgid "The LDAP attribute that corresponds to the group name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:915 +#: sssd-ldap.5.xml:953 msgid "Default: cn (rfc2307, rfc2307bis and IPA), sAMAccountName (AD)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:922 +#: sssd-ldap.5.xml:960 msgid "ldap_group_gid_number (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:925 +#: sssd-ldap.5.xml:963 msgid "The LDAP attribute that corresponds to the group's id." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:935 +#: sssd-ldap.5.xml:973 msgid "ldap_group_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:938 +#: sssd-ldap.5.xml:976 msgid "The LDAP attribute that contains the names of the group's members." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:942 +#: sssd-ldap.5.xml:980 msgid "Default: memberuid (rfc2307) / member (rfc2307bis)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:948 +#: sssd-ldap.5.xml:986 msgid "ldap_group_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:951 +#: sssd-ldap.5.xml:989 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:962 +#: sssd-ldap.5.xml:1000 msgid "ldap_group_objectsid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:965 +#: sssd-ldap.5.xml:1003 msgid "" "The LDAP attribute that contains the objectSID of an LDAP group object. This " "is usually only necessary for ActiveDirectory servers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:977 +#: sssd-ldap.5.xml:1015 msgid "ldap_group_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:990 +#: sssd-ldap.5.xml:1028 msgid "ldap_group_type (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:993 +#: sssd-ldap.5.xml:1031 msgid "" "The LDAP attribute that contains an integer value indicating the type of the " "group and maybe other flags." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:998 +#: sssd-ldap.5.xml:1036 msgid "" "This attribute is currently only used by the AD provider to determine if a " "group is a domain local groups and has to be filtered out for trusted " @@ -5301,34 +5534,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1004 +#: sssd-ldap.5.xml:1042 msgid "Default: groupType in the AD provider, otherwise not set" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1011 +#: sssd-ldap.5.xml:1049 msgid "ldap_group_external_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1014 +#: sssd-ldap.5.xml:1052 msgid "" "The LDAP attribute that references group members that are defined in an " "external domain. At the moment, only IPA's external members are supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1020 +#: sssd-ldap.5.xml:1058 msgid "Default: ipaExternalMember in the IPA provider, otherwise unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1027 +#: sssd-ldap.5.xml:1065 msgid "ldap_group_nesting_level (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1030 +#: sssd-ldap.5.xml:1068 msgid "" "If ldap_schema is set to a schema format that supports nested groups (e.g. " "RFC2307bis), then this option controls how many levels of nesting SSSD will " @@ -5336,7 +5569,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1037 +#: sssd-ldap.5.xml:1075 msgid "" "Note: This option specifies the guaranteed level of nested groups to be " "processed for any lookup. However, nested groups beyond this limit " @@ -5346,7 +5579,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1046 +#: sssd-ldap.5.xml:1084 msgid "" "If ldap_group_nesting_level is set to 0 then no nested groups are processed " "at all. However, when connected to Active-Directory Server 2008 and later " @@ -5356,177 +5589,177 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1055 +#: sssd-ldap.5.xml:1093 msgid "Default: 2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1064 +#: sssd-ldap.5.xml:1102 msgid "" "This options enables or disables use of Token-Groups attribute when " "performing initgroup for users from Active Directory Server 2008 and later." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1069 +#: sssd-ldap.5.xml:1107 msgid "Default: True for AD and IPA otherwise False." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1075 +#: sssd-ldap.5.xml:1113 msgid "ldap_netgroup_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1078 +#: sssd-ldap.5.xml:1116 msgid "The object class of a netgroup entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1081 +#: sssd-ldap.5.xml:1119 msgid "In IPA provider, ipa_netgroup_object_class should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1085 +#: sssd-ldap.5.xml:1123 msgid "Default: nisNetgroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1091 +#: sssd-ldap.5.xml:1129 msgid "ldap_netgroup_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1094 +#: sssd-ldap.5.xml:1132 msgid "The LDAP attribute that corresponds to the netgroup name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1098 +#: sssd-ldap.5.xml:1136 msgid "In IPA provider, ipa_netgroup_name should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1108 +#: sssd-ldap.5.xml:1146 msgid "ldap_netgroup_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1111 +#: sssd-ldap.5.xml:1149 msgid "The LDAP attribute that contains the names of the netgroup's members." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1115 +#: sssd-ldap.5.xml:1153 msgid "In IPA provider, ipa_netgroup_member should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1119 +#: sssd-ldap.5.xml:1157 msgid "Default: memberNisNetgroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1125 +#: sssd-ldap.5.xml:1163 msgid "ldap_netgroup_triple (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1128 +#: sssd-ldap.5.xml:1166 msgid "" "The LDAP attribute that contains the (host, user, domain) netgroup triples." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1132 sssd-ldap.5.xml:1148 +#: sssd-ldap.5.xml:1170 sssd-ldap.5.xml:1186 msgid "This option is not available in IPA provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1135 +#: sssd-ldap.5.xml:1173 msgid "Default: nisNetgroupTriple" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1141 +#: sssd-ldap.5.xml:1179 msgid "ldap_netgroup_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1157 +#: sssd-ldap.5.xml:1195 msgid "ldap_host_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1160 +#: sssd-ldap.5.xml:1198 msgid "The object class of a host entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1163 sssd-ldap.5.xml:1272 +#: sssd-ldap.5.xml:1201 sssd-ldap.5.xml:1310 msgid "Default: ipService" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1169 +#: sssd-ldap.5.xml:1207 msgid "ldap_host_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1172 sssd-ldap.5.xml:1198 +#: sssd-ldap.5.xml:1210 sssd-ldap.5.xml:1236 msgid "The LDAP attribute that corresponds to the host's name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1182 +#: sssd-ldap.5.xml:1220 msgid "ldap_host_fqdn (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1185 +#: sssd-ldap.5.xml:1223 msgid "" "The LDAP attribute that corresponds to the host's fully-qualified domain " "name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1189 +#: sssd-ldap.5.xml:1227 msgid "Default: fqdn" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1195 +#: sssd-ldap.5.xml:1233 msgid "ldap_host_serverhostname (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1202 +#: sssd-ldap.5.xml:1240 msgid "Default: serverHostname" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1208 +#: sssd-ldap.5.xml:1246 msgid "ldap_host_member_of (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1211 +#: sssd-ldap.5.xml:1249 msgid "The LDAP attribute that lists the host's group memberships." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1221 +#: sssd-ldap.5.xml:1259 msgid "ldap_host_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1224 +#: sssd-ldap.5.xml:1262 msgid "Optional. Use the given string as search base for host objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1228 sssd-ipa.5.xml:374 sssd-ipa.5.xml:393 +#: sssd-ldap.5.xml:1266 sssd-ipa.5.xml:374 sssd-ipa.5.xml:393 #: sssd-ipa.5.xml:412 sssd-ipa.5.xml:431 msgid "" "See <quote>ldap_search_base</quote> for information about configuring " @@ -5534,95 +5767,95 @@ msgid "" msgstr "" #. type: Content of: <listitem><para> -#: sssd-ldap.5.xml:1233 sssd-ipa.5.xml:379 include/ldap_search_bases.xml:27 +#: sssd-ldap.5.xml:1271 sssd-ipa.5.xml:379 include/ldap_search_bases.xml:27 msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1240 +#: sssd-ldap.5.xml:1278 msgid "ldap_host_ssh_public_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1243 +#: sssd-ldap.5.xml:1281 msgid "The LDAP attribute that contains the host's SSH public keys." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1253 +#: sssd-ldap.5.xml:1291 msgid "ldap_host_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1256 +#: sssd-ldap.5.xml:1294 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP host object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1266 +#: sssd-ldap.5.xml:1304 msgid "ldap_service_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1269 +#: sssd-ldap.5.xml:1307 msgid "The object class of a service entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1278 +#: sssd-ldap.5.xml:1316 msgid "ldap_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1281 +#: sssd-ldap.5.xml:1319 msgid "" "The LDAP attribute that contains the name of service attributes and their " "aliases." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1291 +#: sssd-ldap.5.xml:1329 msgid "ldap_service_port (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1294 +#: sssd-ldap.5.xml:1332 msgid "The LDAP attribute that contains the port managed by this service." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1298 +#: sssd-ldap.5.xml:1336 msgid "Default: ipServicePort" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1304 +#: sssd-ldap.5.xml:1342 msgid "ldap_service_proto (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1307 +#: sssd-ldap.5.xml:1345 msgid "" "The LDAP attribute that contains the protocols understood by this service." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1311 +#: sssd-ldap.5.xml:1349 msgid "Default: ipServiceProtocol" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1317 +#: sssd-ldap.5.xml:1355 msgid "ldap_service_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1322 +#: sssd-ldap.5.xml:1360 msgid "ldap_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1325 +#: sssd-ldap.5.xml:1363 msgid "" "Specifies the timeout (in seconds) that ldap searches are allowed to run " "before they are cancelled and cached results are returned (and offline mode " @@ -5630,7 +5863,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1331 +#: sssd-ldap.5.xml:1369 msgid "" "Note: this option is subject to change in future versions of the SSSD. It " "will likely be replaced at some point by a series of timeouts for specific " @@ -5638,12 +5871,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1343 +#: sssd-ldap.5.xml:1381 msgid "ldap_enumeration_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1346 +#: sssd-ldap.5.xml:1384 msgid "" "Specifies the timeout (in seconds) that ldap searches for user and group " "enumerations are allowed to run before they are cancelled and cached results " @@ -5651,12 +5884,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1359 +#: sssd-ldap.5.xml:1397 msgid "ldap_network_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1362 +#: sssd-ldap.5.xml:1400 msgid "" "Specifies the timeout (in seconds) after which the <citerefentry> " "<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" @@ -5667,12 +5900,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1385 +#: sssd-ldap.5.xml:1423 msgid "ldap_opt_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1388 +#: sssd-ldap.5.xml:1426 msgid "" "Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " "will abort if no response is received. Also controls the timeout when " @@ -5681,12 +5914,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1403 +#: sssd-ldap.5.xml:1441 msgid "ldap_connection_expire_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1406 +#: sssd-ldap.5.xml:1444 msgid "" "Specifies a timeout (in seconds) that a connection to an LDAP server will be " "maintained. After this time, the connection will be re-established. If used " @@ -5695,34 +5928,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1414 sssd-ldap.5.xml:2503 +#: sssd-ldap.5.xml:1452 sssd-ldap.5.xml:2572 msgid "Default: 900 (15 minutes)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1420 +#: sssd-ldap.5.xml:1458 msgid "ldap_page_size (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1423 +#: sssd-ldap.5.xml:1461 msgid "" "Specify the number of records to retrieve from LDAP in a single request. " "Some LDAP servers enforce a maximum limit per-request." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1428 +#: sssd-ldap.5.xml:1466 msgid "Default: 1000" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1434 +#: sssd-ldap.5.xml:1472 msgid "ldap_disable_paging (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1437 +#: sssd-ldap.5.xml:1475 msgid "" "Disable the LDAP paging control. This option should be used if the LDAP " "server reports that it supports the LDAP paging control in its RootDSE but " @@ -5730,14 +5963,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1443 +#: sssd-ldap.5.xml:1481 msgid "" "Example: OpenLDAP servers with the paging control module installed on the " "server but not enabled will report it in the RootDSE but be unable to use it." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1449 +#: sssd-ldap.5.xml:1487 msgid "" "Example: 389 DS has a bug where it can only support a one paging control at " "a time on a single connection. On busy clients, this can result in some " @@ -5745,17 +5978,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1461 +#: sssd-ldap.5.xml:1499 msgid "ldap_disable_range_retrieval (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1464 +#: sssd-ldap.5.xml:1502 msgid "Disable Active Directory range retrieval." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1467 +#: sssd-ldap.5.xml:1505 msgid "" "Active Directory limits the number of members to be retrieved in a single " "lookup using the MaxValRange policy (which defaults to 1500 members). If a " @@ -5765,12 +5998,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1482 +#: sssd-ldap.5.xml:1520 msgid "ldap_sasl_minssf (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1485 +#: sssd-ldap.5.xml:1523 msgid "" "When communicating with an LDAP server using SASL, specify the minimum " "security level necessary to establish the connection. The values of this " @@ -5778,17 +6011,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1491 +#: sssd-ldap.5.xml:1529 msgid "Default: Use the system default (usually specified by ldap.conf)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1498 +#: sssd-ldap.5.xml:1536 msgid "ldap_deref_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1501 +#: sssd-ldap.5.xml:1539 msgid "" "Specify the number of group members that must be missing from the internal " "cache in order to trigger a dereference lookup. If less members are missing, " @@ -5796,13 +6029,18 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1507 +#: sssd-ldap.5.xml:1545 msgid "" -"You can turn off dereference lookups completely by setting the value to 0." +"You can turn off dereference lookups completely by setting the value to 0. " +"Please note that there are some codepaths in SSSD, like the IPA HBAC " +"provider, that are only implemented using the dereference call, so even with " +"dereference explicitly disabled, those parts will still use dereference if " +"the server supports it and advertises the dereference control in the rootDSE " +"object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1511 +#: sssd-ldap.5.xml:1556 msgid "" "A dereference lookup is a means of fetching all group members in a single " "LDAP call. Different LDAP servers may implement different dereference " @@ -5811,7 +6049,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1519 +#: sssd-ldap.5.xml:1564 msgid "" "<emphasis>Note:</emphasis> If any of the search bases specifies a search " "filter, then the dereference lookup performance enhancement will be disabled " @@ -5819,26 +6057,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1532 +#: sssd-ldap.5.xml:1577 msgid "ldap_tls_reqcert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1535 +#: sssd-ldap.5.xml:1580 msgid "" "Specifies what checks to perform on server certificates in a TLS session, if " "any. It can be specified as one of the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1541 +#: sssd-ldap.5.xml:1586 msgid "" "<emphasis>never</emphasis> = The client will not request or check any server " "certificate." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1545 +#: sssd-ldap.5.xml:1590 msgid "" "<emphasis>allow</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -5846,7 +6084,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1552 +#: sssd-ldap.5.xml:1597 msgid "" "<emphasis>try</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -5854,7 +6092,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1558 +#: sssd-ldap.5.xml:1603 msgid "" "<emphasis>demand</emphasis> = The server certificate is requested. If no " "certificate is provided, or a bad certificate is provided, the session is " @@ -5862,41 +6100,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1564 +#: sssd-ldap.5.xml:1609 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1568 +#: sssd-ldap.5.xml:1613 msgid "Default: hard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1574 +#: sssd-ldap.5.xml:1619 msgid "ldap_tls_cacert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1577 +#: sssd-ldap.5.xml:1622 msgid "" "Specifies the file that contains certificates for all of the Certificate " "Authorities that <command>sssd</command> will recognize." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1582 sssd-ldap.5.xml:1600 sssd-ldap.5.xml:1641 +#: sssd-ldap.5.xml:1627 sssd-ldap.5.xml:1645 sssd-ldap.5.xml:1686 msgid "" "Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." "conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1589 +#: sssd-ldap.5.xml:1634 msgid "ldap_tls_cacertdir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1592 +#: sssd-ldap.5.xml:1637 msgid "" "Specifies the path of a directory that contains Certificate Authority " "certificates in separate individual files. Typically the file names need to " @@ -5905,32 +6143,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1607 +#: sssd-ldap.5.xml:1652 msgid "ldap_tls_cert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1610 +#: sssd-ldap.5.xml:1655 msgid "Specifies the file that contains the certificate for the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1620 +#: sssd-ldap.5.xml:1665 msgid "ldap_tls_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1623 +#: sssd-ldap.5.xml:1668 msgid "Specifies the file that contains the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1632 +#: sssd-ldap.5.xml:1677 msgid "ldap_tls_cipher_suite (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1635 +#: sssd-ldap.5.xml:1680 msgid "" "Specifies acceptable cipher suites. Typically this is a colon separated " "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " @@ -5938,24 +6176,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1648 +#: sssd-ldap.5.xml:1693 msgid "ldap_id_use_start_tls (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1651 +#: sssd-ldap.5.xml:1696 msgid "" "Specifies that the id_provider connection must also use <systemitem class=" "\"protocol\">tls</systemitem> to protect the channel." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1661 +#: sssd-ldap.5.xml:1706 msgid "ldap_id_mapping (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1664 +#: sssd-ldap.5.xml:1709 msgid "" "Specifies that SSSD should attempt to map user and group IDs from the " "ldap_user_objectsid and ldap_group_objectsid attributes instead of relying " @@ -5963,17 +6201,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1670 +#: sssd-ldap.5.xml:1715 msgid "Currently this feature supports only ActiveDirectory objectSID mapping." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1680 +#: sssd-ldap.5.xml:1725 msgid "ldap_min_id, ldap_max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1683 +#: sssd-ldap.5.xml:1728 msgid "" "In contrast to the SID based ID mapping which is used if ldap_id_mapping is " "set to true the allowed ID range for ldap_user_uid_number and " @@ -5984,29 +6222,40 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1695 +#: sssd-ldap.5.xml:1740 msgid "Default: not set (both options are set to 0)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1701 +#: sssd-ldap.5.xml:1746 msgid "ldap_sasl_mech (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1704 +#: sssd-ldap.5.xml:1749 msgid "" -"Specify the SASL mechanism to use. Currently only GSSAPI is tested and " -"supported." +"Specify the SASL mechanism to use. Currently only GSSAPI and GSS-SPNEGO are " +"tested and supported." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1753 +msgid "" +"If the backend supports sub-domains the value of ldap_sasl_mech is " +"automatically inherited to the sub-domains. If a different value is needed " +"for a sub-domain it can be overwritten by setting ldap_sasl_mech for this " +"sub-domain explicitly. Please see TRUSTED DOMAIN SECTION in " +"<citerefentry><refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" +"manvolnum></citerefentry> for details." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1714 +#: sssd-ldap.5.xml:1769 msgid "ldap_sasl_authid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ldap.5.xml:1725 +#: sssd-ldap.5.xml:1781 #, no-wrap msgid "" "hostname@REALM\n" @@ -6019,29 +6268,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1717 +#: sssd-ldap.5.xml:1772 msgid "" -"Specify the SASL authorization id to use. When GSSAPI is used, this " -"represents the Kerberos principal used for authentication to the directory. " -"This option can either contain the full principal (for example host/" -"myhost@EXAMPLE.COM) or just the principal name (for example host/myhost). By " -"default, the value is not set and the following principals are used: " -"<placeholder type=\"programlisting\" id=\"0\"/> If none of them are found, " -"the first principal in keytab is returned." +"Specify the SASL authorization id to use. When GSSAPI/GSS-SPNEGO are used, " +"this represents the Kerberos principal used for authentication to the " +"directory. This option can either contain the full principal (for example " +"host/myhost@EXAMPLE.COM) or just the principal name (for example host/" +"myhost). By default, the value is not set and the following principals are " +"used: <placeholder type=\"programlisting\" id=\"0\"/> If none of them are " +"found, the first principal in keytab is returned." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1736 +#: sssd-ldap.5.xml:1792 msgid "Default: host/hostname@REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1742 +#: sssd-ldap.5.xml:1798 msgid "ldap_sasl_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1745 +#: sssd-ldap.5.xml:1801 msgid "" "Specify the SASL realm to use. When not specified, this option defaults to " "the value of krb5_realm. If the ldap_sasl_authid contains the realm as " @@ -6049,77 +6298,78 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1751 +#: sssd-ldap.5.xml:1807 msgid "Default: the value of krb5_realm." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1757 +#: sssd-ldap.5.xml:1813 msgid "ldap_sasl_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1760 +#: sssd-ldap.5.xml:1816 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1765 +#: sssd-ldap.5.xml:1821 msgid "Default: false;" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1771 +#: sssd-ldap.5.xml:1827 msgid "ldap_krb5_keytab (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1774 -msgid "Specify the keytab to use when using SASL/GSSAPI." +#: sssd-ldap.5.xml:1830 +msgid "Specify the keytab to use when using SASL/GSSAPI/GSS-SPNEGO." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1777 +#: sssd-ldap.5.xml:1834 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1783 +#: sssd-ldap.5.xml:1840 msgid "ldap_krb5_init_creds (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1786 +#: sssd-ldap.5.xml:1843 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " -"GSSAPI." +"GSSAPI or GSS-SPNEGO." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1798 +#: sssd-ldap.5.xml:1855 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1801 -msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." +#: sssd-ldap.5.xml:1858 +msgid "" +"Specifies the lifetime in seconds of the TGT if GSSAPI or GSS-SPNEGO is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1805 sssd-ad.5.xml:959 +#: sssd-ldap.5.xml:1862 sssd-ad.5.xml:978 msgid "Default: 86400 (24 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1811 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:1868 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1814 +#: sssd-ldap.5.xml:1871 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of preference. " @@ -6131,7 +6381,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1826 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:1883 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -6139,7 +6389,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1831 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1888 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " @@ -6147,39 +6397,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1840 sssd-ipa.5.xml:443 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1897 sssd-ipa.5.xml:443 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1843 -msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." +#: sssd-ldap.5.xml:1900 +msgid "Specify the Kerberos REALM (for SASL/GSSAPI/GSS-SPNEGO auth)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1846 +#: sssd-ldap.5.xml:1904 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1852 sssd-krb5.5.xml:462 +#: sssd-ldap.5.xml:1910 sssd-krb5.5.xml:462 msgid "krb5_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1855 +#: sssd-ldap.5.xml:1913 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1867 sssd-krb5.5.xml:477 +#: sssd-ldap.5.xml:1925 sssd-krb5.5.xml:477 msgid "krb5_use_kdcinfo (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1870 sssd-krb5.5.xml:480 +#: sssd-ldap.5.xml:1928 sssd-krb5.5.xml:480 msgid "" "Specifies if the SSSD should instruct the Kerberos libraries what realm and " "which KDCs to use. This option is on by default, if you disable it, you need " @@ -6189,7 +6439,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1881 sssd-krb5.5.xml:491 +#: sssd-ldap.5.xml:1939 sssd-krb5.5.xml:491 msgid "" "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more " @@ -6197,26 +6447,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1895 +#: sssd-ldap.5.xml:1953 msgid "ldap_pwd_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1898 +#: sssd-ldap.5.xml:1956 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1903 +#: sssd-ldap.5.xml:1961 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1908 +#: sssd-ldap.5.xml:1966 msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " @@ -6224,7 +6474,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1914 +#: sssd-ldap.5.xml:1972 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " @@ -6232,31 +6482,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1923 +#: sssd-ldap.5.xml:1981 msgid "" "<emphasis>Note</emphasis>: if a password policy is configured on server " "side, it always takes precedence over policy set with this option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1931 +#: sssd-ldap.5.xml:1989 msgid "ldap_referrals (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1934 +#: sssd-ldap.5.xml:1992 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1938 +#: sssd-ldap.5.xml:1996 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1943 +#: sssd-ldap.5.xml:2001 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " @@ -6265,56 +6515,56 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1957 +#: sssd-ldap.5.xml:2015 msgid "ldap_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1960 +#: sssd-ldap.5.xml:2018 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1964 +#: sssd-ldap.5.xml:2022 msgid "Default: ldap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1970 +#: sssd-ldap.5.xml:2028 msgid "ldap_chpass_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1973 +#: sssd-ldap.5.xml:2031 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1978 +#: sssd-ldap.5.xml:2036 msgid "Default: not set, i.e. service discovery is disabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1984 +#: sssd-ldap.5.xml:2042 msgid "ldap_chpass_update_last_change (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1987 +#: sssd-ldap.5.xml:2045 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1999 +#: sssd-ldap.5.xml:2057 msgid "ldap_access_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2002 +#: sssd-ldap.5.xml:2060 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -6330,12 +6580,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2022 +#: sssd-ldap.5.xml:2080 msgid "Example:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:2025 +#: sssd-ldap.5.xml:2083 #, no-wrap msgid "" "access_provider = ldap\n" @@ -6344,14 +6594,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2029 +#: sssd-ldap.5.xml:2087 msgid "" "This example means that access to this host is restricted to users whose " "employeeType attribute is set to \"admin\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2034 +#: sssd-ldap.5.xml:2092 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -6360,24 +6610,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2042 sssd-ldap.5.xml:2099 +#: sssd-ldap.5.xml:2100 sssd-ldap.5.xml:2157 msgid "Default: Empty" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2048 +#: sssd-ldap.5.xml:2106 msgid "ldap_account_expire_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2051 +#: sssd-ldap.5.xml:2109 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2055 +#: sssd-ldap.5.xml:2113 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -6385,19 +6635,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2062 +#: sssd-ldap.5.xml:2120 msgid "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2065 +#: sssd-ldap.5.xml:2123 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2070 +#: sssd-ldap.5.xml:2128 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -6406,7 +6656,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2077 +#: sssd-ldap.5.xml:2135 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " @@ -6414,7 +6664,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2083 +#: sssd-ldap.5.xml:2141 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -6423,7 +6673,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2092 +#: sssd-ldap.5.xml:2150 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>expire</quote> in order for the " @@ -6431,22 +6681,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2105 +#: sssd-ldap.5.xml:2163 msgid "ldap_access_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2108 +#: sssd-ldap.5.xml:2166 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2112 +#: sssd-ldap.5.xml:2170 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2115 +#: sssd-ldap.5.xml:2173 msgid "" "<emphasis>lockout</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -6456,14 +6706,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2125 +#: sssd-ldap.5.xml:2183 msgid "" "<emphasis> Please note that this option is superseded by the <quote>ppolicy</" "quote> option and might be removed in a future release. </emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2132 +#: sssd-ldap.5.xml:2190 msgid "" "<emphasis>ppolicy</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -6476,12 +6726,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2149 +#: sssd-ldap.5.xml:2207 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2153 +#: sssd-ldap.5.xml:2211 msgid "" "<emphasis>pwd_expire_policy_reject, pwd_expire_policy_warn, " "pwd_expire_policy_renew: </emphasis> These options are useful if users are " @@ -6491,7 +6741,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2163 +#: sssd-ldap.5.xml:2221 msgid "" "The difference between these options is the action taken if user password is " "expired: pwd_expire_policy_reject - user is denied to log in, " @@ -6501,63 +6751,63 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2171 +#: sssd-ldap.5.xml:2229 msgid "" "Note If user password is expired no explicit message is prompted by SSSD." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2175 +#: sssd-ldap.5.xml:2233 msgid "" "Please note that 'access_provider = ldap' must be set for this feature to " "work. Also 'ldap_pwd_policy' must be set to an appropriate password policy." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2180 +#: sssd-ldap.5.xml:2238 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2185 +#: sssd-ldap.5.xml:2243 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2189 +#: sssd-ldap.5.xml:2247 msgid "" "<emphasis>rhost</emphasis>: use the rhost attribute to determine whether " "remote host can access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2193 +#: sssd-ldap.5.xml:2251 msgid "" "Please note, rhost field in pam is set by application, it is better to check " "what the application sends to pam, before enabling this access control option" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2198 +#: sssd-ldap.5.xml:2256 msgid "Default: filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2201 +#: sssd-ldap.5.xml:2259 msgid "" "Please note that it is a configuration error if a value is used more than " "once." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2208 +#: sssd-ldap.5.xml:2266 msgid "ldap_pwdlockout_dn (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2211 +#: sssd-ldap.5.xml:2269 msgid "" "This option specifies the DN of password policy entry on LDAP server. Please " "note that absence of this option in sssd.conf in case of enabled account " @@ -6566,74 +6816,74 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2219 +#: sssd-ldap.5.xml:2277 msgid "Example: cn=ppolicy,ou=policies,dc=example,dc=com" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2222 +#: sssd-ldap.5.xml:2280 msgid "Default: cn=ppolicy,ou=policies,$ldap_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2228 +#: sssd-ldap.5.xml:2286 msgid "ldap_deref (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2231 +#: sssd-ldap.5.xml:2289 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2236 +#: sssd-ldap.5.xml:2294 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2240 +#: sssd-ldap.5.xml:2298 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2245 +#: sssd-ldap.5.xml:2303 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2250 +#: sssd-ldap.5.xml:2308 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2255 +#: sssd-ldap.5.xml:2313 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2263 +#: sssd-ldap.5.xml:2321 msgid "ldap_rfc2307_fallback_to_local_users (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2266 +#: sssd-ldap.5.xml:2324 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2270 +#: sssd-ldap.5.xml:2328 msgid "" "In some environments where the RFC2307 schema is used, local users are made " "members of LDAP groups by adding their names to the memberUid attribute. " @@ -6644,7 +6894,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2281 +#: sssd-ldap.5.xml:2339 msgid "" "This option falls back to checking if local users are referenced, and caches " "them so that later initgroups() calls will augment the local users with the " @@ -6652,24 +6902,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2293 sssd-ifp.5.xml:136 +#: sssd-ldap.5.xml:2351 sssd-ifp.5.xml:136 msgid "wildcard_limit (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2296 +#: sssd-ldap.5.xml:2354 msgid "" "Specifies an upper limit on the number of entries that are downloaded during " "a wildcard lookup." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2300 +#: sssd-ldap.5.xml:2358 msgid "At the moment, only the InfoPipe responder supports wildcard lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2304 +#: sssd-ldap.5.xml:2362 msgid "Default: 1000 (often the size of one page)" msgstr "" @@ -6684,12 +6934,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2314 +#: sssd-ldap.5.xml:2372 msgid "SUDO OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2316 +#: sssd-ldap.5.xml:2374 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -6697,317 +6947,327 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2327 +#: sssd-ldap.5.xml:2385 msgid "ldap_sudorule_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2330 +#: sssd-ldap.5.xml:2388 msgid "The object class of a sudo rule entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2333 +#: sssd-ldap.5.xml:2391 msgid "Default: sudoRole" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2339 +#: sssd-ldap.5.xml:2397 msgid "ldap_sudorule_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2342 +#: sssd-ldap.5.xml:2400 msgid "The LDAP attribute that corresponds to the sudo rule name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2352 +#: sssd-ldap.5.xml:2410 msgid "ldap_sudorule_command (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2355 +#: sssd-ldap.5.xml:2413 msgid "The LDAP attribute that corresponds to the command name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2359 +#: sssd-ldap.5.xml:2417 msgid "Default: sudoCommand" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2365 +#: sssd-ldap.5.xml:2423 msgid "ldap_sudorule_host (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2368 +#: sssd-ldap.5.xml:2426 msgid "" "The LDAP attribute that corresponds to the host name (or host IP address, " "host IP network, or host netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2373 +#: sssd-ldap.5.xml:2431 msgid "Default: sudoHost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2379 +#: sssd-ldap.5.xml:2437 msgid "ldap_sudorule_user (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2382 +#: sssd-ldap.5.xml:2440 msgid "" "The LDAP attribute that corresponds to the user name (or UID, group name or " "user's netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2386 +#: sssd-ldap.5.xml:2444 msgid "Default: sudoUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2392 +#: sssd-ldap.5.xml:2450 msgid "ldap_sudorule_option (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2395 +#: sssd-ldap.5.xml:2453 msgid "The LDAP attribute that corresponds to the sudo options." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2399 +#: sssd-ldap.5.xml:2457 msgid "Default: sudoOption" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2405 +#: sssd-ldap.5.xml:2463 msgid "ldap_sudorule_runasuser (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2408 +#: sssd-ldap.5.xml:2466 msgid "" "The LDAP attribute that corresponds to the user name that commands may be " "run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2412 +#: sssd-ldap.5.xml:2470 msgid "Default: sudoRunAsUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2418 +#: sssd-ldap.5.xml:2476 msgid "ldap_sudorule_runasgroup (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2421 +#: sssd-ldap.5.xml:2479 msgid "" "The LDAP attribute that corresponds to the group name or group GID that " "commands may be run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2425 +#: sssd-ldap.5.xml:2483 msgid "Default: sudoRunAsGroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2431 +#: sssd-ldap.5.xml:2489 msgid "ldap_sudorule_notbefore (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2434 +#: sssd-ldap.5.xml:2492 msgid "" "The LDAP attribute that corresponds to the start date/time for when the sudo " "rule is valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2438 +#: sssd-ldap.5.xml:2496 msgid "Default: sudoNotBefore" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2444 +#: sssd-ldap.5.xml:2502 msgid "ldap_sudorule_notafter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2447 +#: sssd-ldap.5.xml:2505 msgid "" "The LDAP attribute that corresponds to the expiration date/time, after which " "the sudo rule will no longer be valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2452 +#: sssd-ldap.5.xml:2510 msgid "Default: sudoNotAfter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2458 +#: sssd-ldap.5.xml:2516 msgid "ldap_sudorule_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2461 +#: sssd-ldap.5.xml:2519 msgid "The LDAP attribute that corresponds to the ordering index of the rule." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2465 +#: sssd-ldap.5.xml:2523 msgid "Default: sudoOrder" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2471 +#: sssd-ldap.5.xml:2529 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2474 +#: sssd-ldap.5.xml:2532 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2479 +#: sssd-ldap.5.xml:2537 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </" "emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2484 +#: sssd-ldap.5.xml:2542 msgid "Default: 21600 (6 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2490 +#: sssd-ldap.5.xml:2548 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2493 +#: sssd-ldap.5.xml:2551 msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " -"rules (which downloads all rules that have USN higher than the highest USN " -"of cached rules)." +"rules (which downloads all rules that have USN higher than the highest " +"server USN value that is currently known by SSSD)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2499 +#: sssd-ldap.5.xml:2557 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:2561 +msgid "" +"<emphasis>Note:</emphasis> the highest USN value can be updated by three " +"tasks: 1) By sudo full and smart refresh (if updated rules are found), 2) by " +"enumeration of users and groups (if enabled and updated users or groups are " +"found) and 3) by reconnecting to the server (by default every 15 minutes, " +"see <emphasis>ldap_connection_expire_timeout</emphasis>)." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2509 +#: sssd-ldap.5.xml:2578 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2512 +#: sssd-ldap.5.xml:2581 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2523 +#: sssd-ldap.5.xml:2592 msgid "ldap_sudo_hostnames (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2526 +#: sssd-ldap.5.xml:2595 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2531 +#: sssd-ldap.5.xml:2600 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2536 sssd-ldap.5.xml:2559 sssd-ldap.5.xml:2577 -#: sssd-ldap.5.xml:2595 +#: sssd-ldap.5.xml:2605 sssd-ldap.5.xml:2628 sssd-ldap.5.xml:2646 +#: sssd-ldap.5.xml:2664 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</" "emphasis> then this option has no effect." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2541 sssd-ldap.5.xml:2564 +#: sssd-ldap.5.xml:2610 sssd-ldap.5.xml:2633 msgid "Default: not specified" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2547 +#: sssd-ldap.5.xml:2616 msgid "ldap_sudo_ip (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2550 +#: sssd-ldap.5.xml:2619 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2555 +#: sssd-ldap.5.xml:2624 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2570 +#: sssd-ldap.5.xml:2639 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2573 +#: sssd-ldap.5.xml:2642 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2588 +#: sssd-ldap.5.xml:2657 msgid "ldap_sudo_include_regexp (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2591 +#: sssd-ldap.5.xml:2660 msgid "" "If true then SSSD will download every rule that contains a wildcard in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><note><para> -#: sssd-ldap.5.xml:2601 +#: sssd-ldap.5.xml:2670 msgid "" "Using wildcard is an operation that is very costly to evaluate on the LDAP " "server side!" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2613 +#: sssd-ldap.5.xml:2682 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -7016,111 +7276,111 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2623 +#: sssd-ldap.5.xml:2692 msgid "AUTOFS OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2625 +#: sssd-ldap.5.xml:2694 msgid "" "Some of the defaults for the parameters below are dependent on the LDAP " "schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2631 +#: sssd-ldap.5.xml:2700 msgid "ldap_autofs_map_master_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2634 +#: sssd-ldap.5.xml:2703 msgid "The name of the automount master map in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2637 +#: sssd-ldap.5.xml:2706 msgid "Default: auto.master" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2644 +#: sssd-ldap.5.xml:2713 msgid "ldap_autofs_map_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2647 +#: sssd-ldap.5.xml:2716 msgid "The object class of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2650 +#: sssd-ldap.5.xml:2719 msgid "Default: nisMap (rfc2307, autofs_provider=ad), otherwise automountMap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2658 +#: sssd-ldap.5.xml:2727 msgid "ldap_autofs_map_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2661 +#: sssd-ldap.5.xml:2730 msgid "The name of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2664 +#: sssd-ldap.5.xml:2733 msgid "" "Default: nisMapName (rfc2307, autofs_provider=ad), otherwise automountMapName" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2672 +#: sssd-ldap.5.xml:2741 msgid "ldap_autofs_entry_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2675 +#: sssd-ldap.5.xml:2744 msgid "" "The object class of an automount entry in LDAP. The entry usually " "corresponds to a mount point." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2680 +#: sssd-ldap.5.xml:2749 msgid "Default: nisObject (rfc2307, autofs_provider=ad), otherwise automount" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2688 +#: sssd-ldap.5.xml:2757 msgid "ldap_autofs_entry_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2691 sssd-ldap.5.xml:2706 +#: sssd-ldap.5.xml:2760 sssd-ldap.5.xml:2775 msgid "" "The key of an automount entry in LDAP. The entry usually corresponds to a " "mount point." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2695 +#: sssd-ldap.5.xml:2764 msgid "Default: cn (rfc2307, autofs_provider=ad), otherwise automountKey" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2703 +#: sssd-ldap.5.xml:2772 msgid "ldap_autofs_entry_value (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2710 +#: sssd-ldap.5.xml:2779 msgid "" "Default: nisMapEntry (rfc2307, autofs_provider=ad), otherwise " "automountInformation" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2629 +#: sssd-ldap.5.xml:2698 msgid "" "<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" "\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " @@ -7129,32 +7389,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2721 +#: sssd-ldap.5.xml:2790 msgid "ADVANCED OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2728 +#: sssd-ldap.5.xml:2797 msgid "ldap_netgroup_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2733 +#: sssd-ldap.5.xml:2802 msgid "ldap_user_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2738 +#: sssd-ldap.5.xml:2807 msgid "ldap_group_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note> -#: sssd-ldap.5.xml:2743 +#: sssd-ldap.5.xml:2812 msgid "<note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note><para> -#: sssd-ldap.5.xml:2745 +#: sssd-ldap.5.xml:2814 msgid "" "If the option <quote>ldap_use_tokengroups</quote> is enabled, the searches " "against Active Directory will not be restricted and return all groups " @@ -7163,22 +7423,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist> -#: sssd-ldap.5.xml:2752 +#: sssd-ldap.5.xml:2821 msgid "</note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2754 +#: sssd-ldap.5.xml:2823 msgid "ldap_sudo_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2759 +#: sssd-ldap.5.xml:2828 msgid "ldap_autofs_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2723 +#: sssd-ldap.5.xml:2792 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -7187,14 +7447,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2774 sssd-simple.5.xml:131 sssd-ipa.5.xml:843 -#: sssd-ad.5.xml:1078 sssd-krb5.5.xml:570 sss_rpcidmapd.5.xml:98 +#: sssd-ldap.5.xml:2843 sssd-simple.5.xml:131 sssd-ipa.5.xml:843 +#: sssd-ad.5.xml:1097 sssd-krb5.5.xml:604 sss_rpcidmapd.5.xml:98 #: sssd-files.5.xml:130 sssd-session-recording.5.xml:144 msgid "EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2776 +#: sssd-ldap.5.xml:2845 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -7202,7 +7462,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2782 +#: sssd-ldap.5.xml:2851 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -7215,27 +7475,27 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:2781 sssd-ldap.5.xml:2799 sssd-simple.5.xml:139 -#: sssd-ipa.5.xml:851 sssd-ad.5.xml:1086 sssd-sudo.5.xml:56 sssd-krb5.5.xml:579 +#: sssd-ldap.5.xml:2850 sssd-ldap.5.xml:2868 sssd-simple.5.xml:139 +#: sssd-ipa.5.xml:851 sssd-ad.5.xml:1105 sssd-sudo.5.xml:56 sssd-krb5.5.xml:613 #: sssd-files.5.xml:137 sssd-files.5.xml:148 sssd-session-recording.5.xml:150 #: include/ldap_id_mapping.xml:105 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2793 +#: sssd-ldap.5.xml:2862 msgid "LDAP ACCESS FILTER EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2795 +#: sssd-ldap.5.xml:2864 msgid "" "The following example assumes that SSSD is correctly configured and to use " "the ldap_access_order=lockout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2800 +#: sssd-ldap.5.xml:2869 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -7251,13 +7511,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2815 sssd_krb5_locator_plugin.8.xml:81 sssd-simple.5.xml:148 -#: sssd-ad.5.xml:1101 sssd.8.xml:257 sss_seed.8.xml:163 +#: sssd-ldap.5.xml:2884 sssd_krb5_locator_plugin.8.xml:83 sssd-simple.5.xml:148 +#: sssd-ad.5.xml:1120 sssd.8.xml:257 sss_seed.8.xml:163 msgid "NOTES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2817 +#: sssd-ldap.5.xml:2886 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -7470,7 +7730,7 @@ msgstr "" msgid "" "Try to use certificate based authentication, i.e. authentication with a " "Smartcard or similar devices. If a Smartcard is available and the service is " -"allowed for Smartcard authentication the use will be prompted for a PIN and " +"allowed for Smartcard authentication the user will be prompted for a PIN and " "the certificate based authentication will continue" msgstr "" @@ -7517,13 +7777,22 @@ msgid "" "<option>password</option> and <option>session</option>) are provided." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para> +#: pam_sss.8.xml:259 +msgid "" +"If SSSD's PAM responder is not running, e.g. if the PAM responder socket is " +"not available, pam_sss will return PAM_USER_UNKNOWN when called as " +"<option>account</option> module to avoid issues with users from other " +"sources during access control." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><title> -#: pam_sss.8.xml:262 +#: pam_sss.8.xml:266 msgid "FILES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:263 +#: pam_sss.8.xml:267 msgid "" "If a password reset by root fails, because the corresponding SSSD provider " "does not support password resets, an individual message can be displayed. " @@ -7531,7 +7800,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:268 +#: pam_sss.8.xml:272 msgid "" "The message is read from the file <filename>pam_sss_pw_reset_message.LOC</" "filename> where LOC stands for a locale string returned by <citerefentry> " @@ -7543,7 +7812,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:278 +#: pam_sss.8.xml:282 msgid "" "These files are searched in the directory <filename>/etc/sssd/customize/" "DOMAIN_NAME/</filename>. If no matching file is present a generic message is " @@ -7593,34 +7862,44 @@ msgstr "" msgid "" "The plugin reads the information about the KDCs of a given realm from a file " "called <filename>kdcinfo.REALM</filename>. The file should contain one or " -"more IP addresses either in dotted-decimal IPv4 notation or the hexadecimal " -"IPv6 notation. An optional port number can be added to the end separated " -"with a colon, the IPv6 address has to be enclosed in squared brackets in " -"this case as usual. Valid entries are:" +"more DNS names or IP addresses either in dotted-decimal IPv4 notation or the " +"hexadecimal IPv6 notation. An optional port number can be added to the end " +"separated with a colon, the IPv6 address has to be enclosed in squared " +"brackets in this case as usual. Valid entries are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> #: sssd_krb5_locator_plugin.8.xml:58 -msgid "1.2.3.4" +msgid "kdc.example.com" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> #: sssd_krb5_locator_plugin.8.xml:59 -msgid "5.6.7.8:99" +msgid "kdc.example.com:321" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> #: sssd_krb5_locator_plugin.8.xml:60 -msgid "2001:db8:85a3::8a2e:370:7334" +msgid "1.2.3.4" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> #: sssd_krb5_locator_plugin.8.xml:61 +msgid "5.6.7.8:99" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd_krb5_locator_plugin.8.xml:62 +msgid "2001:db8:85a3::8a2e:370:7334" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd_krb5_locator_plugin.8.xml:63 msgid "[2001:db8:85a3::8a2e:370:7334]:321" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:63 +#: sssd_krb5_locator_plugin.8.xml:65 msgid "" "SSSD's krb5 auth-provider which is used by the IPA and AD providers as well " "adds the address of the current KDC or domain controller SSSD is using to " @@ -7628,7 +7907,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:68 +#: sssd_krb5_locator_plugin.8.xml:70 msgid "" "In environments with read-only and read-write KDCs where clients are " "expected to use the read-only instances for the general operations and only " @@ -7641,7 +7920,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:83 +#: sssd_krb5_locator_plugin.8.xml:85 msgid "" "Not all Kerberos implementations support the use of plugins. If " "<command>sssd_krb5_locator_plugin</command> is not available on your system " @@ -7649,20 +7928,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:89 +#: sssd_krb5_locator_plugin.8.xml:91 msgid "" "If the environment variable SSSD_KRB5_LOCATOR_DEBUG is set to any value " "debug messages will be sent to stderr." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:93 +#: sssd_krb5_locator_plugin.8.xml:95 msgid "" "If the environment variable SSSD_KRB5_LOCATOR_DISABLE is set to any value " "the plugin is disabled and will just return KRB5_PLUGIN_NO_HANDLE to the " "caller." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:100 +msgid "" +"If the environment variable SSSD_KRB5_LOCATOR_IGNORE_DNS_FAILURES is set to " +"any value plugin will try to resolve all DNS names in kdcinfo file. By " +"default plugin returns KRB5_PLUGIN_NO_HANDLE to the caller immediately on " +"first DNS resolving failure." +msgstr "" + #. type: Content of: <reference><refentry><refnamediv><refname> #: sssd-simple.5.xml:10 sssd-simple.5.xml:16 msgid "sssd-simple" @@ -8759,7 +9047,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:128 sssd-ad.5.xml:888 +#: sssd-ipa.5.xml:128 sssd-ad.5.xml:907 msgid "dyndns_update (boolean)" msgstr "" @@ -8774,7 +9062,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:140 sssd-ad.5.xml:902 +#: sssd-ipa.5.xml:140 sssd-ad.5.xml:921 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" @@ -8789,12 +9077,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:157 sssd-ad.5.xml:913 +#: sssd-ipa.5.xml:157 sssd-ad.5.xml:932 msgid "dyndns_ttl (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:160 sssd-ad.5.xml:916 +#: sssd-ipa.5.xml:160 sssd-ad.5.xml:935 msgid "" "The TTL to apply to the client DNS record when updating it. If " "dyndns_update is false this has no effect. This will override the TTL " @@ -8815,12 +9103,12 @@ msgid "Default: 1200 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:177 sssd-ad.5.xml:927 +#: sssd-ipa.5.xml:177 sssd-ad.5.xml:946 msgid "dyndns_iface (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:180 sssd-ad.5.xml:930 +#: sssd-ipa.5.xml:180 sssd-ad.5.xml:949 msgid "" "Optional. Applicable only when dyndns_update is true. Choose the interface " "or a list of interfaces whose IP addresses should be used for dynamic DNS " @@ -8844,17 +9132,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:197 sssd-ad.5.xml:941 +#: sssd-ipa.5.xml:197 sssd-ad.5.xml:960 msgid "Example: dyndns_iface = em1, vnet1, vnet2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:203 sssd-ad.5.xml:992 +#: sssd-ipa.5.xml:203 sssd-ad.5.xml:1011 msgid "dyndns_auth (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:206 sssd-ad.5.xml:995 +#: sssd-ipa.5.xml:206 sssd-ad.5.xml:1014 msgid "" "Whether the nsupdate utility should use GSS-TSIG authentication for secure " "updates with the DNS server, insecure updates can be sent by setting this " @@ -8862,7 +9150,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:212 sssd-ad.5.xml:1001 +#: sssd-ipa.5.xml:212 sssd-ad.5.xml:1020 msgid "Default: GSS-TSIG" msgstr "" @@ -8889,7 +9177,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:244 sssd-ad.5.xml:947 +#: sssd-ipa.5.xml:244 sssd-ad.5.xml:966 msgid "dyndns_refresh_interval (integer)" msgstr "" @@ -8902,12 +9190,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:260 sssd-ad.5.xml:965 +#: sssd-ipa.5.xml:260 sssd-ad.5.xml:984 msgid "dyndns_update_ptr (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:263 sssd-ad.5.xml:968 +#: sssd-ipa.5.xml:263 sssd-ad.5.xml:987 msgid "" "Whether the PTR record should also be explicitly updated when updating the " "client's DNS records. Applicable only when dyndns_update is true." @@ -8926,60 +9214,60 @@ msgid "Default: False (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:280 sssd-ad.5.xml:979 +#: sssd-ipa.5.xml:280 sssd-ad.5.xml:998 msgid "dyndns_force_tcp (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:283 sssd-ad.5.xml:982 +#: sssd-ipa.5.xml:283 sssd-ad.5.xml:1001 msgid "" "Whether the nsupdate utility should default to using TCP for communicating " "with the DNS server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:287 sssd-ad.5.xml:986 +#: sssd-ipa.5.xml:287 sssd-ad.5.xml:1005 msgid "Default: False (let nsupdate choose the protocol)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:293 sssd-ad.5.xml:1007 +#: sssd-ipa.5.xml:293 sssd-ad.5.xml:1026 msgid "dyndns_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:296 sssd-ad.5.xml:1010 +#: sssd-ipa.5.xml:296 sssd-ad.5.xml:1029 msgid "" "The DNS server to use when performing a DNS update. In most setups, it's " "recommended to leave this option unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:301 sssd-ad.5.xml:1015 +#: sssd-ipa.5.xml:301 sssd-ad.5.xml:1034 msgid "" "Setting this option makes sense for environments where the DNS server is " "different from the identity server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:306 sssd-ad.5.xml:1020 +#: sssd-ipa.5.xml:306 sssd-ad.5.xml:1039 msgid "" "Please note that this option will be only used in fallback attempt when " "previous attempt using autodetected settings failed." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:311 sssd-ad.5.xml:1025 +#: sssd-ipa.5.xml:311 sssd-ad.5.xml:1044 msgid "Default: None (let nsupdate choose the server)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:317 sssd-ad.5.xml:1031 +#: sssd-ipa.5.xml:317 sssd-ad.5.xml:1050 msgid "dyndns_update_per_family (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:320 sssd-ad.5.xml:1034 +#: sssd-ipa.5.xml:320 sssd-ad.5.xml:1053 msgid "" "DNS update is by default performed in two steps - IPv4 update and then IPv6 " "update. In some cases it might be desirable to perform IPv4 and IPv6 update " @@ -9093,26 +9381,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:458 sssd-ad.5.xml:1049 +#: sssd-ipa.5.xml:458 sssd-ad.5.xml:1068 msgid "krb5_confd_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:461 sssd-ad.5.xml:1052 +#: sssd-ipa.5.xml:461 sssd-ad.5.xml:1071 msgid "" "Absolute path of a directory where SSSD should place Kerberos configuration " "snippets." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:465 sssd-ad.5.xml:1056 +#: sssd-ipa.5.xml:465 sssd-ad.5.xml:1075 msgid "" "To disable the creation of the configuration snippets set the parameter to " "'none'." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:469 sssd-ad.5.xml:1060 +#: sssd-ipa.5.xml:469 sssd-ad.5.xml:1079 msgid "" "Default: not set (krb5.include.d subdirectory of SSSD's pubconf directory)" msgstr "" @@ -9131,7 +9419,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:486 sssd-ipa.5.xml:516 sssd-ipa.5.xml:532 sssd-ad.5.xml:452 +#: sssd-ipa.5.xml:486 sssd-ipa.5.xml:516 sssd-ipa.5.xml:532 sssd-ad.5.xml:471 msgid "Default: 5 (seconds)" msgstr "" @@ -10007,12 +10295,27 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:442 +#: sssd-ad.5.xml:441 +msgid "ad_gpo_ignore_unreadable (boolean)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:444 +msgid "" +"Normally when some group policy containers (AD object) of applicable group " +"policy objects are not readable by SSSD then users are denied access. This " +"option allows to ignore group policy containers and with them associated " +"policies if their attributes in group policy containers are not readable for " +"SSSD." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:461 msgid "ad_gpo_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:445 +#: sssd-ad.5.xml:464 msgid "" "The amount of time between lookups of GPO policy files against the AD " "server. This will reduce the latency and load on the AD server if there are " @@ -10020,12 +10323,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:458 +#: sssd-ad.5.xml:477 msgid "ad_gpo_map_interactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:461 +#: sssd-ad.5.xml:480 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the InteractiveLogonRight and " @@ -10033,14 +10336,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:467 +#: sssd-ad.5.xml:486 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on locally\" and \"Deny log on locally\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:481 +#: sssd-ad.5.xml:500 #, no-wrap msgid "" "ad_gpo_map_interactive = +my_pam_service, -login\n" @@ -10048,7 +10351,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:472 +#: sssd-ad.5.xml:491 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -10060,42 +10363,42 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:504 +#: sssd-ad.5.xml:523 msgid "gdm-fingerprint" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:524 +#: sssd-ad.5.xml:543 msgid "lightdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:529 +#: sssd-ad.5.xml:548 msgid "lxdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:534 +#: sssd-ad.5.xml:553 msgid "sddm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:539 +#: sssd-ad.5.xml:558 msgid "unity" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:544 +#: sssd-ad.5.xml:563 msgid "xdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:553 +#: sssd-ad.5.xml:572 msgid "ad_gpo_map_remote_interactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:556 +#: sssd-ad.5.xml:575 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the RemoteInteractiveLogonRight and " @@ -10103,7 +10406,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:562 +#: sssd-ad.5.xml:581 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on through Remote Desktop Services\" and \"Deny log on through Remote " @@ -10111,7 +10414,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:577 +#: sssd-ad.5.xml:596 #, no-wrap msgid "" "ad_gpo_map_remote_interactive = +my_pam_service, -sshd\n" @@ -10119,7 +10422,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:568 +#: sssd-ad.5.xml:587 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -10131,22 +10434,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:585 +#: sssd-ad.5.xml:604 msgid "sshd" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:590 +#: sssd-ad.5.xml:609 msgid "cockpit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:599 +#: sssd-ad.5.xml:618 msgid "ad_gpo_map_network (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:602 +#: sssd-ad.5.xml:621 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the NetworkLogonRight and " @@ -10154,7 +10457,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:608 +#: sssd-ad.5.xml:627 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Access " "this computer from the network\" and \"Deny access to this computer from the " @@ -10162,7 +10465,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:623 +#: sssd-ad.5.xml:642 #, no-wrap msgid "" "ad_gpo_map_network = +my_pam_service, -ftp\n" @@ -10170,7 +10473,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:614 +#: sssd-ad.5.xml:633 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -10182,22 +10485,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:631 +#: sssd-ad.5.xml:650 msgid "ftp" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:636 +#: sssd-ad.5.xml:655 msgid "samba" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:645 +#: sssd-ad.5.xml:664 msgid "ad_gpo_map_batch (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:648 +#: sssd-ad.5.xml:667 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the BatchLogonRight and DenyBatchLogonRight " @@ -10205,14 +10508,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:654 +#: sssd-ad.5.xml:673 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a batch job\" and \"Deny log on as a batch job\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:668 +#: sssd-ad.5.xml:687 #, no-wrap msgid "" "ad_gpo_map_batch = +my_pam_service, -crond\n" @@ -10220,7 +10523,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:659 +#: sssd-ad.5.xml:678 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -10232,23 +10535,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:671 +#: sssd-ad.5.xml:690 msgid "" "Note: Cron service name may differ depending on Linux distribution used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:677 +#: sssd-ad.5.xml:696 msgid "crond" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:686 +#: sssd-ad.5.xml:705 msgid "ad_gpo_map_service (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:689 +#: sssd-ad.5.xml:708 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the ServiceLogonRight and " @@ -10256,14 +10559,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:695 +#: sssd-ad.5.xml:714 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a service\" and \"Deny log on as a service\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:708 +#: sssd-ad.5.xml:727 #, no-wrap msgid "" "ad_gpo_map_service = +my_pam_service\n" @@ -10271,7 +10574,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:700 sssd-ad.5.xml:775 +#: sssd-ad.5.xml:719 sssd-ad.5.xml:794 msgid "" "It is possible to add a PAM service name to the default set by using <quote>" "+service_name</quote>. Since the default set is empty, it is not possible " @@ -10282,19 +10585,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:718 +#: sssd-ad.5.xml:737 msgid "ad_gpo_map_permit (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:721 +#: sssd-ad.5.xml:740 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always granted, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:735 +#: sssd-ad.5.xml:754 #, no-wrap msgid "" "ad_gpo_map_permit = +my_pam_service, -sudo\n" @@ -10302,7 +10605,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:726 +#: sssd-ad.5.xml:745 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -10314,29 +10617,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:743 +#: sssd-ad.5.xml:762 msgid "polkit-1" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:758 +#: sssd-ad.5.xml:777 msgid "systemd-user" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:767 +#: sssd-ad.5.xml:786 msgid "ad_gpo_map_deny (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:770 +#: sssd-ad.5.xml:789 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always denied, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:783 +#: sssd-ad.5.xml:802 #, no-wrap msgid "" "ad_gpo_map_deny = +my_pam_service\n" @@ -10344,12 +10647,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:793 +#: sssd-ad.5.xml:812 msgid "ad_gpo_default_right (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:796 +#: sssd-ad.5.xml:815 msgid "" "This option defines how access control is evaluated for PAM service names " "that are not explicitly listed in one of the ad_gpo_map_* options. This " @@ -10362,57 +10665,57 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:809 +#: sssd-ad.5.xml:828 msgid "Supported values for this option include:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:813 +#: sssd-ad.5.xml:832 msgid "interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:818 +#: sssd-ad.5.xml:837 msgid "remote_interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:823 +#: sssd-ad.5.xml:842 msgid "network" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:828 +#: sssd-ad.5.xml:847 msgid "batch" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:833 +#: sssd-ad.5.xml:852 msgid "service" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:838 +#: sssd-ad.5.xml:857 msgid "permit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:843 +#: sssd-ad.5.xml:862 msgid "deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:849 +#: sssd-ad.5.xml:868 msgid "Default: deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:855 +#: sssd-ad.5.xml:874 msgid "ad_maximum_machine_account_password_age (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:858 +#: sssd-ad.5.xml:877 msgid "" "SSSD will check once a day if the machine account password is older than the " "given age in days and try to renew it. A value of 0 will disable the renewal " @@ -10420,17 +10723,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:864 +#: sssd-ad.5.xml:883 msgid "Default: 30 days" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:870 +#: sssd-ad.5.xml:889 msgid "ad_machine_account_password_renewal_opts (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:873 +#: sssd-ad.5.xml:892 msgid "" "This option should only be used to test the machine account renewal task. " "The option expects 2 integers separated by a colon (':'). The first integer " @@ -10440,12 +10743,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:882 +#: sssd-ad.5.xml:901 msgid "Default: 86400:750 (24h and 15m)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:891 +#: sssd-ad.5.xml:910 msgid "" "Optional. This option tells SSSD to automatically update the Active " "Directory DNS server with the IP address of this client. The update is " @@ -10456,19 +10759,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:921 +#: sssd-ad.5.xml:940 msgid "Default: 3600 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:937 +#: sssd-ad.5.xml:956 msgid "" "Default: Use the IP addresses of the interface which is used for AD LDAP " "connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:950 +#: sssd-ad.5.xml:969 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -10478,12 +10781,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:973 sss_rpcidmapd.5.xml:76 +#: sssd-ad.5.xml:992 sss_rpcidmapd.5.xml:76 msgid "Default: True" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1080 +#: sssd-ad.5.xml:1099 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -10491,7 +10794,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1087 +#: sssd-ad.5.xml:1106 #, no-wrap msgid "" "[domain/EXAMPLE]\n" @@ -10506,7 +10809,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1107 +#: sssd-ad.5.xml:1126 #, no-wrap msgid "" "access_provider = ldap\n" @@ -10515,7 +10818,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1103 +#: sssd-ad.5.xml:1122 msgid "" "The AD access control provider checks if the account is expired. It has the " "same effect as the following configuration of the LDAP provider: " @@ -10523,7 +10826,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1113 +#: sssd-ad.5.xml:1132 msgid "" "However, unless the <quote>ad</quote> access control provider is explicitly " "configured, the default access provider is <quote>permit</quote>. Please " @@ -10533,7 +10836,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1121 +#: sssd-ad.5.xml:1140 msgid "" "When the autofs provider is set to <quote>ad</quote>, the RFC2307 schema " "attribute mapping (nisMap, nisObject, ...) is used, because these attributes " @@ -10919,14 +11222,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd.8.xml:169 -#, fuzzy -#| msgid "" -#| "<option>-a</option>,<option>--append-group</option> <replaceable>GROUPS</" -#| "replaceable>" msgid "<option>-g</option>,<option>--genconf</option>" msgstr "" -"<option>-a</option>,<option>--append-group</option> <replaceable>GROUPS</" -"replaceable>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.8.xml:173 @@ -10937,14 +11234,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd.8.xml:181 -#, fuzzy -#| msgid "" -#| "<option>-a</option>,<option>--append-group</option> <replaceable>GROUPS</" -#| "replaceable>" msgid "<option>-s</option>,<option>--genconf-section</option>" msgstr "" -"<option>-a</option>,<option>--append-group</option> <replaceable>GROUPS</" -"replaceable>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.8.xml:185 @@ -12029,23 +12320,61 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-krb5.5.xml:505 -msgid "krb5_use_enterprise_principal (boolean)" +msgid "krb5_kdcinfo_lookahead (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:508 msgid "" +"When krb5_use_kdcinfo is set to true, you can limit the amount of servers " +"handed to <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" +"refentrytitle> <manvolnum>8</manvolnum> </citerefentry>. This might be " +"helpful when there are too many servers discovered using SRV record." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:518 +msgid "" +"The krb5_kdcinfo_lookahead option contains two numbers seperated by a colon. " +"The first number represents number of primary servers used and the second " +"number specifies the number of backup servers." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:524 +msgid "" +"For example <emphasis>10:0</emphasis> means that up to 10 primary servers " +"will be handed to <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" +"refentrytitle> <manvolnum>8</manvolnum> </citerefentry>. but no backup " +"servers." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:533 +#, fuzzy +#| msgid "Default: 3" +msgid "Default: 3:1" +msgstr "默认: 3" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-krb5.5.xml:539 +msgid "krb5_use_enterprise_principal (boolean)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:542 +msgid "" "Specifies if the user principal should be treated as enterprise principal. " "See section 5 of RFC 6806 for more details about enterprise principals." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:514 +#: sssd-krb5.5.xml:548 msgid "Default: false (AD provider: true)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:517 +#: sssd-krb5.5.xml:551 msgid "" "The IPA provider will set to option to 'true' if it detects that the server " "is capable of handling enterprise principals and the option is not set " @@ -12053,12 +12382,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:526 +#: sssd-krb5.5.xml:560 msgid "krb5_map_user (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:529 +#: sssd-krb5.5.xml:563 msgid "" "The list of mappings is given as a comma-separated list of pairs " "<quote>username:primary</quote> where <quote>username</quote> is a UNIX user " @@ -12068,7 +12397,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-krb5.5.xml:541 +#: sssd-krb5.5.xml:575 #, no-wrap msgid "" "krb5_realm = REALM\n" @@ -12076,7 +12405,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:546 +#: sssd-krb5.5.xml:580 msgid "" "<quote>joe</quote> and <quote>dick</quote> are UNIX user names and " "<quote>juser</quote> and <quote>richard</quote> are primaries of kerberos " @@ -12096,7 +12425,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:572 +#: sssd-krb5.5.xml:606 msgid "" "The following example assumes that SSSD is correctly configured and FOO is " "one of the domains in the <replaceable>[sssd]</replaceable> section. This " @@ -12105,7 +12434,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-krb5.5.xml:580 +#: sssd-krb5.5.xml:614 #, no-wrap msgid "" "[domain/FOO]\n" @@ -13278,14 +13607,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_ssh_knownhostsproxy.1.xml:89 -#, fuzzy -#| msgid "" -#| "<option>-a</option>,<option>--append-group</option> <replaceable>GROUPS</" -#| "replaceable>" msgid "<option>-k</option>,<option>--pubkey</option>" msgstr "" -"<option>-a</option>,<option>--append-group</option> <replaceable>GROUPS</" -"replaceable>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_ssh_knownhostsproxy.1.xml:93